Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-9189

DROP ROLE shouldn't cache information about non-existent roles

Agile BoardAttach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskMoveLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • 2.2.0 beta 1
    • Legacy/CQL
    • None
    • Normal

    Description

      DropRoleStatement#checkAccess involves a check of the target role's superuser status in order to ensure that only superusers can drop another with su privileges.

      When used in conjunction with IF EXISTS, this causes a cache entry for a non-existent role to be inserted into the roles cache as Roles#hasSuperuserStatus goes via the cache. RolesCache is a map from a single role to the set of roles of which it has transitively been granted (basically a map of RoleResource -> Set<RoleResource>). So in this case an empty set is cached for the role.

      This can be problematic when the DROP ROLE IF EXISTS is followed by a CREATE ROLE as until the cache entry expires any authorization request for that role will use the cache to fetch the set of roles that need to be included in the permission check. Finding an empty set, all authz checks will result in failure. This pattern is particularly common in automated tests.

      Attachments

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            samt Sam Tunnicliffe Assign to me
            samt Sam Tunnicliffe
            Sam Tunnicliffe
            Aleksey Yeschenko
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment