From cd0553ca6a435f25a786bbf79c3fc5671c97aa0a Mon Sep 17 00:00:00 2001
From: Jesse Haber-Kucharsky <jhaberku@scylladb.com>
Date: Wed, 9 May 2018 10:18:41 -0400
Subject: [PATCH] auth: Query custom options from the `authenticator`

None of the `authenticator` implementations we have support custom
options, but we should support this operation to support the relevant
CQL statements.
---
 auth/allow_all_authenticator.hh | 4 ++++
 auth/authenticator.hh           | 7 +++++++
 auth/password_authenticator.cc  | 4 ++++
 auth/password_authenticator.hh  | 2 ++
 auth/transitional.cc            | 4 ++++
 5 files changed, 21 insertions(+)

diff --git a/auth/allow_all_authenticator.hh b/auth/allow_all_authenticator.hh
index 5a8b335811..7c5a96fd57 100644
--- a/auth/allow_all_authenticator.hh
+++ b/auth/allow_all_authenticator.hh
@@ -84,6 +84,10 @@ public:
         return make_ready_future();
     }
 
+    virtual future<custom_options> query_custom_options(stdx::string_view role_name) const override {
+        return make_ready_future<custom_options>();
+    }
+
     virtual const resource_set& protected_resources() const override {
         static const resource_set resources;
         return resources;
diff --git a/auth/authenticator.hh b/auth/authenticator.hh
index 9c638547a3..84e04e8849 100644
--- a/auth/authenticator.hh
+++ b/auth/authenticator.hh
@@ -138,6 +138,13 @@ public:
     ///
     virtual future<> drop(stdx::string_view role_name) const = 0;
 
+    ///
+    /// Query for custom options (those corresponding to \ref authentication_options::options).
+    ///
+    /// If no options are set the result is an empty container.
+    ///
+    virtual future<custom_options> query_custom_options(stdx::string_view role_name) const = 0;
+
     ///
     /// System resources used internally as part of the implementation. These are made inaccessible to users.
     ///
diff --git a/auth/password_authenticator.cc b/auth/password_authenticator.cc
index e7f7d52ccb..8a883ea7f5 100644
--- a/auth/password_authenticator.cc
+++ b/auth/password_authenticator.cc
@@ -363,6 +363,10 @@ future<> password_authenticator::drop(stdx::string_view name) const {
     return _qp.process(query, consistency_for_user(name), {sstring(name)}).discard_result();
 }
 
+future<custom_options> password_authenticator::query_custom_options(stdx::string_view role_name) const {
+    return make_ready_future<custom_options>();
+}
+
 const resource_set& password_authenticator::protected_resources() const {
     static const resource_set resources({make_data_resource(meta::AUTH_KS, meta::roles_table::name)});
     return resources;
diff --git a/auth/password_authenticator.hh b/auth/password_authenticator.hh
index f6f968aeb8..4daff4b21d 100644
--- a/auth/password_authenticator.hh
+++ b/auth/password_authenticator.hh
@@ -87,6 +87,8 @@ public:
 
     virtual future<> drop(stdx::string_view role_name) const override;
 
+    virtual future<custom_options> query_custom_options(stdx::string_view role_name) const override;
+
     virtual const resource_set& protected_resources() const override;
 
     virtual ::shared_ptr<sasl_challenge> new_sasl_challenge() const override;
diff --git a/auth/transitional.cc b/auth/transitional.cc
index 2eba34454c..15ed0548e8 100644
--- a/auth/transitional.cc
+++ b/auth/transitional.cc
@@ -130,6 +130,10 @@ public:
         return _authenticator->drop(role_name);
     }
 
+    virtual future<custom_options> query_custom_options(stdx::string_view role_name) const override {
+        return _authenticator->query_custom_options(role_name);
+    }
+
     virtual const resource_set& protected_resources() const override {
         return _authenticator->protected_resources();
     }