cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Tunnicliffe (JIRA)" <>
Subject [jira] [Commented] (CASSANDRA-8303) Provide "strict mode" for CQL Queries
Date Mon, 12 Jan 2015 16:54:36 GMT


Sam Tunnicliffe commented on CASSANDRA-8303:

I had been thinking of extending DataResource, or adding an new IResource impl, to represent
a resource + any restrictions derived from the statement being executed. hasKeyspaceAccess
& hasColumnFamilyAccess on ClientState would get an extra argument for CQLStatements to
pass the necessary restrictions through, so there wouldn't be any changes to IAuthorizer itself.
But while I don't think that that API would necessarily need to change, you do have a point
about the increasing code complexity particularly regarding composition of restrictions and
in then caching. 

So that all said, I'm not opposed to adding a new interface to handle role based restrictions
separately from resources, particularly as that would let us turn them on without requiring
full blown authz.

> Provide "strict mode" for CQL Queries
> -------------------------------------
>                 Key: CASSANDRA-8303
>                 URL:
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Anupam Arora
>             Fix For: 3.0
> Please provide a "strict mode" option in cassandra that will kick out any CQL queries
that are expensive, e.g. any query with ALLOWS FILTERING, multi-partition queries, secondary
index queries, etc.

This message was sent by Atlassian JIRA

View raw message