GitHub user PurelyApplied opened a pull request: https://github.com/apache/geode/pull/596
GEODE-2920 - GEODE-2925: Finer Grained Security Due to the size of this commit and for your convenience of review, I have not yet squashed my commits. Do note that I have not individually tested each individual commit for stability and each internal commit is meant only for ease of review. The commit message to be included in the final, squashed version of this PR is present in the `8fe19ca`... commit, and reproduced below. TODO: [ ] Is your initial contribution a single, squashed commit? ----- This commit represents the actual Finer Grained Security changes. GEODE-2920 - GEODE-2925: Migration of security from DATA:MANAGE * DATA:MANAGE -> CLUSTER:MANAGE * * configure pdx * import cluster-configuration * LockServiceMXBean.becomeLockGrantor * * DATA:MANAGE -> CLUSTER:MANAGE:DISK * * compact disk-store * create disk-store * destroy disk-store * revoke missing-disk-store * DiskStoreMXBean.forceRoll * DiskStoreMXBean.forceCompaction * DiskStoreMXBean.flush * DiskStoreMXBean.setDiskUsageWarningPercentage * DiskStoreMXBean.setDiskUsageCriticalPercentage * DistributedSystemMXBean.revokeMissingDiskStores * MemberMXBean.compactAllDistStores * * DATA:MANAGE -> CLUSTER:MANAGE:GATEWAY * * create gateway-receiver * create gateway-sender * destroy gateway-sender * load-balance gateway-sender * pause gateway-sender * resume gateway-sender * start gateway-receiver * start gateway-sender * stop gateway-receiver * stop gateway-sender * GatewayReceiverMXBean.start * GatewayReceiverMXBean.stop * GatewaySenderMXBean.start * GatewaySenderMXBean.stop * GatewaySenderMXBean.pause * GatewaySenderMXBean.resume * GatewaySenderMXBean.rebalance * * DATA:MANAGE -> CLUSTER:MANAGE:JAR * * create async-event-queue (Requires CLUSTER:WRITE:DISK if persistent) * destroy function * undeploy * * DATA:MANAGE -> CLUSTER:MANAGE:QUERY * * clear defined indexes * close durable-client * close durable-cq * create defined indexes * stop continuous-query * CacheServerMXBean.closeAllContinuousQuery * CacheServerMXBean.closeContinuousQuery * DistributedSystemMXBean.setQueryResultSetLimit * DistributedSystemMXBean.setQueryCollectionsDepth * * DATA:READ -> CLUSTER:READ * * list region * * DATA:MANAGE -> [None] * * pdx rename * * DATA:READ -> DATA:READ and CLUSTER:WRITE:DISK * * backup disk-store * DistributedSystemMXBean.backupAllMembers * * DATA:MANAGE:RegionName -> CLUSTER:MANAGE:QUERY * * create index * create lucene index (also requires CLUSTER:WRITE:DISK) * define index * destroy lucene index * * DATA:MANAGE, DATA:WRITE, CLUSTER:MANAGE, and CLUSTER:WRITE -> CLUSTER:MANAGE:JAR * * deploy * * DATA:MANAGE or DATA:MANAGE:RegionName -> CLUSTER:MANAGE:QUERY * * destroy index * * CLUSTER:READ -> CLUSTER:READ:QUERY * * describe lucene index * list index * list lucene indexes * * DATA:WRITE -> DATA:READ:Region * * search lucene index * * DATA:MANAGE -> DATA:MANAGE and CLUSTER:WRITE:DISK if persistent * * create region You can merge this pull request into a Git repository by running: $ git pull https://github.com/PurelyApplied/geode geode-2924 Alternatively you can review and apply these changes as the patch at: https://github.com/apache/geode/pull/596.patch To close this pull request, make a commit to your master/trunk branch with (at least) the following in the commit message: This closes #596 ---- commit 8b14112094fd49bfc7638cc952f8d322d5bd50e7 Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T17:51:32Z For ease of viewing, this commit covers all necessary imports. commit 