Appy created HBASE-20185:
Summary: Fix ACL check for MasterRpcServices#execProcedure
Issue Type: Bug
Mailing thread ref:
TLDR; HBASE-19400 messed up perms required for flushing a table.
Looks like flush and snapshot procedures are already doing permissions check as
part of preTableFlush/preSnapshot hooks. However, LogRollMasterProcedureManager
is missing access checks ([~elserj], can someone look at it?)
With that, it makes no sense to put an ADMIN perm requirement which was added
by me in HBASE-19400. Removing it.
However, to make things better for future, i have made few design changes which
will ensure 1) perm checks don't slip by mistake, 2) a suitable placeholder for
checks for flush & snapshot when we remove AccessController for good.
This message was sent by Atlassian JIRA