[HBASE-20639] Implement permission checking through AccessController instead of RSGroupAdminEndpoint - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Duplicate
Affects Version/s: None
Fix Version/s: None
Component/s: None
Labels:
None

Hadoop Flags:

Reviewed

Description

Currently permission checking for various RS group operations is done via RSGroupAdminEndpoint.
e.g. in RSGroupAdminServiceImpl#moveServers() :

        checkPermission("moveServers");
        groupAdminServer.moveServers(hostPorts, request.getTargetGroup());

The practice in remaining parts of hbase is to perform permission checking within AccessController.

Now that observer hooks for RS group operations are in right place, we should follow best practice and move permission checking to AccessController.

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-20639.master.001.patch
27/May/18 14:05
15 kB
Nihal Jain
HBASE-20639.master.002.patch
27/May/18 17:31
15 kB
Nihal Jain
HBASE-20639.master.002.patch
27/May/18 15:03
15 kB
Nihal Jain

Issue Links

is fixed by

HBASE-22932 Add rs group management methods in Admin and AsyncAdmin

Resolved

Activity

People

Assignee:: Nihal Jain

Reporter:: Ted Yu

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 24/May/18 15:45

Updated:: 19/Apr/23 12:58

Resolved:: 19/Apr/23 12:58