cassandra中的权限问题
Permission issue in cassandra
对于 cassandra 中的用户,我使用以下命令获得了权限:
PRICINGUSR@cqlsh:system> LIST ALL PERMISSIONS OF PRICINGUSR;
username | resource | permission
------------+--------------------+------------
PRICINGUSR | <keyspace pricing> | CREATE
PRICINGUSR | <keyspace pricing> | ALTER
PRICINGUSR | <keyspace pricing> | DROP
PRICINGUSR | <keyspace pricing> | SELECT
PRICINGUSR | <keyspace pricing> | MODIFY
PRICINGUSR | <keyspace pricing> | AUTHORIZE
Note: There are no permission for system keyspace.
但是当我查询系统键空间表时,有些我得到了响应,有些则没有。
PRICINGUSR@cqlsh:system> Select * from system.schema_keyspaces limit 1;
keyspace_name | durable_writes | strategy_class | strategy_options
---------------+----------------+------------------------------------------------------+------------------
ccw_pd | True | org.apache.cassandra.locator.NetworkTopologyStrategy | {"DC1":"3"}
(1 rows)
PRICINGUSR@cqlsh:system> Select * from system.size_estimates limit 1;
Unauthorized: code=2100 [Unauthorized] message="User PRICINGUSR has no SELECT permission on <table system.size_estimates> or any of its parents"
PRICINGUSR@cqlsh:system> Select * from system.schema_usertypes limit 1;
keyspace_name | type_name | field_names | field_types
---------------+-----------+-------------+-------------
(0 rows)
PRICINGUSR@cqlsh:system>
我正在使用 DSE 4.8.1
Cassandra 维护着一组 READABLE_SYSTEM_RESOURCES,无论权限如何都可以读取。这对于允许 Cassandra 管理用户资源而不必向每个用户授予权限是必要的。此列表中包含的表格是:
- system.local
- system.peers
- system.schema_keyspaces
- system.schema_columnfamilies
- system.schema_columns
- system.schema_triggers
- system.schema_usertypes
以上列表适用于仅在 DSE 4.8 中使用的 Cassandra 2.1
对于 cassandra 中的用户,我使用以下命令获得了权限:
PRICINGUSR@cqlsh:system> LIST ALL PERMISSIONS OF PRICINGUSR;
username | resource | permission
------------+--------------------+------------
PRICINGUSR | <keyspace pricing> | CREATE
PRICINGUSR | <keyspace pricing> | ALTER
PRICINGUSR | <keyspace pricing> | DROP
PRICINGUSR | <keyspace pricing> | SELECT
PRICINGUSR | <keyspace pricing> | MODIFY
PRICINGUSR | <keyspace pricing> | AUTHORIZE
Note: There are no permission for system keyspace.
但是当我查询系统键空间表时,有些我得到了响应,有些则没有。
PRICINGUSR@cqlsh:system> Select * from system.schema_keyspaces limit 1;
keyspace_name | durable_writes | strategy_class | strategy_options
---------------+----------------+------------------------------------------------------+------------------
ccw_pd | True | org.apache.cassandra.locator.NetworkTopologyStrategy | {"DC1":"3"}
(1 rows)
PRICINGUSR@cqlsh:system> Select * from system.size_estimates limit 1;
Unauthorized: code=2100 [Unauthorized] message="User PRICINGUSR has no SELECT permission on <table system.size_estimates> or any of its parents"
PRICINGUSR@cqlsh:system> Select * from system.schema_usertypes limit 1;
keyspace_name | type_name | field_names | field_types
---------------+-----------+-------------+-------------
(0 rows)
PRICINGUSR@cqlsh:system>
我正在使用 DSE 4.8.1
Cassandra 维护着一组 READABLE_SYSTEM_RESOURCES,无论权限如何都可以读取。这对于允许 Cassandra 管理用户资源而不必向每个用户授予权限是必要的。此列表中包含的表格是:
- system.local
- system.peers
- system.schema_keyspaces
- system.schema_columnfamilies
- system.schema_columns
- system.schema_triggers
- system.schema_usertypes
以上列表适用于仅在 DSE 4.8 中使用的 Cassandra 2.1