You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by GitBox <gi...@apache.org> on 2020/12/23 15:15:17 UTC

[GitHub] [hbase] lujiefsi edited a comment on pull request #2809: HBASE-25432:add security checks for setTableStateInMeta and fixMeta

lujiefsi edited a comment on pull request #2809:
URL: https://github.com/apache/hbase/pull/2809#issuecomment-750342006


   @virajjasani 
   I will add a test case, but i find that there maybe a bug in RPC for test, i will figure it out and push later.
   
   `  public void testUnauthorizedSetTableStateInMeta() throws Exception {
       AccessTestAction action = new AccessTestAction() {
         @Override public Object run() throws Exception {
           Hbck hbck = TEST_UTIL.getHbck();
           hbck.setTableStateInMeta(new TableState(TEST_TABLE, TableState.State.DISABLED));
           return null;
         }
       };
   
       verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,
           USER_GROUP_WRITE, USER_GROUP_CREATE);
     }`
   Above code is the test code, but i found that RPCServe still use admin user 
   `  protected void requirePermission(String request, Permission.Action perm) throws IOException {
       if (accessChecker != null) {
         accessChecker.requirePermission(RpcServer.getRequestUser().orElse(null), request, null, perm);
       }
     }`
   RpcServer.getRequestUser().orElse(null) returns admin user, not non-admin user.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org