[jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands

Fri, 05 Jan 2018 16:23:31 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16314202#comment-16314202
 ] 

Hudson commented on HBASE-19483:
--------------------------------

FAILURE: Integrated in Jenkins build HBase-Trunk_matrix #4350 (See 
[https://builds.apache.org/job/HBase-Trunk_matrix/4350/])
HBASE-19483 Add proper privilege check for rsgroup commands (tedyu: rev 
fc7736eb00bb47d619a1345e32f0136751ea8c0b)
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
* (edit) 
hbase-rest/src/test/java/org/apache/hadoop/hbase/rest/TestScannersWithLabels.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/test/IntegrationTestWithCellVisibilityLoadAndVerify.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterRpcServices.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
* (edit) 
hbase-rsgroup/src/main/java/org/apache/hadoop/hbase/rsgroup/RSGroupAdminEndpoint.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* (edit) src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
* (add) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessChecker.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
* (edit) src/main/asciidoc/_chapters/ops_mgt.adoc
* (edit) 
hbase-mapreduce/src/test/java/org/apache/hadoop/hbase/mapreduce/TestImportTSVWithVisibilityLabels.java
* (edit) 
hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift2/TestThriftHBaseServiceHandlerWithLabels.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/IntegrationTestIngestWithVisibilityLabels.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/test/IntegrationTestBigLinkedListWithVisibility.java
* (edit) src/main/asciidoc/_chapters/security.adoc
HBASE-19483 Add proper privilege check for rsgroup commands - revert due 
(tedyu: rev 5ce93511290d2bcf69e41d7ca5cec7464076d81d)
* (edit) 
hbase-thrift/src/test/java/org/apache/hadoop/hbase/thrift2/TestThriftHBaseServiceHandlerWithLabels.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/IntegrationTestIngestWithVisibilityLabels.java
* (edit) 
hbase-mapreduce/src/test/java/org/apache/hadoop/hbase/mapreduce/TestImportTSVWithVisibilityLabels.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/test/IntegrationTestBigLinkedListWithVisibility.java
* (edit) 
hbase-it/src/test/java/org/apache/hadoop/hbase/test/IntegrationTestWithCellVisibilityLoadAndVerify.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
* (edit) src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
* (edit) 
hbase-rsgroup/src/main/java/org/apache/hadoop/hbase/rsgroup/RSGroupAdminEndpoint.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
* (edit) src/main/asciidoc/_chapters/ops_mgt.adoc
* (edit) 
hbase-rest/src/test/java/org/apache/hadoop/hbase/rest/TestScannersWithLabels.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
* (edit) 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
* (delete) 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessChecker.java
* (edit) 
hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterRpcServices.java
* (edit) src/main/asciidoc/_chapters/security.adoc


> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-2
>
>         Attachments: 19483.master.011.patch, 19483.v11.patch, 
> 19483.v11.patch, HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, 
> HBASE-19483.master.003.patch, HBASE-19483.master.004.patch, 
> HBASE-19483.master.005.patch, HBASE-19483.master.006.patch, 
> HBASE-19483.master.007.patch, HBASE-19483.master.008.patch, 
> HBASE-19483.master.009.patch, HBASE-19483.master.010.patch, 
> HBASE-19483.master.011.patch, HBASE-19483.master.011.patch, 
> HBASE-19483.master.012.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and 
> list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / 
> get_rsgroup commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to