private Role getRoleFromTable(String name, SelectStatement statement, Function<UntypedResultSet.Row, Role> function) throws RequestExecutionException, RequestValidationException { ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(name), Collections.singletonList(ByteBufferUtil.bytes(name))), System.nanoTime()); if (rows.result.isEmpty()) return NULL_ROLE; return function.apply(UntypedResultSet.create(rows.result).one()); }
private Role getRoleFromTable(String name, SelectStatement statement, Function<UntypedResultSet.Row, Role> function) throws RequestExecutionException, RequestValidationException { ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(name), Collections.singletonList(ByteBufferUtil.bytes(name))), System.nanoTime()); if (rows.result.isEmpty()) return NULL_ROLE; return function.apply(UntypedResultSet.create(rows.result).one()); }
private Role getRoleFromTable(String name, SelectStatement statement, Function<UntypedResultSet.Row, Role> function) throws RequestExecutionException, RequestValidationException { ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(name), Collections.singletonList(ByteBufferUtil.bytes(name))), System.nanoTime()); if (rows.result.isEmpty()) return NULL_ROLE; return function.apply(UntypedResultSet.create(rows.result).one()); }
private static UntypedResultSet selectUser(String username) { try { ResultMessage.Rows rows = selectUserStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForUser(username), Lists.newArrayList(ByteBufferUtil.bytes(username)))); return UntypedResultSet.create(rows.result); } catch (RequestValidationException e) { throw new AssertionError(e); // not supposed to happen } catch (RequestExecutionException e) { throw new RuntimeException(e); } }
tminBytes, tmaxBytes)); ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), options, System.nanoTime()); UntypedResultSet result = UntypedResultSet.create(rows.result);
public ResultMessage.Rows execute(QueryState state, QueryOptions options, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { ConsistencyLevel cl = options.getConsistency(); checkNotNull(cl, "Invalid empty consistency level"); cl.validateForRead(keyspace()); int nowInSec = FBUtilities.nowInSeconds(); int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) return execute(query, options, state, nowInSec, userLimit, queryStartNanoTime); QueryPager pager = getPager(query, options); return execute(Pager.forDistributedQuery(pager, cl, state.getClientState()), options, pageSize, nowInSec, userLimit, queryStartNanoTime); }
public ResultMessage.Rows execute(QueryState state, QueryOptions options, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { ConsistencyLevel cl = options.getConsistency(); checkNotNull(cl, "Invalid empty consistency level"); cl.validateForRead(keyspace()); int nowInSec = FBUtilities.nowInSeconds(); int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) return execute(query, options, state, nowInSec, userLimit, queryStartNanoTime); QueryPager pager = getPager(query, options); return execute(Pager.forDistributedQuery(pager, cl, state.getClientState()), options, pageSize, nowInSec, userLimit, queryStartNanoTime); }
public Set<Permission> authorize(AuthenticatedUser user, IResource resource) { if (user.isSuper()) return Permission.ALL; UntypedResultSet result; try { ResultMessage.Rows rows = authorizeStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(ConsistencyLevel.LOCAL_ONE, Lists.newArrayList(ByteBufferUtil.bytes(user.getName()), ByteBufferUtil.bytes(resource.getName())))); result = UntypedResultSet.create(rows.result); } catch (RequestValidationException e) { throw new AssertionError(e); // not supposed to happen } catch (RequestExecutionException e) { logger.warn("CassandraAuthorizer failed to authorize {} for {}", user, resource); throw new RuntimeException(e); } if (result.isEmpty() || !result.one().has(PERMISSIONS)) return Permission.NONE; Set<Permission> permissions = EnumSet.noneOf(Permission.class); for (String perm : result.one().getSet(PERMISSIONS, UTF8Type.instance)) permissions.add(Permission.valueOf(perm)); return permissions; }
public ResultMessage.Rows execute(QueryState state, QueryOptions options, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { ConsistencyLevel cl = options.getConsistency(); checkNotNull(cl, "Invalid empty consistency level"); cl.validateForRead(keyspace()); int nowInSec = FBUtilities.nowInSeconds(); int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) return execute(query, options, state, nowInSec, userLimit, queryStartNanoTime); QueryPager pager = getPager(query, options); return execute(Pager.forDistributedQuery(pager, cl, state.getClientState()), options, pageSize, nowInSec, userLimit, queryStartNanoTime); }
