Adar Dembo has posted comments on this change. ( http://gerrit.cloudera.org:8080/11753 )
Change subject: authz: verify tokens on scans ...................................................................... Patch Set 2: (3 comments) Just a partial review so far; curious whether you agree with my control flow suggestion (which would make interdiff reviewing tough). http://gerrit.cloudera.org:8080/#/c/11753/2//COMMIT_MSG Commit Message: http://gerrit.cloudera.org:8080/#/c/11753/2//COMMIT_MSG@17 PS2, Line 17: if uses pk: Does "if uses pk" mean "if projection includes pk"? http://gerrit.cloudera.org:8080/#/c/11753/2/src/kudu/common/schema.h File src/kudu/common/schema.h: http://gerrit.cloudera.org:8080/#/c/11753/2/src/kudu/common/schema.h@588 PS2, Line 588: std::vector<ColumnId> get_key_column_ids() const { This could be simpler a la CreateKeyProjection: col_ids.assign(col_ids_.begin(), col_ids_.begin() + num_key_columns_); http://gerrit.cloudera.org:8080/#/c/11753/2/src/kudu/tserver/tablet_service.cc File src/kudu/tserver/tablet_service.cc: http://gerrit.cloudera.org:8080/#/c/11753/2/src/kudu/tserver/tablet_service.cc@1495 PS2, Line 1495: if (FLAGS_tserver_enforce_access_control && req->has_new_scan_request()) { Splitting the authz checks into two chunks makes these RPC implementations less readable. Is there any way we could lead with LookupRunningTabletReplicaOrRespond, then do the authz work? I imagine the split is so that LRTROR doesn't leak information, but maybe it can call a variant of MayHaveScanPrivileges() on error to figure out whether to leak or not? -- To view, visit http://gerrit.cloudera.org:8080/11753 To unsubscribe, visit http://gerrit.cloudera.org:8080/settings Gerrit-Project: kudu Gerrit-Branch: master Gerrit-MessageType: comment Gerrit-Change-Id: I7a5d81cf215a5d936f8853feba05778038764905 Gerrit-Change-Number: 11753 Gerrit-PatchSet: 2 Gerrit-Owner: Andrew Wong <[email protected]> Gerrit-Reviewer: Adar Dembo <[email protected]> Gerrit-Reviewer: Andrew Wong <[email protected]> Gerrit-Reviewer: Dan Burkert <[email protected]> Gerrit-Reviewer: Hao Hao <[email protected]> Gerrit-Reviewer: Kudu Jenkins (120) Gerrit-Reviewer: Tidy Bot (241) Gerrit-Comment-Date: Mon, 11 Mar 2019 19:39:38 +0000 Gerrit-HasComments: Yes
