cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernhard K. Weisshuhn (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CASSANDRA-10135) Quoting changed for username in GRANT statement
Date Wed, 19 Aug 2015 21:36:47 GMT
Bernhard K. Weisshuhn created CASSANDRA-10135:
-------------------------------------------------

             Summary: Quoting changed for username in GRANT statement
                 Key: CASSANDRA-10135
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10135
             Project: Cassandra
          Issue Type: Bug
          Components: API
         Environment: cassandra 2.2.0
            Reporter: Bernhard K. Weisshuhn
            Priority: Minor


We may have uncovered an undocumented api change between cassandra 2.1.x and 2.2.0.
When granting permissions to a username containing special characters, 2.1.x needed single
quotes around the username and refused doubles.
2.2.0 needs doubles and refuses singles.

Working example for 2.1.x:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
{code}

Enclosing the username in double quotes instead of singles fails with the following error
message:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
mismatched input 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797' expecting
set null (...SELECT ON ALL KEYSPACES TO ["vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-144001779]...)">
{quote}

Singles fail in 2.2.0:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
no viable alternative at input 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308'
(...SELECT ON ALL KEYSPACES TO ['vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-144001930]...)">
{quote}

... whereas double quotes succeed:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308";
{code}

If this is a deliberate change, I don't think it is reflected in the documentation. I am temped
to consider this a bug introduced with the role additions.

Motivation for this report: https://github.com/hashicorp/vault/pull/545#issuecomment-132634630



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message