cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From alek...@apache.org
Subject cassandra-dtest git commit: Don't let users drop or generally break tables in system_distributed
Date Tue, 17 Oct 2017 12:43:19 GMT
Repository: cassandra-dtest
Updated Branches:
  refs/heads/master f889dffe7 -> 957ae2bc4


Don't let users drop or generally break tables in system_distributed

patch by Aleksey Yeschenko; reviewed by Sylvain Lebresne for
CASSANDRA-13813


Project: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/repo
Commit: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/commit/957ae2bc
Tree: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/tree/957ae2bc
Diff: http://git-wip-us.apache.org/repos/asf/cassandra-dtest/diff/957ae2bc

Branch: refs/heads/master
Commit: 957ae2bc455c56835632193e1aa251495c3724f8
Parents: f889dff
Author: Aleksey Yeschenko <aleksey@yeschenko.com>
Authored: Thu Oct 5 16:16:02 2017 +0100
Committer: Aleksey Yeschenko <aleksey@yeschenko.com>
Committed: Tue Oct 17 13:42:22 2017 +0100

----------------------------------------------------------------------
 system_keyspaces_test.py | 118 ++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 118 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cassandra-dtest/blob/957ae2bc/system_keyspaces_test.py
----------------------------------------------------------------------
diff --git a/system_keyspaces_test.py b/system_keyspaces_test.py
new file mode 100644
index 0000000..90eb583
--- /dev/null
+++ b/system_keyspaces_test.py
@@ -0,0 +1,118 @@
+from cassandra import Unauthorized
+from dtest import Tester
+from tools.assertions import assert_all, assert_exception, assert_none
+from tools.decorators import since
+
+class TestSystemKeyspaces(Tester):
+
+    @since('3.0')
+    def test_local_system_keyspaces(self):
+        cluster = self.cluster
+        cluster.populate(1).start()
+
+        node = cluster.nodelist()[0]
+        session = self.patient_cql_connection(node)
+
+        # ALTER KEYSPACE should fail for system and system_schema
+        stmt = """
+            ALTER KEYSPACE system
+            WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+        assert_exception(session, stmt, expected=Unauthorized)
+
+        stmt = """
+            ALTER KEYSPACE system_schema
+            WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+        assert_exception(session, stmt, expected=Unauthorized)
+
+        # DROP KEYSPACE should fail for system and system_schema
+        assert_exception(session, 'DROP KEYSPACE system;',        expected=Unauthorized)
+        assert_exception(session, 'DROP KEYSPACE system_schema;', expected=Unauthorized)
+
+        # CREATE TABLE should fail in system and system_schema
+        assert_exception(session,
+                         'CREATE TABLE system.new_table (id int PRIMARY KEY);',
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         'CREATE TABLE system_schema.new_table (id int PRIMARY KEY);',
+                         expected=Unauthorized)
+
+        # ALTER TABLE should fail in system and system_schema
+        assert_exception(session,
+                         "ALTER TABLE system.local WITH comment = '';",
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         "ALTER TABLE system_schema.tables WITH comment = '';",
+                         expected=Unauthorized)
+
+        # DROP TABLE should fail in system and system_schema
+        assert_exception(session, 'DROP TABLE system.local;',         expected=Unauthorized)
+        assert_exception(session, 'DROP TABLE system_schema.tables;', expected=Unauthorized)
+
+    @since('3.0')
+    def test_replicated_system_keyspaces(self):
+        cluster = self.cluster
+        cluster.populate(1).start()
+
+        node = cluster.nodelist()[0]
+        session = self.patient_cql_connection(node)
+
+        # ALTER KEYSPACE should work for system_auth, system_distributed, and system_traces
+        stmt = """
+            ALTER KEYSPACE system_auth
+            WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+        assert_none(session, stmt)
+
+        stmt = """
+            ALTER KEYSPACE system_distributed
+            WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+        assert_none(session, stmt)
+
+        stmt = """
+            ALTER KEYSPACE system_traces
+            WITH replication = {'class': 'NetworkTopologyStrategy', 'datacenter1' : '1'};"""
+        assert_none(session, stmt)
+
+        stmt = """
+            SELECT replication
+            FROM system_schema.keyspaces
+            WHERE keyspace_name IN ('system_auth', 'system_distributed', 'system_traces');"""
+        replication = {'class': 'org.apache.cassandra.locator.NetworkTopologyStrategy', 'datacenter1':
'1'}
+        assert_all(session, stmt, [[replication], [replication], [replication]])
+
+        # DROP KEYSPACE should fail for system_auth, system_distributed, and system_traces
+        assert_exception(session, 'DROP KEYSPACE system_auth;', expected=Unauthorized)
+        assert_exception(session, 'DROP KEYSPACE system_distributed;', expected=Unauthorized)
+        assert_exception(session, 'DROP KEYSPACE system_traces;', expected=Unauthorized)
+
+        # CREATE TABLE should fail in system_auth, system_distributed, and system_traces
+        assert_exception(session,
+                         'CREATE TABLE system_auth.new_table (id int PRIMARY KEY);',
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         'CREATE TABLE system_distributed.new_table (id int PRIMARY KEY);',
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         'CREATE TABLE system_traces.new_table (id int PRIMARY KEY);',
+                         expected=Unauthorized)
+
+        # ALTER TABLE should fail in system_auth, system_distributed, and system_traces
+        assert_exception(session,
+                         "ALTER TABLE system_auth.roles WITH comment = '';",
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         "ALTER TABLE system_distributed.repair_history WITH comment = '';",
+                         expected=Unauthorized)
+
+        assert_exception(session,
+                         "ALTER TABLE system_traces.sessions WITH comment = '';",
+                         expected=Unauthorized)
+
+        # DROP TABLE should fail in system_auth, system_distributed, and system_traces
+        assert_exception(session, 'DROP TABLE system_auth.roles;', expected=Unauthorized)
+        assert_exception(session, 'DROP TABLE system_distributed.repair_history;', expected=Unauthorized)
+        assert_exception(session, 'DROP TABLE system_traces.sessions;', expected=Unauthorized)


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org


Mime
View raw message