public AuthenticatedUser authenticate(Map<String, String> credentials) throws AuthenticationException { String username = credentials.get(USERNAME_KEY); if (username == null) throw new AuthenticationException(String.format("Required key '%s' is missing", USERNAME_KEY)); String password = credentials.get(PASSWORD_KEY); if (password == null) throw new AuthenticationException(String.format("Required key '%s' is missing", PASSWORD_KEY)); UntypedResultSet result; try { ResultMessage.Rows rows = authenticateStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForUser(username), Lists.newArrayList(ByteBufferUtil.bytes(username)))); result = UntypedResultSet.create(rows.result); } catch (RequestValidationException e) { throw new AssertionError(e); // not supposed to happen } catch (RequestExecutionException e) { throw new AuthenticationException(e.toString()); } if (result.isEmpty() || !BCrypt.checkpw(password, result.one().getString(SALTED_HASH))) throw new AuthenticationException("Username and/or password are incorrect"); return new AuthenticatedUser(username); }
private String queryHashedPassword(String username) throws NoSuchCredentialsException { try { SelectStatement authenticationStatement = authenticationStatement(); ResultMessage.Rows rows = authenticationStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(username), Lists.newArrayList(ByteBufferUtil.bytes(username))), System.nanoTime()); // If either a non-existent role name was supplied, or no credentials // were found for that role we don't want to cache the result so we throw // a specific, but unchecked, exception to keep LoadingCache happy. if (rows.result.isEmpty()) throw new NoSuchCredentialsException(); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.one().has(SALTED_HASH)) throw new NoSuchCredentialsException(); return result.one().getString(SALTED_HASH); } catch (RequestExecutionException e) { logger.trace("Error performing internal authentication", e); throw e; } }
private String queryHashedPassword(String username) throws NoSuchCredentialsException { try { SelectStatement authenticationStatement = authenticationStatement(); ResultMessage.Rows rows = authenticationStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(username), Lists.newArrayList(ByteBufferUtil.bytes(username))), System.nanoTime()); // If either a non-existent role name was supplied, or no credentials // were found for that role we don't want to cache the result so we throw // a specific, but unchecked, exception to keep LoadingCache happy. if (rows.result.isEmpty()) throw new NoSuchCredentialsException(); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.one().has(SALTED_HASH)) throw new NoSuchCredentialsException(); return result.one().getString(SALTED_HASH); } catch (RequestExecutionException e) { logger.trace("Error performing internal authentication", e); throw e; } }
private void addPermissionsForRole(Set<Permission> permissions, IResource resource, RoleResource role) throws RequestExecutionException, RequestValidationException { QueryOptions options = QueryOptions.forInternalCalls(ConsistencyLevel.LOCAL_ONE, Lists.newArrayList(ByteBufferUtil.bytes(role.getRoleName()), ByteBufferUtil.bytes(resource.getName()))); SelectStatement statement; // If it exists, read from the legacy user permissions table to handle the case where the cluster // is being upgraded and so is running with mixed versions of the authz schema if (Schema.instance.getCFMetaData(SchemaConstants.AUTH_KEYSPACE_NAME, USER_PERMISSIONS) == null) statement = authorizeRoleStatement; else { // If the permissions table was initialised only after the statement got prepared, re-prepare (CASSANDRA-12813) if (legacyAuthorizeRoleStatement == null) legacyAuthorizeRoleStatement = prepare(USERNAME, USER_PERMISSIONS); statement = legacyAuthorizeRoleStatement; } ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), options, System.nanoTime()); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.isEmpty() && result.one().has(PERMISSIONS)) { for (String perm : result.one().getSet(PERMISSIONS, UTF8Type.instance)) { permissions.add(Permission.valueOf(perm)); } } }
private void addPermissionsForRole(Set<Permission> permissions, IResource resource, RoleResource role) throws RequestExecutionException, RequestValidationException { QueryOptions options = QueryOptions.forInternalCalls(ConsistencyLevel.LOCAL_ONE, Lists.newArrayList(ByteBufferUtil.bytes(role.getRoleName()), ByteBufferUtil.bytes(resource.getName()))); SelectStatement statement; // If it exists, read from the legacy user permissions table to handle the case where the cluster // is being upgraded and so is running with mixed versions of the authz schema if (Schema.instance.getCFMetaData(SchemaConstants.AUTH_KEYSPACE_NAME, USER_PERMISSIONS) == null) statement = authorizeRoleStatement; else { // If the permissions table was initialised only after the statement got prepared, re-prepare (CASSANDRA-12813) if (legacyAuthorizeRoleStatement == null) legacyAuthorizeRoleStatement = prepare(USERNAME, USER_PERMISSIONS); statement = legacyAuthorizeRoleStatement; } ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), options, System.nanoTime()); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.isEmpty() && result.one().has(PERMISSIONS)) { for (String perm : result.one().getSet(PERMISSIONS, UTF8Type.instance)) { permissions.add(Permission.valueOf(perm)); } } }
