public void validate(ClientState state) throws RequestValidationException { // a check to ensure the existence of the user isn't being leaked by user existence check. state.ensureNotAnonymous(); if (resource != null) { resource = maybeCorrectResource(resource, state); if (!resource.exists()) throw new InvalidRequestException(String.format("%s doesn't exist", resource)); } if ((grantee != null) && !DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("%s doesn't exist", grantee)); }
public void validate(ClientState state) throws RequestValidationException { // a check to ensure the existence of the user isn't being leaked by user existence check. state.ensureNotAnonymous(); if (resource != null) { resource = maybeCorrectResource(resource, state); if (!resource.exists()) throw new InvalidRequestException(String.format("%s doesn't exist", resource)); } if ((grantee != null) && !DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("%s doesn't exist", grantee)); }
public void validate(ClientState state) throws RequestValidationException { // a check to ensure the existence of the user isn't being leaked by user existence check. state.ensureNotAnonymous(); if (resource != null) { resource = maybeCorrectResource(resource, state); if (!resource.exists()) throw new InvalidRequestException(String.format("%s doesn't exist", resource)); } if ((grantee != null) && !DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("%s doesn't exist", grantee)); }
public void validate(ClientState state) throws RequestValidationException { // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("Role %s doesn't exist", grantee.getRoleName())); // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. // called both here and in checkAccess(), as in some cases we do not call the latter. resource = maybeCorrectResource(resource, state); // altering permissions on builtin functions is not supported if (resource instanceof FunctionResource && SchemaConstants.SYSTEM_KEYSPACE_NAME.equals(((FunctionResource)resource).getKeyspace())) { throw new InvalidRequestException("Altering permissions on builtin functions is not supported"); } if (!resource.exists()) throw new InvalidRequestException(String.format("Resource %s doesn't exist", resource)); }
public void validate(ClientState state) throws RequestValidationException { // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("Role %s doesn't exist", grantee.getRoleName())); // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. // called both here and in checkAccess(), as in some cases we do not call the latter. resource = maybeCorrectResource(resource, state); // altering permissions on builtin functions is not supported if (resource instanceof FunctionResource && SchemaConstants.SYSTEM_KEYSPACE_NAME.equals(((FunctionResource)resource).getKeyspace())) { throw new InvalidRequestException("Altering permissions on builtin functions is not supported"); } if (!resource.exists()) throw new InvalidRequestException(String.format("Resource %s doesn't exist", resource)); }
public void validate(ClientState state) throws RequestValidationException { // validate login here before checkAccess to avoid leaking user existence to anonymous users. state.ensureNotAnonymous(); if (!DatabaseDescriptor.getRoleManager().isExistingRole(grantee)) throw new InvalidRequestException(String.format("Role %s doesn't exist", grantee.getRoleName())); // if a keyspace is omitted when GRANT/REVOKE ON TABLE <table>, we need to correct the resource. // called both here and in checkAccess(), as in some cases we do not call the latter. resource = maybeCorrectResource(resource, state); // altering permissions on builtin functions is not supported if (resource instanceof FunctionResource && SchemaConstants.SYSTEM_KEYSPACE_NAME.equals(((FunctionResource)resource).getKeyspace())) { throw new InvalidRequestException("Altering permissions on builtin functions is not supported"); } if (!resource.exists()) throw new InvalidRequestException(String.format("Resource %s doesn't exist", resource)); }