You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@hbase.apache.org by mb...@apache.org on 2013/01/10 01:34:33 UTC

svn commit: r1431162 - /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java

Author: mbertozzi
Date: Thu Jan 10 00:34:32 2013
New Revision: 1431162

URL: http://svn.apache.org/viewvc?rev=1431162&view=rev
Log:
HBASE-7526 create table does not log the table name in audit log

Modified:
    hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java

Modified: hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
URL: http://svn.apache.org/viewvc/hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java?rev=1431162&r1=1431161&r2=1431162&view=diff
==============================================================================
--- hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java (original)
+++ hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java Thu Jan 10 00:34:32 2013
@@ -347,15 +347,7 @@ public class AccessController extends Ba
    * @throws AccessDeniedException if authorization is denied
    */
   private void requirePermission(String request, Permission.Action perm) throws IOException {
-    User user = getActiveUser();
-    if (authManager.authorize(user, perm)) {
-      logResult(AuthResult.allow(request, "Global check allowed", user, perm, null, null));
-    } else {
-      logResult(AuthResult.deny(request, "Global check failed", user, perm, null, null));
-      throw new AccessDeniedException("Insufficient permissions for user '" +
-          (user != null ? user.getShortName() : "null") +"' (global, action=" +
-          perm.toString() + ")");
-    }
+    requireGlobalPermission(request, perm, null, null);
   }
 
   /**
@@ -482,7 +474,12 @@ public class AccessController extends Ba
   @Override
   public void preCreateTable(ObserverContext<MasterCoprocessorEnvironment> c,
       HTableDescriptor desc, HRegionInfo[] regions) throws IOException {
-    requirePermission("createTable", Permission.Action.CREATE);
+    Set<byte[]> families = desc.getFamiliesKeys();
+    HashMap<byte[], Set<byte[]>> familyMap = Maps.newHashMapWithExpectedSize(families.size());
+    for (byte[] family: families) {
+      familyMap.put(family, null);
+    }
+    requireGlobalPermission("createTable", Permission.Action.CREATE, desc.getName(), familyMap);
   }
 
   @Override