This is an automated email from the ASF dual-hosted git repository. jmckenzie pushed a commit to branch trunk in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/trunk by this push: new a57eae67e5 Improve javadoc on CQLTester and GuardrailTester assertion methods a57eae67e5 is described below commit a57eae67e5d73f8ab3fd0ab172262380c8dc0280 Author: Josh McKenzie <jmcken...@apache.org> AuthorDate: Fri Jul 22 13:34:41 2022 -0400 Improve javadoc on CQLTester and GuardrailTester assertion methods Patch by Josh McKenzie; reviewed by Andres de la Pena for CASSANDRA-17772 --- test/unit/org/apache/cassandra/cql3/CQLTester.java | 15 +++++++++++++-- .../cassandra/db/guardrails/GuardrailTester.java | 20 ++++++++++++++++++++ 2 files changed, 33 insertions(+), 2 deletions(-) diff --git a/test/unit/org/apache/cassandra/cql3/CQLTester.java b/test/unit/org/apache/cassandra/cql3/CQLTester.java index eae939b8a9..7c2eebb8c5 100644 --- a/test/unit/org/apache/cassandra/cql3/CQLTester.java +++ b/test/unit/org/apache/cassandra/cql3/CQLTester.java @@ -1322,6 +1322,10 @@ public abstract class CQLTester return executeFormattedQuery(formatViewQuery(KEYSPACE, query), values); } + /** + * Executes the provided query using the {@link ClientState#forInternalCalls()} as the expected ClientState. Note: + * this means permissions checking will not apply and queries will proceed regardless of role or guardrails. + */ protected UntypedResultSet executeFormattedQuery(String query, Object... values) throws Throwable { UntypedResultSet rs; @@ -1738,8 +1742,15 @@ public abstract class CQLTester assertInvalidThrowMessage(Optional.empty(), errorMessage, exception, query, values); } - // if a protocol version > Integer.MIN_VALUE is supplied, executes - // the query via the java driver, mimicking a real client. + /** + * Asserts that the query provided throws the exceptions provided. + * + * NOTE: This method uses {@link ClientState#forInternalCalls()} which sets the {@link ClientState#isInternal} value + * to true, nullifying any system keyspace or other permissions checking for tables. + * + * If a protocol version > Integer.MIN_VALUE is supplied, executes + * the query via the java driver, mimicking a real client. + */ protected void assertInvalidThrowMessage(Optional<ProtocolVersion> protocolVersion, String errorMessage, Class<? extends Throwable> exception, diff --git a/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java b/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java index 7c94702a21..54523743b7 100644 --- a/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java +++ b/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java @@ -67,6 +67,18 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; import static org.junit.Assert.fail; +/** + * This class provides specific utility methods for testing Guardrails that should be used instead of the provided + * {@link CQLTester} methods. Many of the methods in CQLTester don't respect the {@link ClientState} provided for a query + * and instead use {@link ClientState#forInternalCalls()} which flags as an internal query and thus bypasses auth and + * guardrail checks. + * + * Some GuardrailTester methods and their usage is as follows: + * {@link GuardrailTester#assertValid(String)} to confirm the query as structured is valid given the state of the db + * {@link GuardrailTester#assertWarns(String, String)} to confirm a query succeeds but warns the text provided + * {@link GuardrailTester#assertFails(String, String)} to confirm a query fails with the message provided + * {@link GuardrailTester#testExcludedUsers} to confirm superusers are excluded from application of the guardrail + */ public abstract class GuardrailTester extends CQLTester { // Name used when testing CREATE TABLE that should be aborted (we need to provide it as assertFails, which @@ -318,6 +330,10 @@ public abstract class GuardrailTester extends CQLTester assertFails(function, true, messages, redactedMessages); } + /** + * Unlike {@link CQLTester#assertInvalidThrowMessage}, the chain of methods ending here in {@link GuardrailTester} + * respect the input ClientState so guardrails permissions will be correctly checked. + */ protected void assertFails(CheckedFunction function, boolean thrown, List<String> messages, List<String> redactedMessages) throws Throwable { ClientWarn.instance.captureWarnings(); @@ -478,6 +494,10 @@ public abstract class GuardrailTester extends CQLTester return execute(state, query, options); } + /** + * Performs execution of query using the input {@link ClientState} (i.e. unlike {@link ClientState#forInternalCalls()} + * which may not) to ensure guardrails are approprieately applied to the query provided. + */ protected ResultMessage execute(ClientState state, String query, QueryOptions options) { QueryState queryState = new QueryState(state); --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org For additional commands, e-mail: commits-h...@cassandra.apache.org