You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by zh...@apache.org on 2018/01/06 03:35:12 UTC
[03/48] hbase git commit: HBASE-19483 Add proper privilege check for
rsgroup commands
http://git-wip-us.apache.org/repos/asf/hbase/blob/fc7736eb/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index 602af91..5a3c883 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -23,7 +23,6 @@ import com.google.protobuf.RpcCallback;
import com.google.protobuf.RpcController;
import com.google.protobuf.Service;
import java.io.IOException;
-import java.net.InetAddress;
import java.security.PrivilegedExceptionAction;
import java.util.ArrayList;
import java.util.Collection;
@@ -96,7 +95,6 @@ import org.apache.hadoop.hbase.filter.FilterList;
import org.apache.hadoop.hbase.io.hfile.HFile;
import org.apache.hadoop.hbase.ipc.CoprocessorRpcUtils;
import org.apache.hadoop.hbase.ipc.RpcServer;
-import org.apache.hadoop.hbase.net.Address;
import org.apache.hadoop.hbase.protobuf.ProtobufUtil;
import org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos;
import org.apache.hadoop.hbase.protobuf.generated.AccessControlProtos.AccessControlService;
@@ -186,10 +184,10 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
private static final String TAG_CHECK_PASSED = "tag_check_passed";
private static final byte[] TRUE = Bytes.toBytes(true);
- TableAuthManager authManager = null;
+ private AccessChecker accessChecker;
/** flags if we are running on a region of the _acl_ table */
- boolean aclRegion = false;
+ private boolean aclRegion = false;
/** defined only for Endpoint implementation, so it can have way to
access region services */
@@ -204,19 +202,19 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
/** Provider for mapping principal names to Users */
private UserProvider userProvider;
- /** if we are active, usually true, only not true if "hbase.security.authorization"
- has been set to false in site configuration */
- boolean authorizationEnabled;
+ /** if we are active, usually false, only true if "hbase.security.authorization"
+ has been set to true in site configuration */
+ private boolean authorizationEnabled;
/** if we are able to support cell ACLs */
- boolean cellFeaturesEnabled;
+ private boolean cellFeaturesEnabled;
/** if we should check EXEC permissions */
- boolean shouldCheckExecPermission;
+ private boolean shouldCheckExecPermission;
/** if we should terminate access checks early as soon as table or CF grants
allow access; pre-0.98 compatible behavior */
- boolean compatibleEarlyTermination;
+ private boolean compatibleEarlyTermination;
/** if we have been successfully initialized */
private volatile boolean initialized = false;
@@ -224,12 +222,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
/** if the ACL table is available, only relevant in the master */
private volatile boolean aclTabAvailable = false;
- public static boolean isAuthorizationSupported(Configuration conf) {
- return conf.getBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true);
- }
-
public static boolean isCellAuthorizationSupported(Configuration conf) {
- return isAuthorizationSupported(conf) &&
+ return AccessChecker.isAuthorizationSupported(conf) &&
(HFile.getFormatVersion(conf) >= HFile.MIN_FORMAT_VERSION_WITH_TAGS);
}
@@ -238,10 +232,10 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
}
public TableAuthManager getAuthManager() {
- return authManager;
+ return accessChecker.getAuthManager();
}
- void initialize(RegionCoprocessorEnvironment e) throws IOException {
+ private void initialize(RegionCoprocessorEnvironment e) throws IOException {
final Region region = e.getRegion();
Configuration conf = e.getConfiguration();
Map<byte[], ListMultimap<String,TablePermission>> tables =
@@ -253,7 +247,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
byte[] entry = t.getKey();
ListMultimap<String,TablePermission> perms = t.getValue();
byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms, conf);
- this.authManager.getZKPermissionWatcher().writeToZookeeper(entry, serialized);
+ getAuthManager().getZKPermissionWatcher().writeToZookeeper(entry, serialized);
}
initialized = true;
}
@@ -263,7 +257,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
* znodes. This is called to synchronize ACL changes following {@code _acl_}
* table updates.
*/
- void updateACL(RegionCoprocessorEnvironment e,
+ private void updateACL(RegionCoprocessorEnvironment e,
final Map<byte[], List<Cell>> familyMap) {
Set<byte[]> entries = new TreeSet<>(Bytes.BYTES_RAWCOMPARATOR);
for (Map.Entry<byte[], List<Cell>> f : familyMap.entrySet()) {
@@ -274,7 +268,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
}
}
}
- ZKPermissionWatcher zkw = this.authManager.getZKPermissionWatcher();
+ ZKPermissionWatcher zkw = getAuthManager().getZKPermissionWatcher();
Configuration conf = regionEnv.getConfiguration();
byte [] currentEntry = null;
// TODO: Here we are already on the ACL region. (And it is single
@@ -312,7 +306,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
* the request
* @return an authorization result
*/
- AuthResult permissionGranted(String request, User user, Action permRequest,
+ private AuthResult permissionGranted(String request, User user, Action permRequest,
RegionCoprocessorEnvironment e,
Map<byte [], ? extends Collection<?>> families) {
RegionInfo hri = e.getRegion().getRegionInfo();
@@ -333,7 +327,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
}
// 2. check for the table-level, if successful we can short-circuit
- if (authManager.authorize(user, tableName, (byte[])null, permRequest)) {
+ if (getAuthManager().authorize(user, tableName, (byte[])null, permRequest)) {
return AuthResult.allow(request, "Table permission granted", user,
permRequest, tableName, families);
}
@@ -343,7 +337,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// all families must pass
for (Map.Entry<byte [], ? extends Collection<?>> family : families.entrySet()) {
// a) check for family level access
- if (authManager.authorize(user, tableName, family.getKey(),
+ if (getAuthManager().authorize(user, tableName, family.getKey(),
permRequest)) {
continue; // family-level permission overrides per-qualifier
}
@@ -354,7 +348,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// for each qualifier of the family
Set<byte[]> familySet = (Set<byte[]>)family.getValue();
for (byte[] qualifier : familySet) {
- if (!authManager.authorize(user, tableName, family.getKey(),
+ if (!getAuthManager().authorize(user, tableName, family.getKey(),
qualifier, permRequest)) {
return AuthResult.deny(request, "Failed qualifier check", user,
permRequest, tableName, makeFamilyMap(family.getKey(), qualifier));
@@ -363,7 +357,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
} else if (family.getValue() instanceof List) { // List<Cell>
List<Cell> cellList = (List<Cell>)family.getValue();
for (Cell cell : cellList) {
- if (!authManager.authorize(user, tableName, family.getKey(),
+ if (!getAuthManager().authorize(user, tableName, family.getKey(),
CellUtil.cloneQualifier(cell), permRequest)) {
return AuthResult.deny(request, "Failed qualifier check", user, permRequest,
tableName, makeFamilyMap(family.getKey(), CellUtil.cloneQualifier(cell)));
@@ -398,7 +392,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
* @param actions the desired actions
* @return an authorization result
*/
- AuthResult permissionGranted(OpType opType, User user, RegionCoprocessorEnvironment e,
+ private AuthResult permissionGranted(OpType opType, User user, RegionCoprocessorEnvironment e,
Map<byte [], ? extends Collection<?>> families, Action... actions) {
AuthResult result = null;
for (Action action: actions) {
@@ -410,241 +404,61 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
return result;
}
- private void logResult(AuthResult result) {
- if (AUDITLOG.isTraceEnabled()) {
- AUDITLOG.trace("Access " + (result.isAllowed() ? "allowed" : "denied") + " for user " +
- (result.getUser() != null ? result.getUser().getShortName() : "UNKNOWN") + "; reason: " +
- result.getReason() + "; remote address: " +
- RpcServer.getRemoteAddress().map(InetAddress::toString).orElse("") + "; request: " +
- result.getRequest() + "; context: " + result.toContextString());
- }
+ public void requireAccess(ObserverContext<?> ctx, String request, TableName tableName,
+ Action... permissions) throws IOException {
+ accessChecker.requireAccess(getActiveUser(ctx), request, tableName, permissions);
}
- /**
- * Returns the active user to which authorization checks should be applied.
- * If we are in the context of an RPC call, the remote user is used,
- * otherwise the currently logged in user is used.
