[
https://issues.apache.org/jira/browse/HBASE-19093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16259295#comment-16259295
]
Balazs Meszaros commented on HBASE-19093:
-----------------------------------------
I created a test ({{TestAccessControllerMethods}}) which checks that every
methods from the implemented interfaces of {{AccessController}} are implemented
by {{AccessController}}. Considerations:
- Most events have pre and post callbacks. It is enough to implement only one
of them. (E.g. it is not an error, if preCreateTable is implemented, but
postCreateTable is not.)
- Methods ending with "Action" are ignored, because they are asynchronous
events and they have synchronous equivalent.
Currently the test does not check the implemented methods of {{RegionObserver}}
interface, because it contains lots of methods which are not important for
security checks. What do you think about it?
> Check Admin/Table to ensure all operations go via AccessControl
> ---------------------------------------------------------------
>
> Key: HBASE-19093
> URL: https://issues.apache.org/jira/browse/HBASE-19093
> Project: HBase
> Issue Type: Sub-task
> Reporter: stack
> Assignee: Balazs Meszaros
> Priority: Blocker
> Fix For: 2.0.0-beta-1
>
> Attachments: HBASE-19093.001.patch
>
>
> A cursory review of Admin Interface has a bunch of methods as open, with out
> AccessControl checks. For example, procedure executor has not check on it.
> This issue is about given the Admin and Table Interfaces a once-over to see
> what is missing and to fill in access control where missing.
> This is a follow-on from work over in HBASE-19048
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
