/Users/deen/code/yugabyte-db/src/yb/yql/cql/ql/ptree/pt_alter_role.cc

Source (jump to first uncovered line)
//--------------------------------------------------------------------------------------------------
// Copyright (c) YugaByte, Inc.
//
// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
// in compliance with the License.  You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software distributed under the License
// is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
// or implied.  See the License for the specific language governing permissions and limitations
// under the License.
//
//
// Treenode definitions for ALTER TYPE statements.
//--------------------------------------------------------------------------------------------------

#include "yb/yql/cql/ql/ptree/pt_alter_role.h"

#include "yb/util/crypt.h"

#include "yb/yql/cql/ql/ptree/sem_context.h"
#include "yb/yql/cql/ql/ptree/sem_state.h"
#include "yb/yql/cql/ql/ptree/yb_location.h"

DECLARE_bool(use_cassandra_authentication);

namespace yb {
namespace ql {

using strings::Substitute;
using yb::util::bcrypt_hashpw;
using yb::util::kBcryptHashSize;

//--------------------------------------------------------------------------------------------------
// Alter Role.

PTAlterRole::PTAlterRole(MemoryContext* memctx,
                         YBLocation::SharedPtr loc,
                         const MCSharedPtr<MCString>& name,
                         const PTRoleOptionListNode::SharedPtr& roleOptions)
    : TreeNode(memctx, loc),
      name_(name),
      roleOptions_(roleOptions) {
}

PTAlterRole::~PTAlterRole() {
}

CHECKED_STATUS PTAlterRole::Analyze(SemContext* sem_context) {
  SemState sem_state(sem_context);

  RETURN_NOT_AUTH_ENABLED(sem_context);
  RETURN_NOT_OK(sem_context->CheckHasRolePermission(loc(), PermissionType::ALTER_PERMISSION,
                                                    role_name()));

  // Save context state, and set "this" as current column in the context.
  SymbolEntry cached_entry = *sem_context->current_processing_id();
  if (roleOptions_!= nullptr) {
    RETURN_NOT_OK(roleOptions_->Analyze(sem_context));

    bool seen_password = false;
    bool seen_superuser = false;
    bool seen_login = false;

    for (auto& roleOption : roleOptions_->node_list()) {
      switch (roleOption->option_type()) {
        case PTRoleOptionType::kLogin : {
          if (seen_login) {
            return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
          }
          PTRoleLogin *loginOpt = static_cast<PTRoleLogin*>(roleOption.get());
          login_ = loginOpt->login();
          seen_login = true;
          break;
        }
        case PTRoleOptionType::kPassword : {
          if (seen_password) {
            return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
          }
          PTRolePassword *passwordOpt = static_cast<PTRolePassword*>(roleOption.get());

          char hash[kBcryptHashSize];
          int ret = bcrypt_hashpw(passwordOpt->password(), hash);
          if (ret != 0) {
            return STATUS(IllegalState, Substitute("Could not hash password, reason: $0", ret));
          }
          salted_hash_ = MCMakeShared<MCString>(sem_context->PSemMem(), hash , kBcryptHashSize);
          seen_password = true;
          break;
        }
        case PTRoleOptionType::kSuperuser: {
          if (seen_superuser) {
            return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
          }
          PTRoleSuperuser *superuserOpt = static_cast<PTRoleSuperuser*>(roleOption.get());
          superuser_ = superuserOpt->superuser();
          seen_superuser = true;
          break;
        }
      }
    }

  }

  // Restore the context value as we are done with this table.
  sem_context->set_current_processing_id(cached_entry);
  if (VLOG_IS_ON(3)) {
    PrintSemanticAnalysisResult(sem_context);
  }

  return Status::OK();
}

void PTAlterRole::PrintSemanticAnalysisResult(SemContext* sem_context) {
  MCString sem_output("\tAlter Role ", sem_context->PTempMem());
  sem_output = sem_output + " role_name  " + role_name() + " salted_hash = " + *salted_hash_;
  sem_output = sem_output + " login = " + (login() ? "true" : "false");
  sem_output = sem_output + " superuser = " + (superuser() ? "true" : "false");
  VLOG(3) << "SEMANTIC ANALYSIS RESULT (" << *loc_ << "):\n" << sem_output;
}

