.../org/apache/hadoop/hbase/HColumnDescriptor.java | 4 ++ .../org/apache/hadoop/hbase/client/Mutation.java | 7 ++++ .../java/org/apache/hadoop/hbase/client/Query.java | 5 +++ .../mapreduce/VisibilityExpressionResolver.java | 2 +- .../visibility/VisibilityExpEvaluator.java | 2 +- .../visibility/VisibilityLabelService.java | 2 +- src/main/docbkx/security.xml | 2 +- src/main/docbkx/upgrading.xml | 49 ++++++++++++++++++++++ 8 files changed, 69 insertions(+), 4 deletions(-) diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/HColumnDescriptor.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/HColumnDescriptor.java index 401e0da..a0bde65 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/HColumnDescriptor.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/HColumnDescriptor.java @@ -1438,6 +1438,7 @@ public class HColumnDescriptor implements WritableComparable /** * Return the encryption algorithm in use by this family */ + @InterfaceStability.Unstable public String getEncryptionType() { return getValue(ENCRYPTION); } @@ -1446,17 +1447,20 @@ public class HColumnDescriptor implements WritableComparable * Set the encryption algorithm for use with this family * @param algorithm */ + @InterfaceStability.Unstable public HColumnDescriptor setEncryptionType(String algorithm) { setValue(ENCRYPTION, algorithm); return this; } /** Return the raw crypto key attribute for the family, or null if not set */ + @InterfaceStability.Unstable public byte[] getEncryptionKey() { return getValue(Bytes.toBytes(ENCRYPTION_KEY)); } /** Set the raw crypto key attribute for the family */ + @InterfaceStability.Unstable public HColumnDescriptor setEncryptionKey(byte[] keyBytes) { setValue(Bytes.toBytes(ENCRYPTION_KEY), keyBytes); return this; diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Mutation.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Mutation.java index dbc1317..b5a7c65 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Mutation.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Mutation.java @@ -385,6 +385,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C * It is illegal to set CellVisibility on Delete mutation. * @param expression */ + @InterfaceStability.Unstable public Mutation setCellVisibility(CellVisibility expression) { this.setAttribute(VisibilityConstants.VISIBILITY_LABELS_ATTR_KEY, ProtobufUtil .toCellVisibility(expression).toByteArray()); @@ -395,6 +396,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C * @return CellVisibility associated with cells in this Mutation. * @throws DeserializationException */ + @InterfaceStability.Unstable public CellVisibility getCellVisibility() throws DeserializationException { byte[] cellVisibilityBytes = this.getAttribute(VisibilityConstants.VISIBILITY_LABELS_ATTR_KEY); if (cellVisibilityBytes == null) return null; @@ -457,6 +459,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C /** * @return The serialized ACL for this operation, or null if none */ + @InterfaceStability.Unstable public byte[] getACL() { return getAttribute(AccessControlConstants.OP_ATTRIBUTE_ACL); } @@ -465,6 +468,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C * @param user User short name * @param perms Permissions for the user */ + @InterfaceStability.Unstable public Mutation setACL(String user, Permission perms) { setAttribute(AccessControlConstants.OP_ATTRIBUTE_ACL, ProtobufUtil.toUsersAndPermissions(user, perms).toByteArray()); @@ -474,6 +478,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C /** * @param perms A map of permissions for a user or users */ + @InterfaceStability.Unstable public Mutation setACL(Map perms) { ListMultimap permMap = ArrayListMultimap.create(); for (Map.Entry entry : perms.entrySet()) { @@ -489,6 +494,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C * @return the TTL requested for the result of the mutation, in milliseconds, * or Long.MAX_VALUE if unset */ + @InterfaceStability.Unstable public long getTTL() { byte[] ttlBytes = getAttribute(OP_ATTRIBUTE_TTL); if (ttlBytes != null) { @@ -502,6 +508,7 @@ public abstract class Mutation extends OperationWithAttributes implements Row, C * @param ttl the TTL desired for the result of the mutation, in milliseconds * @return this */ + @InterfaceStability.Unstable public Mutation setTTL(long ttl) { setAttribute(OP_ATTRIBUTE_TTL, Bytes.toBytes(ttl)); return this; diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Query.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Query.java index 26e36e5..5fdd781 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Query.