You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by gi...@apache.org on 2018/11/15 14:54:45 UTC
[03/51] [partial] hbase-site git commit: Published site at
130057f13774f6b213cdb06952c805a29d59396e.
http://git-wip-us.apache.org/repos/asf/hbase-site/blob/68eae623/testdevapidocs/src-html/org/apache/hadoop/hbase/security/access/TestAccessController.BulkLoadHelper.html
----------------------------------------------------------------------
diff --git a/testdevapidocs/src-html/org/apache/hadoop/hbase/security/access/TestAccessController.BulkLoadHelper.html b/testdevapidocs/src-html/org/apache/hadoop/hbase/security/access/TestAccessController.BulkLoadHelper.html
index 5062e9b..23b4be7 100644
--- a/testdevapidocs/src-html/org/apache/hadoop/hbase/security/access/TestAccessController.BulkLoadHelper.html
+++ b/testdevapidocs/src-html/org/apache/hadoop/hbase/security/access/TestAccessController.BulkLoadHelper.html
@@ -282,7 +282,7 @@
<span class="sourceLineNo">274</span> public static void tearDownAfterClass() throws Exception {<a name="line.274"></a>
<span class="sourceLineNo">275</span> cleanUp();<a name="line.275"></a>
<span class="sourceLineNo">276</span> TEST_UTIL.shutdownMiniCluster();<a name="line.276"></a>
-<span class="sourceLineNo">277</span> int total = TableAuthManager.getTotalRefCount();<a name="line.277"></a>
+<span class="sourceLineNo">277</span> int total = AuthManager.getTotalRefCount();<a name="line.277"></a>
<span class="sourceLineNo">278</span> assertTrue("Unexpected reference count: " + total, total == 0);<a name="line.278"></a>
<span class="sourceLineNo">279</span> }<a name="line.279"></a>
<span class="sourceLineNo">280</span><a name="line.280"></a>
@@ -1642,12 +1642,12 @@
<span class="sourceLineNo">1634</span> }<a name="line.1634"></a>
<span class="sourceLineNo">1635</span><a name="line.1635"></a>
<span class="sourceLineNo">1636</span> UserPermission ownerperm =<a name="line.1636"></a>
-<span class="sourceLineNo">1637</span> new UserPermission(Bytes.toBytes(USER_OWNER.getName()), tableName, null, Action.values());<a name="line.1637"></a>
+<span class="sourceLineNo">1637</span> new UserPermission(USER_OWNER.getName(), tableName, Action.values());<a name="line.1637"></a>
<span class="sourceLineNo">1638</span> assertTrue("Owner should have all permissions on table",<a name="line.1638"></a>
<span class="sourceLineNo">1639</span> hasFoundUserPermission(ownerperm, perms));<a name="line.1639"></a>
<span class="sourceLineNo">1640</span><a name="line.1640"></a>
<span class="sourceLineNo">1641</span> User user = User.createUserForTesting(TEST_UTIL.getConfiguration(), "user", new String[0]);<a name="line.1641"></a>
-<span class="sourceLineNo">1642</span> byte[] userName = Bytes.toBytes(user.getShortName());<a name="line.1642"></a>
+<span class="sourceLineNo">1642</span> String userName = user.getShortName();<a name="line.1642"></a>
<span class="sourceLineNo">1643</span><a name="line.1643"></a>
<span class="sourceLineNo">1644</span> UserPermission up =<a name="line.1644"></a>
<span class="sourceLineNo">1645</span> new UserPermission(userName, tableName, family1, qualifier, Permission.Action.READ);<a name="line.1645"></a>
@@ -1733,7 +1733,7 @@
<span class="sourceLineNo">1725</span> }<a name="line.1725"></a>
<span class="sourceLineNo">1726</span><a name="line.1726"></a>
<span class="sourceLineNo">1727</span> UserPermission newOwnerperm =<a name="line.1727"></a>
-<span class="sourceLineNo">1728</span> new UserPermission(Bytes.toBytes(newOwner.getName()), tableName, null, Action.values());<a name="line.1728"></a>
+<span class="sourceLineNo">1728</span> new UserPermission(newOwner.getName(), tableName, Action.values());<a name="line.1728"></a>
<span class="sourceLineNo">1729</span> assertTrue("New owner should have all permissions on table",<a name="line.1729"></a>
<span class="sourceLineNo">1730</span> hasFoundUserPermission(newOwnerperm, perms));<a name="line.1730"></a>
<span class="sourceLineNo">1731</span> } finally {<a name="line.1731"></a>
@@ -1757,1888 +1757,1898 @@
<span class="sourceLineNo">1749</span><a name="line.1749"></a>
<span class="sourceLineNo">1750</span> Collection<String> superUsers = Superusers.getSuperUsers();<a name="line.1750"></a>
<span class="sourceLineNo">1751</span> List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);<a name="line.1751"></a>
-<span class="sourceLineNo">1752</span> adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),<a name="line.1752"></a>
-<span class="sourceLineNo">1753</span> AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));<a name="line.1753"></a>
-<span class="sourceLineNo">1754</span><a name="line.1754"></a>
-<span class="sourceLineNo">1755</span> for(String user: superUsers) {<a name="line.1755"></a>
-<span class="sourceLineNo">1756</span> adminPerms.add(new UserPermission(Bytes.toBytes(user), AccessControlLists.ACL_TABLE_NAME,<a name="line.1756"></a>
-<span class="sourceLineNo">1757</span> null, null, Action.values()));<a name="line.1757"></a>
-<span class="sourceLineNo">1758</span> }<a name="line.1758"></a>
-<span class="sourceLineNo">1759</span> assertTrue("Only super users, global users and user admin has permission on table hbase:acl " +<a name="line.1759"></a>
-<span class="sourceLineNo">1760</span> "per setup", perms.size() == 5 + superUsers.size() &&<a name="line.1760"></a>
-<span class="sourceLineNo">1761</span> hasFoundUserPermission(adminPerms, perms));<a name="line.1761"></a>
-<span class="sourceLineNo">1762</span> }<a name="line.1762"></a>
-<span class="sourceLineNo">1763</span><a name="line.1763"></a>
-<span class="sourceLineNo">1764</span> /** global operations */<a name="line.1764"></a>
-<span class="sourceLineNo">1765</span> private void verifyGlobal(AccessTestAction action) throws Exception {<a name="line.1765"></a>
-<span class="sourceLineNo">1766</span> verifyAllowed(action, SUPERUSER);<a name="line.1766"></a>
-<span class="sourceLineNo">1767</span><a name="line.1767"></a>
-<span class="sourceLineNo">1768</span> verifyDenied(action, USER_CREATE, USER_RW, USER_NONE, USER_RO);<a name="line.1768"></a>
-<span class="sourceLineNo">1769</span> }<a name="line.1769"></a>
-<span class="sourceLineNo">1770</span><a name="line.1770"></a>
-<span class="sourceLineNo">1771</span> @Test<a name="line.1771"></a>
