public Set<RoleResource> getAllRoles() throws RequestValidationException, RequestExecutionException { UntypedResultSet rows = process(String.format("SELECT role from %s.%s", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES), ConsistencyLevel.QUORUM); Iterable<RoleResource> roles = Iterables.transform(rows, new Function<UntypedResultSet.Row, RoleResource>() { public RoleResource apply(UntypedResultSet.Row row) { return RoleResource.role(row.getString("role")); } }); return ImmutableSet.<RoleResource>builder().addAll(roles).build(); }
public Set<RoleResource> getAllRoles() throws RequestValidationException, RequestExecutionException { UntypedResultSet rows = process(String.format("SELECT role from %s.%s", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES), ConsistencyLevel.QUORUM); Iterable<RoleResource> roles = Iterables.transform(rows, new Function<UntypedResultSet.Row, RoleResource>() { public RoleResource apply(UntypedResultSet.Row row) { return RoleResource.role(row.getString("role")); } }); return ImmutableSet.<RoleResource>builder().addAll(roles).build(); }
private void modifyRoleMembership(String grantee, String role, String op) throws RequestExecutionException { process(String.format("UPDATE %s.%s SET member_of = member_of %s {'%s'} WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, op, escape(role), escape(grantee)), consistencyForRole(grantee)); }
private void modifyRoleMembership(String grantee, String role, String op) throws RequestExecutionException { process(String.format("UPDATE %s.%s SET member_of = member_of %s {'%s'} WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, op, escape(role), escape(grantee)), consistencyForRole(grantee)); }
private void modifyRoleMembership(String grantee, String role, String op) throws RequestExecutionException { process(String.format("UPDATE %s.%s SET member_of = member_of %s {'%s'} WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, op, escape(role), escape(grantee)), consistencyForRole(grantee)); }
public void alterRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) { // Unlike most of the other data access methods here, this does not use a // prepared statement in order to allow the set of assignments to be variable. String assignments = Joiner.on(',').join(Iterables.filter(optionsToAssignments(options.getOptions()), Predicates.notNull())); if (!Strings.isNullOrEmpty(assignments)) { process(String.format("UPDATE %s.%s SET %s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, assignments, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); } }
public void alterRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) { // Unlike most of the other data access methods here, this does not use a // prepared statement in order to allow the set of assignments to be variable. String assignments = Joiner.on(',').join(Iterables.filter(optionsToAssignments(options.getOptions()), Predicates.notNull())); if (!Strings.isNullOrEmpty(assignments)) { process(String.format("UPDATE %s.%s SET %s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, assignments, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); } }
public Set<RoleResource> getAllRoles() throws RequestValidationException, RequestExecutionException { UntypedResultSet rows = process(String.format("SELECT role from %s.%s", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES), ConsistencyLevel.QUORUM); Iterable<RoleResource> roles = Iterables.transform(rows, new Function<UntypedResultSet.Row, RoleResource>() { public RoleResource apply(UntypedResultSet.Row row) { return RoleResource.role(row.getString("role")); } }); return ImmutableSet.<RoleResource>builder().addAll(roles).build(); }
public void dropRole(AuthenticatedUser performer, RoleResource role) throws RequestValidationException, RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); removeAllMembers(role.getRoleName()); }
public void dropRole(AuthenticatedUser performer, RoleResource role) throws RequestValidationException, RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); removeAllMembers(role.getRoleName()); }
public void dropRole(AuthenticatedUser performer, RoleResource role) throws RequestValidationException, RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); removeAllMembers(role.getRoleName()); }
public void createRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) throws RequestValidationException, RequestExecutionException { String insertCql = options.getPassword().isPresent() ? String.format("INSERT INTO %s.%s (role, is_superuser, can_login, salted_hash) VALUES ('%s', %s, %s, '%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false), escape(hashpw(options.getPassword().get()))) : String.format("INSERT INTO %s.%s (role, is_superuser, can_login) VALUES ('%s', %s, %s)", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false)); process(insertCql, consistencyForRole(role.getRoleName())); }
