cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Witschey (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CASSANDRA-10594) Inconsistent permissions results return
Date Fri, 06 Nov 2015 16:59:27 GMT

    [ https://issues.apache.org/jira/browse/CASSANDRA-10594?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14993968#comment-14993968
] 

Jim Witschey commented on CASSANDRA-10594:
------------------------------------------

[~beobal] This seems vaguely in your wheelhouse. Could you have a look?

> Inconsistent permissions results return
> ---------------------------------------
>
>                 Key: CASSANDRA-10594
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-10594
>             Project: Cassandra
>          Issue Type: Bug
>            Reporter: Adam Holmberg
>            Priority: Minor
>
> The server returns inconsistent results when listing permissions, depending on whether
a user is configured.
> *Observed with Cassandra 3.0:*
> Only super user configured:
> {code}
> cassandra@cqlsh> list all;
>  role | resource | permissions
> ------+----------+-------------
> (0 rows)
> {code}
> VOID result type is returned (meaning no result meta is returned and cqlsh must use the
table meta to determine columns)
> With one user configured, no grants:
> {code}
> cassandra@cqlsh> create user holmberg with password 'tmp';
> cassandra@cqlsh> list all;
> results meta: system_auth permissions 4
>  role      | username  | resource    | permission
> -----------+-----------+-------------+------------
>  cassandra | cassandra | <role holmberg> |      ALTER
>  cassandra | cassandra | <role holmberg> |       DROP
>  cassandra | cassandra | <role holmberg> |  AUTHORIZE
> (3 rows)
> {code}
> Now a ROWS result message is returned with the cassandra super user grants. 
> Dropping the regular user causes the VOID message to be returned again.
> *Slightly different behavior on 2.2 branch:* VOID message with no result meta is returned,
even if regular user is configured, until permissions are added to that user.
> *Expected:*
> It would be nice if the query always resulted in a ROWS result, even if there are no
explicit permissions defined. This would provide the correct result metadata even if there
are no rows.
> Additionally, it is strange that the 'cassandra' super user only appears in the results
when another user is configured. I would expect it to always appear, or never.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message