- */
- private User getActiveUser(ObserverContext<?> ctx) throws IOException {
- // for non-rpc handling, fallback to system user
- Optional<User> optionalUser = ctx.getCaller();
- User user;
- if (optionalUser.isPresent()) {
- return optionalUser.get();
- }
- return userProvider.getCurrent();
+ public void requirePermission(ObserverContext<?> ctx, String request,
+ Action perm) throws IOException {
+ accessChecker.requirePermission(getActiveUser(ctx), request, perm);
}
- /**
- * Authorizes that the current user has any of the given permissions for the
- * given table, column family and column qualifier.
- * @param tableName Table requested
- * @param family Column family requested
- * @param qualifier Column qualifier requested
- * @throws IOException if obtaining the current user fails
- * @throws AccessDeniedException if user has no authorization
- */
- private void requirePermission(User user, String request, TableName tableName, byte[] family,
- byte[] qualifier, Action... permissions) throws IOException {
- AuthResult result = null;
-
- for (Action permission : permissions) {
- if (authManager.authorize(user, tableName, family, qualifier, permission)) {
- result = AuthResult.allow(request, "Table permission granted", user,
- permission, tableName, family, qualifier);
- break;
- } else {
- // rest of the world
- result = AuthResult.deny(request, "Insufficient permissions", user,
- permission, tableName, family, qualifier);
- }
- }
- logResult(result);
- if (authorizationEnabled && !result.isAllowed()) {
- throw new AccessDeniedException("Insufficient permissions " + result.toContextString());
- }
+ public void requireGlobalPermission(ObserverContext<?> ctx, String request,
+ Action perm, TableName tableName,
+ Map<byte[], ? extends Collection<byte[]>> familyMap) throws IOException {
+ accessChecker.requireGlobalPermission(getActiveUser(ctx),
+ request, perm,tableName, familyMap);
}
- /**
- * Authorizes that the current user has any of the given permissions for the
- * given table, column family and column qualifier.
- * @param tableName Table requested
- * @param family Column family param
- * @param qualifier Column qualifier param
- * @throws IOException if obtaining the current user fails
- * @throws AccessDeniedException if user has no authorization
- */
- private void requireTablePermission(User user, String request, TableName tableName, byte[] family,
- byte[] qualifier, Action... permissions) throws IOException {
- AuthResult result = null;
-
- for (Action permission : permissions) {
- if (authManager.authorize(user, tableName, null, null, permission)) {
- result = AuthResult.allow(request, "Table permission granted", user,
- permission, tableName, null, null);
- result.getParams().setFamily(family).setQualifier(qualifier);
- break;
- } else {
- // rest of the world
- result = AuthResult.deny(request, "Insufficient permissions", user,
- permission, tableName, family, qualifier);
- result.getParams().setFamily(family).setQualifier(qualifier);
- }
- }
- logResult(result);
- if (authorizationEnabled && !result.isAllowed()) {
- throw new AccessDeniedException("Insufficient permissions " + result.toContextString());
- }
+ public void requireGlobalPermission(ObserverContext<?> ctx, String request,
+ Action perm, String namespace) throws IOException {
+ accessChecker.requireGlobalPermission(getActiveUser(ctx),
+ request, perm, namespace);
}
- /**
- * Authorizes that the current user has any of the given permissions to access the table.
- *
- * @param tableName Table requested
- * @param permissions Actions being requested
- * @throws IOException if obtaining the current user fails
- * @throws AccessDeniedException if user has no authorization
- */
- private void requireAccess(User user, String request, TableName tableName,
+ public void requireNamespacePermission(ObserverContext<?> ctx, String request, String namespace,
Action... permissions) throws IOException {
- AuthResult result = null;
-
- for (Action permission : permissions) {
- if (authManager.hasAccess(user, tableName, permission)) {
- result = AuthResult.allow(request, "Table permission granted", user,
- permission, tableName, null, null);
- break;
- } else {
- // rest of the world
- result = AuthResult.deny(request, "Insufficient permissions", user,
- permission, tableName, null, null);
- }
- }
- logResult(result);
- if (authorizationEnabled && !result.isAllowed()) {
- throw new AccessDeniedException("Insufficient permissions " + result.toContextString());
- }
+ accessChecker.requireNamespacePermission(getActiveUser(ctx),
+ request, namespace, permissions);
}
- /**
- * Authorizes that the current user has global privileges for the given action.
- * @param perm The action being requested
- * @throws IOException if obtaining the current user fails
- * @throws AccessDeniedException if authorization is denied
- */
- private void requirePermission(User user, String request, Action perm) throws IOException {
- requireGlobalPermission(user, request, perm, null, null);
- }
-
- /**
- * Checks that the user has the given global permission. The generated
- * audit log message will contain context information for the operation
- * being authorized, based on the given parameters.
- * @param perm Action being requested
- * @param tableName Affected table name.
- * @param familyMap Affected column families.
- */
- private void requireGlobalPermission(User user, String request, Action perm, TableName tableName,
- Map<byte[], ? extends Collection<byte[]>> familyMap) throws IOException {
- AuthResult result = null;
- if (authManager.authorize(user, perm)) {
- result = AuthResult.allow(request, "Global check allowed", user, perm, tableName, familyMap);
- result.getParams().setTableName(tableName).setFamilies(familyMap);
- logResult(result);
- } else {
- result = AuthResult.deny(request, "Global check failed", user, perm, tableName, familyMap);
- result.getParams().setTableName(tableName).setFamilies(familyMap);
- logResult(result);
- if (authorizationEnabled) {
- throw new AccessDeniedException("Insufficient permissions for user '" +
- (user != null ? user.getShortName() : "null") +"' (global, action=" +
- perm.toString() + ")");
- }
- }
+ public void requireNamespacePermission(ObserverContext<?> ctx, String request, String namespace,
+ TableName tableName, Map<byte[], ? extends Collection<byte[]>> familyMap,
+ Action... permissions) throws IOException {
+ accessChecker.requireNamespacePermission(getActiveUser(ctx),
+ request, namespace, tableName, familyMap,
+ permissions);
}
- /**
- * Checks that the user has the given global permission. The generated
- * audit log message will contain context information for the operation
- * being authorized, based on the given parameters.
- * @param perm Action being requested
- * @param namespace
- */
- private void requireGlobalPermission(User user, String request, Action perm,
- String namespace) throws IOException {
- AuthResult authResult = null;
- if (authManager.authorize(user, perm)) {
- authResult = AuthResult.allow(request, "Global check allowed", user, perm, null);
- authResult.getParams().setNamespace(namespace);
- logResult(authResult);
- } else {
- authResult = AuthResult.deny(request, "Global check failed", user, perm, null);
- authResult.getParams().setNamespace(namespace);
- logResult(authResult);
- if (authorizationEnabled) {
- throw new AccessDeniedException("Insufficient permissions for user '" +
- (user != null ? user.getShortName() : "null") +"' (global, action=" +
- perm.toString() + ")");
- }
- }
+ public void requirePermission(ObserverContext<?> ctx, String request, TableName tableName,
+ byte[] family, byte[] qualifier, Action... permissions) throws IOException {
+ accessChecker.requirePermission(getActiveUser(ctx), request,
+ tableName, family, qualifier, permissions);
}
- /**
- * Checks that the user has the given global or namespace permission.
- * @param namespace
- * @param permissions Actions being requested
- */
- public void requireNamespacePermission(User user, String request, String namespace,
+ public void requireTablePermission(ObserverContext<?> ctx, String request,
+ TableName tableName,byte[] family, byte[] qualifier,
Action... permissions) throws IOException {
- AuthResult result = null;
-
- for (Action permission : permissions) {
- if (authManager.authorize(user, namespace, permission)) {
- result = AuthResult.allow(request, "Namespace permission granted",
- user, permission, namespace);
- break;
- } else {
- // rest of the world
- result = AuthResult.deny(request, "Insufficient permissions", user,
- permission, namespace);
- }
- }
- logResult(result);
- if (authorizationEnabled && !result.isAllowed()) {
- throw new AccessDeniedException("Insufficient permissions "
- + result.toContextString());
- }
+ accessChecker.requireTablePermission(getActiveUser(ctx),
+ request, tableName, family, qualifier, permissions);
}
- /**
- * Checks that the user has the given global or namespace permission.