-<span class="sourceLineNo">1772</span> public void testCheckPermissions() throws Exception {<a name="line.1772"></a>
-<span class="sourceLineNo">1773</span> // --------------------------------------<a name="line.1773"></a>
-<span class="sourceLineNo">1774</span> // test global permissions<a name="line.1774"></a>
-<span class="sourceLineNo">1775</span> AccessTestAction globalAdmin = new AccessTestAction() {<a name="line.1775"></a>
-<span class="sourceLineNo">1776</span> @Override<a name="line.1776"></a>
-<span class="sourceLineNo">1777</span> public Void run() throws Exception {<a name="line.1777"></a>
-<span class="sourceLineNo">1778</span> checkGlobalPerms(TEST_UTIL, Permission.Action.ADMIN);<a name="line.1778"></a>
-<span class="sourceLineNo">1779</span> return null;<a name="line.1779"></a>
-<span class="sourceLineNo">1780</span> }<a name="line.1780"></a>
-<span class="sourceLineNo">1781</span> };<a name="line.1781"></a>
-<span class="sourceLineNo">1782</span> // verify that only superuser can admin<a name="line.1782"></a>
-<span class="sourceLineNo">1783</span> verifyGlobal(globalAdmin);<a name="line.1783"></a>
-<span class="sourceLineNo">1784</span><a name="line.1784"></a>
-<span class="sourceLineNo">1785</span> // --------------------------------------<a name="line.1785"></a>
-<span class="sourceLineNo">1786</span> // test multiple permissions<a name="line.1786"></a>
-<span class="sourceLineNo">1787</span> AccessTestAction globalReadWrite = new AccessTestAction() {<a name="line.1787"></a>
-<span class="sourceLineNo">1788</span> @Override<a name="line.1788"></a>
-<span class="sourceLineNo">1789</span> public Void run() throws Exception {<a name="line.1789"></a>
-<span class="sourceLineNo">1790</span> checkGlobalPerms(TEST_UTIL, Permission.Action.READ, Permission.Action.WRITE);<a name="line.1790"></a>
-<span class="sourceLineNo">1791</span> return null;<a name="line.1791"></a>
-<span class="sourceLineNo">1792</span> }<a name="line.1792"></a>
-<span class="sourceLineNo">1793</span> };<a name="line.1793"></a>
+<span class="sourceLineNo">1752</span> adminPerms.add(new UserPermission(USER_ADMIN.getShortName(), Bytes.toBytes("ACRW")));<a name="line.1752"></a>
+<span class="sourceLineNo">1753</span> for(String user: superUsers) {<a name="line.1753"></a>
+<span class="sourceLineNo">1754</span> // Global permission<a name="line.1754"></a>
+<span class="sourceLineNo">1755</span> adminPerms.add(new UserPermission(user, Action.values()));<a name="line.1755"></a>
+<span class="sourceLineNo">1756</span> }<a name="line.1756"></a>
+<span class="sourceLineNo">1757</span> assertTrue("Only super users, global users and user admin has permission on table hbase:acl " +<a name="line.1757"></a>
+<span class="sourceLineNo">1758</span> "per setup", perms.size() == 5 + superUsers.size() &&<a name="line.1758"></a>
+<span class="sourceLineNo">1759</span> hasFoundUserPermission(adminPerms, perms));<a name="line.1759"></a>
+<span class="sourceLineNo">1760</span> }<a name="line.1760"></a>
+<span class="sourceLineNo">1761</span><a name="line.1761"></a>
+<span class="sourceLineNo">1762</span> /** global operations */<a name="line.1762"></a>
+<span class="sourceLineNo">1763</span> private void verifyGlobal(AccessTestAction action) throws Exception {<a name="line.1763"></a>
+<span class="sourceLineNo">1764</span> verifyAllowed(action, SUPERUSER);<a name="line.1764"></a>
+<span class="sourceLineNo">1765</span><a name="line.1765"></a>
+<span class="sourceLineNo">1766</span> verifyDenied(action, USER_CREATE, USER_RW, USER_NONE, USER_RO);<a name="line.1766"></a>
+<span class="sourceLineNo">1767</span> }<a name="line.1767"></a>
+<span class="sourceLineNo">1768</span><a name="line.1768"></a>
+<span class="sourceLineNo">1769</span> @Test<a name="line.1769"></a>
+<span class="sourceLineNo">1770</span> public void testCheckPermissions() throws Exception {<a name="line.1770"></a>
+<span class="sourceLineNo">1771</span> // --------------------------------------<a name="line.1771"></a>
+<span class="sourceLineNo">1772</span> // test global permissions<a name="line.1772"></a>
+<span class="sourceLineNo">1773</span> AccessTestAction globalAdmin = new AccessTestAction() {<a name="line.1773"></a>
+<span class="sourceLineNo">1774</span> @Override<a name="line.1774"></a>
+<span class="sourceLineNo">1775</span> public Void run() throws Exception {<a name="line.1775"></a>
+<span class="sourceLineNo">1776</span> checkGlobalPerms(TEST_UTIL, Permission.Action.ADMIN);<a name="line.1776"></a>
+<span class="sourceLineNo">1777</span> return null;<a name="line.1777"></a>
+<span class="sourceLineNo">1778</span> }<a name="line.1778"></a>
+<span class="sourceLineNo">1779</span> };<a name="line.1779"></a>
+<span class="sourceLineNo">1780</span> // verify that only superuser can admin<a name="line.1780"></a>
+<span class="sourceLineNo">1781</span> verifyGlobal(globalAdmin);<a name="line.1781"></a>
+<span class="sourceLineNo">1782</span><a name="line.1782"></a>
+<span class="sourceLineNo">1783</span> // --------------------------------------<a name="line.1783"></a>
+<span class="sourceLineNo">1784</span> // test multiple permissions<a name="line.1784"></a>
+<span class="sourceLineNo">1785</span> AccessTestAction globalReadWrite = new AccessTestAction() {<a name="line.1785"></a>
+<span class="sourceLineNo">1786</span> @Override<a name="line.1786"></a>
+<span class="sourceLineNo">1787</span> public Void run() throws Exception {<a name="line.1787"></a>
+<span class="sourceLineNo">1788</span> checkGlobalPerms(TEST_UTIL, Permission.Action.READ, Permission.Action.WRITE);<a name="line.1788"></a>
+<span class="sourceLineNo">1789</span> return null;<a name="line.1789"></a>
+<span class="sourceLineNo">1790</span> }<a name="line.1790"></a>
+<span class="sourceLineNo">1791</span> };<a name="line.1791"></a>
+<span class="sourceLineNo">1792</span><a name="line.1792"></a>
+<span class="sourceLineNo">1793</span> verifyGlobal(globalReadWrite);<a name="line.1793"></a>
<span class="sourceLineNo">1794</span><a name="line.1794"></a>
-<span class="sourceLineNo">1795</span> verifyGlobal(globalReadWrite);<a name="line.1795"></a>
-<span class="sourceLineNo">1796</span><a name="line.1796"></a>
-<span class="sourceLineNo">1797</span> // --------------------------------------<a name="line.1797"></a>
