cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Rajanarayanan Thottuvaikkatumana (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-7607) Test coverage for authorization in DDL & DML statements
Date Thu, 23 Oct 2014 17:25:34 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-7607?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14181598#comment-14181598
] 

Rajanarayanan Thottuvaikkatumana commented on CASSANDRA-7607:
-------------------------------------------------------------

Hi Robert,
You are right, when trying to check the permissions for the function creation, it is giving
error. So at this point in time should we defer including the test, or go in a TDD model where
retain it and when the functionality is implemented, it will get passed automatically. Please
let me know. Anyways, here is the code and the error message I am getting
{code}
    @since('3.0')
    def func_auth_test(self):
        self.prepare()
        udf = "CREATE FUNCTION sin ( input double ) RETURNS double LANGUAGE java AS 'return
Double.valueOf(Math.sin(input.doubleValue()));'"
        dropUdf = "DROP FUNCTION sin"

        cassandra = self.get_cursor(user='cassandra', password='cassandra')
        cassandra.execute("CREATE USER cathy WITH PASSWORD '12345'")
        cassandra.execute("CREATE KEYSPACE ks WITH replication = {'class':'SimpleStrategy',
'replication_factor':1}")

        cathy = self.get_cursor(user='cathy', password='12345')
        self.assertUnauthorized("User cathy has no CREATE permission on <keyspace ks>
or any of its parents",
                                cathy, udf)
        self.assertUnauthorized("User cathy has no DROP permission on <keyspace ks>
or any of its parents",
                                cathy, dropUdf)

        cassandra.execute("GRANT CREATE ON KEYSPACE ks TO cathy")
        cathy.execute(udf)
        cassandra.execute("GRANT DROP ON KEYSPACE ks TO cathy")
        cathy.execute(dropUdf)    

{code}
Here is the error message
{code}
======================================================================
FAIL: func_auth_test (auth_test.TestAuth)
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/RajT/Documents/cassandra-dtest/pytools.py", line 174, in wrapped
    f(obj)
  File "/Users/RajT/Documents/cassandra-dtest/auth_test.py", line 536, in func_auth_test
    cathy, udf)
  File "/Users/RajT/Documents/cassandra-dtest/auth_test.py", line 573, in assertUnauthorized
    assert re.search(message, cm.exception.message), "Expected: %s" % message
AssertionError: Expected: User cathy has no CREATE permission on <keyspace ks> or any
of its parents
{code}

> Test coverage for authorization in DDL & DML statements
> -------------------------------------------------------
>
>                 Key: CASSANDRA-7607
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7607
>             Project: Cassandra
>          Issue Type: Test
>          Components: Tests
>            Reporter: Robert Stupp
>            Assignee: Rajanarayanan Thottuvaikkatumana
>              Labels: lhf, unit-test
>             Fix For: 2.0.12
>
>
> Similar to CASSANDRA-7604
> Check that the statements perform proper authorization (allow / reject):
> * {{CREATE KEYSPACE}}
> * {{ALTER KEYSPACE}}
> * {{DROP KEYSPACE}}
> * {{CREATE TABLE}}
> * {{ALTER TABLE}}
> * {{DROP TABLE}}
> * {{CREATE TYPE}}
> * {{ALTER TYPE}}
> * {{DROP TYPE}}
> * {{CREATE INDEX}}
> * {{DROP INDEX}}
> * {{CREATE TRIGGER}}
> * {{DROP TRIGGER}}
> * {{CREATE USER}}
> * {{ALTER USER}}
> * {{DROP USER}}
> * {{TRUNCATE}}
> * {{GRANT}}
> * {{REVOKE}}
> * {{SELECT}}
> * {{UPDATE}}
> * {{DELETE}}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message