CassandraAuthorizer (apache-cassandra API)

java.lang.Object
- org.apache.cassandra.auth.CassandraAuthorizer

All Implemented Interfaces:

IAuthorizer
```
public class CassandraAuthorizer
extends java.lang.Object
implements IAuthorizer
```
CassandraAuthorizer is an IAuthorizer implementation that keeps permissions internally in C* - in system_auth.permissions CQL3 table.

Constructor Summary

Constructors
Constructor and Description

CassandraAuthorizer()

Constructors
Constructor and Description
`CassandraAuthorizer()`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`java.util.Set<Permission>`	`authorize(AuthenticatedUser user, IResource resource)` The primary IAuthorizer method.
`void`	`grant(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String to)` Grants a set of permissions on a resource to a user.
`java.util.Set<PermissionDetails>`	`list(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String of)` Returns a list of permissions on a resource of a user.
`java.util.Set<DataResource>`	`protectedResources()` Set of resources that should be made inaccessible to users and only accessible internally.
`void`	`revoke(AuthenticatedUser performer, java.util.Set<Permission> permissions, IResource resource, java.lang.String from)` Revokes a set of permissions on a resource from a user.
`void`	`revokeAll(IResource droppedResource)` This method is called after a resource is removed (i.e.
`void`	`revokeAll(java.lang.String droppedUser)` This method is called before deleting a user with DROP USER query so that a new user with the same name wouldn't inherit permissions of the deleted user in the future.
`void`	`setup()` Setup is called once upon system startup to initialize the IAuthorizer.
`void`	`validateConfiguration()` Validates configuration of IAuthorizer implementation (if configurable).

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - CassandraAuthorizer
```
public CassandraAuthorizer()
```
- Method Detail
  - authorize
```
public java.util.Set<Permission> authorize(AuthenticatedUser user,
                                           IResource resource)
```
    Description copied from interface: IAuthorizer
    
    The primary IAuthorizer method. Returns a set of permissions of a user on a resource.
    
    Specified by:
    
    authorize in interface IAuthorizer
    
    Parameters:
    
    user - Authenticated user requesting authorization.
    
    resource - Resource for which the authorization is being requested. @see DataResource.
    
    Returns:
    
    Set of permissions of the user on the resource. Should never return null. Use Permission.NONE instead.
  - grant
```
public void grant(AuthenticatedUser performer,
                  java.util.Set<Permission> permissions,
                  IResource resource,
                  java.lang.String to)
           throws RequestExecutionException
```
    Description copied from interface: IAuthorizer
    
    Grants a set of permissions on a resource to a user. The opposite of revoke().
    
    Specified by:
    
    grant in interface IAuthorizer
    
    Parameters:
    
    performer - User who grants the permissions.
    
    permissions - Set of permissions to grant.
    
    resource - Resource on which to grant the permissions.
    
    to - Grantee of the permissions.
    
    Throws:
    
    RequestExecutionException
  - revoke
```
public void revoke(AuthenticatedUser performer,
                   java.util.Set<Permission> permissions,
                   IResource resource,
                   java.lang.String from)
            throws RequestExecutionException
```
    Description copied from interface: IAuthorizer
    
    Revokes a set of permissions on a resource from a user. The opposite of grant().
    
    Specified by:
    
    revoke in interface IAuthorizer
    
    Parameters:
    
    performer - User who revokes the permissions.
    
    permissions - Set of permissions to revoke.
    
    resource - Resource on which to revoke the permissions.
    
    from - Revokee of the permissions.
    
    Throws:
    
    RequestExecutionException
  - list
```
public java.util.Set<PermissionDetails> list(AuthenticatedUser performer,
                                             java.util.Set<Permission> permissions,
                                             IResource resource,
                                             java.lang.String of)
                                      throws RequestValidationException,
                                             RequestExecutionException
```
    Description copied from interface: IAuthorizer
    
    Returns a list of permissions on a resource of a user.
    
    Specified by:
    
    list in interface IAuthorizer
    
    Parameters:
    
    performer - User who wants to see the permissions.
    
    permissions - Set of Permission values the user is interested in. The result should only include the matching ones.
    
    resource - The resource on which permissions are requested. Can be null, in which case permissions on all resources should be returned.
    
    of - The user whose permissions are requested. Can be null, in which case permissions of every user should be returned.
    
    Returns:
    
    All of the matching permission that the requesting user is authorized to know about.
    
    Throws:
    
    RequestValidationException
    
    RequestExecutionException
  - revokeAll
```
public void revokeAll(java.lang.String droppedUser)
```
    Description copied from interface: IAuthorizer
    
    This method is called before deleting a user with DROP USER query so that a new user with the same name wouldn't inherit permissions of the deleted user in the future.
    
    Specified by:
    
    revokeAll in interface IAuthorizer
    
    Parameters:
    
    droppedUser - The user to revoke all permissions from.
  - revokeAll
```
public void revokeAll(IResource droppedResource)
```
    Description copied from interface: IAuthorizer
    
    This method is called after a resource is removed (i.e. keyspace or a table is dropped).
    
    Specified by:
    
    revokeAll in interface IAuthorizer
    
    Parameters:
    
    droppedResource - The resource to revoke all permissions on.
  - protectedResources
```
public java.util.Set<DataResource> protectedResources()
```
    Description copied from interface: IAuthorizer
    
    Set of resources that should be made inaccessible to users and only accessible internally.
    
    Specified by:
    
    protectedResources in interface IAuthorizer
    
    Returns:
    
    Keyspaces, column families that will be unmodifiable by users; other resources.
  - validateConfiguration
```
public void validateConfiguration()
                           throws ConfigurationException
```
    Description copied from interface: IAuthorizer
    
    Validates configuration of IAuthorizer implementation (if configurable).
    
    Specified by:
    
    validateConfiguration in interface IAuthorizer
    
    Throws:
    
    ConfigurationException - when there is a configuration error.
  - setup
```
public void setup()
```
    Description copied from interface: IAuthorizer
    
    Setup is called once upon system startup to initialize the IAuthorizer. For example, use this method to create any required keyspaces/column families.
    
    Specified by:
    
    setup in interface IAuthorizer

Class CassandraAuthorizer

Constructor Summary

Method Summary

Methods inherited from class java.lang.Object

Constructor Detail

CassandraAuthorizer

Method Detail

authorize

grant

revoke

list

revokeAll

revokeAll

protectedResources

validateConfiguration

setup