8fe19ca6ff3e51aed601537afb8e23c3e85569a1 Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T18:59:13Z This commit represents the actual Finer Grained Security changes. GEODE-2920 - GEODE-2925: Migration of security from DATA:MANAGE * DATA:MANAGE -> CLUSTER:MANAGE * * configure pdx * import cluster-configuration * LockServiceMXBean.becomeLockGrantor * * DATA:MANAGE -> CLUSTER:MANAGE:DISK * * compact disk-store * create disk-store * destroy disk-store * revoke missing-disk-store * DiskStoreMXBean.forceRoll * DiskStoreMXBean.forceCompaction * DiskStoreMXBean.flush * DiskStoreMXBean.setDiskUsageWarningPercentage * DiskStoreMXBean.setDiskUsageCriticalPercentage * DistributedSystemMXBean.revokeMissingDiskStores * MemberMXBean.compactAllDistStores * * DATA:MANAGE -> CLUSTER:MANAGE:GATEWAY * * create gateway-receiver * create gateway-sender * destroy gateway-sender * load-balance gateway-sender * pause gateway-sender * resume gateway-sender * start gateway-receiver * start gateway-sender * stop gateway-receiver * stop gateway-sender * GatewayReceiverMXBean.start * GatewayReceiverMXBean.stop * GatewaySenderMXBean.start * GatewaySenderMXBean.stop * GatewaySenderMXBean.pause * GatewaySenderMXBean.resume * GatewaySenderMXBean.rebalance * * DATA:MANAGE -> CLUSTER:MANAGE:JAR * * create async-event-queue (Requires CLUSTER:WRITE:DISK if persistent) * destroy function * undeploy * * DATA:MANAGE -> CLUSTER:MANAGE:QUERY * * clear defined indexes * close durable-client * close durable-cq * create defined indexes * stop continuous-query * CacheServerMXBean.closeAllContinuousQuery * CacheServerMXBean.closeContinuousQuery * DistributedSystemMXBean.setQueryResultSetLimit * DistributedSystemMXBean.setQueryCollectionsDepth * * DATA:READ -> CLUSTER:READ * * list region * * DATA:MANAGE -> [None] * * pdx rename * * DATA:READ -> DATA:READ and CLUSTER:WRITE:DISK * * backup disk-store * DistributedSystemMXBean.backupAllMembers * * DATA:MANAGE:RegionName -> CLUSTER:MANAGE:QUERY * * create index * create lucene index (also requires CLUSTER:WRITE:DISK) * define index * destroy lucene index * * DATA:MANAGE, DATA:WRITE, CLUSTER:MANAGE, and CLUSTER:WRITE -> CLUSTER:MANAGE:JAR * * deploy * * DATA:MANAGE or DATA:MANAGE:RegionName -> CLUSTER:MANAGE:QUERY * * destroy index * * CLUSTER:READ -> CLUSTER:READ:QUERY * * describe lucene index * list index * list lucene indexes * * DATA:WRITE -> DATA:READ:Region * * search lucene index * * DATA:MANAGE -> DATA:MANAGE and CLUSTER:WRITE:DISK if persistent * create region commit e3e1fd1d415601343614a16abebca357ef1cc858 Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T19:06:22Z Cleanup: removing redundant public on interface methods Also minor typos in comments of the associated interfaces. Correction of MemberMXBean.getInitialImagesInProgres_s_ commit 8fdc98930172434526bf4d6f12bbfd696332646b Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T19:09:58Z Cleanup: Renaming of ContunuousQueryFunction -> ContinuousQueryFunction commit 2796cece5512976fea8b7c47be9724ea67506ac4 Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T19:11:18Z Security-related tests updated to reflect new security values. commit 9e4157ba591578c56f74d9699515eee710ead62f Author: Patrick Rhomberg <prhomb...@pivotal.io> Date: 2017-06-21T19:14:32Z Cleanup: General refactoring of touched files, paying off some of the acrued technical debt ---- --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the feature is enabled but not working, please contact infrastructure at infrastruct...@apache.org or file a JIRA ticket with INFRA. ---