[
https://issues.apache.org/jira/browse/HBASE-10883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13961757#comment-13961757
]
Anoop Sam John commented on HBASE-10883:
----------------------------------------
Authorizations(List<String> labels)
Validation from here can be for label one after other so that in the Exception
msg, u can clearly say which Auth label is invalid. Same applicable to
VisibilityController#createVisibilityLabelFilter
We can just use VisibilityLabelsValidator#isValidLabel(byte[] label) which is
already there and used by put ?
{code}
throw new IllegalArgumentException("Authorizations cannot contain '(', ')' ,'&'
,'|', '!'"
+ + " and cannot be empty :"+label);
{code}
Error message can be bettter I think. This is invalid Auth *label*
> Restrict the universe of labels and authorizations
> --------------------------------------------------
>
> Key: HBASE-10883
> URL: https://issues.apache.org/jira/browse/HBASE-10883
> Project: HBase
> Issue Type: Improvement
> Affects Versions: 0.98.1
> Reporter: Andrew Purtell
> Assignee: ramkrishna.s.vasudevan
> Fix For: 0.99.0, 0.98.2
>
> Attachments: HBASE-10883.patch, HBASE-10883_1.patch,
> HBASE-10883_2.patch, HBASE-10883_3.patch, HBASE-10883_4.patch,
> HBASE-10883_5.patch
>
>
> Currently we allow any string as visibility label or request authorization.
> However as seen on HBASE-10878, we accept for authorizations strings that
> would not work if provided as labels in visibility expressions. We should
> throw an exception at least in cases where someone tries to define or use a
> label or authorization including visibility expression operators '&', '|',
> '!', '(', ')'.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