-<span class="sourceLineNo">1798</span> // table/column/qualifier level permissions<a name="line.1798"></a>
-<span class="sourceLineNo">1799</span> final byte[] TEST_Q1 = Bytes.toBytes("q1");<a name="line.1799"></a>
-<span class="sourceLineNo">1800</span> final byte[] TEST_Q2 = Bytes.toBytes("q2");<a name="line.1800"></a>
-<span class="sourceLineNo">1801</span><a name="line.1801"></a>
-<span class="sourceLineNo">1802</span> User userTable = User.createUserForTesting(conf, "user_check_perms_table", new String[0]);<a name="line.1802"></a>
-<span class="sourceLineNo">1803</span> User userColumn = User.createUserForTesting(conf, "user_check_perms_family", new String[0]);<a name="line.1803"></a>
-<span class="sourceLineNo">1804</span> User userQualifier = User.createUserForTesting(conf, "user_check_perms_q", new String[0]);<a name="line.1804"></a>
-<span class="sourceLineNo">1805</span><a name="line.1805"></a>
-<span class="sourceLineNo">1806</span> grantOnTable(TEST_UTIL, userTable.getShortName(),<a name="line.1806"></a>
-<span class="sourceLineNo">1807</span> TEST_TABLE, null, null,<a name="line.1807"></a>
-<span class="sourceLineNo">1808</span> Permission.Action.READ);<a name="line.1808"></a>
-<span class="sourceLineNo">1809</span> grantOnTable(TEST_UTIL, userColumn.getShortName(),<a name="line.1809"></a>
-<span class="sourceLineNo">1810</span> TEST_TABLE, TEST_FAMILY, null,<a name="line.1810"></a>
-<span class="sourceLineNo">1811</span> Permission.Action.READ);<a name="line.1811"></a>
-<span class="sourceLineNo">1812</span> grantOnTable(TEST_UTIL, userQualifier.getShortName(),<a name="line.1812"></a>
-<span class="sourceLineNo">1813</span> TEST_TABLE, TEST_FAMILY, TEST_Q1,<a name="line.1813"></a>
-<span class="sourceLineNo">1814</span> Permission.Action.READ);<a name="line.1814"></a>
-<span class="sourceLineNo">1815</span><a name="line.1815"></a>
-<span class="sourceLineNo">1816</span> try {<a name="line.1816"></a>
-<span class="sourceLineNo">1817</span> AccessTestAction tableRead = new AccessTestAction() {<a name="line.1817"></a>
-<span class="sourceLineNo">1818</span> @Override<a name="line.1818"></a>
-<span class="sourceLineNo">1819</span> public Void run() throws Exception {<a name="line.1819"></a>
-<span class="sourceLineNo">1820</span> checkTablePerms(TEST_UTIL, TEST_TABLE, null, null, Permission.Action.READ);<a name="line.1820"></a>
-<span class="sourceLineNo">1821</span> return null;<a name="line.1821"></a>
-<span class="sourceLineNo">1822</span> }<a name="line.1822"></a>
-<span class="sourceLineNo">1823</span> };<a name="line.1823"></a>
-<span class="sourceLineNo">1824</span><a name="line.1824"></a>
-<span class="sourceLineNo">1825</span> AccessTestAction columnRead = new AccessTestAction() {<a name="line.1825"></a>
-<span class="sourceLineNo">1826</span> @Override<a name="line.1826"></a>
-<span class="sourceLineNo">1827</span> public Void run() throws Exception {<a name="line.1827"></a>
-<span class="sourceLineNo">1828</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);<a name="line.1828"></a>
-<span class="sourceLineNo">1829</span> return null;<a name="line.1829"></a>
-<span class="sourceLineNo">1830</span> }<a name="line.1830"></a>
-<span class="sourceLineNo">1831</span> };<a name="line.1831"></a>
-<span class="sourceLineNo">1832</span><a name="line.1832"></a>
-<span class="sourceLineNo">1833</span> AccessTestAction qualifierRead = new AccessTestAction() {<a name="line.1833"></a>
-<span class="sourceLineNo">1834</span> @Override<a name="line.1834"></a>
-<span class="sourceLineNo">1835</span> public Void run() throws Exception {<a name="line.1835"></a>
-<span class="sourceLineNo">1836</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ);<a name="line.1836"></a>
-<span class="sourceLineNo">1837</span> return null;<a name="line.1837"></a>
-<span class="sourceLineNo">1838</span> }<a name="line.1838"></a>
-<span class="sourceLineNo">1839</span> };<a name="line.1839"></a>
-<span class="sourceLineNo">1840</span><a name="line.1840"></a>
-<span class="sourceLineNo">1841</span> AccessTestAction multiQualifierRead = new AccessTestAction() {<a name="line.1841"></a>
-<span class="sourceLineNo">1842</span> @Override<a name="line.1842"></a>
-<span class="sourceLineNo">1843</span> public Void run() throws Exception {<a name="line.1843"></a>
-<span class="sourceLineNo">1844</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] {<a name="line.1844"></a>
-<span class="sourceLineNo">1845</span> new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ),<a name="line.1845"></a>
-<span class="sourceLineNo">1846</span> new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q2, Permission.Action.READ), });<a name="line.1846"></a>
-<span class="sourceLineNo">1847</span> return null;<a name="line.1847"></a>
-<span class="sourceLineNo">1848</span> }<a name="line.1848"></a>
-<span class="sourceLineNo">1849</span> };<a name="line.1849"></a>
-<span class="sourceLineNo">1850</span><a name="line.1850"></a>
-<span class="sourceLineNo">1851</span> AccessTestAction globalAndTableRead = new AccessTestAction() {<a name="line.1851"></a>
-<span class="sourceLineNo">1852</span> @Override<a name="line.1852"></a>
-<span class="sourceLineNo">1853</span> public Void run() throws Exception {<a name="line.1853"></a>
-<span class="sourceLineNo">1854</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] {<a name="line.1854"></a>
-<span class="sourceLineNo">1855</span> new Permission(Permission.Action.READ),<a name="line.1855"></a>
-<span class="sourceLineNo">1856</span> new TablePermission(TEST_TABLE, null, (byte[]) null, Permission.Action.READ), });<a name="line.1856"></a>
-<span class="sourceLineNo">1857</span> return null;<a name="line.1857"></a>
-<span class="sourceLineNo">1858</span> }<a name="line.1858"></a>
-<span class="sourceLineNo">1859</span> };<a name="line.1859"></a>
-<span class="sourceLineNo">1860</span><a name="line.1860"></a>
-<span class="sourceLineNo">1861</span> AccessTestAction noCheck = new AccessTestAction() {<a name="line.1861"></a>
-<span class="sourceLineNo">1862</span> @Override<a name="line.1862"></a>
-<span class="sourceLineNo">1863</span> public Void run() throws Exception {<a name="line.1863"></a>
-<span class="sourceLineNo">1864</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[0]);<a name="line.1864"></a>
-<span class="sourceLineNo">1865</span> return null;<a name="line.1865"></a>
