[jira] [Commented] (CASSANDRA-7557) User permissions for UDFs

[Robert Stupp (JIRA)]

    [ 
https://issues.apache.org/jira/browse/CASSANDRA-7557?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14298452#comment-14298452
 ] 

Robert Stupp commented on CASSANDRA-7557:
-----------------------------------------

Currently we allow creation of different kinds of resources using the same name.
{{CREATE TABLE foo …}}
{{CREATE TYPE foo …}}
{{CREATE FUNCTION/AGGREGATE foo …}}

This means that a granted permission like {{GRANT ALTER ON foo TO sheldon}} 
cannot distinguish whether it means the table, the type or the 
function/aggregate.
I’m not sure whether we should enforce unique names for tables, types and 
functions in a keyspace (I don’t think it’s necessary - at least for now).
But we should be precise (be able to distinguish) with permissions.

To achieve this, I propose to change permissions in {{Permission}} enum:
* {{CREATE}} to {{CREATE_KEYSPACE}}, {{CREATE_TABLE}}, {{CREATE_FUNCTION}}, 
{{CREATE_AGGREGATE}}
* {{ALTER}} to {{ALTER_KEYSPACE}}, {{ALTER_TABLE}}, {{ALTER_FUNCTION}}, 
{{ALTER_AGGREGATE}}
* {{DROP}} to {{DROP_KEYSPACE}}, {{DROP_TABLE}}, {{DROP_FUNCTION}}, 
{{DROP_AGGREGATE}}
* add new {{EXECUTE}}  permission in {{Permission}} enum (global, per keyspace, 
per function name).

I’m not sure whether different resources for functions and aggregates should be 
used. But since we have different statements for functions and aggregates, I’d 
like to have different resources for them (new {{FunctionResource implements 
IResource}}.

The ”old” {{CREATE}} permission would then be migrated in 
{{o.a.c.auth.CassandraAuthorizer#convertLegacyData}} to {{CREATE_KEYSPACE}} + 
{{CREATE_TABLE}} (or just {{CREATE_TABLE}} if the resource is a keyspace). 
Similar for {{ALTER}} + {{DROP}}.
Alternative is to leave {{CREATE}}, {{ALTER}} and {{DROP}} permissions and 
imply that these are only meant for data (keyspaces + tables + types).

Drawback of my proposal is that the {{LIST (permissions)}} statement would 
return a non-backwards compatible result.


> User permissions for UDFs
> -------------------------
>
>                 Key: CASSANDRA-7557
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-7557
>             Project: Cassandra
>          Issue Type: Improvement
>          Components: Core
>            Reporter: Tyler Hobbs
>            Assignee: Robert Stupp
>              Labels: client-impacting, cql, udf
>             Fix For: 3.0
>
>
> We probably want some new permissions for user defined functions.  Most 
> RDBMSes split function permissions roughly into {{EXECUTE}} and 
> {{CREATE}}/{{ALTER}}/{{DROP}} permissions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)