dd030f8112
This patch address two requests made by reviewers of the original "Add CQL-based RBAC support to Alternator" series. Both requests were about the error messages produced when access is denied: 1. The error message is improved to use more proper English, and also to include the name of the role which was denied access. 2. The permission-check and error-message-formatting code is de-duplicated, using a common function verify_permission(). This de-duplication required moving the access-denied error path to throwing an exception instead of the previous exception-free implementation. However, it can be argued that this change is actually a good thing, because it makes the successful case, when access is allowed, faster. The de-duplicated code is shorter and simpler, and allowed changing the text of the error message in just one place. Signed-off-by: Nadav Har'El <nyh@scylladb.com> Closes scylladb/scylladb#20326
13 KiB
13 KiB