-<span class="sourceLineNo">1866</span> }<a name="line.1866"></a>
-<span class="sourceLineNo">1867</span> };<a name="line.1867"></a>
-<span class="sourceLineNo">1868</span><a name="line.1868"></a>
-<span class="sourceLineNo">1869</span> verifyAllowed(tableRead, SUPERUSER, userTable);<a name="line.1869"></a>
-<span class="sourceLineNo">1870</span> verifyDenied(tableRead, userColumn, userQualifier);<a name="line.1870"></a>
-<span class="sourceLineNo">1871</span><a name="line.1871"></a>
-<span class="sourceLineNo">1872</span> verifyAllowed(columnRead, SUPERUSER, userTable, userColumn);<a name="line.1872"></a>
-<span class="sourceLineNo">1873</span> verifyDenied(columnRead, userQualifier);<a name="line.1873"></a>
+<span class="sourceLineNo">1795</span> // --------------------------------------<a name="line.1795"></a>
+<span class="sourceLineNo">1796</span> // table/column/qualifier level permissions<a name="line.1796"></a>
+<span class="sourceLineNo">1797</span> final byte[] TEST_Q1 = Bytes.toBytes("q1");<a name="line.1797"></a>
+<span class="sourceLineNo">1798</span> final byte[] TEST_Q2 = Bytes.toBytes("q2");<a name="line.1798"></a>
+<span class="sourceLineNo">1799</span><a name="line.1799"></a>
+<span class="sourceLineNo">1800</span> User userTable = User.createUserForTesting(conf, "user_check_perms_table", new String[0]);<a name="line.1800"></a>
+<span class="sourceLineNo">1801</span> User userColumn = User.createUserForTesting(conf, "user_check_perms_family", new String[0]);<a name="line.1801"></a>
+<span class="sourceLineNo">1802</span> User userQualifier = User.createUserForTesting(conf, "user_check_perms_q", new String[0]);<a name="line.1802"></a>
+<span class="sourceLineNo">1803</span><a name="line.1803"></a>
+<span class="sourceLineNo">1804</span> grantOnTable(TEST_UTIL, userTable.getShortName(),<a name="line.1804"></a>
+<span class="sourceLineNo">1805</span> TEST_TABLE, null, null,<a name="line.1805"></a>
+<span class="sourceLineNo">1806</span> Permission.Action.READ);<a name="line.1806"></a>
+<span class="sourceLineNo">1807</span> grantOnTable(TEST_UTIL, userColumn.getShortName(),<a name="line.1807"></a>
+<span class="sourceLineNo">1808</span> TEST_TABLE, TEST_FAMILY, null,<a name="line.1808"></a>
+<span class="sourceLineNo">1809</span> Permission.Action.READ);<a name="line.1809"></a>
+<span class="sourceLineNo">1810</span> grantOnTable(TEST_UTIL, userQualifier.getShortName(),<a name="line.1810"></a>
+<span class="sourceLineNo">1811</span> TEST_TABLE, TEST_FAMILY, TEST_Q1,<a name="line.1811"></a>
+<span class="sourceLineNo">1812</span> Permission.Action.READ);<a name="line.1812"></a>
+<span class="sourceLineNo">1813</span><a name="line.1813"></a>
+<span class="sourceLineNo">1814</span> try {<a name="line.1814"></a>
+<span class="sourceLineNo">1815</span> AccessTestAction tableRead = new AccessTestAction() {<a name="line.1815"></a>
+<span class="sourceLineNo">1816</span> @Override<a name="line.1816"></a>
+<span class="sourceLineNo">1817</span> public Void run() throws Exception {<a name="line.1817"></a>
+<span class="sourceLineNo">1818</span> checkTablePerms(TEST_UTIL, TEST_TABLE, null, null, Permission.Action.READ);<a name="line.1818"></a>
+<span class="sourceLineNo">1819</span> return null;<a name="line.1819"></a>
+<span class="sourceLineNo">1820</span> }<a name="line.1820"></a>
+<span class="sourceLineNo">1821</span> };<a name="line.1821"></a>
+<span class="sourceLineNo">1822</span><a name="line.1822"></a>
+<span class="sourceLineNo">1823</span> AccessTestAction columnRead = new AccessTestAction() {<a name="line.1823"></a>
+<span class="sourceLineNo">1824</span> @Override<a name="line.1824"></a>
+<span class="sourceLineNo">1825</span> public Void run() throws Exception {<a name="line.1825"></a>
+<span class="sourceLineNo">1826</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ);<a name="line.1826"></a>
+<span class="sourceLineNo">1827</span> return null;<a name="line.1827"></a>
+<span class="sourceLineNo">1828</span> }<a name="line.1828"></a>
+<span class="sourceLineNo">1829</span> };<a name="line.1829"></a>
+<span class="sourceLineNo">1830</span><a name="line.1830"></a>
+<span class="sourceLineNo">1831</span> AccessTestAction qualifierRead = new AccessTestAction() {<a name="line.1831"></a>
+<span class="sourceLineNo">1832</span> @Override<a name="line.1832"></a>
+<span class="sourceLineNo">1833</span> public Void run() throws Exception {<a name="line.1833"></a>
+<span class="sourceLineNo">1834</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ);<a name="line.1834"></a>
+<span class="sourceLineNo">1835</span> return null;<a name="line.1835"></a>
+<span class="sourceLineNo">1836</span> }<a name="line.1836"></a>
+<span class="sourceLineNo">1837</span> };<a name="line.1837"></a>
+<span class="sourceLineNo">1838</span><a name="line.1838"></a>
+<span class="sourceLineNo">1839</span> AccessTestAction multiQualifierRead = new AccessTestAction() {<a name="line.1839"></a>
+<span class="sourceLineNo">1840</span> @Override<a name="line.1840"></a>
+<span class="sourceLineNo">1841</span> public Void run() throws Exception {<a name="line.1841"></a>
+<span class="sourceLineNo">1842</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] {<a name="line.1842"></a>
+<span class="sourceLineNo">1843</span> new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q1, Permission.Action.READ),<a name="line.1843"></a>
+<span class="sourceLineNo">1844</span> new TablePermission(TEST_TABLE, TEST_FAMILY, TEST_Q2, Permission.Action.READ), });<a name="line.1844"></a>
+<span class="sourceLineNo">1845</span> return null;<a name="line.1845"></a>
+<span class="sourceLineNo">1846</span> }<a name="line.1846"></a>
+<span class="sourceLineNo">1847</span> };<a name="line.1847"></a>
+<span class="sourceLineNo">1848</span><a name="line.1848"></a>
+<span class="sourceLineNo">1849</span> AccessTestAction globalAndTableRead = new AccessTestAction() {<a name="line.1849"></a>
+<span class="sourceLineNo">1850</span> @Override<a name="line.1850"></a>
+<span class="sourceLineNo">1851</span> public Void run() throws Exception {<a name="line.1851"></a>
+<span class="sourceLineNo">1852</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[] {<a name="line.1852"></a>
+<span class="sourceLineNo">1853</span> new Permission(Permission.Action.READ),<a name="line.1853"></a>