- * @param namespace
- * @param permissions Actions being requested
- */
- public void requireNamespacePermission(User user, String request, String namespace,
- TableName tableName, Map<byte[], ? extends Collection<byte[]>> familyMap,
- Action... permissions)
+ public void checkLockPermissions(ObserverContext<?> ctx, String namespace,
+ TableName tableName, RegionInfo[] regionInfos, String reason)
throws IOException {
- AuthResult result = null;
-
- for (Action permission : permissions) {
- if (authManager.authorize(user, namespace, permission)) {
- result = AuthResult.allow(request, "Namespace permission granted",
- user, permission, namespace);
- result.getParams().setTableName(tableName).setFamilies(familyMap);
- break;
- } else {
- // rest of the world
- result = AuthResult.deny(request, "Insufficient permissions", user,
- permission, namespace);
- result.getParams().setTableName(tableName).setFamilies(familyMap);
- }
- }
- logResult(result);
- if (authorizationEnabled && !result.isAllowed()) {
- throw new AccessDeniedException("Insufficient permissions "
- + result.toContextString());
- }
+ accessChecker.checkLockPermissions(getActiveUser(ctx),
+ namespace, tableName, regionInfos, reason);
}
/**
@@ -669,13 +483,13 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
familyMap.entrySet()) {
if (family.getValue() != null && !family.getValue().isEmpty()) {
for (byte[] qualifier : family.getValue()) {
- if (authManager.matchPermission(user, tableName,
+ if (getAuthManager().matchPermission(user, tableName,
family.getKey(), qualifier, perm)) {
return true;
}
}
} else {
- if (authManager.matchPermission(user, tableName, family.getKey(),
+ if (getAuthManager().matchPermission(user, tableName, family.getKey(),
perm)) {
return true;
}
@@ -865,7 +679,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
foundColumn = true;
for (Action action: actions) {
// Are there permissions for this user for the cell?
- if (!authManager.authorize(user, getTableName(e), cell, action)) {
+ if (!getAuthManager().authorize(user, getTableName(e), cell, action)) {
// We can stop if the cell ACL denies access
return false;
}
@@ -940,7 +754,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
CompoundConfiguration conf = new CompoundConfiguration();
conf.add(env.getConfiguration());
- authorizationEnabled = isAuthorizationSupported(conf);
+ authorizationEnabled = AccessChecker.isAuthorizationSupported(conf);
if (!authorizationEnabled) {
LOG.warn("The AccessController has been loaded with authorization checks disabled.");
}
@@ -980,27 +794,13 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// set the user-provider.
this.userProvider = UserProvider.instantiate(env.getConfiguration());
-
- // If zk is null or IOException while obtaining auth manager,
- // throw RuntimeException so that the coprocessor is unloaded.
- if (zk != null) {
- try {
- this.authManager = TableAuthManager.getOrCreate(zk, env.getConfiguration());
- } catch (IOException ioe) {
- throw new RuntimeException("Error obtaining TableAuthManager", ioe);
- }
- } else {
- throw new RuntimeException("Error obtaining TableAuthManager, zk found null.");
- }
-
+ accessChecker = new AccessChecker(env.getConfiguration(), zk);
tableAcls = new MapMaker().weakValues().makeMap();
}
@Override
public void stop(CoprocessorEnvironment env) {
- if (this.authManager != null) {
- TableAuthManager.release(authManager);
- }
+ TableAuthManager.release(getAuthManager());
}
/*********************************** Observer/Service Getters ***********************************/
@@ -1045,7 +845,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
for (byte[] family: families) {
familyMap.put(family, null);
}
- requireNamespacePermission(getActiveUser(c), "createTable",
+ requireNamespacePermission(c, "createTable",
desc.getTableName().getNamespaceAsString(), desc.getTableName(), familyMap, Action.CREATE);
}
@@ -1102,8 +902,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preDeleteTable(ObserverContext<MasterCoprocessorEnvironment> c, TableName tableName)
throws IOException {
- requirePermission(getActiveUser(c), "deleteTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "deleteTable",
+ tableName, null, null, Action.ADMIN, Action.CREATE);
}
@Override
@@ -1120,14 +920,14 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
return null;
}
});
- this.authManager.getZKPermissionWatcher().deleteTableACLNode(tableName);
+ getAuthManager().getZKPermissionWatcher().deleteTableACLNode(tableName);
}
@Override
public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c,
final TableName tableName) throws IOException {
- requirePermission(getActiveUser(c), "truncateTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "truncateTable",
+ tableName, null, null, Action.ADMIN, Action.CREATE);
final Configuration conf = c.getEnvironment().getConfiguration();
User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
@@ -1168,8 +968,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
public void preModifyTable(ObserverContext<MasterCoprocessorEnvironment> c, TableName tableName,
TableDescriptor htd) throws IOException {
// TODO: potentially check if this is a add/modify/delete column operation
- requirePermission(getActiveUser(c), "modifyTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "modifyTable",
+ tableName, null, null, Action.ADMIN, Action.CREATE);
}
@Override
@@ -1196,8 +996,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preEnableTable(ObserverContext<MasterCoprocessorEnvironment> c, TableName tableName)
throws IOException {
- requirePermission(getActiveUser(c), "enableTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "enableTable",
+ tableName, null, null, Action.ADMIN, Action.CREATE);
}
@Override
@@ -1211,14 +1011,14 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
throw new AccessDeniedException("Not allowed to disable "
+ AccessControlLists.ACL_TABLE_NAME + " table with AccessController installed");
}
- requirePermission(getActiveUser(c), "disableTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "disableTable",
+ tableName, null, null, Action.ADMIN, Action.CREATE);
}
@Override
public void preAbortProcedure(ObserverContext<MasterCoprocessorEnvironment> ctx,
final long procId) throws IOException {
- requirePermission(getActiveUser(ctx), "abortProcedure", Action.ADMIN);
+ requirePermission(ctx, "abortProcedure", Action.ADMIN);
}
@Override
@@ -1230,74 +1030,73 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preGetProcedures(ObserverContext<MasterCoprocessorEnvironment> ctx)
throws IOException {
- requirePermission(getActiveUser(ctx), "getProcedure", Action.ADMIN);
+ requirePermission(ctx, "getProcedure", Action.ADMIN);
}
@Override
public void preGetLocks(ObserverContext<MasterCoprocessorEnvironment> ctx)
throws IOException {
User user = getActiveUser(ctx);
- requirePermission(user, "getLocks", Action.ADMIN);
+ accessChecker.requirePermission(user, "getLocks", Action.ADMIN);
}
@Override
public void preMove(ObserverContext<MasterCoprocessorEnvironment> c, RegionInfo region,
ServerName srcServer, ServerName destServer) throws IOException {
- requirePermission(getActiveUser(c), "move", region.getTable(), null, null, Action.ADMIN);
+ requirePermission(c, "move",
+ region.getTable(), null, null, Action.ADMIN);
}
@Override
public void preAssign(ObserverContext<MasterCoprocessorEnvironment> c, RegionInfo regionInfo)
throws IOException {
- requirePermission(getActiveUser(c), "assign", regionInfo.getTable(), null, null, Action.ADMIN);
+ requirePermission(c, "assign",
+ regionInfo.getTable(), null, null, Action.ADMIN);
}
@Override
public void preUnassign(ObserverContext<MasterCoprocessorEnvironment> c, RegionInfo regionInfo,
boolean force) throws IOException {
- requirePermission(getActiveUser(c), "unassign", regionInfo.getTable(), null, null, Action.ADMIN);
+ requirePermission(c, "unassign",
+ regionInfo.getTable(), null, null, Action.ADMIN);
}
@Override
public void preRegionOffline(ObserverContext<MasterCoprocessorEnvironment> c,
RegionInfo regionInfo) throws IOException {
- requirePermission(getActiveUser(c), "regionOffline", regionInfo.getTable(), null, null,
- Action.ADMIN);
+ requirePermission(c, "regionOffline",
+ regionInfo.getTable(), null, null, Action.ADMIN);
}
@Override
public void preSetSplitOrMergeEnabled(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final boolean newValue, final MasterSwitchType switchType) throws IOException {
- requirePermission(getActiveUser(ctx), "setSplitOrMergeEnabled", Action.ADMIN);
- }
-
- @Override
- public void postSetSplitOrMergeEnabled(final ObserverContext<MasterCoprocessorEnvironment> ctx,
- final boolean newValue, final MasterSwitchType switchType) throws IOException {
+ requirePermission(ctx, "setSplitOrMergeEnabled",
+ Action.ADMIN);
}
@Override
public void preBalance(ObserverContext<MasterCoprocessorEnvironment> c)
throws IOException {
- requirePermission(getActiveUser(c), "balance", Action.ADMIN);
+ requirePermission(c, "balance", Action.ADMIN);
}
@Override
public void preBalanceSwitch(ObserverContext<MasterCoprocessorEnvironment> c,
boolean newValue) throws IOException {
- requirePermission(getActiveUser(c), "balanceSwitch", Action.ADMIN);
+ requirePermission(c, "balanceSwitch", Action.ADMIN);
}
@Override
public void preShutdown(ObserverContext<MasterCoprocessorEnvironment> c)
throws IOException {
- requirePermission(getActiveUser(c), "shutdown", Action.ADMIN);
+ requirePermission(c, "shutdown", Action.ADMIN);
}
@Override
public void preStopMaster(ObserverContext<MasterCoprocessorEnvironment> c)
throws IOException {
- requirePermission(getActiveUser(c), "stopMaster", Action.ADMIN);
