cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bernhard K. Weisshuhn (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CASSANDRA-10135) Quoting changed for username in GRANT statement
Date Wed, 19 Aug 2015 21:39:45 GMT

     [ https://issues.apache.org/jira/browse/CASSANDRA-10135?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Bernhard K. Weisshuhn updated CASSANDRA-10135:
----------------------------------------------
    Description: 
We may have uncovered an undocumented api change between cassandra 2.1.x and 2.2.0.
When granting permissions to a username containing special characters, 2.1.x needed single
quotes around the username and refused doubles.
2.2.0 needs doubles and refuses singles.

Working example for 2.1.x:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
{code}

Enclosing the username in double quotes instead of singles fails with the following error
message:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797";
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
mismatched input 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797' expecting
set null (...SELECT ON ALL KEYSPACES TO ["vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-144001779]...)">
{quote}

Singles fail in 2.2.0:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
no viable alternative at input 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308'
(...SELECT ON ALL KEYSPACES TO ['vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-144001930]...)">
{quote}

... whereas double quotes succeed:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308";
{code}

If this is a deliberate change, I don't think it is reflected in the documentation. I am temped
to consider this a bug introduced with the role additions.

Motivation for this report: https://github.com/hashicorp/vault/pull/545#issuecomment-132634630

  was:
We may have uncovered an undocumented api change between cassandra 2.1.x and 2.2.0.
When granting permissions to a username containing special characters, 2.1.x needed single
quotes around the username and refused doubles.
2.2.0 needs doubles and refuses singles.

Working example for 2.1.x:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
{code}

Enclosing the username in double quotes instead of singles fails with the following error
message:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
mismatched input 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797' expecting
set null (...SELECT ON ALL KEYSPACES TO ["vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-144001779]...)">
{quote}

Singles fail in 2.2.0:

{quote}
cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308';
SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line 1:33
no viable alternative at input 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308'
(...SELECT ON ALL KEYSPACES TO ['vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-144001930]...)">
{quote}

... whereas double quotes succeed:

{code:sql}
GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308";
{code}

If this is a deliberate change, I don't think it is reflected in the documentation. I am temped
to consider this a bug introduced with the role additions.

Motivation for this report: https://github.com/hashicorp/vault/pull/545#issuecomment-132634630


> Quoting changed for username in GRANT statement
> -----------------------------------------------
>
>                 Key: CASSANDRA-10135
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10135
>             Project: Cassandra
>          Issue Type: Bug
>          Components: API
>         Environment: cassandra 2.2.0
>            Reporter: Bernhard K. Weisshuhn
>            Priority: Minor
>
> We may have uncovered an undocumented api change between cassandra 2.1.x and 2.2.0.
> When granting permissions to a username containing special characters, 2.1.x needed single
quotes around the username and refused doubles.
> 2.2.0 needs doubles and refuses singles.
> Working example for 2.1.x:
> {code:sql}
> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797';
> {code}
> Enclosing the username in double quotes instead of singles fails with the following error
message:
> {quote}
> cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797";
> SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line
1:33 mismatched input 'vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-1440017797'
expecting set null (...SELECT ON ALL KEYSPACES TO ["vault-readonly-root-79840dbb-917e-ed90-38e0-578226e6c1c6-144001779]...)">
> {quote}
> Singles fail in 2.2.0:
> {quote}
> cassandra@cqlsh> GRANT SELECT ON ALL KEYSPACES TO 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308';
> SyntaxException: <ErrorMessage code=2000 [Syntax error in CQL query] message="line
1:33 no viable alternative at input 'vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308'
(...SELECT ON ALL KEYSPACES TO ['vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-144001930]...)">
> {quote}
> ... whereas double quotes succeed:
> {code:sql}
> GRANT SELECT ON ALL KEYSPACES TO "vault-readonly-root-e04e7a84-a7ba-d84f-f3c0-1e50e7590179-1440019308";
> {code}
> If this is a deliberate change, I don't think it is reflected in the documentation. I
am temped to consider this a bug introduced with the role additions.
> Motivation for this report: https://github.com/hashicorp/vault/pull/545#issuecomment-132634630



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message