You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by zh...@apache.org on 2018/01/02 02:01:21 UTC
[27/51] [abbrv] hbase git commit: HBASE-19678 HBase Admin security
capabilities should be represented as a Set - revert due to wrong issue
HBASE-19678 HBase Admin security capabilities should be represented as a Set - revert due to wrong issue
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/73ab51e9
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/73ab51e9
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/73ab51e9
Branch: refs/heads/HBASE-19397
Commit: 73ab51e9460f369abcaf52fa85258781f8a9a30e
Parents: cafd4e4
Author: tedyu <yu...@gmail.com>
Authored: Mon Jan 1 14:16:01 2018 -0800
Committer: tedyu <yu...@gmail.com>
Committed: Mon Jan 1 14:16:01 2018 -0800
----------------------------------------------------------------------
.../hadoop/hbase/security/Superusers.java | 25 ++++++++++----------
.../security/access/TestAccessController.java | 3 +--
2 files changed, 14 insertions(+), 14 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/73ab51e9/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
index 1089197..c52c764 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
@@ -20,9 +20,8 @@
package org.apache.hadoop.hbase.security;
import java.io.IOException;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Set;
+import java.util.ArrayList;
+import java.util.List;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.AuthUtil;
@@ -41,8 +40,8 @@ public final class Superusers {
/** Configuration key for superusers */
public static final String SUPERUSER_CONF_KEY = "hbase.superuser"; // Not getting a name
- private static Set<String> superUsers;
- private static Set<String> superGroups;
+ private static List<String> superUsers;
+ private static List<String> superGroups;
private static User systemUser;
private Superusers(){}
@@ -55,8 +54,8 @@ public final class Superusers {
* @throws IllegalStateException if current user is null
*/
public static void initialize(Configuration conf) throws IOException {
- superUsers = new HashSet<>();
- superGroups = new HashSet<>();
+ superUsers = new ArrayList<>();
+ superGroups = new ArrayList<>();
systemUser = User.getCurrent();
if (systemUser == null) {
@@ -64,10 +63,10 @@ public final class Superusers {
+ "authorization checks for internal operations will not work correctly!");
}
+ if (LOG.isTraceEnabled()) {
+ LOG.trace("Current user name is " + systemUser.getShortName());
+ }
String currentUser = systemUser.getShortName();
- LOG.trace("Current user name is {}", currentUser);
- superUsers.add(currentUser);
-
String[] superUserList = conf.getStrings(SUPERUSER_CONF_KEY, new String[0]);
for (String name : superUserList) {
if (AuthUtil.isGroupPrincipal(name)) {
@@ -76,6 +75,7 @@ public final class Superusers {
superUsers.add(name);
}
}
+ superUsers.add(currentUser);
}
/**
@@ -88,11 +88,12 @@ public final class Superusers {
public static boolean isSuperUser(User user) {
if (superUsers == null) {
throw new IllegalStateException("Super users/super groups lists"
- + " have not been initialized properly.");
+ + " haven't been initialized properly.");
}
if (superUsers.contains(user.getShortName())) {
return true;
}
+
for (String group : user.getGroupNames()) {
if (superGroups.contains(group)) {
return true;
@@ -101,7 +102,7 @@ public final class Superusers {
return false;
}
- public static Collection<String> getSuperUsers() {
+ public static List<String> getSuperUsers() {
return superUsers;
}
http://git-wip-us.apache.org/repos/asf/hbase/blob/73ab51e9/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
index f181747..138a40e 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
@@ -34,7 +34,6 @@ import java.io.IOException;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
-import java.util.Collection;
import java.util.Collections;
import java.util.List;
@@ -1678,7 +1677,7 @@ public class TestAccessController extends SecureTestUtil {
acl.close();
}
- Collection<String> superUsers = Superusers.getSuperUsers();
+ List<String> superUsers = Superusers.getSuperUsers();
List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);
adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),
AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));