Package org.apache.cassandra.auth
Class CassandraRoleManager
- java.lang.Object
-
- org.apache.cassandra.auth.CassandraRoleManager
-
- All Implemented Interfaces:
AuthCache.BulkLoader<RoleResource,java.util.Set<Role>>,IRoleManager
public class CassandraRoleManager extends java.lang.Object implements IRoleManager
Responsible for the creation, maintenance and deletion of roles for the purposes of authentication and authorization. Role data is stored internally, using the roles and role_members tables in the system_auth keyspace. Additionally, if org.apache.cassandra.auth.PasswordAuthenticator is used, encrypted passwords are also stored in the system_auth.roles table. This coupling between the IAuthenticator and IRoleManager implementations exists because setting a role's password via CQL is done with a CREATE ROLE or ALTER ROLE statement, the processing of which is handled by IRoleManager. As IAuthenticator is concerned only with credentials checking and has no means to modify passwords, PasswordAuthenticator depends on CassandraRoleManager for those functions. Alternative IAuthenticator implementations may be used in conjunction with CassandraRoleManager, but WITH PASSWORD = 'password' will not be supported in CREATE/ALTER ROLE statements. Such a configuration could be implemented using a custom IRoleManager that extends CassandraRoleManager and which includes Option.PASSWORD in theSet<Option>returned from supportedOptions/alterableOptions. Any additional processing of the password itself (such as storing it in an alternative location) would be added in overridden createRole and alterRole implementations.
-
-
Nested Class Summary
-
Nested classes/interfaces inherited from interface org.apache.cassandra.auth.IRoleManager
IRoleManager.Option
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.StringDEFAULT_SUPERUSER_NAMEstatic java.lang.StringGENSALT_LOG2_ROUNDS_PROPERTY
-
Constructor Summary
Constructors Constructor Description CassandraRoleManager()
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description java.util.Set<IRoleManager.Option>alterableOptions()Subset of supportedOptions that users are allowed to alter when performing ALTER ROLE [themselves].voidalterRole(AuthenticatedUser performer, RoleResource role, RoleOptions options)Called during execution of ALTER ROLE statement.java.util.function.Supplier<java.util.Map<RoleResource,java.util.Set<Role>>>bulkLoader()booleancanLogin(RoleResource role)Return true if there exists a Role with the given name which has login privileges.protected static ConsistencyLevelconsistencyForRole(java.lang.String role)protected static ConsistencyLevelconsistencyForRoleRead(java.lang.String role)protected static ConsistencyLevelconsistencyForRoleWrite(java.lang.String role)Allows selective overriding of the consistency level for specific roles.static java.lang.StringcreateDefaultRoleQuery()voidcreateRole(AuthenticatedUser performer, RoleResource role, RoleOptions options)Called during execution of a CREATE ROLE statement.voiddropRole(AuthenticatedUser performer, RoleResource role)Called during execution of DROP ROLE statement, as well we removing any main record of the role from the system this implies that we want to revoke this role from all other roles that it has been granted to.java.util.Set<RoleResource>getAllRoles()We hard-code this query to Quorum regardless of the role or auth credentials of the queryer given the nature of this query: we expect to know *all* roles across the entire cluster when we query this, not just local quorum or on a single node.java.util.Map<java.lang.String,java.lang.String>getCustomOptions(RoleResource role)Where an implementation supports OPTIONS in CREATE and ALTER operations this method should return theMap<String, String>representing the custom options associated with the role, as supplied to CREATE or ALTER.java.util.Set<Role>getRoleDetails(RoleResource grantee)Used to retrieve detailed role info on the full set of roles granted to a grantee.java.util.Set<RoleResource>getRoles(RoleResource grantee, boolean includeInherited)Called during execution of a LIST ROLES query.voidgrantRole(AuthenticatedUser performer, RoleResource role, RoleResource grantee)Called during execution of GRANT ROLE query.static booleanhasExistingRoles()booleanisExistingRole(RoleResource role)Return true is a Role with the given name exists in the system.booleanisSuper(RoleResource role)Return true if there exists a Role with the given name that also has superuser status.protected voidloadRoleStatement()java.util.Set<? extends IResource>protectedResources()Set of resources that should be made inaccessible to users and only accessible internally.voidrevokeRole(AuthenticatedUser performer, RoleResource role, RoleResource revokee)Called during the execution of a REVOKE ROLE query.protected voidscheduleSetupTask(java.util.concurrent.Callable<java.lang.Void> setupTask)voidsetup()Hook to perform implementation specific initialization, called once upon system startup.java.util.Set<IRoleManager.Option>supportedOptions()Set of options supported by CREATE ROLE and ALTER ROLE queries.static voidupdatePasswordUpdateMinInterval(int newInterval)voidvalidateConfiguration()Hook to perform validation of an implementation's configuration (if supported).
