[
https://issues.apache.org/jira/browse/HBASE-7123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell updated HBASE-7123:
----------------------------------
Summary: Refactor internal methods in AccessController (was: Refactor
permissionGranted and requirePermission methods)
> Refactor internal methods in AccessController
> ---------------------------------------------
>
> Key: HBASE-7123
> URL: https://issues.apache.org/jira/browse/HBASE-7123
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Andrew Purtell
>
> The permissionGranted and requirePermission methods in AccessController have
> organically grown as both the HBase client API and the AccessController
> itself have evolved, and now have several problems:
> - Code duplication (minor)
> - Unused variants (minor)
> - Signatures optimized for checking certain operations that have a familyMap.
> Unfortunately different operations have different ideas of what type a
> familyMap should be. This leads to runtime type checking and the need to
> convert one family map to another (e.g. {{Map<byte[],
> NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of
> conversion code in a hot path hurts to look at.) There are too many Java
> collection type combinations floating around. Some of this should be
> approached at the client API level too, for example with HBASE-7114.
> - Only one Permission.Action can be checked at a time. We should really
> convert these into a bitmap if multiple actions need checking and pass that
> around instead.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
