public void checkAccess(ClientState state) throws UnauthorizedException { // check that the user has AUTHORIZE permission on the resource or its parents, otherwise reject GRANT/REVOKE. state.ensureHasPermission(Permission.AUTHORIZE, resource); // check that the user has [a single permission or all in case of ALL] on the resource or its parents. for (Permission p : permissions) state.ensureHasPermission(p, resource); } }
public void checkAccess(ClientState state) throws UnauthorizedException { // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. resource = maybeCorrectResource(resource, state); // check that the user has AUTHORIZE permission on the resource or its parents, otherwise reject GRANT/REVOKE. state.ensureHasPermission(Permission.AUTHORIZE, resource); // check that the user has [a single permission or all in case of ALL] on the resource or its parents. for (Permission p : permissions) state.ensureHasPermission(p, resource); } }
public void checkAccess(ClientState state) throws UnauthorizedException { // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. resource = maybeCorrectResource(resource, state); // check that the user has AUTHORIZE permission on the resource or its parents, otherwise reject GRANT/REVOKE. state.ensureHasPermission(Permission.AUTHORIZE, resource); // check that the user has [a single permission or all in case of ALL] on the resource or its parents. for (Permission p : permissions) state.ensureHasPermission(p, resource); } }
public void checkAccess(ClientState state) throws UnauthorizedException { // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. resource = maybeCorrectResource(resource, state); // check that the user has AUTHORIZE permission on the resource or its parents, otherwise reject GRANT/REVOKE. state.ensureHasPermission(Permission.AUTHORIZE, resource); // check that the user has [a single permission or all in case of ALL] on the resource or its parents. for (Permission p : permissions) state.ensureHasPermission(p, resource); } }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); state.ensureHasPermission(Permission.EXECUTE, stateFunction); if (finalFunction != null) state.ensureHasPermission(Permission.EXECUTE, finalFunction); }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); state.ensureHasPermission(Permission.EXECUTE, stateFunction); if (finalFunction != null) state.ensureHasPermission(Permission.EXECUTE, finalFunction); }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); state.ensureHasPermission(Permission.EXECUTE, stateFunction); if (finalFunction != null) state.ensureHasPermission(Permission.EXECUTE, finalFunction); }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); }
public void checkAccess(ClientState state) throws UnauthorizedException, InvalidRequestException { if (Schema.instance.findFunction(functionName, argTypes).isPresent() && orReplace) state.ensureHasPermission(Permission.ALTER, FunctionResource.function(functionName.keyspace, functionName.name, argTypes)); else state.ensureHasPermission(Permission.CREATE, FunctionResource.keyspace(functionName.keyspace)); }
public void hasAllKeyspacesAccess(Permission perm) throws UnauthorizedException { if (isInternal) return; validateLogin(); ensureHasPermission(perm, DataResource.root()); }
public void hasAllKeyspacesAccess(Permission perm) throws UnauthorizedException { if (isInternal) return; validateLogin(); ensureHasPermission(perm, DataResource.root()); }
public void hasAllKeyspacesAccess(Permission perm) throws UnauthorizedException { if (isInternal) return; validateLogin(); ensureHasPermission(perm, DataResource.root()); }
public void hasAllKeyspacesAccess(Permission perm) throws UnauthorizedException { if (isInternal) return; validateLogin(); ensureHasPermission(perm, DataResource.root()); }
private void hasAccess(String keyspace, Permission perm, DataResource resource) throws UnauthorizedException, InvalidRequestException { validateKeyspace(keyspace); if (isInternal) return; validateLogin(); preventSystemKSSchemaModification(keyspace, resource, perm); if ((perm == Permission.SELECT) && READABLE_SYSTEM_RESOURCES.contains(resource)) return; if (PROTECTED_AUTH_RESOURCES.contains(resource)) if ((perm == Permission.CREATE) || (perm == Permission.ALTER) || (perm == Permission.DROP)) throw new UnauthorizedException(String.format("%s schema is protected", resource)); ensureHasPermission(perm, resource); }
private void hasAccess(String keyspace, Permission perm, DataResource resource) throws UnauthorizedException, InvalidRequestException { validateKeyspace(keyspace); if (isInternal) return; validateLogin(); preventSystemKSSchemaModification(keyspace, resource, perm); if ((perm == Permission.SELECT) && READABLE_SYSTEM_RESOURCES.contains(resource)) return; if (PROTECTED_AUTH_RESOURCES.contains(resource)) if ((perm == Permission.CREATE) || (perm == Permission.ALTER) || (perm == Permission.DROP)) throw new UnauthorizedException(String.format("%s schema is protected", resource)); ensureHasPermission(perm, resource); }
public void checkPermission(ClientState state, Permission required, RoleResource resource) throws UnauthorizedException { try { state.ensureHasPermission(required, resource); } catch (UnauthorizedException e) { // Catch and rethrow with a more friendly message throw new UnauthorizedException(String.format("User %s does not have sufficient privileges " + "to perform the requested operation", state.getUser().getName())); } } }
public void checkPermission(ClientState state, Permission required, RoleResource resource) throws UnauthorizedException { try { state.ensureHasPermission(required, resource); } catch (UnauthorizedException e) { // Catch and rethrow with a more friendly message throw new UnauthorizedException(String.format("User %s does not have sufficient privileges " + "to perform the requested operation", state.getUser().getName())); } } }
public void checkAccess(ClientState state) throws InvalidRequestException, UnauthorizedException { if (cfm.isView()) { CFMetaData baseTable = View.findBaseTable(keyspace(), columnFamily()); if (baseTable != null) state.hasColumnFamilyAccess(baseTable, Permission.SELECT); } else { state.hasColumnFamilyAccess(cfm, Permission.SELECT); } for (Function function : getFunctions()) state.ensureHasPermission(Permission.EXECUTE, function); }
public void checkAccess(ClientState state) throws InvalidRequestException, UnauthorizedException { if (cfm.isView()) { CFMetaData baseTable = View.findBaseTable(keyspace(), columnFamily()); if (baseTable != null) state.hasColumnFamilyAccess(baseTable, Permission.SELECT); } else { state.hasColumnFamilyAccess(cfm, Permission.SELECT); } for (Function function : getFunctions()) state.ensureHasPermission(Permission.EXECUTE, function); }