cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From s...@apache.org
Subject [4/9] cassandra git commit: Make ROLE based statements backwards compatible with USER based syntax
Date Mon, 24 Aug 2015 18:07:57 GMT
Make ROLE based statements backwards compatible with USER based syntax

Patch by Sam Tunnicliffe; reviewed by Aleksey Yeschenko for
CASSANDRA-10135


Project: http://git-wip-us.apache.org/repos/asf/cassandra/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra/commit/4994f0c7
Tree: http://git-wip-us.apache.org/repos/asf/cassandra/tree/4994f0c7
Diff: http://git-wip-us.apache.org/repos/asf/cassandra/diff/4994f0c7

Branch: refs/heads/cassandra-2.2
Commit: 4994f0c7e7955179c0bce05e249f69fea0e3da37
Parents: 62f27e2
Author: Sam Tunnicliffe <sam@beobal.com>
Authored: Thu Aug 20 13:43:25 2015 +0100
Committer: Sam Tunnicliffe <sam@beobal.com>
Committed: Mon Aug 24 18:44:10 2015 +0100

----------------------------------------------------------------------
 CHANGES.txt                                     |   1 +
 src/java/org/apache/cassandra/cql3/Cql.g        |   2 +
 .../miscellaneous/RoleSyntaxTest.java           | 110 ++++++++++++++++++-
 3 files changed, 112 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra/blob/4994f0c7/CHANGES.txt
----------------------------------------------------------------------
diff --git a/CHANGES.txt b/CHANGES.txt
index 06b524d..fc56d72 100644
--- a/CHANGES.txt
+++ b/CHANGES.txt
@@ -1,4 +1,5 @@
 2.2.1
+ * Support string literals as Role names for compatibility (CASSANDRA-10135)
  * Allow count(*) and count(1) to be use as normal aggregation (CASSANDRA-10114)
  * An NPE is thrown if the column name is unknown for an IN relation (CASSANDRA-10043)
  * Apply commit_failure_policy to more errors on startup (CASSANDRA-9749)

http://git-wip-us.apache.org/repos/asf/cassandra/blob/4994f0c7/src/java/org/apache/cassandra/cql3/Cql.g
----------------------------------------------------------------------
diff --git a/src/java/org/apache/cassandra/cql3/Cql.g b/src/java/org/apache/cassandra/cql3/Cql.g
index 3d2aba5..17cef8b 100644
--- a/src/java/org/apache/cassandra/cql3/Cql.g
+++ b/src/java/org/apache/cassandra/cql3/Cql.g
@@ -1162,6 +1162,7 @@ idxName[IndexName name]
 
 roleName[RoleName name]
     : t=IDENT              { $name.setName($t.text, false); }
+    | s=STRING_LITERAL     { $name.setName($s.text, false); }
     | t=QUOTED_NAME        { $name.setName($t.text, true); }
     | k=unreserved_keyword { $name.setName(k, false); }
     | QMARK {addRecognitionError("Bind variables cannot be used for role names");}
@@ -1486,6 +1487,7 @@ tuple_type returns [CQL3Type.Raw t]
 username
     : IDENT
     | STRING_LITERAL
+    | QUOTED_NAME { addRecognitionError("Quoted strings are are not supported for user names
and USER is deprecated, please use ROLE");}
     ;
 
 // Basically the same as cident, but we need to exlude existing CQL3 types

http://git-wip-us.apache.org/repos/asf/cassandra/blob/4994f0c7/test/unit/org/apache/cassandra/cql3/validation/miscellaneous/RoleSyntaxTest.java
----------------------------------------------------------------------
diff --git a/test/unit/org/apache/cassandra/cql3/validation/miscellaneous/RoleSyntaxTest.java
b/test/unit/org/apache/cassandra/cql3/validation/miscellaneous/RoleSyntaxTest.java
index 9dfa47b..0cb1de2 100644
--- a/test/unit/org/apache/cassandra/cql3/validation/miscellaneous/RoleSyntaxTest.java
+++ b/test/unit/org/apache/cassandra/cql3/validation/miscellaneous/RoleSyntaxTest.java
@@ -23,6 +23,8 @@ import org.apache.cassandra.cql3.CQLTester;
 
 public class RoleSyntaxTest extends CQLTester
 {
+    private final String NO_QUOTED_USERNAME = "Quoted strings are are not supported for user
names " +
+                                              "and USER is deprecated, please use ROLE";
     @Test
     public void standardOptionsSyntaxTest() throws Throwable
     {
@@ -40,7 +42,7 @@ public class RoleSyntaxTest extends CQLTester
     }
 
