[HBASE-12925] Use acl cache for doing access control checks in prepare and clean phases of Bulkloading. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.0.0, 0.98.10
Component/s: None
Labels:
None

Description

Currently, prepareBulkLoad and cleanupBulkLoad are using "hasSomeAccess", which performs scan on ACL table, instead of using TableAuthManager. Also, the method "hasSomeAccess" has a logical error, as it doesn't filter the acl scan results by the current active user. More specifically

for (UserPermission userPerm: perms) {
        for (Action userAction: userPerm.getActions()) {
          if (userAction.equals(action)) {
            return AuthResult.allow(method, "Access allowed", requestUser,
              action, tableName, null, null);
          }
        }
      }

The if clause ideally should be having something like userPerm.getUser.equals(requestUser). This issue will help us in getting rid of this problematic implementation.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-12925.patch
26/Jan/15 22:47
6 kB
Srikanth Srungarapu
HBASE-12925_v2.patch
27/Jan/15 00:56
6 kB
Srikanth Srungarapu

Activity

People

Assignee:: Srikanth Srungarapu

Reporter:: Srikanth Srungarapu

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 26/Jan/15 21:44

Updated:: 06/Apr/18 17:54

Resolved:: 27/Jan/15 13:35