diff --git hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java index ac1ee78..4efbe11 100644 --- hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java +++ hbase-client/src/main/java/org/apache/hadoop/hbase/security/visibility/Authorizations.java @@ -32,16 +32,28 @@ import org.apache.hadoop.classification.InterfaceStability; @InterfaceStability.Stable public class Authorizations { + private final String regex = "[A-Za-z_0-9]*"; private List labels; public Authorizations(String... labels) { this.labels = new ArrayList(labels.length); for (String label : labels) { + validateLabel(label); this.labels.add(label); } } + private void validateLabel(String label) { + boolean matches = label.matches(regex); + if (!matches) { + throw new IllegalArgumentException("Authorizations cannot contain '(', ')' ,'&' ,'|', '!'"); + } + } + public Authorizations(List labels) { + for (String label : labels) { + validateLabel(label); + } this.labels = labels; } diff --git hbase-client/src/test/java/org/apache/hadoop/hbase/client/TestScan.java hbase-client/src/test/java/org/apache/hadoop/hbase/client/TestScan.java index 9565764..48354ad 100644 --- hbase-client/src/test/java/org/apache/hadoop/hbase/client/TestScan.java +++ hbase-client/src/test/java/org/apache/hadoop/hbase/client/TestScan.java @@ -19,6 +19,8 @@ package org.apache.hadoop.hbase.client; +import static org.junit.Assert.fail; + import java.io.IOException; import java.util.Arrays; import java.util.Set; @@ -26,6 +28,7 @@ import java.util.Set; import org.apache.hadoop.hbase.SmallTests; import org.apache.hadoop.hbase.protobuf.ProtobufUtil; import org.apache.hadoop.hbase.protobuf.generated.ClientProtos; +import org.apache.hadoop.hbase.security.visibility.Authorizations; import org.apache.hadoop.hbase.util.Bytes; import org.junit.Assert; import org.junit.Test; @@ -107,5 +110,36 @@ public class TestScan { Set qualifiers = scan.getFamilyMap().get(family); Assert.assertEquals(1, qualifiers.size()); } + + @Test + public void testSetAuthorizations() { + Scan scan = new Scan(); + scan.setAuthorizations(new Authorizations("A", "B", "0123", "A0", "1A1", "_a")); + try { + scan.setAuthorizations(new Authorizations("A|B")); + fail("Should have failed for A|B."); + } catch (IllegalArgumentException e) { + } + try { + scan.setAuthorizations(new Authorizations("A&B")); + fail("Should have failed for A&B."); + } catch (IllegalArgumentException e) { + } + try { + scan.setAuthorizations(new Authorizations("!B")); + fail("Should have failed for !B."); + } catch (IllegalArgumentException e) { + } + try { + scan.setAuthorizations(new Authorizations("A", "(A)")); + fail("Should have failed for (A)."); + } catch (IllegalArgumentException e) { + } + try { + scan.setAuthorizations(new Authorizations("A", "{A")); + fail("Should have failed for {A."); + } catch (IllegalArgumentException e) { + } + } }