-
-
-
Field Detail
-
DEFAULT_SUPERUSER_NAME
public static final java.lang.String DEFAULT_SUPERUSER_NAME
- See Also:
- Constant Field Values
-
GENSALT_LOG2_ROUNDS_PROPERTY
public static final java.lang.String GENSALT_LOG2_ROUNDS_PROPERTY
- See Also:
- Constant Field Values
-
-
Method Detail
-
updatePasswordUpdateMinInterval
public static void updatePasswordUpdateMinInterval(int newInterval)
-
setup
public void setup()
Description copied from interface:IRoleManagerHook to perform implementation specific initialization, called once upon system startup. For example, use this method to create any required keyspaces/column families.- Specified by:
setupin interfaceIRoleManager
-
loadRoleStatement
protected final void loadRoleStatement()
-
supportedOptions
public java.util.Set<IRoleManager.Option> supportedOptions()
Description copied from interface:IRoleManagerSet of options supported by CREATE ROLE and ALTER ROLE queries. Should never return null - always return an empty set instead.- Specified by:
supportedOptionsin interfaceIRoleManager
-
alterableOptions
public java.util.Set<IRoleManager.Option> alterableOptions()
Description copied from interface:IRoleManagerSubset of supportedOptions that users are allowed to alter when performing ALTER ROLE [themselves]. Should never return null - always return an empty set instead.- Specified by:
alterableOptionsin interfaceIRoleManager
-
createRole
public void createRole(AuthenticatedUser performer, RoleResource role, RoleOptions options) throws RequestValidationException, RequestExecutionException
Description copied from interface:IRoleManagerCalled during execution of a CREATE ROLE statement. options are guaranteed to be a subset of supportedOptions().- Specified by:
createRolein interfaceIRoleManager- Parameters:
performer- User issuing the create role statement.role- Rolei being createdoptions- Options the role will be created with- Throws:
RequestValidationExceptionRequestExecutionException
-
dropRole
public void dropRole(AuthenticatedUser performer, RoleResource role) throws RequestValidationException, RequestExecutionException
Description copied from interface:IRoleManagerCalled during execution of DROP ROLE statement, as well we removing any main record of the role from the system this implies that we want to revoke this role from all other roles that it has been granted to.- Specified by:
dropRolein interfaceIRoleManager- Parameters:
performer- User issuing the drop role statement.role- Role to be dropped.- Throws:
RequestValidationExceptionRequestExecutionException
-
alterRole
public void alterRole(AuthenticatedUser performer, RoleResource role, RoleOptions options)
Description copied from interface:IRoleManagerCalled during execution of ALTER ROLE statement. options are always guaranteed to be a subset of supportedOptions(). Furthermore, if the actor performing the query is not a superuser and is altering themself, then options are guaranteed to be a subset of alterableOptions(). Keep the body of the method blank if your implementation doesn't support modification of any options.- Specified by:
alterRolein interfaceIRoleManager- Parameters:
performer- User issuing the alter role statement.role- Role that will be altered.options- Options to alter.
-
grantRole
public void grantRole(AuthenticatedUser performer, RoleResource role, RoleResource grantee) throws RequestValidationException, RequestExecutionException
Description copied from interface:IRoleManagerCalled during execution of GRANT ROLE query. Grant an role to another existing role. A grantee that has a role granted to it will inherit any permissions of the granted role.- Specified by:
grantRolein interfaceIRoleManager- Parameters:
performer- User issuing the grant statement.role- Role to be granted to the grantee.grantee- Role acting as the grantee.- Throws:
RequestValidationExceptionRequestExecutionException
-
revokeRole
public void revokeRole(AuthenticatedUser performer, RoleResource role, RoleResource revokee) throws RequestValidationException, RequestExecutionException
Description copied from interface:IRoleManagerCalled during the execution of a REVOKE ROLE query. Revoke an granted role from an existing role. The revokee will lose any permissions inherited from the role being revoked.- Specified by:
revokeRolein interfaceIRoleManager- Parameters:
performer- User issuing the revoke statement.role- Role to be revoked.revokee- Role from which the granted role is to be revoked.- Throws:
RequestValidationExceptionRequestExecutionException
-
getRoles
public java.util.Set<RoleResource> getRoles(RoleResource grantee, boolean includeInherited) throws RequestValidationException, RequestExecutionException
Description copied from interface:IRoleManagerCalled during execution of a LIST ROLES query. Returns a set of roles that have been granted to the grantee using GRANT ROLE.- Specified by:
getRolesin interfaceIRoleManager- Parameters:
grantee- Role whose granted roles will be listed.includeInherited- if True will list inherited roles as well as those directly granted to the grantee.- Returns:
- A list containing the granted roles for the user.
