[jira] [Commented] (CASSANDRA-17848) LIST PERMISSION can display incorrect resource name

Tue, 08 Nov 2022 16:39:04 -0800 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-17848?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17630674#comment-17630674
 ] 

Yifan Cai commented on CASSANDRA-17848:
---------------------------------------

Basically there are 2 possible solutions. 
1. Reject at the UDF creation when its name contains any of the special 
character '/', '[' and ']'. Those characters should be rarely needed as part of 
the function names. It requires to update the disallowed characters list when a 
new special character is introduced in the future. 
2. Patch the {{FunctionResource#fromName}} implementation to first locate the 
last `[...]` segment (as the function's argument list) and treat whatever 
appears before it as the function name. Sounds error-prone. 

I'd lean towards the approach 1. 
[~samt] and [~bereng], wondering what is your preference since you both have 
touched the method in question. 

> LIST PERMISSION can display incorrect resource name
> ---------------------------------------------------
>
>                 Key: CASSANDRA-17848
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17848
>             Project: Cassandra
>          Issue Type: Bug
>          Components: CQL/Interpreter
>            Reporter: Yifan Cai
>            Assignee: Yifan Cai
>            Priority: Normal
>
> When producing the resource name, it seems to assume that the content in the 
> `[]` is the function's input type, where it could also be part of the 
> function name, as long as it is quoted. Here is an example to reproduce. In 
> cqlsh,
> {code:java}
> > CREATE FUNCTION 
> > test."admin_created_udf[org.apache.cassandra.db.marshal.LongType]"(input 
> > int) RETURNS NULL ON NULL INPUT RETURNS int LANGUAGE java AS 'return 42;';
> > LIST EXECUTE OF user;
>  role  | username | resource                                | permission
> -------+----------+-----------------------------------------+------------
>  user  |    user  | <function test.admin_created_udf(long)> |    EXECUTE
> (1 rows)
> {code}
> The input should be "int", but in the output, it says "long". 
> If the content enclosed by "[]" is not a valid class, the LIST PERMISSION 
> request always fails for the user with "ConfigurationException: Unable to 
> find abstract-type class".
> The bug is discovered by Piotr Sarna.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

Reply via email to