mirrors/scylladb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
346e883dfcaeaa2b296de83de2012d747d4cf753
scylladb/cql3/statements
History
Nadav Har'El 3d22f42cf9 Merge 'select statement: verify EXECUTE permissions only for non native functions' from Eliran Sinvani 
Commit 62458b8e4f introduced the enforcement of EXECUTE permissions of functions in cql select. However, according to the reference in #12869, the permissions should be enforced only on UDFs and UDAs.
The code does not distinguish between the two so the permissions are also unintenionally enforced also on native function. This commit introduce the distinction and only enforces the permissions on non native functions.

Fixes #16526

Manually verified (before and after change) with the reproducer supplied in #16526 and also with some the `min` and `max` native functions.
Also added test that checks for regression on native functions execution and verified that it fails on authorization before
the fix and passes after the fix.

Closes scylladb/scylladb#16556

* github.com:scylladb/scylladb:
  test.py: Add test for native functions permissions
  select statement: verify EXECUTE permissions only for non native functions

(cherry picked from commit fc71c34597)
2023-12-27 14:30:52 +02:00
..
raw
cql3/statements: wire-in mutation_fragments_select_statement
2023-07-19 01:28:28 -04:00
alter_keyspace_statement.cc
guardrails: restrict replication factor (RF)
2023-09-04 19:22:17 +03:00
alter_keyspace_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
alter_role_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
alter_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
alter_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
alter_table_statement.cc
cql3: statements: call check_restricted_table_properties in prepare
2023-09-21 13:21:51 +02:00
alter_table_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
alter_type_statement.cc
When add duration field to UDT check whether this UDT is used in some clustering key
2023-12-18 14:22:25 +02:00
alter_type_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
alter_view_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
alter_view_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
attach_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
attach_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
authentication_statement.cc
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
authentication_statement.hh
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
authorization_statement.cc
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
authorization_statement.hh
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
batch_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
batch_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
bound.hh
cas_request.cc
statements/cas_request: fix crash on empty clustering range in LWT
2023-06-28 10:18:06 +02:00
cas_request.hh
cql3: update_parameters: use evaluation_inputs compatible row prefetch
2023-02-12 17:25:41 +02:00
cf_prop_defs.cc
cf_prop_defs.hh
Introduce schema/ module
2023-02-15 11:01:50 +02:00
cf_properties.hh
cf_statement.cc
create_aggregate_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_aggregate_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_function_statement.cc
wasm: Shuffle context::context()
2023-08-04 19:47:50 +03:00
create_function_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_index_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_index_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_keyspace_statement.cc
guardrails: restrict replication factor (RF)
2023-09-04 19:22:17 +03:00
create_keyspace_statement.hh
guardrails: restrict replication factor (RF)
2023-09-04 19:22:17 +03:00
create_role_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
create_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
create_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
create_table_statement.cc
cql3: statements: delete execute override
2023-09-21 13:24:26 +02:00
create_table_statement.hh
cql3: statements: delete execute override
2023-09-21 13:24:26 +02:00
create_type_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_type_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_view_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
create_view_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
delete_statement.cc
cql3: expr: break up expression.hh header
2023-06-22 14:21:03 +03:00
delete_statement.hh
describe_statement.cc
Merge 'cql3:statements:describe_statement: include UDT/UDF/UDA in generic describe' from Michał Jadwiszczak
2023-09-24 13:03:04 +03:00
describe_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
detach_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
detach_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
drop_aggregate_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_aggregate_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_function_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_function_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_index_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_index_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_keyspace_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_keyspace_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_role_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
drop_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
drop_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
drop_table_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_table_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_type_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_type_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_view_statement.cc
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
drop_view_statement.hh
cql3: schema_altering_statement::prepare_schema_mutations: remove an unused parameter
2023-08-01 10:07:31 +02:00
function_statement.cc
client_state: drop unneeded argument from has.*access functions
2023-06-22 13:57:36 +03:00
function_statement.hh
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
grant_role_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
grant_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
grant_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
index_prop_defs.cc
index_prop_defs.hh
index_target.cc
cql3: s/std::regex/boost::regex/
2023-04-06 09:50:32 -04:00
index_target.hh
cql3: s/std::regex/boost::regex/
2023-04-06 09:50:32 -04:00
ks_prop_defs.cc
ks_prop_defs: disallow empty replication factor string in NTS
2023-05-22 17:56:16 +02:00
ks_prop_defs.hh
list_permissions_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_permissions_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_roles_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_service_level_attachments_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_service_level_attachments_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_service_level_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_service_level_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_users_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
list_users_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
modification_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
modification_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
permission_altering_statement.cc
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
permission_altering_statement.hh
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
prepared_statement.hh
property_definitions.cc
property_definitions.hh
prune_materialized_view_statement.cc
treewide: drop cql_serialization_format
2023-01-03 19:54:13 +02:00
prune_materialized_view_statement.hh
request_validations.hh
revoke_role_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
revoke_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
revoke_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
role-management-statements.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
schema_altering_statement.cc
Merge "auth: do not grant permissions to creator without actually creating" from Wojciech Mitros
2023-09-18 21:47:28 +03:00
schema_altering_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
select_statement.cc
Merge 'select statement: verify EXECUTE permissions only for non native functions' from Eliran Sinvani
2023-12-27 14:30:52 +02:00
select_statement.hh
Merge 'cql3: mutation_fragments_select_statement: keep erm alive for duration of the query' from Botond Dénes
2023-10-30 10:17:19 +02:00
service_level_statement.cc
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
service_level_statement.hh
cql3: remove empty statement::validate functions
2023-06-22 13:57:33 +03:00
sl_prop_defs.cc
sl_prop_defs.hh
statement_type.hh
treewide: use defaulted operator!=() and operator==()
2023-04-27 10:24:46 +03:00
strongly_consistent_modification_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
strongly_consistent_modification_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
strongly_consistent_select_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
strongly_consistent_select_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
truncate_statement.cc
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
truncate_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00
update_statement.cc
cql3: broadcast_tables: prepare new_value without relying on expression default constructor
2023-07-14 15:42:58 +03:00
update_statement.hh
use_statement.cc
use_statement: Covert an exception to a future exception
2023-12-15 13:03:05 +02:00
use_statement.hh
cql3: Extend the scope of group0_guard during DDL statement execution
2023-08-17 15:52:48 +03:00