- Throws:
RequestValidationExceptionRequestExecutionException
-
getRoleDetails
public java.util.Set<Role> getRoleDetails(RoleResource grantee)
Description copied from interface:IRoleManagerUsed to retrieve detailed role info on the full set of roles granted to a grantee. This method was not part of the V1 IRoleManager API, so a default impl is supplied which uses the V1 methods to retrieve the detailed role info for the grantee. This is essentially what clients of this interface would have to do themselves. Implementations can provide optimized versions of this method where the details can be retrieved more efficiently.- Specified by:
getRoleDetailsin interfaceIRoleManager- Parameters:
grantee- identifies the role whose granted roles are retrieved- Returns:
- A set of Role objects detailing the roles granted to the grantee, either directly or through inheritance.
-
getAllRoles
public java.util.Set<RoleResource> getAllRoles() throws RequestValidationException, RequestExecutionException
We hard-code this query to Quorum regardless of the role or auth credentials of the queryer given the nature of this query: we expect to know *all* roles across the entire cluster when we query this, not just local quorum or on a single node.- Specified by:
getAllRolesin interfaceIRoleManager- Returns:
- the set of all roles in the system.
- Throws:
RequestValidationExceptionRequestExecutionException
-
isSuper
public boolean isSuper(RoleResource role)
Description copied from interface:IRoleManagerReturn true if there exists a Role with the given name that also has superuser status. Superuser status may be inherited from another granted role, so this method should return true if either the named Role, or any other Role it is transitively granted has superuser status.- Specified by:
isSuperin interfaceIRoleManager- Parameters:
role- Role whose superuser status to verify- Returns:
- true if the role exists and has superuser status, either directly or transitively, otherwise false.
-
canLogin
public boolean canLogin(RoleResource role)
Description copied from interface:IRoleManagerReturn true if there exists a Role with the given name which has login privileges. Such privileges is not inherited from other granted Roles and so must be directly granted to the named Role with the LOGIN option of CREATE ROLE or ALTER ROLE- Specified by:
canLoginin interfaceIRoleManager- Parameters:
role- Role whose login privileges to verify- Returns:
- true if the role exists and is permitted to login, otherwise false
-
getCustomOptions
public java.util.Map<java.lang.String,java.lang.String> getCustomOptions(RoleResource role)
Description copied from interface:IRoleManagerWhere an implementation supports OPTIONS in CREATE and ALTER operations this method should return theMap<String, String>representing the custom options associated with the role, as supplied to CREATE or ALTER. It should never return null; if the implementation does not support OPTIONS or if none were supplied then it should return an empty map.- Specified by:
getCustomOptionsin interfaceIRoleManager- Parameters:
role- Role whose custom options are required- Returns:
- Key/Value pairs representing the custom options for the Role
-
isExistingRole
public boolean isExistingRole(RoleResource role)
Description copied from interface:IRoleManagerReturn true is a Role with the given name exists in the system.- Specified by:
isExistingRolein interfaceIRoleManager- Parameters:
role- Role whose existence to verify- Returns:
- true if the name identifies an extant Role in the system, otherwise false
-
protectedResources
public java.util.Set<? extends IResource> protectedResources()
Description copied from interface:IRoleManagerSet of resources that should be made inaccessible to users and only accessible internally.- Specified by:
protectedResourcesin interfaceIRoleManager- Returns:
- Keyspaces and column families that will be unmodifiable by users; other resources.
-
validateConfiguration
public void validateConfiguration() throws ConfigurationExceptionDescription copied from interface:IRoleManagerHook to perform validation of an implementation's configuration (if supported).- Specified by:
validateConfigurationin interfaceIRoleManager- Throws:
ConfigurationException
-
createDefaultRoleQuery
public static java.lang.String createDefaultRoleQuery()
-
hasExistingRoles
public static boolean hasExistingRoles() throws RequestExecutionException- Throws:
RequestExecutionException
-
scheduleSetupTask
protected void scheduleSetupTask(java.util.concurrent.Callable<java.lang.Void> setupTask)
-
consistencyForRole
protected static ConsistencyLevel consistencyForRole(java.lang.String role)
-
consistencyForRoleWrite
protected static ConsistencyLevel consistencyForRoleWrite(java.lang.String role)
Allows selective overriding of the consistency level for specific roles.
-
consistencyForRoleRead
protected static ConsistencyLevel consistencyForRoleRead(java.lang.String role)
-
bulkLoader
public java.util.function.Supplier<java.util.Map<RoleResource,java.util.Set<Role>>> bulkLoader()
- Specified by:
bulkLoaderin interfaceAuthCache.BulkLoader<RoleResource,java.util.Set<Role>>
-
-