private String queryHashedPassword(String username) throws NoSuchCredentialsException { try { SelectStatement authenticationStatement = authenticationStatement(); ResultMessage.Rows rows = authenticationStatement.execute(QueryState.forInternalCalls(), QueryOptions.forInternalCalls(consistencyForRole(username), Lists.newArrayList(ByteBufferUtil.bytes(username))), System.nanoTime()); // If either a non-existent role name was supplied, or no credentials // were found for that role we don't want to cache the result so we throw // a specific, but unchecked, exception to keep LoadingCache happy. if (rows.result.isEmpty()) throw new NoSuchCredentialsException(); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.one().has(SALTED_HASH)) throw new NoSuchCredentialsException(); return result.one().getString(SALTED_HASH); } catch (RequestExecutionException e) { logger.trace("Error performing internal authentication", e); throw e; } }
private void addPermissionsForRole(Set<Permission> permissions, IResource resource, RoleResource role) throws RequestExecutionException, RequestValidationException { QueryOptions options = QueryOptions.forInternalCalls(ConsistencyLevel.LOCAL_ONE, Lists.newArrayList(ByteBufferUtil.bytes(role.getRoleName()), ByteBufferUtil.bytes(resource.getName()))); SelectStatement statement; // If it exists, read from the legacy user permissions table to handle the case where the cluster // is being upgraded and so is running with mixed versions of the authz schema if (Schema.instance.getCFMetaData(SchemaConstants.AUTH_KEYSPACE_NAME, USER_PERMISSIONS) == null) statement = authorizeRoleStatement; else { // If the permissions table was initialised only after the statement got prepared, re-prepare (CASSANDRA-12813) if (legacyAuthorizeRoleStatement == null) legacyAuthorizeRoleStatement = prepare(USERNAME, USER_PERMISSIONS); statement = legacyAuthorizeRoleStatement; } ResultMessage.Rows rows = statement.execute(QueryState.forInternalCalls(), options, System.nanoTime()); UntypedResultSet result = UntypedResultSet.create(rows.result); if (!result.isEmpty() && result.one().has(PERMISSIONS)) { for (String perm : result.one().getSet(PERMISSIONS, UTF8Type.instance)) { permissions.add(Permission.valueOf(perm)); } } }
public ResultMessage.Rows executeInternal(QueryState state, QueryOptions options, int nowInSec, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); try (ReadExecutionController executionController = query.executionController()) { if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) { try (PartitionIterator data = query.executeInternal(executionController)) { return processResults(data, options, nowInSec, userLimit); } } else { QueryPager pager = getPager(query, options); return execute(Pager.forInternalQuery(pager, executionController), options, pageSize, nowInSec, userLimit, queryStartNanoTime); } } }
public ResultMessage.Rows executeInternal(QueryState state, QueryOptions options, int nowInSec, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); try (ReadExecutionController executionController = query.executionController()) { if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) { try (PartitionIterator data = query.executeInternal(executionController)) { return processResults(data, options, nowInSec, userLimit); } } else { QueryPager pager = getPager(query, options); return execute(Pager.forInternalQuery(pager, executionController), options, pageSize, nowInSec, userLimit, queryStartNanoTime); } } }
public ResultMessage.Rows executeInternal(QueryState state, QueryOptions options, int nowInSec, long queryStartNanoTime) throws RequestExecutionException, RequestValidationException { int userLimit = getLimit(options); int userPerPartitionLimit = getPerPartitionLimit(options); int pageSize = options.getPageSize(); ReadQuery query = getQuery(options, nowInSec, userLimit, userPerPartitionLimit, pageSize); try (ReadExecutionController executionController = query.executionController()) { if (aggregationSpec == null && (pageSize <= 0 || (query.limits().count() <= pageSize))) { try (PartitionIterator data = query.executeInternal(executionController)) { return processResults(data, options, nowInSec, userLimit); } } else { QueryPager pager = getPager(query, options); return execute(Pager.forInternalQuery(pager, executionController), options, pageSize, nowInSec, userLimit, queryStartNanoTime); } } }
return execute(command, options, limit, now, state);