mirror of
https://github.com/scylladb/scylladb.git
synced 2026-05-02 06:05:53 +00:00
00793059e1
When the configuration has alternator_enforce_authorization=false, Alternator should not do authentication (check which user signed each request) nor authorization (check if that user has permissions to do each operation). Our implementation forgot to disable the authorization checks when it's configured to false. The (incorrect) assumption was that when alternator_enforce_authorization is configured to false, the CQL 'authenticator' and 'authorizer' configuration is also disabled - so the authorization checks will be no-ops. But we can't assume that: Users are free to configure 'authenticator' and 'authorizer' for use in CQL, and then set alternator_enforce_authorization=false just for Alternator. So this patch adds a new test for this case - when we have authenticator=PasswordAuthenticator, authorizer=CassandraAuthorizer but alternator_enforce_authorization=false, and fixes it to work correctly. The heart of the fix is trivial: the `verify_*_permission()` functions just need to check the alternator_enforce_authorization and return immediately when false. The bigger part of this change is to get the alternator_enforce_authorization into the "executor" object and then to pass it into the verify calls. Although alternator_enforce_authorization is not YET live updatable, this code is prepared for the future that it may become live updatable, so the executor object saves not the boolean value of this flag, but a live-updatable reference to it. Fixes #20619 Signed-off-by: Nadav Har'El <nyh@scylladb.com>
13 KiB
13 KiB