You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by mb...@apache.org on 2014/10/22 11:48:30 UTC
[2/3] git commit: HBASE-12301 user_permission command does not show
global permissions
HBASE-12301 user_permission command does not show global permissions
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/4f32987d
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/4f32987d
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/4f32987d
Branch: refs/heads/branch-1
Commit: 4f32987de786d6e56d0eb8b90f37179216c39a91
Parents: ab816ea
Author: Matteo Bertozzi <ma...@cloudera.com>
Authored: Wed Oct 22 10:08:31 2014 +0100
Committer: Matteo Bertozzi <ma...@cloudera.com>
Committed: Wed Oct 22 10:13:46 2014 +0100
----------------------------------------------------------------------
.../apache/hadoop/hbase/protobuf/ProtobufUtil.java | 6 +++---
.../hbase/security/access/AccessControlClient.java | 17 ++++++-----------
.../hbase/security/access/AccessControlLists.java | 4 ++--
hbase-shell/src/main/ruby/hbase/security.rb | 4 ++--
.../main/ruby/shell/commands/user_permission.rb | 2 +-
5 files changed, 14 insertions(+), 19 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/4f32987d/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
index 9152e38..d8db312 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
@@ -2278,7 +2278,7 @@ public final class ProtobufUtil {
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
AccessControlProtos.GetUserPermissionsResponse response =
protocol.getUserPermissions(null, request);
- List<UserPermission> perms = new ArrayList<UserPermission>();
+ List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
perms.add(ProtobufUtil.toUserPermission(perm));
}
@@ -2306,7 +2306,7 @@ public final class ProtobufUtil {
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
AccessControlProtos.GetUserPermissionsResponse response =
protocol.getUserPermissions(null, request);
- List<UserPermission> perms = new ArrayList<UserPermission>();
+ List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
perms.add(ProtobufUtil.toUserPermission(perm));
}
@@ -2334,7 +2334,7 @@ public final class ProtobufUtil {
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
AccessControlProtos.GetUserPermissionsResponse response =
protocol.getUserPermissions(null, request);
- List<UserPermission> perms = new ArrayList<UserPermission>();
+ List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
perms.add(ProtobufUtil.toUserPermission(perm));
}
http://git-wip-us.apache.org/repos/asf/hbase/blob/4f32987d/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
index eb63751..922bf67 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
@@ -47,12 +47,11 @@ import org.apache.hadoop.hbase.util.Bytes;
@InterfaceAudience.Public
@InterfaceStability.Evolving
public class AccessControlClient {
+ public static final TableName ACL_TABLE_NAME =
+ TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
private static HTable getAclTable(Configuration conf) throws IOException {
- TableName aclTableName =
- TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR,
- AccessControlConstants.OP_ATTRIBUTE_ACL);
- return new HTable(conf, aclTableName.getName());
+ return new HTable(conf, ACL_TABLE_NAME);
}
private static BlockingInterface getAccessControlServiceStub(HTable ht)
@@ -111,12 +110,10 @@ public class AccessControlClient {
public static boolean isAccessControllerRunning(Configuration conf)
throws MasterNotRunningException, ZooKeeperConnectionException, IOException {
- TableName aclTableName = TableName
- .valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
HBaseAdmin ha = null;
try {
ha = new HBaseAdmin(conf);
- return ha.isTableAvailable(aclTableName.getNameAsString());
+ return ha.isTableAvailable(ACL_TABLE_NAME);
} finally {
if (ha != null) {
ha.close();
@@ -183,16 +180,14 @@ public class AccessControlClient {
Table ht = null;
Admin ha = null;
try {
- TableName aclTableName = TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR,
- "acl");
ha = new HBaseAdmin(conf);
- ht = new HTable(conf, aclTableName);
+ ht = new HTable(conf, ACL_TABLE_NAME);
CoprocessorRpcChannel service = ht.coprocessorService(HConstants.EMPTY_START_ROW);
BlockingInterface protocol = AccessControlProtos.AccessControlService
.newBlockingStub(service);
HTableDescriptor[] htds = null;
- if (tableRegex == null) {
+ if (tableRegex == null || tableRegex.isEmpty()) {
permList = ProtobufUtil.getUserPermissions(protocol);
} else if (tableRegex.charAt(0) == '@') {
String namespace = tableRegex.substring(1);
http://git-wip-us.apache.org/repos/asf/hbase/blob/4f32987d/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index 007e610..c49bc33 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -464,7 +464,7 @@ public class AccessControlLists {
*/
static ListMultimap<String, TablePermission> getPermissions(Configuration conf,
byte[] entryName) throws IOException {
- if (entryName == null) entryName = ACL_TABLE_NAME.getName();
+ if (entryName == null) entryName = ACL_GLOBAL_NAME;
// for normal user tables, we just read the table row from _acl_
ListMultimap<String, TablePermission> perms = ArrayListMultimap.create();
@@ -659,7 +659,7 @@ public class AccessControlLists {
public static boolean isNamespaceEntry(byte[] entryName) {
return entryName[0] == NAMESPACE_PREFIX;
}
-
+
public static String toNamespaceEntry(String namespace) {
return NAMESPACE_PREFIX + namespace;
}
http://git-wip-us.apache.org/repos/asf/hbase/blob/4f32987d/hbase-shell/src/main/ruby/hbase/security.rb
----------------------------------------------------------------------
diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 1361c19..154c5ca 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -156,13 +156,13 @@ module Hbase
count = 0
all_perms.each do |value|
user_name = String.from_java_bytes(value.getUser)
- if (isNamespace?(table_regex))
+ if (table_regex != nil && isNamespace?(table_regex))
namespace = table_regex[1...table_regex.length]
else
namespace = (value.getTableName != nil) ? value.getTableName.getNamespaceAsString() : ''
end
table = (value.getTableName != nil) ? value.getTableName.getNameAsString() : ''
- family = (value.getFamily != nil) ?
+ family = (value.getFamily != nil) ?
org.apache.hadoop.hbase.util.Bytes::toStringBinary(value.getFamily) :
''
qualifier = (value.getQualifier != nil) ?
http://git-wip-us.apache.org/repos/asf/hbase/blob/4f32987d/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
----------------------------------------------------------------------
diff --git a/hbase-shell/src/main/ruby/shell/commands/user_permission.rb b/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
index 7c29261..57d83be 100644
--- a/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
+++ b/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
@@ -33,7 +33,7 @@ For example:
EOF
end
- def command(table_regex=".*")
+ def command(table_regex=nil)
#format_simple_command do
#admin.user_permission(table_regex)
now = Time.now