cassandra-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Adam Holmberg (JIRA)" <>
Subject [jira] [Created] (CASSANDRA-10594) Inconsistent permissions results return
Date Mon, 26 Oct 2015 18:38:27 GMT
Adam Holmberg created CASSANDRA-10594:

             Summary: Inconsistent permissions results return
                 Key: CASSANDRA-10594
             Project: Cassandra
          Issue Type: Bug
            Reporter: Adam Holmberg
            Priority: Minor

The server returns inconsistent results when listing permissions, depending on whether a user
is configured.

*Observed with Cassandra 3.0:*

Only super user configured:
cassandra@cqlsh> list all;

 role | resource | permissions

(0 rows)
VOID result type is returned (meaning no result meta is returned and cqlsh must use the table
meta to determine columns)

With one user configured, no grants:
cassandra@cqlsh> create user holmberg with password 'tmp';
cassandra@cqlsh> list all;
results meta: system_auth permissions 4

 role      | username  | resource    | permission
 cassandra | cassandra | <role holmberg> |      ALTER
 cassandra | cassandra | <role holmberg> |       DROP
 cassandra | cassandra | <role holmberg> |  AUTHORIZE

(3 rows)
Now a ROWS result message is returned with the cassandra super user grants. 

Dropping the regular user causes the VOID message to be returned again.

*Slightly different behavior on 2.2 branch:* VOID message with no result meta is returned,
even if regular user is configured, until permissions are added to that user.

It would be nice if the query always resulted in a ROWS result, even if there are no explicit
permissions defined. This would provide the correct result metadata even if there are no rows.
Additionally, it is strange that the 'cassandra' super user only appears in the results when
another user is configured. I would expect it to always appear, or never.

This message was sent by Atlassian JIRA

View raw message