You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by zh...@apache.org on 2018/01/02 02:01:21 UTC

[27/51] [abbrv] hbase git commit: HBASE-19678 HBase Admin security capabilities should be represented as a Set - revert due to wrong issue

HBASE-19678 HBase Admin security capabilities should be represented as a Set - revert due to wrong issue


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/73ab51e9
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/73ab51e9
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/73ab51e9

Branch: refs/heads/HBASE-19397
Commit: 73ab51e9460f369abcaf52fa85258781f8a9a30e
Parents: cafd4e4
Author: tedyu <yu...@gmail.com>
Authored: Mon Jan 1 14:16:01 2018 -0800
Committer: tedyu <yu...@gmail.com>
Committed: Mon Jan 1 14:16:01 2018 -0800

----------------------------------------------------------------------
 .../hadoop/hbase/security/Superusers.java       | 25 ++++++++++----------
 .../security/access/TestAccessController.java   |  3 +--
 2 files changed, 14 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/73ab51e9/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
index 1089197..c52c764 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
@@ -20,9 +20,8 @@
 package org.apache.hadoop.hbase.security;
 
 import java.io.IOException;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
 
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.AuthUtil;
@@ -41,8 +40,8 @@ public final class Superusers {
   /** Configuration key for superusers */
   public static final String SUPERUSER_CONF_KEY = "hbase.superuser"; // Not getting a name
 
-  private static Set<String> superUsers;
-  private static Set<String> superGroups;
+  private static List<String> superUsers;
+  private static List<String> superGroups;
   private static User systemUser;
 
   private Superusers(){}
@@ -55,8 +54,8 @@ public final class Superusers {
    * @throws IllegalStateException if current user is null
    */
   public static void initialize(Configuration conf) throws IOException {
-    superUsers = new HashSet<>();
-    superGroups = new HashSet<>();
+    superUsers = new ArrayList<>();
+    superGroups = new ArrayList<>();
     systemUser = User.getCurrent();
 
     if (systemUser == null) {
@@ -64,10 +63,10 @@ public final class Superusers {
         + "authorization checks for internal operations will not work correctly!");
     }
 
+    if (LOG.isTraceEnabled()) {
+      LOG.trace("Current user name is " + systemUser.getShortName());
+    }
     String currentUser = systemUser.getShortName();
-    LOG.trace("Current user name is {}", currentUser);
-    superUsers.add(currentUser);
-
     String[] superUserList = conf.getStrings(SUPERUSER_CONF_KEY, new String[0]);
     for (String name : superUserList) {
       if (AuthUtil.isGroupPrincipal(name)) {
@@ -76,6 +75,7 @@ public final class Superusers {
         superUsers.add(name);
       }
     }
+    superUsers.add(currentUser);
   }
 
   /**
@@ -88,11 +88,12 @@ public final class Superusers {
   public static boolean isSuperUser(User user) {
     if (superUsers == null) {
       throw new IllegalStateException("Super users/super groups lists"
-        + " have not been initialized properly.");
+        + " haven't been initialized properly.");
     }
     if (superUsers.contains(user.getShortName())) {
       return true;
     }
+
     for (String group : user.getGroupNames()) {
       if (superGroups.contains(group)) {
         return true;
@@ -101,7 +102,7 @@ public final class Superusers {
     return false;
   }
 
-  public static Collection<String> getSuperUsers() {
+  public static List<String> getSuperUsers() {
     return superUsers;
   }
 

http://git-wip-us.apache.org/repos/asf/hbase/blob/73ab51e9/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
index f181747..138a40e 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
@@ -34,7 +34,6 @@ import java.io.IOException;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 
@@ -1678,7 +1677,7 @@ public class TestAccessController extends SecureTestUtil {
       acl.close();
     }
 
-    Collection<String> superUsers = Superusers.getSuperUsers();
+    List<String> superUsers = Superusers.getSuperUsers();
     List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);
     adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),
       AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));