+ requirePermission(c, "stopMaster", Action.ADMIN);
}
@Override
@@ -1335,8 +1134,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
public void preSnapshot(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final SnapshotDescription snapshot, final TableDescriptor hTableDescriptor)
throws IOException {
- requirePermission(getActiveUser(ctx), "snapshot " + snapshot.getName(), hTableDescriptor.getTableName(), null, null,
- Permission.Action.ADMIN);
+ requirePermission(ctx, "snapshot " + snapshot.getName(),
+ hTableDescriptor.getTableName(), null, null, Permission.Action.ADMIN);
}
@Override
@@ -1347,9 +1146,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// list it, if user is the owner of snapshot
AuthResult result = AuthResult.allow("listSnapshot " + snapshot.getName(),
"Snapshot owner check allowed", user, null, null, null);
- logResult(result);
+ AccessChecker.logResult(result);
} else {
- requirePermission(user, "listSnapshot " + snapshot.getName(), Action.ADMIN);
+ accessChecker.requirePermission(user, "listSnapshot " + snapshot.getName(), Action.ADMIN);
}
}
@@ -1363,9 +1162,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// Snapshot owner is allowed to create a table with the same name as the snapshot he took
AuthResult result = AuthResult.allow("cloneSnapshot " + snapshot.getName(),
"Snapshot owner check allowed", user, null, hTableDescriptor.getTableName(), null);
- logResult(result);
+ AccessChecker.logResult(result);
} else {
- requirePermission(user, "cloneSnapshot " + snapshot.getName(), Action.ADMIN);
+ accessChecker.requirePermission(user, "cloneSnapshot " + snapshot.getName(), Action.ADMIN);
}
}
@@ -1375,10 +1174,10 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
throws IOException {
User user = getActiveUser(ctx);
if (SnapshotDescriptionUtils.isSnapshotOwner(snapshot, user)) {
- requirePermission(user, "restoreSnapshot " + snapshot.getName(), hTableDescriptor.getTableName(), null, null,
- Permission.Action.ADMIN);
+ accessChecker.requirePermission(user, "restoreSnapshot " + snapshot.getName(),
+ hTableDescriptor.getTableName(), null, null, Permission.Action.ADMIN);
} else {
- requirePermission(user, "restoreSnapshot " + snapshot.getName(), Action.ADMIN);
+ accessChecker.requirePermission(user, "restoreSnapshot " + snapshot.getName(), Action.ADMIN);
}
}
@@ -1390,22 +1189,24 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// Snapshot owner is allowed to delete the snapshot
AuthResult result = AuthResult.allow("deleteSnapshot " + snapshot.getName(),
"Snapshot owner check allowed", user, null, null, null);
- logResult(result);
+ AccessChecker.logResult(result);
} else {
- requirePermission(user, "deleteSnapshot " + snapshot.getName(), Action.ADMIN);
+ accessChecker.requirePermission(user, "deleteSnapshot " + snapshot.getName(), Action.ADMIN);
}
}
@Override
public void preCreateNamespace(ObserverContext<MasterCoprocessorEnvironment> ctx,
NamespaceDescriptor ns) throws IOException {
- requireGlobalPermission(getActiveUser(ctx), "createNamespace", Action.ADMIN, ns.getName());
+ requireGlobalPermission(ctx, "createNamespace",
+ Action.ADMIN, ns.getName());
}
@Override
public void preDeleteNamespace(ObserverContext<MasterCoprocessorEnvironment> ctx, String namespace)
throws IOException {
- requireGlobalPermission(getActiveUser(ctx), "deleteNamespace", Action.ADMIN, namespace);
+ requireGlobalPermission(ctx, "deleteNamespace",
+ Action.ADMIN, namespace);
}
@Override
@@ -1422,7 +1223,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
return null;
}
});
- this.authManager.getZKPermissionWatcher().deleteNamespaceACLNode(namespace);
+ getAuthManager().getZKPermissionWatcher().deleteNamespaceACLNode(namespace);
LOG.info(namespace + " entry deleted in " + AccessControlLists.ACL_TABLE_NAME + " table.");
}
@@ -1431,13 +1232,15 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
NamespaceDescriptor ns) throws IOException {
// We require only global permission so that
// a user with NS admin cannot altering namespace configurations. i.e. namespace quota
- requireGlobalPermission(getActiveUser(ctx), "modifyNamespace", Action.ADMIN, ns.getName());
+ requireGlobalPermission(ctx, "modifyNamespace",
+ Action.ADMIN, ns.getName());
}
@Override
public void preGetNamespaceDescriptor(ObserverContext<MasterCoprocessorEnvironment> ctx, String namespace)
throws IOException {
- requireNamespacePermission(getActiveUser(ctx), "getNamespaceDescriptor", namespace, Action.ADMIN);
+ requireNamespacePermission(ctx, "getNamespaceDescriptor",
+ namespace, Action.ADMIN);
}
@Override
@@ -1450,7 +1253,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
while (itr.hasNext()) {
NamespaceDescriptor desc = itr.next();
try {
- requireNamespacePermission(user, "listNamespaces", desc.getName(), Action.ADMIN);
+ accessChecker.requireNamespacePermission(user, "listNamespaces",
+ desc.getName(), Action.ADMIN);
} catch (AccessDeniedException e) {
itr.remove();
}
@@ -1460,8 +1264,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preTableFlush(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final TableName tableName) throws IOException {
- requirePermission(getActiveUser(ctx), "flushTable", tableName, null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(ctx, "flushTable", tableName,
+ null, null, Action.ADMIN, Action.CREATE);
}
@Override
@@ -1469,29 +1273,33 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
final ObserverContext<MasterCoprocessorEnvironment> ctx,
final TableName tableName,
final byte[] splitRow) throws IOException {
- requirePermission(getActiveUser(ctx), "split", tableName, null, null, Action.ADMIN);
+ requirePermission(ctx, "split", tableName,
+ null, null, Action.ADMIN);
}
@Override
- public void preClearDeadServers(ObserverContext<MasterCoprocessorEnvironment> ctx) throws IOException {
- requirePermission(getActiveUser(ctx), "clearDeadServers", Action.ADMIN);
+ public void preClearDeadServers(ObserverContext<MasterCoprocessorEnvironment> ctx)
+ throws IOException {
+ requirePermission(ctx, "clearDeadServers", Action.ADMIN);
}
@Override
public void preDecommissionRegionServers(ObserverContext<MasterCoprocessorEnvironment> ctx,
List<ServerName> servers, boolean offload) throws IOException {
- requirePermission(getActiveUser(ctx), "decommissionRegionServers", Action.ADMIN);
+ requirePermission(ctx, "decommissionRegionServers", Action.ADMIN);
}
@Override
- public void preListDecommissionedRegionServers(ObserverContext<MasterCoprocessorEnvironment> ctx) throws IOException {
- requirePermission(getActiveUser(ctx), "listDecommissionedRegionServers", Action.ADMIN);
+ public void preListDecommissionedRegionServers(ObserverContext<MasterCoprocessorEnvironment> ctx)
+ throws IOException {
+ requirePermission(ctx, "listDecommissionedRegionServers",
+ Action.ADMIN);
}
@Override
public void preRecommissionRegionServer(ObserverContext<MasterCoprocessorEnvironment> ctx,
ServerName server, List<byte[]> encodedRegionNames) throws IOException {
- requirePermission(getActiveUser(ctx), "recommissionRegionServers", Action.ADMIN);
+ requirePermission(ctx, "recommissionRegionServers", Action.ADMIN);
}
/* ---- RegionObserver implementation ---- */
@@ -1508,7 +1316,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
if (regionInfo.getTable().isSystemTable()) {
checkSystemOrSuperUser(getActiveUser(c));
} else {
- requirePermission(getActiveUser(c), "preOpen", Action.ADMIN);
+ requirePermission(c, "preOpen", Action.ADMIN);
}
}
}
@@ -1538,16 +1346,16 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preFlush(ObserverContext<RegionCoprocessorEnvironment> c,
FlushLifeCycleTracker tracker) throws IOException {
- requirePermission(getActiveUser(c), "flush", getTableName(c.getEnvironment()), null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "flush", getTableName(c.getEnvironment()),
+ null, null, Action.ADMIN, Action.CREATE);
}
@Override
public InternalScanner preCompact(ObserverContext<RegionCoprocessorEnvironment> c, Store store,
InternalScanner scanner, ScanType scanType, CompactionLifeCycleTracker tracker,
CompactionRequest request) throws IOException {
- requirePermission(getActiveUser(c), "compact", getTableName(c.getEnvironment()), null, null,
- Action.ADMIN, Action.CREATE);
+ requirePermission(c, "compact", getTableName(c.getEnvironment()),
+ null, null, Action.ADMIN, Action.CREATE);
return scanner;
}
@@ -1594,7 +1402,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
authResult.setReason("Access allowed with filter");
// Only wrap the filter if we are enforcing authorizations
if (authorizationEnabled) {
- Filter ourFilter = new AccessControlFilter(authManager, user, table,
+ Filter ourFilter = new AccessControlFilter(getAuthManager(), user, table,
AccessControlFilter.Strategy.CHECK_TABLE_AND_CF_ONLY,
cfVsMaxVersions);
// wrap any existing filter
@@ -1624,7 +1432,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
authResult.setReason("Access allowed with filter");
// Only wrap the filter if we are enforcing authorizations
if (authorizationEnabled) {
- Filter ourFilter = new AccessControlFilter(authManager, user, table,
+ Filter ourFilter = new AccessControlFilter(getAuthManager(), user, table,
AccessControlFilter.Strategy.CHECK_CELL_DEFAULT, cfVsMaxVersions);
// wrap any existing filter
if (filter != null) {
@@ -1646,7 +1454,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
}
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions for user '"
+ (user != null ? user.getShortName() : "null")
@@ -1682,8 +1490,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// security policy over time without requiring expensive updates.
