Ted Yu created HBASE-20639: ------------------------------ Summary: Implement permission checking through AccessController instead of RSGroupAdminEndpoint Key: HBASE-20639 URL: https://issues.apache.org/jira/browse/HBASE-20639 Project: HBase Issue Type: Bug Reporter: Ted Yu
Currently permission checking for various RS group operations is done via RSGroupAdminEndpoint. e.g. in RSGroupAdminServiceImpl#moveServers() : {code} checkPermission("moveServers"); groupAdminServer.moveServers(hostPorts, request.getTargetGroup()); {code} The practice in remaining parts of hbase is to perform permission checking within AccessController. Now that observer hooks for RS group operations are in right place, we should follow best practice and move permission checking to AccessController. -- This message was sent by Atlassian JIRA (v7.6.3#76005)