org.apache.cassandra.auth.PermissionsCache Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of cassandra-all Show documentation
Show all versions of cassandra-all Show documentation
The Apache Cassandra Project develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model.
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.cassandra.auth;
import java.util.Set;
import java.util.concurrent.*;
import com.google.common.cache.CacheBuilder;
import com.google.common.cache.CacheLoader;
import com.google.common.cache.LoadingCache;
import com.google.common.util.concurrent.ListenableFuture;
import com.google.common.util.concurrent.ListenableFutureTask;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.cassandra.concurrent.DebuggableThreadPoolExecutor;
import org.apache.cassandra.utils.Pair;
public class PermissionsCache
{
private static final Logger logger = LoggerFactory.getLogger(PermissionsCache.class);
private final ThreadPoolExecutor cacheRefreshExecutor = new DebuggableThreadPoolExecutor("PermissionsCacheRefresh",
Thread.NORM_PRIORITY);
private final IAuthorizer authorizer;
private final LoadingCache, Set> cache;
public PermissionsCache(int validityPeriod, int updateInterval, int maxEntries, IAuthorizer authorizer)
{
this.authorizer = authorizer;
this.cache = initCache(validityPeriod, updateInterval, maxEntries);
}
public Set getPermissions(AuthenticatedUser user, IResource resource)
{
if (cache == null)
return authorizer.authorize(user, resource);
try
{
return cache.get(Pair.create(user, resource));
}
catch (ExecutionException e)
{
throw new RuntimeException(e);
}
}
private LoadingCache, Set> initCache(int validityPeriod,
int updateInterval,
int maxEntries)
{
if (authorizer instanceof AllowAllAuthorizer)
return null;
if (validityPeriod <= 0)
return null;
return CacheBuilder.newBuilder()
.refreshAfterWrite(updateInterval, TimeUnit.MILLISECONDS)
.expireAfterWrite(validityPeriod, TimeUnit.MILLISECONDS)
.maximumSize(maxEntries)
.build(new CacheLoader, Set>()
{
public Set load(Pair userResource)
{
return authorizer.authorize(userResource.left, userResource.right);
}
public ListenableFuture> reload(final Pair userResource,
final Set oldValue)
{
ListenableFutureTask> task = ListenableFutureTask.create(new Callable>()
{
public Setcall() throws Exception
{
try
{
return authorizer.authorize(userResource.left, userResource.right);
}
catch (Exception e)
{
logger.debug("Error performing async refresh of user permissions", e);
throw e;
}
}
});
cacheRefreshExecutor.execute(task);
return task;
}
});
}
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy