You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2012/11/08 02:14:16 UTC

[jira] [Created] (HBASE-7123) Refactor permissionGranted and requirePermission methods

Andrew Purtell created HBASE-7123:
-------------------------------------

             Summary: Refactor permissionGranted and requirePermission methods
                 Key: HBASE-7123
                 URL: https://issues.apache.org/jira/browse/HBASE-7123
             Project: HBase
          Issue Type: Sub-task
            Reporter: Andrew Purtell


The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:

- Code duplication (minor)

- Unused variants (minor)

- Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too.

- Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Assigned] (HBASE-7123) Refactor permissionGranted and requirePermission methods

Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HBASE-7123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell reassigned HBASE-7123:
-------------------------------------

    Assignee: Andrew Purtell
    
> Refactor permissionGranted and requirePermission methods
> --------------------------------------------------------
>
>                 Key: HBASE-7123
>                 URL: https://issues.apache.org/jira/browse/HBASE-7123
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>
> The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:
> - Code duplication (minor)
> - Unused variants (minor)
> - Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.
> - Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (HBASE-7123) Refactor internal methods in AccessController

Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HBASE-7123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell updated HBASE-7123:
----------------------------------

    Description: 
The authorize(), permissionGranted(), and requirePermission() methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:

- Code duplication (minor)

- Unused variants (minor)

- Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.

- Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

  was:
The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:

- Code duplication (minor)

- Unused variants (minor)

- Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.

- Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

    
> Refactor internal methods in AccessController
> ---------------------------------------------
>
>                 Key: HBASE-7123
>                 URL: https://issues.apache.org/jira/browse/HBASE-7123
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>
> The authorize(), permissionGranted(), and requirePermission() methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:
> - Code duplication (minor)
> - Unused variants (minor)
> - Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.
> - Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (HBASE-7123) Refactor internal methods in AccessController

Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HBASE-7123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell updated HBASE-7123:
----------------------------------

    Summary: Refactor internal methods in AccessController  (was: Refactor permissionGranted and requirePermission methods)
    
> Refactor internal methods in AccessController
> ---------------------------------------------
>
>                 Key: HBASE-7123
>                 URL: https://issues.apache.org/jira/browse/HBASE-7123
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>
> The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:
> - Code duplication (minor)
> - Unused variants (minor)
> - Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.
> - Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] [Updated] (HBASE-7123) Refactor permissionGranted and requirePermission methods

Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.

     [ https://issues.apache.org/jira/browse/HBASE-7123?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Andrew Purtell updated HBASE-7123:
----------------------------------

    Description: 
The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:

- Code duplication (minor)

- Unused variants (minor)

- Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.

- Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

  was:
The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:

- Code duplication (minor)

- Unused variants (minor)

- Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too.

- Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

    
> Refactor permissionGranted and requirePermission methods
> --------------------------------------------------------
>
>                 Key: HBASE-7123
>                 URL: https://issues.apache.org/jira/browse/HBASE-7123
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>            Reporter: Andrew Purtell
>
> The permissionGranted and requirePermission methods in AccessController have organically grown as both the HBase client API and the AccessController itself have evolved, and now have several problems:
> - Code duplication (minor)
> - Unused variants (minor)
> - Signatures optimized for checking certain operations that have a familyMap. Unfortunately different operations have different ideas of what type a familyMap should be. This leads to runtime type checking and the need to convert one family map to another (e.g. {{Map<byte[], NavigableMap<byte[],Object>>}} to {{Map<byte[], Set<byte[]>>}} (That kind of conversion code in a hot path hurts to look at.) There are too many Java collection type combinations floating around. Some of this should be approached at the client API level too, for example with HBASE-7114.
> - Only one Permission.Action can be checked at a time. We should really convert these into a bitmap if multiple actions need checking and pass that around instead.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira