[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14212814#comment-14212814 ] Philip Thompson commented on CASSANDRA-8213: Examining jenkins logs, this appears to be have caused by CASSANDRA-8139 and fixed by CASSANDRA-8246. > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson >Assignee: Aleksey Yeschenko > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188745#comment-14188745 ] Philip Thompson commented on CASSANDRA-8213: I performed the bisect using test_auth.py:TestAuth.grant_revoke_cleanup_test > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson >Assignee: Aleksey Yeschenko > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188738#comment-14188738 ] Philip Thompson commented on CASSANDRA-8213: The test is not failing against 2.0-HEAD but it is failing against 2.1-HEAD and trunk HEAD. > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188737#comment-14188737 ] Philip Thompson commented on CASSANDRA-8213: git bisect is currently pointing to {code} commit 1d285eadadc14251da271cc03b4cf8a1f8f33516 Merge: c937657 748b01d Author: Sylvain Lebresne Date: Wed Oct 29 10:40:51 2014 +0100 Merge branch 'cassandra-2.0' into cassandra-2.1 Conflicts: CHANGES.txt src/java/org/apache/cassandra/cql3/UpdateParameters.java {code} as the culprit > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188711#comment-14188711 ] Philip Thompson commented on CASSANDRA-8213: We are only using one node, so this is not a replication problem. > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)
[jira] [Commented] (CASSANDRA-8213) Grant Permission fails if permission had been revoked previously
[ https://issues.apache.org/jira/browse/CASSANDRA-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14188709#comment-14188709 ] Philip Thompson commented on CASSANDRA-8213: grant_revoke_cleanup_test is having the exact same issue but with creating and dropping a user. After dropping a user, recreating the user shows no changes in the system_auth.user folder > Grant Permission fails if permission had been revoked previously > > > Key: CASSANDRA-8213 > URL: https://issues.apache.org/jira/browse/CASSANDRA-8213 > Project: Cassandra > Issue Type: Bug >Reporter: Philip Thompson > Fix For: 2.1.2 > > > The dtest auth_test.py:TestAuth.alter_cf_auth_test is failing. > {code} > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("ALTER TABLE ks.cf ADD val int") > cassandra.execute("REVOKE ALTER ON ks.cf FROM cathy") > self.assertUnauthorized("User cathy has no ALTER permission on ks.cf> or any of its parents", > cathy, "CREATE INDEX ON ks.cf(val)") > cassandra.execute("GRANT ALTER ON ks.cf TO cathy") > cathy.execute("CREATE INDEX ON ks.cf(val)") > {code} > In this section of code, the user cathy is granted "ALTER" permissions on > 'ks.cf', then they are revoked, then granted again. Monitoring > system_auth.permissions during this section of code show that the permission > is added with the initial grant, and revoked properly, but the table remains > empty after the second grant. > When the cathy user attempts to create an index, the following exception is > thrown: > {code} > Unauthorized: code=2100 [Unauthorized] message="User cathy has no ALTER > permission on or any of its parents" > {code} -- This message was sent by Atlassian JIRA (v6.3.4#6332)