[hbase] branch branch-1 updated: HBASE-24184 Backport HBASE-23896 to branch-1: Snapshot owner cannot delete snapshot when ACL is enabled and Kerberos is not enabled (#1510)

[zg...@apache.org]

This is an automated email from the ASF dual-hosted git repository.

zghao pushed a commit to branch branch-1
in repository https://gitbox.apache.org/repos/asf/hbase.git


The following commit(s) were added to refs/heads/branch-1 by this push:
     new e07aaf7  HBASE-24184 Backport HBASE-23896 to branch-1: Snapshot owner cannot delete snapshot when ACL is enabled and Kerberos is not enabled (#1510)
e07aaf7 is described below

commit e07aaf7fef7113433bdaf400c7b4b4b8280453df
Author: thangTang <ta...@gmail.com>
AuthorDate: Wed Jun 10 16:12:36 2020 +0800

    HBASE-24184 Backport HBASE-23896 to branch-1: Snapshot owner cannot delete snapshot when ACL is enabled and Kerberos is not enabled (#1510)
    
    Signed-off-by: binlijin <bi...@gmail.com>
---
 .../hadoop/hbase/master/snapshot/SnapshotManager.java    |  3 ++-
 .../apache/hadoop/hbase/client/TestSnapshotWithAcl.java  | 16 ++++++++++++++++
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/snapshot/SnapshotManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/snapshot/SnapshotManager.java
index fff0ec9..7d25112 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/snapshot/SnapshotManager.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/snapshot/SnapshotManager.java
@@ -607,7 +607,8 @@ public class SnapshotManager extends MasterProcedureManager implements Stoppable
       builder.setVersion(SnapshotDescriptionUtils.SNAPSHOT_LAYOUT_VERSION);
     }
     User user = RpcServer.getRequestUser();
-    if (User.isHBaseSecurityEnabled(master.getConfiguration()) && user != null) {
+    if (master.getConfiguration().
+      getBoolean(User.HBASE_SECURITY_AUTHORIZATION_CONF_KEY, false) && user != null) {
       builder.setOwner(user.getShortName());
     }
     snapshot = builder.build();
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestSnapshotWithAcl.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestSnapshotWithAcl.java
index b3f137b..9e33965 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestSnapshotWithAcl.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/client/TestSnapshotWithAcl.java
@@ -18,6 +18,8 @@
 
 package org.apache.hadoop.hbase.client;
 
+import static org.junit.Assert.assertNotSame;
+
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.Coprocessor;
 import org.apache.hadoop.hbase.HBaseTestingUtility;
@@ -26,6 +28,7 @@ import org.apache.hadoop.hbase.HTableDescriptor;
 import org.apache.hadoop.hbase.TableName;
 import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
 import org.apache.hadoop.hbase.master.MasterCoprocessorHost;
+import org.apache.hadoop.hbase.protobuf.generated.HBaseProtos;
 import org.apache.hadoop.hbase.security.User;
 import org.apache.hadoop.hbase.security.access.AccessControlConstants;
 import org.apache.hadoop.hbase.security.access.AccessControlLists;
@@ -42,6 +45,7 @@ import org.junit.Test;
 import org.junit.experimental.categories.Category;
 
 import java.io.IOException;
+import java.util.List;
 import java.util.UUID;
 
 @Category(MediumTests.class)
@@ -243,4 +247,16 @@ public class TestSnapshotWithAcl extends SecureTestUtil {
     verifyAllowed(new AccessWriteAction(TEST_TABLE), USER_OWNER, USER_RW);
     verifyDenied(new AccessWriteAction(TEST_TABLE), USER_RO, USER_NONE);
   }
+
+  @Test
+  public void testListSnapshot() throws Exception {
+    String snapshotName1 = UUID.randomUUID().toString();
+    admin.snapshot(snapshotName1, TEST_TABLE);
+    List<HBaseProtos.SnapshotDescription> snapshotDescriptions = admin.listSnapshots();
+    for (HBaseProtos.SnapshotDescription snapshotDescription:
+      snapshotDescriptions) {
+      assertNotSame(snapshotDescription.getOwner(), "");
+    }
+    admin.deleteSnapshot(snapshotName1);
+  }
 }