This is an automated email from the ASF dual-hosted git repository.
jmckenzie pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/cassandra.git
The following commit(s) were added to refs/heads/trunk by this push:
new a57eae67e5 Improve javadoc on CQLTester and GuardrailTester assertion
methods
a57eae67e5 is described below
commit a57eae67e5d73f8ab3fd0ab172262380c8dc0280
Author: Josh McKenzie <jmcken...@apache.org>
AuthorDate: Fri Jul 22 13:34:41 2022 -0400
Improve javadoc on CQLTester and GuardrailTester assertion methods
Patch by Josh McKenzie; reviewed by Andres de la Pena for CASSANDRA-17772
---
test/unit/org/apache/cassandra/cql3/CQLTester.java | 15 +++++++++++++--
.../cassandra/db/guardrails/GuardrailTester.java | 20 ++++++++++++++++++++
2 files changed, 33 insertions(+), 2 deletions(-)
diff --git a/test/unit/org/apache/cassandra/cql3/CQLTester.java
b/test/unit/org/apache/cassandra/cql3/CQLTester.java
index eae939b8a9..7c2eebb8c5 100644
--- a/test/unit/org/apache/cassandra/cql3/CQLTester.java
+++ b/test/unit/org/apache/cassandra/cql3/CQLTester.java
@@ -1322,6 +1322,10 @@ public abstract class CQLTester
return executeFormattedQuery(formatViewQuery(KEYSPACE, query), values);
}
+ /**
+ * Executes the provided query using the {@link
ClientState#forInternalCalls()} as the expected ClientState. Note:
+ * this means permissions checking will not apply and queries will proceed
regardless of role or guardrails.
+ */
protected UntypedResultSet executeFormattedQuery(String query, Object...
values) throws Throwable
{
UntypedResultSet rs;
@@ -1738,8 +1742,15 @@ public abstract class CQLTester
assertInvalidThrowMessage(Optional.empty(), errorMessage, exception,
query, values);
}
- // if a protocol version > Integer.MIN_VALUE is supplied, executes
- // the query via the java driver, mimicking a real client.
+ /**
+ * Asserts that the query provided throws the exceptions provided.
+ *
+ * NOTE: This method uses {@link ClientState#forInternalCalls()} which
sets the {@link ClientState#isInternal} value
+ * to true, nullifying any system keyspace or other permissions checking
for tables.
+ *
+ * If a protocol version > Integer.MIN_VALUE is supplied, executes
+ * the query via the java driver, mimicking a real client.
+ */
protected void assertInvalidThrowMessage(Optional<ProtocolVersion>
protocolVersion,
String errorMessage,
Class<? extends Throwable>
exception,
diff --git a/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java
b/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java
index 7c94702a21..54523743b7 100644
--- a/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java
+++ b/test/unit/org/apache/cassandra/db/guardrails/GuardrailTester.java
@@ -67,6 +67,18 @@ import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+/**
+ * This class provides specific utility methods for testing Guardrails that
should be used instead of the provided
+ * {@link CQLTester} methods. Many of the methods in CQLTester don't respect
the {@link ClientState} provided for a query
+ * and instead use {@link ClientState#forInternalCalls()} which flags as an
internal query and thus bypasses auth and
+ * guardrail checks.
+ *
+ * Some GuardrailTester methods and their usage is as follows:
+ * {@link GuardrailTester#assertValid(String)} to confirm the query as
structured is valid given the state of the db
+ * {@link GuardrailTester#assertWarns(String, String)} to confirm a query
succeeds but warns the text provided
+ * {@link GuardrailTester#assertFails(String, String)} to confirm a query
fails with the message provided
+ * {@link GuardrailTester#testExcludedUsers} to confirm superusers are
excluded from application of the guardrail
+ */
public abstract class GuardrailTester extends CQLTester
{
// Name used when testing CREATE TABLE that should be aborted (we need to
provide it as assertFails, which
@@ -318,6 +330,10 @@ public abstract class GuardrailTester extends CQLTester
assertFails(function, true, messages, redactedMessages);
}
+ /**
+ * Unlike {@link CQLTester#assertInvalidThrowMessage}, the chain of
methods ending here in {@link GuardrailTester}
+ * respect the input ClientState so guardrails permissions will be
correctly checked.
+ */
protected void assertFails(CheckedFunction function, boolean thrown,
List<String> messages, List<String> redactedMessages) throws Throwable
{
ClientWarn.instance.captureWarnings();
@@ -478,6 +494,10 @@ public abstract class GuardrailTester extends CQLTester
return execute(state, query, options);
}
+ /**
+ * Performs execution of query using the input {@link ClientState} (i.e.
unlike {@link ClientState#forInternalCalls()}
+ * which may not) to ensure guardrails are approprieately applied to the
query provided.
+ */
protected ResultMessage execute(ClientState state, String query,
QueryOptions options)
{
QueryState queryState = new QueryState(state);
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org