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<Cell>> families = put.getFamilyCellMap();
- AuthResult authResult = permissionGranted(OpType.PUT, user, env, families, Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(OpType.PUT,
+ user, env, families, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
put.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -1727,8 +1536,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<Cell>> families = delete.getFamilyCellMap();
User user = getActiveUser(c);
- AuthResult authResult = permissionGranted(OpType.DELETE, user, env, families, Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(OpType.DELETE,
+ user, env, families, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
delete.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -1766,7 +1576,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
authResult = AuthResult.deny(opType.toString(), "Covering cell set",
user, Action.WRITE, table, m.getFamilyCellMap());
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions "
+ authResult.toContextString());
@@ -1797,9 +1607,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// Require READ and WRITE permissions on the table, CF, and KV to update
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<byte[]>> families = makeFamilyMap(family, qualifier);
- AuthResult authResult = permissionGranted(OpType.CHECK_AND_PUT, user, env, families,
- Action.READ, Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(OpType.CHECK_AND_PUT,
+ user, env, families, Action.READ, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
put.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -1822,10 +1632,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public boolean preCheckAndPutAfterRowLock(final ObserverContext<RegionCoprocessorEnvironment> c,
- final byte[] row, final byte[] family, final byte[] qualifier,
- final CompareOperator opp, final ByteArrayComparable comparator, final Put put,
- final boolean result)
- throws IOException {
+ final byte[] row, final byte[] family, final byte[] qualifier,
+ final CompareOperator opp, final ByteArrayComparable comparator, final Put put,
+ final boolean result) throws IOException {
if (put.getAttribute(CHECK_COVERING_PERM) != null) {
// We had failure with table, cf and q perm checks and now giving a chance for cell
// perm check
@@ -1835,13 +1644,13 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
User user = getActiveUser(c);
if (checkCoveringPermission(user, OpType.CHECK_AND_PUT, c.getEnvironment(), row, families,
HConstants.LATEST_TIMESTAMP, Action.READ)) {
- authResult = AuthResult.allow(OpType.CHECK_AND_PUT.toString(), "Covering cell set",
- user, Action.READ, table, families);
+ authResult = AuthResult.allow(OpType.CHECK_AND_PUT.toString(),
+ "Covering cell set", user, Action.READ, table, families);
} else {
- authResult = AuthResult.deny(OpType.CHECK_AND_PUT.toString(), "Covering cell set",
- user, Action.READ, table, families);
+ authResult = AuthResult.deny(OpType.CHECK_AND_PUT.toString(),
+ "Covering cell set", user, Action.READ, table, families);
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions " + authResult.toContextString());
}
@@ -1865,9 +1674,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<byte[]>> families = makeFamilyMap(family, qualifier);
User user = getActiveUser(c);
- AuthResult authResult = permissionGranted(OpType.CHECK_AND_DELETE, user, env, families,
- Action.READ, Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(
+ OpType.CHECK_AND_DELETE, user, env, families, Action.READ, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
delete.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -1881,8 +1690,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public boolean preCheckAndDeleteAfterRowLock(
- final ObserverContext<RegionCoprocessorEnvironment> c, final byte[] row, final byte[] family,
- final byte[] qualifier, final CompareOperator op,
+ final ObserverContext<RegionCoprocessorEnvironment> c, final byte[] row,
+ final byte[] family, final byte[] qualifier, final CompareOperator op,
final ByteArrayComparable comparator, final Delete delete, final boolean result)
throws IOException {
if (delete.getAttribute(CHECK_COVERING_PERM) != null) {
@@ -1892,15 +1701,15 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
Map<byte[], ? extends Collection<byte[]>> families = makeFamilyMap(family, qualifier);
AuthResult authResult = null;
User user = getActiveUser(c);
- if (checkCoveringPermission(user, OpType.CHECK_AND_DELETE, c.getEnvironment(), row, families,
- HConstants.LATEST_TIMESTAMP, Action.READ)) {
- authResult = AuthResult.allow(OpType.CHECK_AND_DELETE.toString(), "Covering cell set",
- user, Action.READ, table, families);
+ if (checkCoveringPermission(user, OpType.CHECK_AND_DELETE, c.getEnvironment(),
+ row, families, HConstants.LATEST_TIMESTAMP, Action.READ)) {
+ authResult = AuthResult.allow(OpType.CHECK_AND_DELETE.toString(),
+ "Covering cell set", user, Action.READ, table, families);
} else {
- authResult = AuthResult.deny(OpType.CHECK_AND_DELETE.toString(), "Covering cell set",
- user, Action.READ, table, families);
+ authResult = AuthResult.deny(OpType.CHECK_AND_DELETE.toString(),
+ "Covering cell set", user, Action.READ, table, families);
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions " + authResult.toContextString());
}
@@ -1917,8 +1726,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// Require WRITE permission to the table, CF, and the KV to be appended
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<Cell>> families = append.getFamilyCellMap();
- AuthResult authResult = permissionGranted(OpType.APPEND, user, env, families, Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(OpType.APPEND, user,
+ env, families, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
append.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -1951,13 +1761,13 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
User user = getActiveUser(c);
if (checkCoveringPermission(user, OpType.APPEND, c.getEnvironment(), append.getRow(),
append.getFamilyCellMap(), append.getTimeRange().getMax(), Action.WRITE)) {
- authResult = AuthResult.allow(OpType.APPEND.toString(), "Covering cell set",
- user, Action.WRITE, table, append.getFamilyCellMap());
+ authResult = AuthResult.allow(OpType.APPEND.toString(),
+ "Covering cell set", user, Action.WRITE, table, append.getFamilyCellMap());
} else {
- authResult = AuthResult.deny(OpType.APPEND.toString(), "Covering cell set",
- user, Action.WRITE, table, append.getFamilyCellMap());
+ authResult = AuthResult.deny(OpType.APPEND.toString(),
+ "Covering cell set", user, Action.WRITE, table, append.getFamilyCellMap());
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions " +
authResult.toContextString());
@@ -1977,9 +1787,9 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// the incremented value
RegionCoprocessorEnvironment env = c.getEnvironment();
Map<byte[],? extends Collection<Cell>> families = increment.getFamilyCellMap();
- AuthResult authResult = permissionGranted(OpType.INCREMENT, user, env, families,
- Action.WRITE);
- logResult(authResult);
+ AuthResult authResult = permissionGranted(OpType.INCREMENT,
+ user, env, families, Action.WRITE);
+ AccessChecker.logResult(authResult);
if (!authResult.isAllowed()) {
if (cellFeaturesEnabled && !compatibleEarlyTermination) {
increment.setAttribute(CHECK_COVERING_PERM, TRUE);
@@ -2018,7 +1828,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
authResult = AuthResult.deny(OpType.INCREMENT.toString(), "Covering cell set",
user, Action.WRITE, table, increment.getFamilyCellMap());
}
- logResult(authResult);
+ AccessChecker.logResult(authResult);
if (authorizationEnabled && !authResult.isAllowed()) {
throw new AccessDeniedException("Insufficient permissions " +
