[jira] [Created] (CASSANDRA-10135) Quoting changed for username in GRANT statement

Wed, 19 Aug 2015 14:37:11 -0700 

Bernhard K. Weisshuhn created CASSANDRA-10135:
-------------------------------------------------

             Summary: Quoting changed for username in GRANT statement
                 Key: CASSANDRA-10135
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10135
             Project: Cassandra
          Issue Type: Bug
          Components: API
         Environment: cassandra 2.2.0
            Reporter: Bernhard K. Weisshuhn
            Priority: Minor


We may have uncovered an undocumented api change between cassandra 2.1.x and 
2.2.0.
When granting permissions to a username containing special characters, 2.1.x 
needed single quotes around the username and refused doubles.
2.2.0 needs doubles and refuses singles.

Working example for 2.1.x:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO 
'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
{code}

Enclosing the username in double quotes instead of singles fails with the 
following error message:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 
'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] 
message="line 1:33 mismatched input 
'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797' expecting 
set null (...SELECT ON ALL KEYSPACES TO 
["vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-144001779]...)">
{quote}

Singles fail in 2.2.0:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 
'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] 
message="line 1:33 no viable alternative at input 
'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308' 
(...SELECT ON ALL KEYSPACES TO 
['vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-144001930]...)">
{quote}

... whereas double quotes succeed:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO 
"vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308";
{code}

If this is a deliberate change, I don't think it is reflected in the 
documentation. I am temped to consider this a bug introduced with the role 
additions.

Motivation for this report: 
https://github.com/hashicorp/vault/pull/545#issuecomment-132634630



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to