cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Tunnicliffe (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-8303) Provide "strict mode" for CQL Queries
Date Mon, 12 Jan 2015 16:54:36 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-8303?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14273771#comment-14273771
] 

Sam Tunnicliffe commented on CASSANDRA-8303:
--------------------------------------------

I had been thinking of extending DataResource, or adding an new IResource impl, to represent
a resource + any restrictions derived from the statement being executed. hasKeyspaceAccess
& hasColumnFamilyAccess on ClientState would get an extra argument for CQLStatements to
pass the necessary restrictions through, so there wouldn't be any changes to IAuthorizer itself.
But while I don't think that that API would necessarily need to change, you do have a point
about the increasing code complexity particularly regarding composition of restrictions and
in then caching. 

So that all said, I'm not opposed to adding a new interface to handle role based restrictions
separately from resources, particularly as that would let us turn them on without requiring
full blown authz.

> Provide "strict mode" for CQL Queries
> -------------------------------------
>
>                 Key: CASSANDRA-8303
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-8303
>             Project: Cassandra
>          Issue Type: Improvement
>            Reporter: Anupam Arora
>             Fix For: 3.0
>
>
> Please provide a "strict mode" option in cassandra that will kick out any CQL queries
that are expensive, e.g. any query with ALLOWS FILTERING, multi-partition queries, secondary
index queries, etc.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message