You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/12/05 00:58:46 UTC

[05/50] [abbrv] git commit: ACCUMULO-1479 added namespace permissions to the zookeeper upgrade part of Master

ACCUMULO-1479 added namespace permissions to the zookeeper upgrade part of Master


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/02374a0e
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/02374a0e
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/02374a0e

Branch: refs/heads/master
Commit: 02374a0e34c053709a76e7eacae5e9979aede737
Parents: 5f4b864
Author: Sean Hickey <ta...@gmail.com>
Authored: Wed Aug 7 13:59:50 2013 -0400
Committer: Christopher Tubbs <ct...@apache.org>
Committed: Wed Dec 4 18:46:10 2013 -0500

----------------------------------------------------------------------
 .../main/java/org/apache/accumulo/master/Master.java   | 13 +++++++++++++
 1 file changed, 13 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/02374a0e/server/master/src/main/java/org/apache/accumulo/master/Master.java
----------------------------------------------------------------------
diff --git a/server/master/src/main/java/org/apache/accumulo/master/Master.java b/server/master/src/main/java/org/apache/accumulo/master/Master.java
index 293dbc9..0d508dd 100644
--- a/server/master/src/main/java/org/apache/accumulo/master/Master.java
+++ b/server/master/src/main/java/org/apache/accumulo/master/Master.java
@@ -78,6 +78,7 @@ import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection.Lo
 import org.apache.accumulo.core.security.Authorizations;
 import org.apache.accumulo.core.security.Credentials;
 import org.apache.accumulo.core.security.SecurityUtil;
+import org.apache.accumulo.core.security.TableNamespacePermission;
 import org.apache.accumulo.core.security.thrift.TCredentials;
 import org.apache.accumulo.core.util.ByteBufferUtil;
 import org.apache.accumulo.core.util.Daemon;
@@ -139,6 +140,7 @@ import org.apache.accumulo.server.master.state.ZooTabletStateStore;
 import org.apache.accumulo.server.security.AuditedSecurityOperation;
 import org.apache.accumulo.server.security.SecurityOperation;
 import org.apache.accumulo.server.security.SystemCredentials;
+import org.apache.accumulo.server.security.handler.ZKPermHandler;
 import org.apache.accumulo.server.tables.TableManager;
 import org.apache.accumulo.server.tables.TableObserver;
 import org.apache.accumulo.server.util.DefaultMap;
@@ -363,6 +365,17 @@ public class Master implements LiveTServerSet.Listener, TableObserver, CurrentSt
                 NodeExistsPolicy.SKIP);
           }
         }
+
+        // add namespace permissions to existing users
+        ZKPermHandler perm = new ZKPermHandler();
+        perm.initialize(instance.getInstanceID(), true);
+        String users = ZooUtil.getRoot(instance) + "/users";
+        for (String user : zoo.getChildren(users)) {
+          zoo.putPersistentData(users + "/" + user + "/Namespaces", new byte[0], NodeExistsPolicy.SKIP);
+          perm.grantTableNamespacePermission(user, Constants.SYSTEM_TABLE_NAMESPACE_ID, TableNamespacePermission.READ);
+        }
+        perm.grantTableNamespacePermission("root", Constants.SYSTEM_TABLE_NAMESPACE_ID, TableNamespacePermission.ALTER_TABLE);
+
       } catch (Exception ex) {
         log.fatal("Error performing upgrade", ex);
         System.exit(1);