authResult.toContextString());
@@ -2156,7 +1966,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
List<Pair<byte[], String>> familyPaths) throws IOException {
User user = getActiveUser(ctx);
for(Pair<byte[],String> el : familyPaths) {
- requirePermission(user, "preBulkLoadHFile",
+ accessChecker.requirePermission(user, "preBulkLoadHFile",
ctx.getEnvironment().getRegion().getTableDescriptor().getTableName(),
el.getFirst(),
null,
@@ -2173,7 +1983,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void prePrepareBulkLoad(ObserverContext<RegionCoprocessorEnvironment> ctx)
throws IOException {
- requireAccess(getActiveUser(ctx), "prePrepareBulkLoad",
+ requireAccess(ctx, "prePrepareBulkLoad",
ctx.getEnvironment().getRegion().getTableDescriptor().getTableName(), Action.CREATE);
}
@@ -2186,7 +1996,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preCleanupBulkLoad(ObserverContext<RegionCoprocessorEnvironment> ctx)
throws IOException {
- requireAccess(getActiveUser(ctx), "preCleanupBulkLoad",
+ requireAccess(ctx, "preCleanupBulkLoad",
ctx.getEnvironment().getRegion().getTableDescriptor().getTableName(), Action.CREATE);
}
@@ -2198,7 +2008,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// Don't intercept calls to our own AccessControlService, we check for
// appropriate permissions in the service handlers
if (shouldCheckExecPermission && !(service instanceof AccessControlService)) {
- requirePermission(getActiveUser(ctx),
+ requirePermission(ctx,
"invoke(" + service.getDescriptorForType().getName() + "." + methodName + ")",
getTableName(ctx.getEnvironment()), null, null,
Action.EXEC);
@@ -2215,8 +2025,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void grant(RpcController controller,
- AccessControlProtos.GrantRequest request,
- RpcCallback<AccessControlProtos.GrantResponse> done) {
+ AccessControlProtos.GrantRequest request,
+ RpcCallback<AccessControlProtos.GrantResponse> done) {
final UserPermission perm = AccessControlUtil.toUserPermission(request.getUserPermission());
AccessControlProtos.GrantResponse response = null;
try {
@@ -2233,11 +2043,12 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
switch(request.getUserPermission().getPermission().getType()) {
case Global :
case Table :
- requirePermission(caller, "grant", perm.getTableName(),
+ accessChecker.requirePermission(caller, "grant", perm.getTableName(),
perm.getFamily(), perm.getQualifier(), Action.ADMIN);
break;
case Namespace :
- requireNamespacePermission(caller, "grant", perm.getNamespace(), Action.ADMIN);
+ accessChecker.requireNamespacePermission(caller, "grant", perm.getNamespace(),
+ Action.ADMIN);
break;
}
@@ -2272,8 +2083,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void revoke(RpcController controller,
- AccessControlProtos.RevokeRequest request,
- RpcCallback<AccessControlProtos.RevokeResponse> done) {
+ AccessControlProtos.RevokeRequest request,
+ RpcCallback<AccessControlProtos.RevokeResponse> done) {
final UserPermission perm = AccessControlUtil.toUserPermission(request.getUserPermission());
AccessControlProtos.RevokeResponse response = null;
try {
@@ -2290,11 +2101,12 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
switch(request.getUserPermission().getPermission().getType()) {
case Global :
case Table :
- requirePermission(caller, "revoke", perm.getTableName(), perm.getFamily(),
+ accessChecker.requirePermission(caller, "revoke", perm.getTableName(), perm.getFamily(),
perm.getQualifier(), Action.ADMIN);
break;
case Namespace :
- requireNamespacePermission(caller, "revoke", perm.getNamespace(), Action.ADMIN);
+ accessChecker.requireNamespacePermission(caller, "revoke", perm.getNamespace(),
+ Action.ADMIN);
break;
}
@@ -2328,8 +2140,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void getUserPermissions(RpcController controller,
- AccessControlProtos.GetUserPermissionsRequest request,
- RpcCallback<AccessControlProtos.GetUserPermissionsResponse> done) {
+ AccessControlProtos.GetUserPermissionsRequest request,
+ RpcCallback<AccessControlProtos.GetUserPermissionsResponse> done) {
AccessControlProtos.GetUserPermissionsResponse response = null;
try {
// only allowed to be called on _acl_ region
@@ -2343,7 +2155,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
if (request.getType() == AccessControlProtos.Permission.Type.Table) {
final TableName table = request.hasTableName() ?
ProtobufUtil.toTableName(request.getTableName()) : null;
- requirePermission(caller, "userPermissions", table, null, null, Action.ADMIN);
+ accessChecker.requirePermission(caller, "userPermissions",
+ table, null, null, Action.ADMIN);
perms = User.runAsLoginUser(new PrivilegedExceptionAction<List<UserPermission>>() {
@Override
public List<UserPermission> run() throws Exception {
@@ -2352,7 +2165,8 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
});
} else if (request.getType() == AccessControlProtos.Permission.Type.Namespace) {
final String namespace = request.getNamespaceName().toStringUtf8();
- requireNamespacePermission(caller, "userPermissions", namespace, Action.ADMIN);
+ accessChecker.requireNamespacePermission(caller, "userPermissions",
+ namespace, Action.ADMIN);
perms = User.runAsLoginUser(new PrivilegedExceptionAction<List<UserPermission>>() {
@Override
public List<UserPermission> run() throws Exception {
@@ -2361,7 +2175,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
}
});
} else {
- requirePermission(caller, "userPermissions", Action.ADMIN);
+ accessChecker.requirePermission(caller, "userPermissions", Action.ADMIN);
perms = User.runAsLoginUser(new PrivilegedExceptionAction<List<UserPermission>>() {
@Override
public List<UserPermission> run() throws Exception {
@@ -2426,7 +2240,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
AuthResult result = permissionGranted("checkPermissions", user, action, regionEnv,
familyMap);
- logResult(result);
+ AccessChecker.logResult(result);
if (!result.isAllowed()) {
// Even if passive we need to throw an exception here, we support checking
// effective permissions, so throw unconditionally
@@ -2441,14 +2255,14 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
for (Action action : permission.getActions()) {
AuthResult result;
- if (authManager.authorize(user, action)) {
+ if (getAuthManager().authorize(user, action)) {
result = AuthResult.allow("checkPermissions", "Global action allowed", user,
action, null, null);
} else {
result = AuthResult.deny("checkPermissions", "Global action denied", user, action,
null, null);
}
- logResult(result);
+ AccessChecker.logResult(result);
if (!result.isAllowed()) {
// Even if passive we need to throw an exception here, we support checking
// effective permissions, so throw unconditionally
@@ -2488,7 +2302,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preClose(ObserverContext<RegionCoprocessorEnvironment> c, boolean abortRequested)
throws IOException {
- requirePermission(getActiveUser(c), "preClose", Action.ADMIN);
+ requirePermission(c, "preClose", Action.ADMIN);
}
private void checkSystemOrSuperUser(User activeUser) throws IOException {
@@ -2506,7 +2320,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
public void preStopRegionServer(
ObserverContext<RegionServerCoprocessorEnvironment> ctx)
throws IOException {
- requirePermission(getActiveUser(ctx), "preStopRegionServer", Action.ADMIN);
+ requirePermission(ctx, "preStopRegionServer", Action.ADMIN);
}
private Map<byte[], ? extends Collection<byte[]>> makeFamilyMap(byte[] family,
@@ -2536,7 +2350,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
for (TableName tableName: tableNamesList) {
// Skip checks for a table that does not exist
if (!admin.tableExists(tableName)) continue;
- requirePermission(getActiveUser(ctx), "getTableDescriptors", tableName, null, null,
+ requirePermission(ctx, "getTableDescriptors", tableName, null, null,