+<span class="sourceLineNo">1854</span> new TablePermission(TEST_TABLE, null, (byte[]) null, Permission.Action.READ), });<a name="line.1854"></a>
+<span class="sourceLineNo">1855</span> return null;<a name="line.1855"></a>
+<span class="sourceLineNo">1856</span> }<a name="line.1856"></a>
+<span class="sourceLineNo">1857</span> };<a name="line.1857"></a>
+<span class="sourceLineNo">1858</span><a name="line.1858"></a>
+<span class="sourceLineNo">1859</span> AccessTestAction noCheck = new AccessTestAction() {<a name="line.1859"></a>
+<span class="sourceLineNo">1860</span> @Override<a name="line.1860"></a>
+<span class="sourceLineNo">1861</span> public Void run() throws Exception {<a name="line.1861"></a>
+<span class="sourceLineNo">1862</span> checkTablePerms(TEST_UTIL, TEST_TABLE, new Permission[0]);<a name="line.1862"></a>
+<span class="sourceLineNo">1863</span> return null;<a name="line.1863"></a>
+<span class="sourceLineNo">1864</span> }<a name="line.1864"></a>
+<span class="sourceLineNo">1865</span> };<a name="line.1865"></a>
+<span class="sourceLineNo">1866</span><a name="line.1866"></a>
+<span class="sourceLineNo">1867</span> verifyAllowed(tableRead, SUPERUSER, userTable);<a name="line.1867"></a>
+<span class="sourceLineNo">1868</span> verifyDenied(tableRead, userColumn, userQualifier);<a name="line.1868"></a>
+<span class="sourceLineNo">1869</span><a name="line.1869"></a>
+<span class="sourceLineNo">1870</span> verifyAllowed(columnRead, SUPERUSER, userTable, userColumn);<a name="line.1870"></a>
+<span class="sourceLineNo">1871</span> verifyDenied(columnRead, userQualifier);<a name="line.1871"></a>
+<span class="sourceLineNo">1872</span><a name="line.1872"></a>
+<span class="sourceLineNo">1873</span> verifyAllowed(qualifierRead, SUPERUSER, userTable, userColumn, userQualifier);<a name="line.1873"></a>
<span class="sourceLineNo">1874</span><a name="line.1874"></a>
-<span class="sourceLineNo">1875</span> verifyAllowed(qualifierRead, SUPERUSER, userTable, userColumn, userQualifier);<a name="line.1875"></a>
-<span class="sourceLineNo">1876</span><a name="line.1876"></a>
-<span class="sourceLineNo">1877</span> verifyAllowed(multiQualifierRead, SUPERUSER, userTable, userColumn);<a name="line.1877"></a>
-<span class="sourceLineNo">1878</span> verifyDenied(multiQualifierRead, userQualifier);<a name="line.1878"></a>
-<span class="sourceLineNo">1879</span><a name="line.1879"></a>
-<span class="sourceLineNo">1880</span> verifyAllowed(globalAndTableRead, SUPERUSER);<a name="line.1880"></a>
-<span class="sourceLineNo">1881</span> verifyDenied(globalAndTableRead, userTable, userColumn, userQualifier);<a name="line.1881"></a>
+<span class="sourceLineNo">1875</span> verifyAllowed(multiQualifierRead, SUPERUSER, userTable, userColumn);<a name="line.1875"></a>
+<span class="sourceLineNo">1876</span> verifyDenied(multiQualifierRead, userQualifier);<a name="line.1876"></a>
+<span class="sourceLineNo">1877</span><a name="line.1877"></a>
+<span class="sourceLineNo">1878</span> verifyAllowed(globalAndTableRead, SUPERUSER);<a name="line.1878"></a>
+<span class="sourceLineNo">1879</span> verifyDenied(globalAndTableRead, userTable, userColumn, userQualifier);<a name="line.1879"></a>
+<span class="sourceLineNo">1880</span><a name="line.1880"></a>
+<span class="sourceLineNo">1881</span> verifyAllowed(noCheck, SUPERUSER, userTable, userColumn, userQualifier);<a name="line.1881"></a>
<span class="sourceLineNo">1882</span><a name="line.1882"></a>
-<span class="sourceLineNo">1883</span> verifyAllowed(noCheck, SUPERUSER, userTable, userColumn, userQualifier);<a name="line.1883"></a>
-<span class="sourceLineNo">1884</span><a name="line.1884"></a>
-<span class="sourceLineNo">1885</span> // --------------------------------------<a name="line.1885"></a>
-<span class="sourceLineNo">1886</span> // test family level multiple permissions<a name="line.1886"></a>
-<span class="sourceLineNo">1887</span> AccessTestAction familyReadWrite = new AccessTestAction() {<a name="line.1887"></a>
-<span class="sourceLineNo">1888</span> @Override<a name="line.1888"></a>
-<span class="sourceLineNo">1889</span> public Void run() throws Exception {<a name="line.1889"></a>
-<span class="sourceLineNo">1890</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ,<a name="line.1890"></a>
-<span class="sourceLineNo">1891</span> Permission.Action.WRITE);<a name="line.1891"></a>
-<span class="sourceLineNo">1892</span> return null;<a name="line.1892"></a>
-<span class="sourceLineNo">1893</span> }<a name="line.1893"></a>
-<span class="sourceLineNo">1894</span> };<a name="line.1894"></a>
-<span class="sourceLineNo">1895</span><a name="line.1895"></a>
-<span class="sourceLineNo">1896</span> verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_CREATE, USER_RW);<a name="line.1896"></a>
-<span class="sourceLineNo">1897</span> verifyDenied(familyReadWrite, USER_NONE, USER_RO);<a name="line.1897"></a>
-<span class="sourceLineNo">1898</span><a name="line.1898"></a>
-<span class="sourceLineNo">1899</span> // --------------------------------------<a name="line.1899"></a>
-<span class="sourceLineNo">1900</span> // check for wrong table region<a name="line.1900"></a>
-<span class="sourceLineNo">1901</span> CheckPermissionsRequest checkRequest =<a name="line.1901"></a>
-<span class="sourceLineNo">1902</span> CheckPermissionsRequest<a name="line.1902"></a>
-<span class="sourceLineNo">1903</span> .newBuilder()<a name="line.1903"></a>
-<span class="sourceLineNo">1904</span> .addPermission(<a name="line.1904"></a>
-<span class="sourceLineNo">1905</span> AccessControlProtos.Permission<a name="line.1905"></a>
-<span class="sourceLineNo">1906</span> .newBuilder()<a name="line.1906"></a>
-<span class="sourceLineNo">1907</span> .setType(AccessControlProtos.Permission.Type.Table)<a name="line.1907"></a>
-<span class="sourceLineNo">1908</span> .setTablePermission(<a name="line.1908"></a>
-<span class="sourceLineNo">1909</span> AccessControlProtos.TablePermission.newBuilder()<a name="line.1909"></a>
-<span class="sourceLineNo">1910</span> .setTableName(ProtobufUtil.toProtoTableName(TEST_TABLE))<a name="line.1910"></a>
-<span class="sourceLineNo">1911</span> .addAction(AccessControlProtos.Permission.Action.CREATE))).build();<a name="line.1911"></a>
