[jira] [Resolved] (CASSANDRA-13681) checkAccess throws exceptions when statement does not exist

Tue, 22 Aug 2017 07:22:27 -0700 

     [ 
https://issues.apache.org/jira/browse/CASSANDRA-13681?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Benjamin Lerer resolved CASSANDRA-13681.
----------------------------------------
    Resolution: Invalid

> checkAccess throws exceptions when statement does not exist
> -----------------------------------------------------------
>
>                 Key: CASSANDRA-13681
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-13681
>             Project: Cassandra
>          Issue Type: Bug
>          Components: CQL
>            Reporter: Hao Zhong
>
> CASSANDRA-6687 fixed a wrong exception. In DropTableStatement, the buggy code 
> is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, 
> InvalidRequestException
>     {
>         state.hasColumnFamilyAccess(keyspace(), columnFamily(), 
> Permission.DROP);
>     }
> {code}
> The fixed code is:
> {code}
> public void checkAccess(ClientState state) throws UnauthorizedException, 
> InvalidRequestException
>     {
>         try
>         {
>             state.hasColumnFamilyAccess(keyspace(), columnFamily(), 
> Permission.DROP);
>         }
>         catch (InvalidRequestException e)
>         {
>             if (!ifExists)
>                 throw e;
>         }
>     }
> {code}
> I found that ModificationStatement_checkAccess can have the same problem, 
> since it calls  state.hasColumnFamilyAccess. In particular, its code is as 
> follow:
> {code}
>  public void checkAccess(ClientState state) throws InvalidRequestException, 
> UnauthorizedException
>     {
>         state.hasColumnFamilyAccess(metadata, Permission.MODIFY);
>         // CAS updates can be used to simulate a SELECT query, so should 
> require Permission.SELECT as well.
>         if (hasConditions())
>             state.hasColumnFamilyAccess(metadata, Permission.SELECT);
>         // MV updates need to get the current state from the table, and might 
> update the views
>         // Require Permission.SELECT on the base table, and Permission.MODIFY 
> on the views
>         Iterator<ViewMetadata> views = View.findAll(keyspace(), 
> columnFamily()).iterator();
>         if (views.hasNext())
>         {
>             state.hasColumnFamilyAccess(metadata, Permission.SELECT);
>             do
>             {
>                 state.hasColumnFamilyAccess(views.next().metadata, 
> Permission.MODIFY);
>             } while (views.hasNext());
>         }
>         for (Function function : getFunctions())
>             state.ensureHasPermission(Permission.EXECUTE, function);
>     }
> {code}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to