}  // namespace ql
}  // namespace yb

Line	Count	Source (jump to first uncovered line)
1		//--------------------------------------------------------------------------------------------------
2		// Copyright (c) YugaByte, Inc.
3		//
4		// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except
5		// in compliance with the License. You may obtain a copy of the License at
6		//
7		// http://www.apache.org/licenses/LICENSE-2.0
8		//
9		// Unless required by applicable law or agreed to in writing, software distributed under the License
10		// is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
11		// or implied. See the License for the specific language governing permissions and limitations
12		// under the License.
13		//
14		//
15		// Treenode definitions for ALTER TYPE statements.
16		//--------------------------------------------------------------------------------------------------
17
18		#include "yb/yql/cql/ql/ptree/pt_alter_role.h"
19
20		#include "yb/util/crypt.h"
21
22		#include "yb/yql/cql/ql/ptree/sem_context.h"
23		#include "yb/yql/cql/ql/ptree/sem_state.h"
24		#include "yb/yql/cql/ql/ptree/yb_location.h"
25
26		DECLARE_bool(use_cassandra_authentication);
27
28		namespace yb {
29		namespace ql {
30
31		using strings::Substitute;
32		using yb::util::bcrypt_hashpw;
33		using yb::util::kBcryptHashSize;
34
35		//--------------------------------------------------------------------------------------------------
36		// Alter Role.
37
38		PTAlterRole::PTAlterRole(MemoryContext* memctx,
39		YBLocation::SharedPtr loc,
40		const MCSharedPtr<MCString>& name,
41		const PTRoleOptionListNode::SharedPtr& roleOptions)
42		: TreeNode(memctx, loc),
43		name_(name),
44	58	roleOptions_(roleOptions) {
45	58	}
46
47	58	PTAlterRole::~PTAlterRole() {
48	58	}
49
50	58	CHECKED_STATUS PTAlterRole::Analyze(SemContext* sem_context) {
51	58	SemState sem_state(sem_context);
52
53	58	RETURN_NOT_AUTH_ENABLED(sem_context);
54	58	RETURN_NOT_OK(sem_context->CheckHasRolePermission(loc(), PermissionType::ALTER_PERMISSION,
55	58	role_name()));
56
57		// Save context state, and set "this" as current column in the context.
58	58	SymbolEntry cached_entry = *sem_context->current_processing_id();
59	58	if (roleOptions_!= nullptr) {
60	58	RETURN_NOT_OK(roleOptions_->Analyze(sem_context));
61
62	58	bool seen_password = false;
63	58	bool seen_superuser = false;
64	58	bool seen_login = false;
65
66	68	for (auto& roleOption : roleOptions_->node_list()) {
67	68	switch (roleOption->option_type()) {
68	13	case PTRoleOptionType::kLogin : {
69	13	if (seen_login) {
70	0	return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
71	0	}
72	13	PTRoleLogin loginOpt = static_cast<PTRoleLogin>(roleOption.get());
73	13	login_ = loginOpt->login();
74	13	seen_login = true;
75	13	break;
76	13	}
77	9	case PTRoleOptionType::kPassword : {
78	9	if (seen_password) {
79	0	return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
80	0	}
81	9	PTRolePassword passwordOpt = static_cast<PTRolePassword>(roleOption.get());
82
83	9	char hash[kBcryptHashSize];
84	9	int ret = bcrypt_hashpw(passwordOpt->password(), hash);
85	9	if (ret != 0) {
86	0	return STATUS(IllegalState, Substitute("Could not hash password, reason: $0", ret));
87	0	}
88	9	salted_hash_ = MCMakeShared<MCString>(sem_context->PSemMem(), hash , kBcryptHashSize);
89	9	seen_password = true;
90	9	break;
91	9	}
92	46	case PTRoleOptionType::kSuperuser: {
93	46	if (seen_superuser) {
94	0	return sem_context->Error(roleOption, ErrorCode::INVALID_ROLE_DEFINITION);
95	0	}
96	46	PTRoleSuperuser superuserOpt = static_cast<PTRoleSuperuser>(roleOption.get());
97	46	superuser_ = superuserOpt->superuser();
98	46	seen_superuser = true;
99	46	break;
100	46	}
101	68	}
102	68	}
103
104	58	}
105
106		// Restore the context value as we are done with this table.
107	58	sem_context->set_current_processing_id(cached_entry);
108	0	if (VLOG_IS_ON(3)) {
109	0	PrintSemanticAnalysisResult(sem_context);
110	0	}
111
112	58	return Status::OK();
113	58	}
114
115	0	void PTAlterRole::PrintSemanticAnalysisResult(SemContext* sem_context) {
116	0	MCString sem_output("\tAlter Role ", sem_context->PTempMem());
117	0	sem_output = sem_output + " role_name " + role_name() + " salted_hash = " + *salted_hash_;
118	0	sem_output = sem_output + " login = " + (login() ? "true" : "false");
119	0	sem_output = sem_output + " superuser = " + (superuser() ? "true" : "false");
120	0	VLOG(3) << "SEMANTIC ANALYSIS RESULT (" << *loc_ << "):\n" << sem_output;
121	0	}
122
123		} // namespace ql
124		} // namespace yb

YugabyteDB (2.13.0.0-b42, bfc6a6643e7399ac8a0e81d06a3ee6d6571b33ab)

Coverage Report

Created: 2022-03-09 17:30