-<span class="sourceLineNo">1912</span> Table acl = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);<a name="line.1912"></a>
-<span class="sourceLineNo">1913</span> try {<a name="line.1913"></a>
-<span class="sourceLineNo">1914</span> BlockingRpcChannel channel = acl.coprocessorService(new byte[0]);<a name="line.1914"></a>
-<span class="sourceLineNo">1915</span> AccessControlService.BlockingInterface protocol =<a name="line.1915"></a>
-<span class="sourceLineNo">1916</span> AccessControlService.newBlockingStub(channel);<a name="line.1916"></a>
-<span class="sourceLineNo">1917</span> try {<a name="line.1917"></a>
-<span class="sourceLineNo">1918</span> // but ask for TablePermissions for TEST_TABLE<a name="line.1918"></a>
-<span class="sourceLineNo">1919</span> protocol.checkPermissions(null, checkRequest);<a name="line.1919"></a>
-<span class="sourceLineNo">1920</span> fail("this should have thrown CoprocessorException");<a name="line.1920"></a>
-<span class="sourceLineNo">1921</span> } catch (ServiceException ex) {<a name="line.1921"></a>
-<span class="sourceLineNo">1922</span> // expected<a name="line.1922"></a>
-<span class="sourceLineNo">1923</span> }<a name="line.1923"></a>
-<span class="sourceLineNo">1924</span> } finally {<a name="line.1924"></a>
-<span class="sourceLineNo">1925</span> acl.close();<a name="line.1925"></a>
-<span class="sourceLineNo">1926</span> }<a name="line.1926"></a>
-<span class="sourceLineNo">1927</span><a name="line.1927"></a>
-<span class="sourceLineNo">1928</span> } finally {<a name="line.1928"></a>
-<span class="sourceLineNo">1929</span> revokeFromTable(TEST_UTIL, userTable.getShortName(), TEST_TABLE, null, null,<a name="line.1929"></a>
+<span class="sourceLineNo">1883</span> // --------------------------------------<a name="line.1883"></a>
+<span class="sourceLineNo">1884</span> // test family level multiple permissions<a name="line.1884"></a>
+<span class="sourceLineNo">1885</span> AccessTestAction familyReadWrite = new AccessTestAction() {<a name="line.1885"></a>
+<span class="sourceLineNo">1886</span> @Override<a name="line.1886"></a>
+<span class="sourceLineNo">1887</span> public Void run() throws Exception {<a name="line.1887"></a>
+<span class="sourceLineNo">1888</span> checkTablePerms(TEST_UTIL, TEST_TABLE, TEST_FAMILY, null, Permission.Action.READ,<a name="line.1888"></a>
+<span class="sourceLineNo">1889</span> Permission.Action.WRITE);<a name="line.1889"></a>
+<span class="sourceLineNo">1890</span> return null;<a name="line.1890"></a>
+<span class="sourceLineNo">1891</span> }<a name="line.1891"></a>
+<span class="sourceLineNo">1892</span> };<a name="line.1892"></a>
+<span class="sourceLineNo">1893</span><a name="line.1893"></a>
+<span class="sourceLineNo">1894</span> verifyAllowed(familyReadWrite, SUPERUSER, USER_OWNER, USER_CREATE, USER_RW);<a name="line.1894"></a>
+<span class="sourceLineNo">1895</span> verifyDenied(familyReadWrite, USER_NONE, USER_RO);<a name="line.1895"></a>
+<span class="sourceLineNo">1896</span><a name="line.1896"></a>
+<span class="sourceLineNo">1897</span> // --------------------------------------<a name="line.1897"></a>
+<span class="sourceLineNo">1898</span> // check for wrong table region<a name="line.1898"></a>
+<span class="sourceLineNo">1899</span> CheckPermissionsRequest checkRequest =<a name="line.1899"></a>
+<span class="sourceLineNo">1900</span> CheckPermissionsRequest<a name="line.1900"></a>
+<span class="sourceLineNo">1901</span> .newBuilder()<a name="line.1901"></a>
+<span class="sourceLineNo">1902</span> .addPermission(<a name="line.1902"></a>
+<span class="sourceLineNo">1903</span> AccessControlProtos.Permission<a name="line.1903"></a>
+<span class="sourceLineNo">1904</span> .newBuilder()<a name="line.1904"></a>
+<span class="sourceLineNo">1905</span> .setType(AccessControlProtos.Permission.Type.Table)<a name="line.1905"></a>
+<span class="sourceLineNo">1906</span> .setTablePermission(<a name="line.1906"></a>
+<span class="sourceLineNo">1907</span> AccessControlProtos.TablePermission.newBuilder()<a name="line.1907"></a>
+<span class="sourceLineNo">1908</span> .setTableName(ProtobufUtil.toProtoTableName(TEST_TABLE))<a name="line.1908"></a>
+<span class="sourceLineNo">1909</span> .addAction(AccessControlProtos.Permission.Action.CREATE))).build();<a name="line.1909"></a>
+<span class="sourceLineNo">1910</span> Table acl = systemUserConnection.getTable(AccessControlLists.ACL_TABLE_NAME);<a name="line.1910"></a>
+<span class="sourceLineNo">1911</span> try {<a name="line.1911"></a>
+<span class="sourceLineNo">1912</span> BlockingRpcChannel channel = acl.coprocessorService(new byte[0]);<a name="line.1912"></a>
+<span class="sourceLineNo">1913</span> AccessControlService.BlockingInterface protocol =<a name="line.1913"></a>
+<span class="sourceLineNo">1914</span> AccessControlService.newBlockingStub(channel);<a name="line.1914"></a>
+<span class="sourceLineNo">1915</span> try {<a name="line.1915"></a>
+<span class="sourceLineNo">1916</span> // but ask for TablePermissions for TEST_TABLE<a name="line.1916"></a>
+<span class="sourceLineNo">1917</span> protocol.checkPermissions(null, checkRequest);<a name="line.1917"></a>
+<span class="sourceLineNo">1918</span> fail("this should have thrown CoprocessorException");<a name="line.1918"></a>
+<span class="sourceLineNo">1919</span> } catch (ServiceException ex) {<a name="line.1919"></a>
+<span class="sourceLineNo">1920</span> // expected<a name="line.1920"></a>
+<span class="sourceLineNo">1921</span> }<a name="line.1921"></a>
+<span class="sourceLineNo">1922</span> } finally {<a name="line.1922"></a>
+<span class="sourceLineNo">1923</span> acl.close();<a name="line.1923"></a>
+<span class="sourceLineNo">1924</span> }<a name="line.1924"></a>
+<span class="sourceLineNo">1925</span><a name="line.1925"></a>
+<span class="sourceLineNo">1926</span> } finally {<a name="line.1926"></a>
+<span class="sourceLineNo">1927</span> revokeFromTable(TEST_UTIL, userTable.getShortName(), TEST_TABLE, null, null,<a name="line.1927"></a>
+<span class="sourceLineNo">1928</span> Permission.Action.READ);<a name="line.1928"></a>
+<span class="sourceLineNo">1929</span> revokeFromTable(TEST_UTIL, userColumn.getShortName(), TEST_TABLE, TEST_FAMILY, null,<a name="line.1929"></a>
<span class="sourceLineNo">1930</span> Permission.Action.READ);<a name="line.1930"></a>