     @Test
-    public void customOptionsSyntaxTestl() throws Throwable
+    public void customOptionsSyntaxTest() throws Throwable
     {
         assertValidSyntax("CREATE ROLE r WITH OPTIONS = {'a':'b', 'b':1}");
         assertInvalidSyntax("CREATE ROLE r WITH OPTIONS = 'term'");
@@ -50,4 +52,110 @@ public class RoleSyntaxTest extends CQLTester
         assertInvalidSyntax("ALTER ROLE r WITH OPTIONS = 'term'");
         assertInvalidSyntax("ALTER ROLE r WITH OPTIONS = 99");
     }
+
+    @Test
+    public void createSyntaxTest() throws Throwable
+    {
+        assertValidSyntax("CREATE ROLE r1");
+        assertValidSyntax("CREATE ROLE 'r1'");
+        assertValidSyntax("CREATE ROLE \"r1\"");
+        assertValidSyntax("CREATE ROLE $$r1$$");
+        assertValidSyntax("CREATE ROLE $$ r1 ' x $ x ' $$");
+        assertValidSyntax("CREATE USER u1");
+        assertValidSyntax("CREATE USER 'u1'");
+        assertValidSyntax("CREATE USER $$u1$$");
+        assertValidSyntax("CREATE USER $$ u1 ' x $ x ' $$");
+        // user names may not be quoted names
+        assertInvalidSyntax("CREATE USER \"u1\"", NO_QUOTED_USERNAME);
+    }
+
+    @Test
+    public void dropSyntaxTest() throws Throwable
+    {
+        assertValidSyntax("DROP ROLE r1");
+        assertValidSyntax("DROP ROLE 'r1'");
+        assertValidSyntax("DROP ROLE \"r1\"");
+        assertValidSyntax("DROP ROLE $$r1$$");
+        assertValidSyntax("DROP ROLE $$ r1 ' x $ x ' $$");
+        assertValidSyntax("DROP USER u1");
+        assertValidSyntax("DROP USER 'u1'");
+        assertValidSyntax("DROP USER $$u1$$");
+        assertValidSyntax("DROP USER $$ u1 ' x $ x ' $$");
+        // user names may not be quoted names
+        assertInvalidSyntax("DROP USER \"u1\"", NO_QUOTED_USERNAME);
+    }
+
+    @Test
+    public void alterSyntaxTest() throws Throwable
+    {
+        assertValidSyntax("ALTER ROLE r1 WITH PASSWORD = 'password'");
+        assertValidSyntax("ALTER ROLE 'r1' WITH PASSWORD = 'password'");
+        assertValidSyntax("ALTER ROLE \"r1\" WITH PASSWORD = 'password'");
+        assertValidSyntax("ALTER ROLE $$r1$$ WITH PASSWORD = 'password'");
+        assertValidSyntax("ALTER ROLE $$ r1 ' x $ x ' $$ WITH PASSWORD = 'password'");
+        // ALTER has slightly different form for USER (no =)
+        assertValidSyntax("ALTER USER u1 WITH PASSWORD 'password'");
+        assertValidSyntax("ALTER USER 'u1' WITH PASSWORD 'password'");
+        assertValidSyntax("ALTER USER $$u1$$ WITH PASSWORD 'password'");
+        assertValidSyntax("ALTER USER $$ u1 ' x $ x ' $$ WITH PASSWORD 'password'");
+        // user names may not be quoted names
+        assertInvalidSyntax("ALTER USER \"u1\" WITH PASSWORD 'password'", NO_QUOTED_USERNAME);
+    }
+
+    @Test
+    public void grantRevokePermissionsSyntaxTest() throws Throwable
+    {
+        // grant/revoke on RoleResource
+        assertValidSyntax("GRANT ALTER ON ROLE r1 TO r2");
+        assertValidSyntax("GRANT ALTER ON ROLE 'r1' TO \"r2\"");
+        assertValidSyntax("GRANT ALTER ON ROLE \"r1\" TO 'r2'");
+        assertValidSyntax("GRANT ALTER ON ROLE $$r1$$ TO $$ r '2' $$");
+        assertValidSyntax("REVOKE ALTER ON ROLE r1 FROM r2");
+        assertValidSyntax("REVOKE ALTER ON ROLE 'r1' FROM \"r2\"");
+        assertValidSyntax("REVOKE ALTER ON ROLE \"r1\" FROM 'r2'");
+        assertValidSyntax("REVOKE ALTER ON ROLE $$r1$$ FROM $$ r '2' $$");
+
+        // grant/revoke on DataResource
+        assertValidSyntax("GRANT SELECT ON KEYSPACE ks TO r1");
+        assertValidSyntax("GRANT SELECT ON KEYSPACE ks TO 'r1'");
+        assertValidSyntax("GRANT SELECT ON KEYSPACE ks TO \"r1\"");
+        assertValidSyntax("GRANT SELECT ON KEYSPACE ks TO $$ r '1' $$");
+        assertValidSyntax("REVOKE SELECT ON KEYSPACE ks FROM r1");
+        assertValidSyntax("REVOKE SELECT ON KEYSPACE ks FROM 'r1'");
+        assertValidSyntax("REVOKE SELECT ON KEYSPACE ks FROM \"r1\"");
+        assertValidSyntax("REVOKE SELECT ON KEYSPACE ks FROM $$ r '1' $$");
+    }
+
+    @Test
+    public void listPermissionsSyntaxTest() throws Throwable
+    {
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL ROLES OF r1");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL ROLES OF 'r1'");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL ROLES OF \"r1\"");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL ROLES OF $$ r '1' $$");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE 'r1' OF r2");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE \"r1\" OF r2");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE $$ r '1' $$ OF r2");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE 'r1' OF 'r2'");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE \"r1\" OF \"r2\"");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ROLE $$r1$$ OF $$ r '2' $$");
+
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL KEYSPACES OF r1");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL KEYSPACES OF 'r1'");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL KEYSPACES OF \"r1\"");
+        assertValidSyntax("LIST ALL PERMISSIONS ON ALL KEYSPACES OF $$ r '1' $$");
+        assertValidSyntax("LIST ALL PERMISSIONS OF r1");
+        assertValidSyntax("LIST ALL PERMISSIONS OF 'r1'");
+        assertValidSyntax("LIST ALL PERMISSIONS OF \"r1\"");
+        assertValidSyntax("LIST ALL PERMISSIONS OF $$ r '1' $$");
+    }
+
+    @Test
+    public void listRolesSyntaxTest() throws Throwable
+    {
+        assertValidSyntax("LIST ROLES OF r1");
+        assertValidSyntax("LIST ROLES OF 'r1'");
+        assertValidSyntax("LIST ROLES OF \"r1\"");
+        assertValidSyntax("LIST ROLES OF $$ r '1' $$");
+    }
 }


Mime
View raw message