Philip Thompson created CASSANDRA-8213:
------------------------------------------
Summary: Grant Permission fails if permission had been revoked
previously
Key: CASSANDRA-8213
URL: https://issues.apache.org/jira/browse/CASSANDRA-8213
Project: Cassandra
Issue Type: Bug
Reporter: Philip Thompson
Fix For: 2.1.2
The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing.
{code}
cassandra.execute("GRANT ALTER ON ks.cf TO cathy")
cathy.execute("ALTER TABLE ks.cf ADD val int")
cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy")
self.assertUnauthorized("User cathy has no ALTER permission on <table
ks.cf> or any of its parents",
cathy, "CREATE INDEX ON ks.cf(val)")
cassandra.execute("GRANT ALTER ON ks.cf TO cathy")
cathy.execute("CREATE INDEX ON ks.cf(val)")
{code}
In this section of code, the user cathy is granted "ALTER" permissions on
'ks.cf', then they are revoked, then granted again. Monitoring
system_auth.permissions during this section of code show that the permission is
added with the initial grant, and revoked properly, but the table remains empty
after the second grant.
When the cathy user attempts to create an index, the following exception is
thrown:
{code}
Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER
permission on <table ks.cf> or any of its parents"
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
