git commit: Correctly validate keyspace access in create table statement

slebresne Wed, 30 May 2012 07:04:48 -0700

Updated Branches:
  refs/heads/cassandra-1.1 5796542aa -> 3fdc86ca0


Correctly validate keyspace access in create table statement

patch by slebresne; reviewed by jbellis for CASSANDRA-4296


Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/3fdc86ca
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/3fdc86ca
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/3fdc86ca

Branch: refs/heads/cassandra-1.1
Commit: 3fdc86ca0aa5c1a23e28a45e4291c72aeee989ec
Parents: 5796542
Author: Sylvain Lebresne <[email protected]>
Authored: Wed May 30 16:03:26 2012 +0200
Committer: Sylvain Lebresne <[email protected]>
Committed: Wed May 30 16:03:26 2012 +0200

----------------------------------------------------------------------
 CHANGES.txt                                        |    1 +
 .../cql3/statements/SchemaAlteringStatement.java   |    2 +-
 .../org/apache/cassandra/service/ClientState.java  |   15 ++++++++++-----
 3 files changed, 12 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra/blob/3fdc86ca/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index c692bc4..6e8aa8f 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -65,6 +65,7 @@
  * Better error messages from improper input in cli (CASSANDRA-3865)
  * Try to stop all compaction upon Keyspace or ColumnFamily drop 
(CASSANDRA-4221)
  * (cql3) Allow keyspace properties to contain hyphens (CASSANDRA-4278)
+ * (cql3) Correctly validate keyspace access in create table (CASSANDRA-4296)
 Merged from 1.0:
  * Fix super columns bug where cache is not updated (CASSANDRA-4190)
  * fix maxTimestamp to include row tombstones (CASSANDRA-4116)

http://git-wip-us.apache.org/repos/asf/cassandra/blob/3fdc86ca/src/java/org/apache/cassandra/cql3/statements/SchemaAlteringStatement.java
----------------------------------------------------------------------
diff --git 
a/src/java/org/apache/cassandra/cql3/statements/SchemaAlteringStatement.java 
b/src/java/org/apache/cassandra/cql3/statements/SchemaAlteringStatement.java
index c2d7180..a88ee2b 100644
--- a/src/java/org/apache/cassandra/cql3/statements/SchemaAlteringStatement.java
+++ b/src/java/org/apache/cassandra/cql3/statements/SchemaAlteringStatement.java
@@ -81,7 +81,7 @@ public abstract class SchemaAlteringStatement extends 
CFStatement implements CQL
     public void checkAccess(ClientState state) throws InvalidRequestException
     {
         if (isColumnFamilyLevel)
-            state.hasColumnFamilySchemaAccess(Permission.WRITE);
+            state.hasColumnFamilySchemaAccess(keyspace(), Permission.WRITE);
         else
             state.hasKeyspaceSchemaAccess(Permission.WRITE);
     }

http://git-wip-us.apache.org/repos/asf/cassandra/blob/3fdc86ca/src/java/org/apache/cassandra/service/ClientState.java
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/service/ClientState.java 
b/src/java/org/apache/cassandra/service/ClientState.java
index 3b88a3f..5ef3bad 100644
--- a/src/java/org/apache/cassandra/service/ClientState.java
+++ b/src/java/org/apache/cassandra/service/ClientState.java
@@ -160,14 +160,19 @@ public class ClientState
         hasAccess(user, perms, perm, resource);
     }
 
+    public void hasColumnFamilySchemaAccess(Permission perm) throws 
InvalidRequestException
+    {
+        hasColumnFamilySchemaAccess(keyspace, perm);
+    }
+
     /**
      * Confirms that the client thread has the given Permission for the 
ColumnFamily list of
-     * the current keyspace.
+     * the provided keyspace.
      */
-    public void hasColumnFamilySchemaAccess(Permission perm) throws 
InvalidRequestException
+    public void hasColumnFamilySchemaAccess(String keyspace, Permission perm) 
throws InvalidRequestException
     {
         validateLogin();
-        validateKeyspace();
+        validateKeyspace(keyspace);
 
         // hardcode disallowing messing with system keyspace
         if (keyspace.equalsIgnoreCase(Table.SYSTEM_TABLE) && perm == 
Permission.WRITE)
@@ -192,7 +197,7 @@ public class ClientState
     public void hasColumnFamilyAccess(String keyspace, String columnFamily, 
Permission perm) throws InvalidRequestException
     {
         validateLogin();
-        validateKeyspace();
+        validateKeyspace(keyspace);
 
         resourceClear();
         resource.add(keyspace);
@@ -208,7 +213,7 @@ public class ClientState
             throw new InvalidRequestException("You have not logged in");
     }
 
-    private void validateKeyspace() throws InvalidRequestException
+    private static void validateKeyspace(String keyspace) throws 
InvalidRequestException
     {
         if (keyspace == null)
             throw new InvalidRequestException("You have not set a keyspace for 
this session");

git commit: Correctly validate keyspace access in create table statement

Reply via email to