public void createRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) throws RequestValidationException, RequestExecutionException { String insertCql = options.getPassword().isPresent() ? String.format("INSERT INTO %s.%s (role, is_superuser, can_login, salted_hash) VALUES ('%s', %s, %s, '%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false), escape(hashpw(options.getPassword().get()))) : String.format("INSERT INTO %s.%s (role, is_superuser, can_login) VALUES ('%s', %s, %s)", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false)); process(insertCql, consistencyForRole(role.getRoleName())); }
public void revokeRole(AuthenticatedUser performer, RoleResource role, RoleResource revokee) throws RequestValidationException, RequestExecutionException { if (!getRoles(revokee, false).contains(role)) throw new InvalidRequestException(String.format("%s is not a member of %s", revokee.getRoleName(), role.getRoleName())); modifyRoleMembership(revokee.getRoleName(), role.getRoleName(), "-"); process(String.format("DELETE FROM %s.%s WHERE role = '%s' and member = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_MEMBERS, escape(role.getRoleName()), escape(revokee.getRoleName())), consistencyForRole(role.getRoleName())); }
public void revokeRole(AuthenticatedUser performer, RoleResource role, RoleResource revokee) throws RequestValidationException, RequestExecutionException { if (!getRoles(revokee, false).contains(role)) throw new InvalidRequestException(String.format("%s is not a member of %s", revokee.getRoleName(), role.getRoleName())); modifyRoleMembership(revokee.getRoleName(), role.getRoleName(), "-"); process(String.format("DELETE FROM %s.%s WHERE role = '%s' and member = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_MEMBERS, escape(role.getRoleName()), escape(revokee.getRoleName())), consistencyForRole(role.getRoleName())); }
public void revokeRole(AuthenticatedUser performer, RoleResource role, RoleResource revokee) throws RequestValidationException, RequestExecutionException { if (!getRoles(revokee, false).contains(role)) throw new InvalidRequestException(String.format("%s is not a member of %s", revokee.getRoleName(), role.getRoleName())); modifyRoleMembership(revokee.getRoleName(), role.getRoleName(), "-"); process(String.format("DELETE FROM %s.%s WHERE role = '%s' and member = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_MEMBERS, escape(role.getRoleName()), escape(revokee.getRoleName())), consistencyForRole(role.getRoleName())); }
public void grantRole(AuthenticatedUser performer, RoleResource role, RoleResource grantee) throws RequestValidationException, RequestExecutionException { if (getRoles(grantee, true).contains(role)) throw new InvalidRequestException(String.format("%s is a member of %s", grantee.getRoleName(), role.getRoleName())); if (getRoles(role, true).contains(grantee)) throw new InvalidRequestException(String.format("%s is a member of %s", role.getRoleName(), grantee.getRoleName())); modifyRoleMembership(grantee.getRoleName(), role.getRoleName(), "+"); process(String.format("INSERT INTO %s.%s (role, member) values ('%s', '%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_MEMBERS, escape(role.getRoleName()), escape(grantee.getRoleName())), consistencyForRole(role.getRoleName())); }
public void grantRole(AuthenticatedUser performer, RoleResource role, RoleResource grantee) throws RequestValidationException, RequestExecutionException { if (getRoles(grantee, true).contains(role)) throw new InvalidRequestException(String.format("%s is a member of %s", grantee.getRoleName(), role.getRoleName())); if (getRoles(role, true).contains(grantee)) throw new InvalidRequestException(String.format("%s is a member of %s", role.getRoleName(), grantee.getRoleName())); modifyRoleMembership(grantee.getRoleName(), role.getRoleName(), "+"); process(String.format("INSERT INTO %s.%s (role, member) values ('%s', '%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLE_MEMBERS, escape(role.getRoleName()), escape(grantee.getRoleName())), consistencyForRole(role.getRoleName())); }
public void alterRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) { // Unlike most of the other data access methods here, this does not use a // prepared statement in order to allow the set of assignments to be variable. String assignments = Joiner.on(',').join(Iterables.filter(optionsToAssignments(options.getOptions()), Predicates.notNull())); if (!Strings.isNullOrEmpty(assignments)) { process(String.format("UPDATE %s.%s SET %s WHERE role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, assignments, escape(role.getRoleName())), consistencyForRole(role.getRoleName())); } }
public void createRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) throws RequestValidationException, RequestExecutionException { String insertCql = options.getPassword().isPresent() ? String.format("INSERT INTO %s.%s (role, is_superuser, can_login, salted_hash) VALUES ('%s', %s, %s, '%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false), escape(hashpw(options.getPassword().get()))) : String.format("INSERT INTO %s.%s (role, is_superuser, can_login) VALUES ('%s', %s, %s)", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.ROLES, escape(role.getRoleName()), options.getSuperuser().or(false), options.getLogin().or(false)); process(insertCql, consistencyForRole(role.getRoleName())); }