You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2013/12/05 00:58:46 UTC
[05/50] [abbrv] git commit: ACCUMULO-1479 added namespace permissions
to the zookeeper upgrade part of Master
ACCUMULO-1479 added namespace permissions to the zookeeper upgrade part of Master
Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/02374a0e
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/02374a0e
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/02374a0e
Branch: refs/heads/master
Commit: 02374a0e34c053709a76e7eacae5e9979aede737
Parents: 5f4b864
Author: Sean Hickey <ta...@gmail.com>
Authored: Wed Aug 7 13:59:50 2013 -0400
Committer: Christopher Tubbs <ct...@apache.org>
Committed: Wed Dec 4 18:46:10 2013 -0500
----------------------------------------------------------------------
.../main/java/org/apache/accumulo/master/Master.java | 13 +++++++++++++
1 file changed, 13 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/accumulo/blob/02374a0e/server/master/src/main/java/org/apache/accumulo/master/Master.java
----------------------------------------------------------------------
diff --git a/server/master/src/main/java/org/apache/accumulo/master/Master.java b/server/master/src/main/java/org/apache/accumulo/master/Master.java
index 293dbc9..0d508dd 100644
--- a/server/master/src/main/java/org/apache/accumulo/master/Master.java
+++ b/server/master/src/main/java/org/apache/accumulo/master/Master.java
@@ -78,6 +78,7 @@ import org.apache.accumulo.core.metadata.schema.MetadataSchema.TabletsSection.Lo
import org.apache.accumulo.core.security.Authorizations;
import org.apache.accumulo.core.security.Credentials;
import org.apache.accumulo.core.security.SecurityUtil;
+import org.apache.accumulo.core.security.TableNamespacePermission;
import org.apache.accumulo.core.security.thrift.TCredentials;
import org.apache.accumulo.core.util.ByteBufferUtil;
import org.apache.accumulo.core.util.Daemon;
@@ -139,6 +140,7 @@ import org.apache.accumulo.server.master.state.ZooTabletStateStore;
import org.apache.accumulo.server.security.AuditedSecurityOperation;
import org.apache.accumulo.server.security.SecurityOperation;
import org.apache.accumulo.server.security.SystemCredentials;
+import org.apache.accumulo.server.security.handler.ZKPermHandler;
import org.apache.accumulo.server.tables.TableManager;
import org.apache.accumulo.server.tables.TableObserver;
import org.apache.accumulo.server.util.DefaultMap;
@@ -363,6 +365,17 @@ public class Master implements LiveTServerSet.Listener, TableObserver, CurrentSt
NodeExistsPolicy.SKIP);
}
}
+
+ // add namespace permissions to existing users
+ ZKPermHandler perm = new ZKPermHandler();
+ perm.initialize(instance.getInstanceID(), true);
+ String users = ZooUtil.getRoot(instance) + "/users";
+ for (String user : zoo.getChildren(users)) {
+ zoo.putPersistentData(users + "/" + user + "/Namespaces", new byte[0], NodeExistsPolicy.SKIP);
+ perm.grantTableNamespacePermission(user, Constants.SYSTEM_TABLE_NAMESPACE_ID, TableNamespacePermission.READ);
+ }
+ perm.grantTableNamespacePermission("root", Constants.SYSTEM_TABLE_NAMESPACE_ID, TableNamespacePermission.ALTER_TABLE);
+
} catch (Exception ex) {
log.fatal("Error performing upgrade", ex);
System.exit(1);