public void validate(ClientState state) throws RequestValidationException { if (username.isEmpty()) throw new InvalidRequestException("Username can't be an empty string"); opts.validate(); // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!ifNotExists && Auth.isExistingUser(username)) throw new InvalidRequestException(String.format("User %s already exists", username)); }
/** * Attempts to login the given user. */ public void login(AuthenticatedUser user) throws AuthenticationException { if (!user.isAnonymous() && !Auth.isExistingUser(user.getName())) throw new AuthenticationException(String.format("User %s doesn't exist - create it with CREATE USER query first", user.getName())); this.user = user; }
public void validate(ClientState state) throws RequestValidationException { // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!Auth.isExistingUser(username)) throw new InvalidRequestException(String.format("User %s doesn't exist", username)); // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. resource = maybeCorrectResource(resource, state); if (!resource.exists()) throw new InvalidRequestException(String.format("%s doesn't exist", resource)); }
public void validate(ClientState state) throws RequestValidationException { // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!ifExists && !Auth.isExistingUser(username)) throw new InvalidRequestException(String.format("User %s doesn't exist", username)); AuthenticatedUser user = state.getUser(); if (user != null && user.getName().equals(username)) throw new InvalidRequestException("Users aren't allowed to DROP themselves"); }
public void validate(ClientState state) throws RequestValidationException { // a check to ensure the existence of the user isn't being leaked by user existence check. state.ensureNotAnonymous(); if (username != null && !Auth.isExistingUser(username)) throw new InvalidRequestException(String.format("User %s doesn't exist", username)); if (resource != null) { resource = maybeCorrectResource(resource, state); if (!resource.exists()) throw new InvalidRequestException(String.format("%s doesn't exist", resource)); } }
public void validate(ClientState state) throws RequestValidationException { opts.validate(); if (superuser == null && opts.isEmpty()) throw new InvalidRequestException("ALTER USER can't be empty"); // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!Auth.isExistingUser(username)) throw new InvalidRequestException(String.format("User %s doesn't exist", username)); }
public ResultMessage execute(ClientState state) throws RequestValidationException, RequestExecutionException { // not rejected in validate() if (ifNotExists && Auth.isExistingUser(username)) return null; DatabaseDescriptor.getAuthenticator().create(username, opts.getOptions()); Auth.insertUser(username, superuser); return null; } }
public ResultMessage execute(ClientState state) throws RequestValidationException, RequestExecutionException { // not rejected in validate() if (ifExists && !Auth.isExistingUser(username)) return null; // clean up permissions after the dropped user. DatabaseDescriptor.getAuthorizer().revokeAll(username); Auth.deleteUser(username); DatabaseDescriptor.getAuthenticator().drop(username); return null; } }