/** * Checks the user's superuser status. * Only a superuser is allowed to perform CREATE USER and DROP USER queries. * Im most cased, though not necessarily, a superuser will have Permission.ALL on every resource * (depends on IAuthorizer implementation). */ public boolean isSuper() { return !isAnonymous() && Roles.hasSuperuserStatus(role); }
/** * Checks the user's superuser status. * Only a superuser is allowed to perform CREATE USER and DROP USER queries. * Im most cased, though not necessarily, a superuser will have Permission.ALL on every resource * (depends on IAuthorizer implementation). */ public boolean isSuper() { return !isAnonymous() && Auth.isSuperuser(name); }
public boolean canLogin(RoleResource role) { return getRole(role.getRoleName()).canLogin; }
private void removeLookupEntry(IResource resource, RoleResource role) throws RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE resource = '%s' and role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.RESOURCE_ROLE_INDEX, escape(resource.getName()), escape(role.getRoleName()))); }
private void collectRoles(Role role, Set<RoleResource> collected, boolean includeInherited) throws RequestValidationException, RequestExecutionException { for (String memberOf : role.memberOf) { Role granted = getRole(memberOf); if (granted.equals(NULL_ROLE)) continue; collected.add(RoleResource.role(granted.name)); if (includeInherited) collectRoles(granted, collected, true); } }
public void onDropKeyspace(String ksName) { DatabaseDescriptor.getAuthorizer().revokeAllOn(DataResource.keyspace(ksName)); DatabaseDescriptor.getAuthorizer().revokeAllOn(FunctionResource.keyspace(ksName)); }
mode = PasswordMode.valueOf(pmode_plain); for (PasswordMode pm : PasswordMode.values()) mode_values += "'" + pm + "', "; throw new AuthenticationException(authenticationErrorMessage(mode, username)); switch (mode) throw new AuthenticationException(authenticationErrorMessage(mode, username)); return new AuthenticatedUser(username);
String kspAdmins = accessProperties.getProperty(KEYSPACES_WRITE_PROPERTY); for (String admin : kspAdmins.split(",")) if (admin.equals(user.getName())) return (EnumSet<Permission>) Permission.ALL; if (reader.equals(user.getName())) { canRead = true; break; if (writer.equals(user.getName())) { canWrite = true; break;
PasswordAuthenticator idAuth = new PasswordAuthenticator(); Map<String, String> credentials = new HashMap<String, String>(); credentials.put(idAuth.USERNAME_KEY, userName);
private void addLookupEntry(IResource resource, RoleResource role) throws RequestExecutionException { process(String.format("INSERT INTO %s.%s (resource, role) VALUES ('%s','%s')", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.RESOURCE_ROLE_INDEX, escape(resource.getName()), escape(role.getRoleName()))); }
public boolean isExistingRole(RoleResource role) { return getRole(role.getRoleName()) != NULL_ROLE; }
public void onDropKeyspace(String ksName) { DatabaseDescriptor.getAuthorizer().revokeAllOn(DataResource.keyspace(ksName)); DatabaseDescriptor.getAuthorizer().revokeAllOn(FunctionResource.keyspace(ksName)); }
/** * Checks the user's superuser status. * Only a superuser is allowed to perform CREATE USER and DROP USER queries. * Im most cased, though not necessarily, a superuser will have Permission.ALL on every resource * (depends on IAuthorizer implementation). */ public boolean isSuper() { return !isAnonymous() && Roles.hasSuperuserStatus(role); }
private void removeLookupEntry(IResource resource, RoleResource role) throws RequestExecutionException { process(String.format("DELETE FROM %s.%s WHERE resource = '%s' and role = '%s'", SchemaConstants.AUTH_KEYSPACE_NAME, AuthKeyspace.RESOURCE_ROLE_INDEX, escape(resource.getName()), escape(role.getRoleName()))); }
public boolean canLogin(RoleResource role) { return getRole(role.getRoleName()).canLogin; }
/** * Checks the user's superuser status. * Only a superuser is allowed to perform CREATE USER and DROP USER queries. * Im most cased, though not necessarily, a superuser will have Permission.ALL on every resource * (depends on IAuthorizer implementation). */ public boolean isSuper() { return !isAnonymous() && Roles.hasSuperuserStatus(role); }
public boolean isSuper(RoleResource role) { return getRole(role.getRoleName()).isSuper; }
public boolean isSuper(RoleResource role) { return getRole(role.getRoleName()).isSuper; }
public boolean isExistingRole(RoleResource role) { return getRole(role.getRoleName()) != NULL_ROLE; }
public boolean isExistingRole(RoleResource role) { return getRole(role.getRoleName()) != NULL_ROLE; }