Action.ADMIN, Action.CREATE);
}
}
@@ -2558,7 +2372,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
while (itr.hasNext()) {
TableDescriptor htd = itr.next();
try {
- requirePermission(getActiveUser(ctx), "getTableDescriptors", htd.getTableName(), null, null,
+ requirePermission(ctx, "getTableDescriptors", htd.getTableName(), null, null,
Action.ADMIN, Action.CREATE);
} catch (AccessDeniedException e) {
itr.remove();
@@ -2574,7 +2388,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
while (itr.hasNext()) {
TableDescriptor htd = itr.next();
try {
- requireAccess(getActiveUser(ctx), "getTableNames", htd.getTableName(), Action.values());
+ requireAccess(ctx, "getTableNames", htd.getTableName(), Action.values());
} catch (AccessDeniedException e) {
itr.remove();
}
@@ -2584,14 +2398,14 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preMergeRegions(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final RegionInfo[] regionsToMerge) throws IOException {
- requirePermission(getActiveUser(ctx), "mergeRegions", regionsToMerge[0].getTable(), null, null,
+ requirePermission(ctx, "mergeRegions", regionsToMerge[0].getTable(), null, null,
Action.ADMIN);
}
@Override
public void preRollWALWriterRequest(ObserverContext<RegionServerCoprocessorEnvironment> ctx)
throws IOException {
- requirePermission(getActiveUser(ctx), "preRollLogWriterRequest", Permission.Action.ADMIN);
+ requirePermission(ctx, "preRollLogWriterRequest", Permission.Action.ADMIN);
}
@Override
@@ -2601,33 +2415,33 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preSetUserQuota(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final String userName, final GlobalQuotaSettings quotas) throws IOException {
- requirePermission(getActiveUser(ctx), "setUserQuota", Action.ADMIN);
+ requirePermission(ctx, "setUserQuota", Action.ADMIN);
}
@Override
public void preSetUserQuota(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final String userName, final TableName tableName, final GlobalQuotaSettings quotas)
throws IOException {
- requirePermission(getActiveUser(ctx), "setUserTableQuota", tableName, null, null, Action.ADMIN);
+ requirePermission(ctx, "setUserTableQuota", tableName, null, null, Action.ADMIN);
}
@Override
public void preSetUserQuota(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final String userName, final String namespace, final GlobalQuotaSettings quotas)
throws IOException {
- requirePermission(getActiveUser(ctx), "setUserNamespaceQuota", Action.ADMIN);
+ requirePermission(ctx, "setUserNamespaceQuota", Action.ADMIN);
}
@Override
public void preSetTableQuota(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final TableName tableName, final GlobalQuotaSettings quotas) throws IOException {
- requirePermission(getActiveUser(ctx), "setTableQuota", tableName, null, null, Action.ADMIN);
+ requirePermission(ctx, "setTableQuota", tableName, null, null, Action.ADMIN);
}
@Override
public void preSetNamespaceQuota(final ObserverContext<MasterCoprocessorEnvironment> ctx,
final String namespace, final GlobalQuotaSettings quotas) throws IOException {
- requirePermission(getActiveUser(ctx), "setNamespaceQuota", Action.ADMIN);
+ requirePermission(ctx, "setNamespaceQuota", Action.ADMIN);
}
@Override
@@ -2639,98 +2453,56 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
@Override
public void preReplicateLogEntries(ObserverContext<RegionServerCoprocessorEnvironment> ctx)
throws IOException {
- requirePermission(getActiveUser(ctx), "replicateLogEntries", Action.WRITE);
+ requirePermission(ctx, "replicateLogEntries", Action.WRITE);
}
@Override
public void preClearCompactionQueues(ObserverContext<RegionServerCoprocessorEnvironment> ctx)
throws IOException {
- requirePermission(getActiveUser(ctx), "preClearCompactionQueues", Permission.Action.ADMIN);
- }
-
- @Override
- public void preMoveServersAndTables(ObserverContext<MasterCoprocessorEnvironment> ctx,
- Set<Address> servers, Set<TableName> tables, String targetGroup) throws IOException {
- requirePermission(getActiveUser(ctx), "moveServersAndTables", Action.ADMIN);
- }
-
- @Override
- public void preMoveServers(ObserverContext<MasterCoprocessorEnvironment> ctx,
- Set<Address> servers, String targetGroup) throws IOException {
- requirePermission(getActiveUser(ctx), "moveServers", Action.ADMIN);
- }
-
- @Override
- public void preMoveTables(ObserverContext<MasterCoprocessorEnvironment> ctx,
- Set<TableName> tables, String targetGroup) throws IOException {
- requirePermission(getActiveUser(ctx), "moveTables", Action.ADMIN);
- }
-
- @Override
- public void preAddRSGroup(ObserverContext<MasterCoprocessorEnvironment> ctx,
- String name) throws IOException {
- requirePermission(getActiveUser(ctx), "addRSGroup", Action.ADMIN);
- }
-
- @Override
- public void preRemoveRSGroup(ObserverContext<MasterCoprocessorEnvironment> ctx,
- String name) throws IOException {
- requirePermission(getActiveUser(ctx), "removeRSGroup", Action.ADMIN);
- }
-
- @Override
- public void preBalanceRSGroup(ObserverContext<MasterCoprocessorEnvironment> ctx,
- String groupName) throws IOException {
- requirePermission(getActiveUser(ctx), "balanceRSGroup", Action.ADMIN);
- }
-
- @Override
- public void preRemoveServers(ObserverContext<MasterCoprocessorEnvironment> ctx,
- Set<Address> servers) throws IOException {
- requirePermission(getActiveUser(ctx), "removeServers", Action.ADMIN);
+ requirePermission(ctx, "preClearCompactionQueues", Permission.Action.ADMIN);
}
@Override
public void preAddReplicationPeer(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String peerId, ReplicationPeerConfig peerConfig) throws IOException {
- requirePermission(getActiveUser(ctx), "addReplicationPeer", Action.ADMIN);
+ requirePermission(ctx, "addReplicationPeer", Action.ADMIN);
}
@Override
public void preRemoveReplicationPeer(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String peerId) throws IOException {
- requirePermission(getActiveUser(ctx), "removeReplicationPeer", Action.ADMIN);
+ requirePermission(ctx, "removeReplicationPeer", Action.ADMIN);
}
@Override
public void preEnableReplicationPeer(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String peerId) throws IOException {
- requirePermission(getActiveUser(ctx), "enableReplicationPeer", Action.ADMIN);
+ requirePermission(ctx, "enableReplicationPeer", Action.ADMIN);
}
@Override
public void preDisableReplicationPeer(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String peerId) throws IOException {
- requirePermission(getActiveUser(ctx), "disableReplicationPeer", Action.ADMIN);
+ requirePermission(ctx, "disableReplicationPeer", Action.ADMIN);
}
@Override
public void preGetReplicationPeerConfig(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String peerId) throws IOException {
- requirePermission(getActiveUser(ctx), "getReplicationPeerConfig", Action.ADMIN);
+ requirePermission(ctx, "getReplicationPeerConfig", Action.ADMIN);
}
@Override
public void preUpdateReplicationPeerConfig(
final ObserverContext<MasterCoprocessorEnvironment> ctx, String peerId,
ReplicationPeerConfig peerConfig) throws IOException {
- requirePermission(getActiveUser(ctx), "updateReplicationPeerConfig", Action.ADMIN);
+ requirePermission(ctx, "updateReplicationPeerConfig", Action.ADMIN);
}
@Override
public void preListReplicationPeers(final ObserverContext<MasterCoprocessorEnvironment> ctx,
String regex) throws IOException {
- requirePermission(getActiveUser(ctx), "listReplicationPeers", Action.ADMIN);
+ requirePermission(ctx, "listReplicationPeers", Action.ADMIN);
}
@Override
@@ -2740,27 +2512,26 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor,
// There are operations in the CREATE and ADMIN domain which may require lock, READ
// or WRITE. So for any lock request, we check for these two perms irrespective of lock type.