-<span class="sourceLineNo">1931</span> revokeFromTable(TEST_UTIL, userColumn.getShortName(), TEST_TABLE, TEST_FAMILY, null,<a name="line.1931"></a>
+<span class="sourceLineNo">1931</span> revokeFromTable(TEST_UTIL, userQualifier.getShortName(), TEST_TABLE, TEST_FAMILY, TEST_Q1,<a name="line.1931"></a>
<span class="sourceLineNo">1932</span> Permission.Action.READ);<a name="line.1932"></a>
-<span class="sourceLineNo">1933</span> revokeFromTable(TEST_UTIL, userQualifier.getShortName(), TEST_TABLE, TEST_FAMILY, TEST_Q1,<a name="line.1933"></a>
-<span class="sourceLineNo">1934</span> Permission.Action.READ);<a name="line.1934"></a>
-<span class="sourceLineNo">1935</span> }<a name="line.1935"></a>
-<span class="sourceLineNo">1936</span> }<a name="line.1936"></a>
-<span class="sourceLineNo">1937</span><a name="line.1937"></a>
-<span class="sourceLineNo">1938</span> @Test<a name="line.1938"></a>
-<span class="sourceLineNo">1939</span> public void testStopRegionServer() throws Exception {<a name="line.1939"></a>
-<span class="sourceLineNo">1940</span> AccessTestAction action = new AccessTestAction() {<a name="line.1940"></a>
-<span class="sourceLineNo">1941</span> @Override<a name="line.1941"></a>
-<span class="sourceLineNo">1942</span> public Object run() throws Exception {<a name="line.1942"></a>
-<span class="sourceLineNo">1943</span> ACCESS_CONTROLLER.preStopRegionServer(ObserverContextImpl.createAndPrepare(RSCP_ENV));<a name="line.1943"></a>
-<span class="sourceLineNo">1944</span> return null;<a name="line.1944"></a>
-<span class="sourceLineNo">1945</span> }<a name="line.1945"></a>
-<span class="sourceLineNo">1946</span> };<a name="line.1946"></a>
-<span class="sourceLineNo">1947</span><a name="line.1947"></a>
-<span class="sourceLineNo">1948</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1948"></a>
-<span class="sourceLineNo">1949</span> verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.1949"></a>
-<span class="sourceLineNo">1950</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.1950"></a>
-<span class="sourceLineNo">1951</span> }<a name="line.1951"></a>
-<span class="sourceLineNo">1952</span><a name="line.1952"></a>
-<span class="sourceLineNo">1953</span> @Test<a name="line.1953"></a>
-<span class="sourceLineNo">1954</span> public void testRollWALWriterRequest() throws Exception {<a name="line.1954"></a>
-<span class="sourceLineNo">1955</span> AccessTestAction action = new AccessTestAction() {<a name="line.1955"></a>
-<span class="sourceLineNo">1956</span> @Override<a name="line.1956"></a>
-<span class="sourceLineNo">1957</span> public Object run() throws Exception {<a name="line.1957"></a>
-<span class="sourceLineNo">1958</span> ACCESS_CONTROLLER.preRollWALWriterRequest(ObserverContextImpl.createAndPrepare(RSCP_ENV));<a name="line.1958"></a>
-<span class="sourceLineNo">1959</span> return null;<a name="line.1959"></a>
-<span class="sourceLineNo">1960</span> }<a name="line.1960"></a>
-<span class="sourceLineNo">1961</span> };<a name="line.1961"></a>
-<span class="sourceLineNo">1962</span><a name="line.1962"></a>
-<span class="sourceLineNo">1963</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1963"></a>
-<span class="sourceLineNo">1964</span> verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.1964"></a>
-<span class="sourceLineNo">1965</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.1965"></a>
-<span class="sourceLineNo">1966</span> }<a name="line.1966"></a>
-<span class="sourceLineNo">1967</span><a name="line.1967"></a>
-<span class="sourceLineNo">1968</span> @Test<a name="line.1968"></a>
-<span class="sourceLineNo">1969</span> public void testOpenRegion() throws Exception {<a name="line.1969"></a>
-<span class="sourceLineNo">1970</span> AccessTestAction action = new AccessTestAction() {<a name="line.1970"></a>
-<span class="sourceLineNo">1971</span> @Override<a name="line.1971"></a>
-<span class="sourceLineNo">1972</span> public Object run() throws Exception {<a name="line.1972"></a>
-<span class="sourceLineNo">1973</span> ACCESS_CONTROLLER.preOpen(ObserverContextImpl.createAndPrepare(RCP_ENV));<a name="line.1973"></a>
-<span class="sourceLineNo">1974</span> return null;<a name="line.1974"></a>
-<span class="sourceLineNo">1975</span> }<a name="line.1975"></a>
-<span class="sourceLineNo">1976</span> };<a name="line.1976"></a>
-<span class="sourceLineNo">1977</span><a name="line.1977"></a>
-<span class="sourceLineNo">1978</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1978"></a>
-<span class="sourceLineNo">1979</span> verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE,<a name="line.1979"></a>
-<span class="sourceLineNo">1980</span> USER_GROUP_READ, USER_GROUP_WRITE);<a name="line.1980"></a>
-<span class="sourceLineNo">1981</span> }<a name="line.1981"></a>
-<span class="sourceLineNo">1982</span><a name="line.1982"></a>
-<span class="sourceLineNo">1983</span> @Test<a name="line.1983"></a>
-<span class="sourceLineNo">1984</span> public void testCloseRegion() throws Exception {<a name="line.1984"></a>
-<span class="sourceLineNo">1985</span> AccessTestAction action = new AccessTestAction() {<a name="line.1985"></a>
-<span class="sourceLineNo">1986</span> @Override<a name="line.1986"></a>
-<span class="sourceLineNo">1987</span> public Object run() throws Exception {<a name="line.1987"></a>
-<span class="sourceLineNo">1988</span> ACCESS_CONTROLLER.preClose(ObserverContextImpl.createAndPrepare(RCP_ENV), false);<a name="line.1988"></a>
-<span class="sourceLineNo">1989</span> return null;<a name="line.1989"></a>
-<span class="sourceLineNo">1990</span> }<a name="line.1990"></a>
-<span class="sourceLineNo">1991</span> };<a name="line.1991"></a>
-<span class="sourceLineNo">1992</span><a name="line.1992"></a>
-<span class="sourceLineNo">1993</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1993"></a>
-<span class="sourceLineNo">1994</span> verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE,<a name="line.1994"></a>
-<span class="sourceLineNo">1995</span> USER_GROUP_READ, USER_GROUP_WRITE);<a name="line.1995"></a>
-<span class="sourceLineNo">1996</span> }<a name="line.1996"></a>
-<span class="sourceLineNo">1997</span><a name="line.1997"></a>
-<span class="sourceLineNo">1998</span> @Test<a name="line.1998"></a>
-<span class="sourceLineNo">1999</span> public void testSnapshot() throws Exception {<a name="line.1999"></a>
