[jira] [Commented] (TEPHRA-219) Setup proper security context in co-processor for compaction and flushes

Mon, 13 Feb 2017 16:14:56 -0800 

    [ 
https://issues.apache.org/jira/browse/TEPHRA-219?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15864739#comment-15864739
 ] 

ASF GitHub Bot commented on TEPHRA-219:
---------------------------------------

Github user poornachandra commented on a diff in the pull request:

    https://github.com/apache/incubator-tephra/pull/35#discussion_r100932301
  
    --- Diff: 
tephra-hbase-compat-1.1-base/src/main/java/org/apache/tephra/hbase/coprocessor/TransactionProcessor.java
 ---
    @@ -356,8 +356,8 @@ public InternalScanner 
preCompactScannerOpen(ObserverContext<RegionCoprocessorEn
       @Override
       public void postCompact(ObserverContext<RegionCoprocessorEnvironment> e, 
Store store, StoreFile resultFile,
                               CompactionRequest request) throws IOException {
    -    // Persist the compaction state after a succesful compaction
    -    if (compactionState != null) {
    +    // Persist the compaction state after a successful compaction
    +    if (Boolean.TRUE.equals(pruneEnable)) {
    --- End diff --
    
    It would be better to change this check to `compactionState != null`. 
Otherwise there is a race condition during `initializePruneState()`, where 
`pruneEnable` could be `true`, but `compactionState` is still not initialized.


> Setup proper security context in co-processor for compaction and flushes
> ------------------------------------------------------------------------
>
>                 Key: TEPHRA-219
>                 URL: https://issues.apache.org/jira/browse/TEPHRA-219
>             Project: Tephra
>          Issue Type: Sub-task
>            Reporter: Poorna Chandra
>            Assignee: Gokul Gunasekaran
>             Fix For: 0.11.0-incubating
>
>
> From PHOENIX-3037, HBASE-16115 and HBASE-16141 - HBase runs compaction/flush 
> co-processor hooks as the user (current user) who started the 
> compaction/flush. This becomes an issue when a co-processor makes cross 
> region server calls in hooks. If the calls are made as the current user, then 
> the call may fail since the current user may not have sufficient privileges 
> to perform the call.
> Tephra TransactionProcessor will need to run all calls in compaction/flush 
> hooks as the login user instead of the current user.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Reply via email to