String reason = String.format("Description=%s", description);
- checkLockPermissions(getActiveUser(ctx), namespace, tableName, regionInfos, reason);
+ checkLockPermissions(ctx, namespace, tableName, regionInfos, reason);
}
@Override
public void preLockHeartbeat(ObserverContext<MasterCoprocessorEnvironment> ctx,
TableName tableName, String description) throws IOException {
- checkLockPermissions(getActiveUser(ctx), null, tableName, null, description);
+ checkLockPermissions(ctx, null, tableName, null, description);
}
- private void checkLockPermissions(User user, String namespace,
- TableName tableName, RegionInfo[] regionInfos, String reason)
- throws IOException {
- if (namespace != null && !namespace.isEmpty()) {
- requireNamespacePermission(user, reason, namespace, Action.ADMIN, Action.CREATE);
- } else if (tableName != null || (regionInfos != null && regionInfos.length > 0)) {
- // So, either a table or regions op. If latter, check perms ons table.
- TableName tn = tableName != null? tableName: regionInfos[0].getTable();
- requireTablePermission(user, reason, tn, null, null,
- Action.ADMIN, Action.CREATE);
- } else {
- throw new DoNotRetryIOException("Invalid lock level when requesting permissions.");
+ /**
+ * Returns the active user to which authorization checks should be applied.
+ * If we are in the context of an RPC call, the remote user is used,
+ * otherwise the currently logged in user is used.
+ */
+ public User getActiveUser(ObserverContext<?> ctx) throws IOException {
+ // for non-rpc handling, fallback to system user
+ Optional<User> optionalUser = ctx.getCaller();
+ if (optionalUser.isPresent()) {
+ return optionalUser.get();
}
+ return userProvider.getCurrent();
}
}
http://git-wip-us.apache.org/repos/asf/hbase/blob/fc7736eb/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
index d4b8e58..1ba6029 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
@@ -105,6 +105,7 @@ import org.apache.hadoop.hbase.regionserver.querymatcher.DeleteTracker;
import org.apache.hadoop.hbase.security.AccessDeniedException;
import org.apache.hadoop.hbase.security.Superusers;
import org.apache.hadoop.hbase.security.User;
+import org.apache.hadoop.hbase.security.access.AccessChecker;
import org.apache.hadoop.hbase.security.access.AccessController;
import org.apache.hbase.thirdparty.com.google.common.collect.Lists;
import org.apache.hbase.thirdparty.com.google.common.collect.MapMaker;
@@ -141,8 +142,8 @@ public class VisibilityController implements MasterCoprocessor, RegionCoprocesso
private VisibilityLabelService visibilityLabelService;
- /** if we are active, usually true, only not true if "hbase.security.authorization"
- has been set to false in site configuration */
+ /** if we are active, usually false, only true if "hbase.security.authorization"
+ has been set to true in site configuration */
boolean authorizationEnabled;
// Add to this list if there are any reserved tag types
@@ -153,19 +154,15 @@ public class VisibilityController implements MasterCoprocessor, RegionCoprocesso
RESERVED_VIS_TAG_TYPES.add(TagType.STRING_VIS_TAG_TYPE);
}
- public static boolean isAuthorizationSupported(Configuration conf) {
- return conf.getBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true);
- }
-
public static boolean isCellAuthorizationSupported(Configuration conf) {
- return isAuthorizationSupported(conf);
+ return AccessChecker.isAuthorizationSupported(conf);
}
@Override
public void start(CoprocessorEnvironment env) throws IOException {
this.conf = env.getConfiguration();
- authorizationEnabled = isAuthorizationSupported(conf);
+ authorizationEnabled = AccessChecker.isAuthorizationSupported(conf);
if (!authorizationEnabled) {
LOG.warn("The VisibilityController has been loaded with authorization checks disabled.");
}
http://git-wip-us.apache.org/repos/asf/hbase/blob/fc7736eb/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
index 8bf792b..407ebf9 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/SecureTestUtil.java
@@ -106,6 +106,7 @@ public class SecureTestUtil {
conf.set(CoprocessorHost.REGIONSERVER_COPROCESSOR_CONF_KEY, AccessController.class.getName());
// Need HFile V3 for tags for security features
conf.setInt(HFile.FORMAT_VERSION_KEY, 3);
+ conf.set(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, "true");
configureSuperuser(conf);
}
@@ -129,6 +130,11 @@ public class SecureTestUtil {
if (conf.getInt(HFile.FORMAT_VERSION_KEY, 2) < HFile.MIN_FORMAT_VERSION_WITH_TAGS) {
throw new RuntimeException("Post 0.96 security features require HFile version >= 3");
}
+
+ if (!conf.getBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, false)) {
+ throw new RuntimeException("Post 2.0.0 security features require set "
+ + User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY + " to true");
+ }
}
public static void checkTablePerms(Configuration conf, TableName table, byte[] family, byte[] column,
http://git-wip-us.apache.org/repos/asf/hbase/blob/fc7736eb/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
index 2435532..be1b0e4 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
@@ -2839,81 +2839,6 @@ public class TestAccessController extends SecureTestUtil {
}
@Test
- public void testMoveServers() throws Exception {
- AccessTestAction action1 = new AccessTestAction() {
- @Override
- public Object run() throws Exception {
- ACCESS_CONTROLLER.preMoveServers(ObserverContextImpl.createAndPrepare(CP_ENV),
- null, null);
- return null;
- }
- };
-
- verifyAllowed(action1, SUPERUSER, USER_ADMIN);
- verifyDenied(action1, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
- }
-
- @Test
- public void testMoveTables() throws Exception {
- AccessTestAction action1 = new AccessTestAction() {
- @Override
- public Object run() throws Exception {
- ACCESS_CONTROLLER.preMoveTables(ObserverContextImpl.createAndPrepare(CP_ENV),
- null, null);
- return null;
- }
- };
-
- verifyAllowed(action1, SUPERUSER, USER_ADMIN);
- verifyDenied(action1, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
- }
-
- @Test
- public void testAddGroup() throws Exception {
- AccessTestAction action1 = new AccessTestAction() {
- @Override
- public Object run() throws Exception {
- ACCESS_CONTROLLER.preAddRSGroup(ObserverContextImpl.createAndPrepare(CP_ENV),
- null);
- return null;
- }
- };
-
- verifyAllowed(action1, SUPERUSER, USER_ADMIN);
- verifyDenied(action1, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
- }
-
- @Test
- public void testRemoveGroup() throws Exception {
- AccessTestAction action1 = new AccessTestAction() {
- @Override
- public Object run() throws Exception {
- ACCESS_CONTROLLER.preRemoveRSGroup(ObserverContextImpl.createAndPrepare(CP_ENV),
- null);
- return null;
- }
- };
-
- verifyAllowed(action1, SUPERUSER, USER_ADMIN);
- verifyDenied(action1, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
- }
-
- @Test
- public void testBalanceGroup() throws Exception {
- AccessTestAction action1 = new AccessTestAction() {
- @Override
- public Object run() throws Exception {
- ACCESS_CONTROLLER.preBalanceRSGroup(ObserverContextImpl.createAndPrepare(CP_ENV),
- null);
- return null;
- }
- };
-
- verifyAllowed(action1, SUPERUSER, USER_ADMIN);
- verifyDenied(action1, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER);
- }
-
- @Test
public void testAddReplicationPeer() throws Exception {
AccessTestAction action = new AccessTestAction() {
@Override
http://git-wip-us.apache.org/repos/asf/hbase/blob/fc7736eb/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
index 7dbe256..4e2c4b7 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/VisibilityTestUtil.java
@@ -14,7 +14,7 @@ import java.io.IOException;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
-
+import org.apache.hadoop.hbase.security.User;
/**
* Utility methods for testing visibility labels.
@@ -23,6 +23,7 @@ public class VisibilityTestUtil {
public static void enableVisiblityLabels(Configuration conf) throws IOException {
conf.setInt("hfile.format.version", 3);
+ conf.setBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, true);
appendCoprocessor(conf, CoprocessorHost.MASTER_COPROCESSOR_CONF_KEY,
VisibilityController.class.getName());
appendCoprocessor(conf, CoprocessorHost.REGION_COPROCESSOR_CONF_KEY,