Package org.apache.cassandra.exceptions

Examples of org.apache.cassandra.exceptions.UnauthorizedException

189
190
191
192
193
194
195
    }

    public void validateLogin() throws UnauthorizedException
    {
        if (user == null)
            throw new UnauthorizedException("You have not logged in");
    }
View Full Code Here
196
197
198
199
200
201
202
    public void ensureNotAnonymous() throws UnauthorizedException
    {
        validateLogin();
        if (user.isAnonymous())
            throw new UnauthorizedException("You have to be logged in and not anonymous to perform this request");
    }
View Full Code Here
140
141
142
143
144
145
146
147
        validateLogin();
        preventSystemKSSModification(keyspace, perm);
        if (perm.equals(Permission.SELECT) && READABLE_SYSTEM_RESOURCES.contains(resource))
            return;
        if (PROTECTED_AUTH_RESOURCES.contains(resource))
            throw new UnauthorizedException(String.format("Resource %s is inaccessible", resource));
        ensureHasPermission(perm, resource);
    }
View Full Code Here
151
152
153
154
155
156
157
158
159
160
        for (IResource r : Resources.chain(resource))
        {
            if (authorize(r).contains(perm))
                return;
        }
        throw new UnauthorizedException(String.format("User %s has no %s permission on %s or any of its parents",
                                                      user.username,
                                                      perm,
                                                      resource));
    }
View Full Code Here
160
161
162
163
164
165
166
    }

    private void preventSystemKSSModification(String keyspace, Permission perm) throws UnauthorizedException
    {
        if (Schema.systemKeyspaceNames.contains(keyspace.toLowerCase()) && !perm.equals(Permission.SELECT))
            throw new UnauthorizedException(keyspace + " keyspace is not user-modifiable.");
    }
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
    {
        if (perms.contains(Permission.FULL_ACCESS))
            return; // full access

        if (perms.contains(Permission.NO_ACCESS))
            throw new UnauthorizedException(String.format("%s does not have permission %s for %s",
                                                          user,
                                                          perm,
                                                          Resources.toString(resource)));


        boolean granular = false;

        for (Permission p : perms)
        {
            // mixing of old and granular permissions is denied by IAuthorityContainer
            // and CQL grammar so it's name to assume that once a granular permission is found
            // all other permissions are going to be a subset of Permission.GRANULAR_PERMISSIONS
            if (Permission.GRANULAR_PERMISSIONS.contains(p))
            {
                granular = true;
                break;
            }
        }

        if (granular)
        {
            if (perms.contains(perm))
                return; // user has a given permission, perm is always one of Permission.GRANULAR_PERMISSIONS
        }
        else
        {
            for (Permission p : perms)
            {
                if (Permission.oldToNew.get(p).contains(perm))
                    return;
            }
        }

        throw new UnauthorizedException(String.format("%s does not have permission %s for %s",
                                                      user,
                                                      perm,
                                                      Resources.toString(resource)));
    }
View Full Code Here
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
    {
        if (perms.contains(Permission.FULL_ACCESS))
            return; // full access

        if (perms.contains(Permission.NO_ACCESS))
            throw new UnauthorizedException(String.format("%s does not have permission %s for %s",
                                                          user,
                                                          perm,
                                                          Resources.toString(resource)));


        boolean granular = false;

        for (Permission p : perms)
        {
            // mixing of old and granular permissions is denied by IAuthorityContainer
            // and CQL grammar so it's name to assume that once a granular permission is found
            // all other permissions are going to be a subset of Permission.GRANULAR_PERMISSIONS
            if (Permission.GRANULAR_PERMISSIONS.contains(p))
            {
                granular = true;
                break;
            }
        }

        if (granular)
        {
            if (perms.contains(perm))
                return; // user has a given permission, perm is always one of Permission.GRANULAR_PERMISSIONS
        }
        else
        {
            for (Permission p : perms)
            {
                if (Permission.oldToNew.get(p).contains(perm))
                    return;
            }
        }

        throw new UnauthorizedException(String.format("%s does not have permission %s for %s",
                                                      user,
                                                      perm,
                                                      Resources.toString(resource)));
    }
View Full Code Here
145
146
147
148
149
150
151
152
        validateLogin();
        preventSystemKSSchemaModification(keyspace, perm);
        if (perm.equals(Permission.SELECT) && READABLE_SYSTEM_RESOURCES.contains(resource))
            return;
        if (PROTECTED_AUTH_RESOURCES.contains(resource))
            throw new UnauthorizedException(String.format("Resource %s is inaccessible", resource));
        ensureHasPermission(perm, resource);
    }
View Full Code Here
156
157
158
159
160
161
162
163
164
165
        for (IResource r : Resources.chain(resource))
        {
            if (authorize(r).contains(perm))
                return;
        }
        throw new UnauthorizedException(String.format("User %s has no %s permission on %s or any of its parents",
                                                      user.getName(),
                                                      perm,
                                                      resource));
    }
View Full Code Here
165
166
167
168
169
170
171
    }

    private void preventSystemKSSchemaModification(String keyspace, Permission perm) throws UnauthorizedException
    {
        if (Schema.systemKeyspaceNames.contains(keyspace.toLowerCase()) && !(perm.equals(Permission.SELECT) || perm.equals(Permission.MODIFY)))
            throw new UnauthorizedException(keyspace + " keyspace is not user-modifiable.");
    }
View Full Code Here
TOP

Related Classes of org.apache.cassandra.exceptions.UnauthorizedException

  • org.apache.cassandra.cql3.statements.AlterUserStatement
  • org.apache.cassandra.cql3.statements.CreateUserStatement
  • org.apache.cassandra.cql3.statements.DropUserStatement
  • org.apache.cassandra.service.ClientState
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.