/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.cassandra.auth;
import java.util.concurrent.TimeUnit;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.Lists;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.apache.cassandra.config.DatabaseDescriptor;
import org.apache.cassandra.config.KSMetaData;
import org.apache.cassandra.config.Schema;
import org.apache.cassandra.cql3.UntypedResultSet;
import org.apache.cassandra.cql3.QueryProcessor;
import org.apache.cassandra.cql3.QueryOptions;
import org.apache.cassandra.cql3.statements.SelectStatement;
import org.apache.cassandra.db.ConsistencyLevel;
import org.apache.cassandra.exceptions.RequestExecutionException;
import org.apache.cassandra.exceptions.RequestValidationException;
import org.apache.cassandra.locator.SimpleStrategy;
import org.apache.cassandra.service.*;
import org.apache.cassandra.transport.messages.ResultMessage;
import org.apache.cassandra.utils.ByteBufferUtil;
import org.apache.cassandra.utils.FBUtilities;
public class Auth
{
private static final Logger logger = LoggerFactory.getLogger(Auth.class);
public static final String DEFAULT_SUPERUSER_NAME = "cassandra";
public static final long SUPERUSER_SETUP_DELAY = Long.getLong("cassandra.superuser_setup_delay_ms", 10000);
public static final String AUTH_KS = "system_auth";
public static final String USERS_CF = "users";
private static final String USERS_CF_SCHEMA = String.format("CREATE TABLE %s.%s ("
+ "name text,"
+ "super boolean,"
+ "PRIMARY KEY(name)"
+ ") WITH gc_grace_seconds=%d",
AUTH_KS,
USERS_CF,
90 * 24 * 60 * 60); // 3 months.
private static SelectStatement selectUserStatement;
/**
* Checks if the username is stored in AUTH_KS.USERS_CF.
*
* @param username Username to query.
* @return whether or not Cassandra knows about the user.
*/
public static boolean isExistingUser(String username)
{
return !selectUser(username).isEmpty();
}
/**
* Checks if the user is a known superuser.
*
* @param username Username to query.
* @return true is the user is a superuser, false if they aren't or don't exist at all.
*/
public static boolean isSuperuser(String username)
{
UntypedResultSet result = selectUser(username);
return !result.isEmpty() && result.one().getBoolean("super");
}
/**
* Inserts the user into AUTH_KS.USERS_CF (or overwrites their superuser status as a result of an ALTER USER query).
*
* @param username Username to insert.
* @param isSuper User's new status.
* @throws RequestExecutionException
*/
public static void insertUser(String username, boolean isSuper) throws RequestExecutionException
{
QueryProcessor.process(String.format("INSERT INTO %s.%s (name, super) VALUES ('%s', %s)",
AUTH_KS,
USERS_CF,
escape(username),
isSuper),
consistencyForUser(username));
}
/**
* Deletes the user from AUTH_KS.USERS_CF.
*
* @param username Username to delete.
* @throws RequestExecutionException
*/
public static void deleteUser(String username) throws RequestExecutionException
{
QueryProcessor.process(String.format("DELETE FROM %s.%s WHERE name = '%s'",
AUTH_KS,
USERS_CF,
escape(username)),
consistencyForUser(username));
}
/**
* Sets up Authenticator and Authorizer.
*/
public static void setup()
{
if (DatabaseDescriptor.getAuthenticator() instanceof AllowAllAuthenticator)
return;
setupAuthKeyspace();
setupUsersTable();
DatabaseDescriptor.getAuthenticator().setup();
DatabaseDescriptor.getAuthorizer().setup();
// register a custom MigrationListener for permissions cleanup after dropped keyspaces/cfs.
MigrationManager.instance.register(new MigrationListener());
// the delay is here to give the node some time to see its peers - to reduce
// "Skipped default superuser setup: some nodes were not ready" log spam.
