org.apache.cassandra.cql3.statements.schema.AlterSchemaStatement Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of cassandra-all Show documentation
Show all versions of cassandra-all Show documentation
The Apache Cassandra Project develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model.
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.cassandra.cql3.statements.schema;
import java.util.Set;
import com.google.common.collect.ImmutableSet;
import org.apache.cassandra.auth.AuthenticatedUser;
import org.apache.cassandra.auth.IResource;
import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.cql3.CQLStatement;
import org.apache.cassandra.cql3.QueryOptions;
import org.apache.cassandra.exceptions.InvalidRequestException;
import org.apache.cassandra.schema.*;
import org.apache.cassandra.schema.Keyspaces.KeyspacesDiff;
import org.apache.cassandra.service.ClientState;
import org.apache.cassandra.service.ClientWarn;
import org.apache.cassandra.service.QueryState;
import org.apache.cassandra.transport.Event.SchemaChange;
import org.apache.cassandra.transport.messages.ResultMessage;
abstract class AlterSchemaStatement implements CQLStatement, SchemaTransformation
{
protected final String keyspaceName; // name of the keyspace affected by the statement
protected AlterSchemaStatement(String keyspaceName)
{
this.keyspaceName = keyspaceName;
}
public final void validate(ClientState state)
{
// no-op; validation is performed while executing the statement, in apply()
}
public ResultMessage execute(QueryState state, QueryOptions options, long queryStartNanoTime)
{
return execute(state, false);
}
public ResultMessage executeLocally(QueryState state, QueryOptions options)
{
return execute(state, true);
}
/**
* TODO: document
*/
abstract SchemaChange schemaChangeEvent(KeyspacesDiff diff);
/**
* Schema alteration may result in a new database object (keyspace, table, role, function) being created capable of
* having permissions GRANTed on it. The creator of the object (the primary role assigned to the AuthenticatedUser
* performing the operation) is automatically granted ALL applicable permissions on the object. This is a hook for
* subclasses to override in order indicate which resources to to perform that grant on when the statement is executed.
*
* Only called if the transformation resulted in a non-empty diff.
*/
Set createdResources(KeyspacesDiff diff)
{
return ImmutableSet.of();
}
/**
* Schema alteration might produce a client warning (e.g. a warning to run full repair when increading RF of a keyspace).
* This method should be used to generate them instead of calling warn() in transformation code.
*
* Only called if the transformation resulted in a non-empty diff.
*/
Set clientWarnings(KeyspacesDiff diff)
{
return ImmutableSet.of();
}
public ResultMessage execute(QueryState state, boolean locally)
{
if (SchemaConstants.isLocalSystemKeyspace(keyspaceName))
throw ire("System keyspace '%s' is not user-modifiable", keyspaceName);
KeyspaceMetadata keyspace = Schema.instance.getKeyspaceMetadata(keyspaceName);
if (null != keyspace && keyspace.isVirtual())
throw ire("Virtual keyspace '%s' is not user-modifiable", keyspaceName);
validateKeyspaceName();
KeyspacesDiff diff = MigrationManager.announce(this, locally);
clientWarnings(diff).forEach(ClientWarn.instance::warn);
if (diff.isEmpty())
return new ResultMessage.Void();
/*
* When a schema alteration results in a new db object being created, we grant permissions on the new
* object to the user performing the request if:
* - the user is not anonymous
* - the configured IAuthorizer supports granting of permissions (not all do, AllowAllAuthorizer doesn't and
* custom external implementations may not)
*/
AuthenticatedUser user = state.getClientState().getUser();
if (null != user && !user.isAnonymous())
createdResources(diff).forEach(r -> grantPermissionsOnResource(r, user));
return new ResultMessage.SchemaChange(schemaChangeEvent(diff));
}
private void validateKeyspaceName()
{
if (!SchemaConstants.isValidName(keyspaceName))
{
throw ire("Keyspace name must not be empty, more than %d characters long, " +
"or contain non-alphanumeric-underscore characters (got '%s')",
SchemaConstants.NAME_LENGTH, keyspaceName);
}
}
private void grantPermissionsOnResource(IResource resource, AuthenticatedUser user)
{
try
{
DatabaseDescriptor.getAuthorizer()
.grant(AuthenticatedUser.SYSTEM_USER,
resource.applicablePermissions(),
resource,
user.getPrimaryRole());
}
catch (UnsupportedOperationException e)
{
// not a problem - grant is an optional method on IAuthorizer
}
}
static InvalidRequestException ire(String format, Object... args)
{
return new InvalidRequestException(String.format(format, args));
}
}