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Query.java @@ -62,6 +62,7 @@ public abstract class Query extends OperationWithAttributes { * Sets the authorizations to be used by this Query * @param authorizations */ + @InterfaceStability.Unstable public Query setAuthorizations(Authorizations authorizations) { this.setAttribute(VisibilityConstants.VISIBILITY_LABELS_ATTR_KEY, ProtobufUtil .toAuthorizations(authorizations).toByteArray()); @@ -72,6 +73,7 @@ public abstract class Query extends OperationWithAttributes { * @return The authorizations this Query is associated with. * @throws DeserializationException */ + @InterfaceStability.Unstable public Authorizations getAuthorizations() throws DeserializationException { byte[] authorizationsBytes = this.getAttribute(VisibilityConstants.VISIBILITY_LABELS_ATTR_KEY); if (authorizationsBytes == null) return null; @@ -81,6 +83,7 @@ public abstract class Query extends OperationWithAttributes { /** * @return The serialized ACL for this operation, or null if none */ + @InterfaceStability.Unstable public byte[] getACL() { return getAttribute(AccessControlConstants.OP_ATTRIBUTE_ACL); } @@ -89,6 +92,7 @@ public abstract class Query extends OperationWithAttributes { * @param user User short name * @param perms Permissions for the user */ + @InterfaceStability.Unstable public Query setACL(String user, Permission perms) { setAttribute(AccessControlConstants.OP_ATTRIBUTE_ACL, ProtobufUtil.toUsersAndPermissions(user, perms).toByteArray()); @@ -98,6 +102,7 @@ public abstract class Query extends OperationWithAttributes { /** * @param perms A map of permissions for a user or users */ + @InterfaceStability.Unstable public Query setACL(Map perms) { ListMultimap permMap = ArrayListMultimap.create(); for (Map.Entry entry : perms.entrySet()) { diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/mapreduce/VisibilityExpressionResolver.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/mapreduce/VisibilityExpressionResolver.java index 48d7708..b7a02c7 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/mapreduce/VisibilityExpressionResolver.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/mapreduce/VisibilityExpressionResolver.java @@ -29,7 +29,7 @@ import org.apache.hadoop.hbase.Tag; * Interface to convert visibility expressions into Tags for storing along with Cells in HFiles. */ @InterfaceAudience.Public -@InterfaceStability.Evolving +@InterfaceStability.Unstable public interface VisibilityExpressionResolver extends Configurable { /** diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityExpEvaluator.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityExpEvaluator.java index a720127..8fcffa9 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityExpEvaluator.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityExpEvaluator.java @@ -30,7 +30,7 @@ import org.apache.hadoop.hbase.Cell; * read results. */ @InterfaceAudience.Public -@InterfaceStability.Evolving +@InterfaceStability.Unstable public interface VisibilityExpEvaluator { /** diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelService.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelService.java index e01f986..3a1d036 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelService.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelService.java @@ -34,7 +34,7 @@ import org.apache.hadoop.hbase.security.User; * visibility expression storage part and read time evaluation. */ @InterfaceAudience.Public -@InterfaceStability.Evolving +@InterfaceStability.Unstable public interface VisibilityLabelService extends Configurable { /** diff --git a/src/main/docbkx/security.xml b/src/main/docbkx/security.xml index d649f95..d8a98df 100644 --- a/src/main/docbkx/security.xml +++ b/src/main/docbkx/security.xml @@ -1111,7 +1111,7 @@ public static void verifyAllowed(User user, AccessTestAction action, int count) -
+
Visibility Labels Visibility labels control can be used to only permit users or principals associated with a given label to read or access cells with that label. For instance, you might label a cell diff --git a/src/main/docbkx/upgrading.xml b/src/main/docbkx/upgrading.xml index d5708a4..01abd47 100644 --- a/src/main/docbkx/upgrading.xml +++ b/src/main/docbkx/upgrading.xml @@ -405,6 +405,55 @@ HBASE-12577 Disable distributed log replay by default for more).
+
HFile V3 dependent features + + Since the HFileV3 dependent features are considered experimental in 0.98 there could be API changes in the user facing interfaces and APIs like + The VisibilityLabelService interface which is used to control the way visibility labels are stored in cells may have some API changes. + getAuths(byte[] user, boolean systemCall) throws IOException; +boolean havingSystemAuth(byte[] user) throws IOException; +}]]> + + The above APIs have been deprecated. + + + The client APIs related to features like Cell level ACL, Visibility tags, TTL, HFile Encryption are all marked + Unstable to indicate that either the APIs/feature may undergo changes in the future major versions of HBase. + + APIs in Mutation.java related to cell level ACL, cell level visibility labels, per cell TTL + + perms); +public byte[] getACL(); +public Mutation setTTL(long ttl); +public long getTTL(); +public Mutation setCellVisibility(CellVisibility expression); +public CellVisibility getCellVisibility(); +}]]> + + + APIs in HColumnDescriptor.java related to HFile Encryption + + + + + APIs in Query.java related to cell level ACL, cell level visibility labels + + perms); +public byte[] getACL(); +}]]> + +
Rolling upgrade from 0.98.x to HBase 1.0.0