// It's the only reason for the delay.
if (DatabaseDescriptor.getSeeds().contains(FBUtilities.getBroadcastAddress()) || !DatabaseDescriptor.isAutoBootstrap())
{
StorageService.tasks.schedule(new Runnable()
{
public void run()
{
setupDefaultSuperuser();
}
},
SUPERUSER_SETUP_DELAY,
TimeUnit.MILLISECONDS);
}
try
{
String query = String.format("SELECT * FROM %s.%s WHERE name = ?", AUTH_KS, USERS_CF);
selectUserStatement = (SelectStatement) QueryProcessor.parseStatement(query).prepare().statement;
}
catch (RequestValidationException e)
{
throw new AssertionError(e); // not supposed to happen
}
}
// Only use QUORUM cl for the default superuser.
private static ConsistencyLevel consistencyForUser(String username)
{
if (username.equals(DEFAULT_SUPERUSER_NAME))
return ConsistencyLevel.QUORUM;
else
return ConsistencyLevel.ONE;
}
private static void setupAuthKeyspace()
{
if (Schema.instance.getKSMetaData(AUTH_KS) == null)
{
try
{
KSMetaData ksm = KSMetaData.newKeyspace(AUTH_KS, SimpleStrategy.class.getName(), ImmutableMap.of("replication_factor", "1"), true);
MigrationManager.announceNewKeyspace(ksm, 0);
}
catch (Exception e)
{
throw new AssertionError(e); // shouldn't ever happen.
}
}
}
private static void setupUsersTable()
{
if (Schema.instance.getCFMetaData(AUTH_KS, USERS_CF) == null)
{
try
{
QueryProcessor.process(USERS_CF_SCHEMA, ConsistencyLevel.ANY);
}
catch (RequestExecutionException e)
{
throw new AssertionError(e);
}
}
}
private static void setupDefaultSuperuser()
{
try
{
// insert a default superuser if AUTH_KS.USERS_CF is empty.
if (QueryProcessor.process(String.format("SELECT * FROM %s.%s", AUTH_KS, USERS_CF), ConsistencyLevel.QUORUM).isEmpty())
{
QueryProcessor.process(String.format("INSERT INTO %s.%s (name, super) VALUES ('%s', %s) USING TIMESTAMP 0",
AUTH_KS,
USERS_CF,
DEFAULT_SUPERUSER_NAME,
true),
ConsistencyLevel.QUORUM);
logger.info("Created default superuser '{}'", DEFAULT_SUPERUSER_NAME);
}
}
catch (RequestExecutionException e)
{
logger.warn("Skipped default superuser setup: some nodes were not ready");
}
}
// we only worry about one character ('). Make sure it's properly escaped.
private static String escape(String name)
{
return StringUtils.replace(name, "'", "''");
}
private static UntypedResultSet selectUser(String username)
{
try
{
ResultMessage.Rows rows = selectUserStatement.execute(QueryState.forInternalCalls(),
new QueryOptions(consistencyForUser(username),
Lists.newArrayList(ByteBufferUtil.bytes(username))));
return new UntypedResultSet(rows.result);
}
catch (RequestValidationException e)
{
throw new AssertionError(e); // not supposed to happen
}
catch (RequestExecutionException e)
{
throw new RuntimeException(e);
}
}
/**
* IMigrationListener implementation that cleans up permissions on dropped resources.
*/
public static class MigrationListener implements IMigrationListener
{
public void onDropKeyspace(String ksName)
{
DatabaseDescriptor.getAuthorizer().revokeAll(DataResource.keyspace(ksName));
}
public void onDropColumnFamily(String ksName, String cfName)
{
DatabaseDescriptor.getAuthorizer().revokeAll(DataResource.columnFamily(ksName, cfName));
}
public void onCreateKeyspace(String ksName)
{
}
public void onCreateColumnFamily(String ksName, String cfName)
{
}
public void onUpdateKeyspace(String ksName)
{
}
public void onUpdateColumnFamily(String ksName, String cfName)
{
}
}
}