[jira] [Commented] (HBASE-19483) Add proper privilege check for rsgroup commands

Wed, 10 Jan 2018 18:45:27 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16321605#comment-16321605
 ] 

Guangxu Cheng commented on HBASE-19483:
---------------------------------------

{code}
1. AccessController.isAuthorizationSupported ( Configuration conf )[static] : 
boolean
2. AccessController.requireNamespacePermission ( String request, String 
namespace, Permission.Action... permissions ) : void
3. AccessController.requireNamespacePermission ( String request, String 
namespace, TableName tableName, Map<byte[ ],? extends 
java.util.Collection<byte[ ]>> familyMap, Permission.Action... permissions ) : 
void
4. VisibilityController.isAuthorizationSupported ( Configuration conf ) 
[static] : boolean
{code}
ok, I will restore these methods.Thanks [~appy]

> Add proper privilege check for rsgroup commands
> -----------------------------------------------
>
>                 Key: HBASE-19483
>                 URL: https://issues.apache.org/jira/browse/HBASE-19483
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Guangxu Cheng
>             Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1
>
>         Attachments: 19483.master.011.patch, 19483.v11.patch, 
> 19483.v11.patch, HBASE-19483.addendum-1.patch, HBASE-19483.addendum.patch, 
> HBASE-19483.branch-1.001.patch, HBASE-19483.branch-2.001.patch, 
> HBASE-19483.branch-2.002.patch, HBASE-19483.branch-2.003.patch, 
> HBASE-19483.master.001.patch, HBASE-19483.master.002.patch, 
> HBASE-19483.master.003.patch, HBASE-19483.master.004.patch, 
> HBASE-19483.master.005.patch, HBASE-19483.master.006.patch, 
> HBASE-19483.master.007.patch, HBASE-19483.master.008.patch, 
> HBASE-19483.master.009.patch, HBASE-19483.master.010.patch, 
> HBASE-19483.master.011.patch, HBASE-19483.master.011.patch, 
> HBASE-19483.master.012.patch, HBASE-19483.master.013.patch, 
> HBASE-19483.master.014.patch
>
>
> Currently list_rsgroups command can be executed by any user.
> This is inconsistent with other list commands such as list_peers and 
> list_peer_configs.
> We should add proper privilege check for list_rsgroups command.
> privilege check should be added for get_table_rsgroup / get_server_rsgroup / 
> get_rsgroup commands.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Reply via email to