Author: jdcryans
Date: Fri Apr 25 20:00:21 2014
New Revision: 1590124
URL: http://svn.apache.org/r1590124
Log:
HBASE-11008 Align bulk load, flush, and compact to require Action.CREATE
Modified:
hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
hbase/trunk/src/main/docbkx/security.xml
Modified:
hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
URL:
http://svn.apache.org/viewvc/hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java?rev=1590124&r1=1590123&r2=1590124&view=diff
==============================================================================
---
hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
(original)
+++
hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
Fri Apr 25 20:00:21 2014
@@ -1219,7 +1219,8 @@ public class AccessController extends Ba
@Override
public void preFlush(ObserverContext<RegionCoprocessorEnvironment> e) throws
IOException {
- requirePermission("flush", getTableName(e.getEnvironment()), null, null,
Action.ADMIN);
+ requirePermission("flush", getTableName(e.getEnvironment()), null, null,
Action.ADMIN,
+ Action.CREATE);
}
@Override
@@ -1237,7 +1238,8 @@ public class AccessController extends Ba
public InternalScanner
preCompact(ObserverContext<RegionCoprocessorEnvironment> e,
final Store store, final InternalScanner scanner, final ScanType
scanType)
throws IOException {
- requirePermission("compact", getTableName(e.getEnvironment()), null, null,
Action.ADMIN);
+ requirePermission("compact", getTableName(e.getEnvironment()), null, null,
Action.ADMIN,
+ Action.CREATE);
return scanner;
}
@@ -1549,7 +1551,7 @@ public class AccessController extends Ba
ctx.getEnvironment().getRegion().getTableDesc().getTableName(),
el.getFirst(),
null,
- Permission.Action.WRITE);
+ Action.CREATE);
}
}
Modified:
hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
URL:
http://svn.apache.org/viewvc/hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java?rev=1590124&r1=1590123&r2=1590124&view=diff
==============================================================================
---
hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
(original)
+++
hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
Fri Apr 25 20:00:21 2014
@@ -616,8 +616,8 @@ public class TestAccessController extend
}
};
- verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER);
- verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE);
+ verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
+ verifyDenied(action, USER_RW, USER_RO, USER_NONE);
}
@Test
@@ -631,8 +631,8 @@ public class TestAccessController extend
}
};
- verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER);
- verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE);
+ verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_OWNER, USER_CREATE);
+ verifyDenied(action, USER_RW, USER_RO, USER_NONE);
}
@Test
Modified: hbase/trunk/src/main/docbkx/security.xml
URL:
http://svn.apache.org/viewvc/hbase/trunk/src/main/docbkx/security.xml?rev=1590124&r1=1590123&r2=1590124&view=diff
==============================================================================
Binary files - no diff available.
