Ted Yu created HBASE-20639:
------------------------------
Summary: Implement permission checking through AccessController
instead of RSGroupAdminEndpoint
Key: HBASE-20639
URL: https://issues.apache.org/jira/browse/HBASE-20639
Project: HBase
Issue Type: Bug
Reporter: Ted Yu
Currently permission checking for various RS group operations is done via
RSGroupAdminEndpoint.
e.g. in RSGroupAdminServiceImpl#moveServers() :
{code}
checkPermission("moveServers");
groupAdminServer.moveServers(hostPorts, request.getTargetGroup());
{code}
The practice in remaining parts of hbase is to perform permission checking
within AccessController.
Now that observer hooks for RS group operations are in right place, we should
follow best practice and move permission checking to AccessController.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
