You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by kt...@apache.org on 2012/01/10 01:38:53 UTC
svn commit: r1229428 - in /incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server: master/Master.java security/Auditor.java security/Authenticator.java security/ZKAuthenticator.java

Author: kturner
Date: Tue Jan 10 00:38:53 2012
New Revision: 1229428

URL: http://svn.apache.org/viewvc?rev=1229428&view=rev
Log:
ACCUMULO-297 cleared master permission/authenticaction zoocache before doing checks against it

Modified:
    incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
    incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java
    incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java
    incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java

Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/master/Master.java Tue Jan 10 00:38:53 2012
@@ -516,6 +516,8 @@ public class Master implements LiveTServ
   
   private boolean check(AuthInfo credentials, SystemPermission permission) throws ThriftSecurityException {
     try {
+      // clear the cache so the check is done using current info
+      authenticator.clearCache(credentials.user);
       return authenticator.hasSystemPermission(credentials, credentials.user, permission);
     } catch (AccumuloSecurityException e) {
       throw e.asThriftException();
@@ -524,6 +526,8 @@ public class Master implements LiveTServ
   
   private boolean check(AuthInfo credentials, String tableId, TablePermission permission) throws ThriftSecurityException {
     try {
+      // clear the cache so the check is done using current info
+      authenticator.clearCache(credentials.user, tableId);
       return authenticator.hasTablePermission(credentials, credentials.user, tableId, permission);
     } catch (AccumuloSecurityException e) {
       throw e.asThriftException();

Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Auditor.java Tue Jan 10 00:38:53 2012
@@ -221,4 +221,14 @@ public class Auditor implements Authenti
       throw ex;
     }
   }
+  
+  @Override
+  public void clearCache(String user) {
+    impl.clearCache(user);
+  }
+  
+  @Override
+  public void clearCache(String user, String tableId) {
+    impl.clearCache(user, tableId);
+  }
 }

Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/Authenticator.java Tue Jan 10 00:38:53 2012
@@ -57,4 +57,8 @@ public interface Authenticator {
   public void revokeTablePermission(AuthInfo credentials, String user, String table, TablePermission permission) throws AccumuloSecurityException;
   
   public void deleteTable(AuthInfo credentials, String table) throws AccumuloSecurityException;
+  
+  public void clearCache(String user);
+  
+  public void clearCache(String user, String tableId);
 }

Modified: incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java
URL: http://svn.apache.org/viewvc/incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java?rev=1229428&r1=1229427&r2=1229428&view=diff
==============================================================================
--- incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java (original)
+++ incubator/accumulo/branches/1.4/src/server/src/main/java/org/apache/accumulo/server/security/ZKAuthenticator.java Tue Jan 10 00:38:53 2012
@@ -683,4 +683,14 @@ public final class ZKAuthenticator imple
       return toReturn;
     }
   }
+  
+  @Override
+  public void clearCache(String user) {
+    zooCache.clear(ZKUserPath + "/" + user);
+  }
+  
+  @Override
+  public void clearCache(String user, String tableId) {
+    zooCache.clear(ZKUserPath + "/" + user + ZKUserTablePerms + "/" + tableId);
+  }
 }