-<span class="sourceLineNo">2000</span> Admin admin = TEST_UTIL.getAdmin();<a name="line.2000"></a>
-<span class="sourceLineNo">2001</span> final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE);<a name="line.2001"></a>
-<span class="sourceLineNo">2002</span> final SnapshotDescription snapshot = new SnapshotDescription(<a name="line.2002"></a>
-<span class="sourceLineNo">2003</span> TEST_TABLE.getNameAsString() + "-snapshot", TEST_TABLE);<a name="line.2003"></a>
-<span class="sourceLineNo">2004</span> AccessTestAction snapshotAction = new AccessTestAction() {<a name="line.2004"></a>
-<span class="sourceLineNo">2005</span> @Override<a name="line.2005"></a>
-<span class="sourceLineNo">2006</span> public Object run() throws Exception {<a name="line.2006"></a>
-<span class="sourceLineNo">2007</span> ACCESS_CONTROLLER.preSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2007"></a>
-<span class="sourceLineNo">2008</span> snapshot, htd);<a name="line.2008"></a>
-<span class="sourceLineNo">2009</span> return null;<a name="line.2009"></a>
-<span class="sourceLineNo">2010</span> }<a name="line.2010"></a>
-<span class="sourceLineNo">2011</span> };<a name="line.2011"></a>
-<span class="sourceLineNo">2012</span><a name="line.2012"></a>
-<span class="sourceLineNo">2013</span> AccessTestAction deleteAction = new AccessTestAction() {<a name="line.2013"></a>
-<span class="sourceLineNo">2014</span> @Override<a name="line.2014"></a>
-<span class="sourceLineNo">2015</span> public Object run() throws Exception {<a name="line.2015"></a>
-<span class="sourceLineNo">2016</span> ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2016"></a>
-<span class="sourceLineNo">2017</span> snapshot);<a name="line.2017"></a>
-<span class="sourceLineNo">2018</span> return null;<a name="line.2018"></a>
-<span class="sourceLineNo">2019</span> }<a name="line.2019"></a>
-<span class="sourceLineNo">2020</span> };<a name="line.2020"></a>
-<span class="sourceLineNo">2021</span><a name="line.2021"></a>
-<span class="sourceLineNo">2022</span> AccessTestAction restoreAction = new AccessTestAction() {<a name="line.2022"></a>
-<span class="sourceLineNo">2023</span> @Override<a name="line.2023"></a>
-<span class="sourceLineNo">2024</span> public Object run() throws Exception {<a name="line.2024"></a>
-<span class="sourceLineNo">2025</span> ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2025"></a>
-<span class="sourceLineNo">2026</span> snapshot, htd);<a name="line.2026"></a>
-<span class="sourceLineNo">2027</span> return null;<a name="line.2027"></a>
-<span class="sourceLineNo">2028</span> }<a name="line.2028"></a>
-<span class="sourceLineNo">2029</span> };<a name="line.2029"></a>
-<span class="sourceLineNo">2030</span><a name="line.2030"></a>
-<span class="sourceLineNo">2031</span> AccessTestAction cloneAction = new AccessTestAction() {<a name="line.2031"></a>
-<span class="sourceLineNo">2032</span> @Override<a name="line.2032"></a>
-<span class="sourceLineNo">2033</span> public Object run() throws Exception {<a name="line.2033"></a>
-<span class="sourceLineNo">2034</span> ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2034"></a>
-<span class="sourceLineNo">2035</span> snapshot, null);<a name="line.2035"></a>
-<span class="sourceLineNo">2036</span> return null;<a name="line.2036"></a>
-<span class="sourceLineNo">2037</span> }<a name="line.2037"></a>
-<span class="sourceLineNo">2038</span> };<a name="line.2038"></a>
-<span class="sourceLineNo">2039</span><a name="line.2039"></a>
-<span class="sourceLineNo">2040</span> verifyAllowed(snapshotAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);<a name="line.2040"></a>
-<span class="sourceLineNo">2041</span> verifyDenied(snapshotAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2041"></a>
-<span class="sourceLineNo">2042</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2042"></a>
-<span class="sourceLineNo">2043</span><a name="line.2043"></a>
-<span class="sourceLineNo">2044</span> verifyAllowed(cloneAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2044"></a>
-<span class="sourceLineNo">2045</span> verifyDenied(deleteAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2045"></a>
-<span class="sourceLineNo">2046</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2046"></a>
-<span class="sourceLineNo">2047</span><a name="line.2047"></a>
-<span class="sourceLineNo">2048</span> verifyAllowed(restoreAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2048"></a>
-<span class="sourceLineNo">2049</span> verifyDenied(restoreAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2049"></a>
-<span class="sourceLineNo">2050</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2050"></a>
-<span class="sourceLineNo">2051</span><a name="line.2051"></a>
-<span class="sourceLineNo">2052</span> verifyAllowed(deleteAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2052"></a>
-<span class="sourceLineNo">2053</span> verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2053"></a>
-<span class="sourceLineNo">2054</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2054"></a>
-<span class="sourceLineNo">2055</span> }<a name="line.2055"></a>
-<span class="sourceLineNo">2056</span><a name="line.2056"></a>
-<span class="sourceLineNo">2057</span> @Test<a name="line.2057"></a>
-<span class="sourceLineNo">2058</span> public void testSnapshotWithOwner() throws Exception {<a name="line.2058"></a>
-<span class="sourceLineNo">2059</span> Admin admin = TEST_UTIL.getAdmin();<a name="line.2059"></a>
-<span class="sourceLineNo">2060</span> final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE);<a name="line.2060"></a>
-<span class="sourceLineNo">2061</span> final SnapshotDescription snapshot = new SnapshotDescription(<a name="line.2061"></a>
-<span class="sourceLineNo">2062</span> TEST_TABLE.getNameAsString() + "-snapshot", TEST_TABLE, null, USER_OWNER.getName());<a name="line.2062"></a>
-<span class="sourceLineNo">2063</span><a name="line.2063"></a>
-<span class="sourceLineNo">2064</span> AccessTestAction snapshotAction = new AccessTestAction() {<a name="line.2064"></a>
-<span class="sourceLineNo">2065</span> @Override<a name="line.2065"></a>
-<span class="sourceLineNo">2066</span> public Object run() throws Exception {<a name="line.2066"></a>
-<span class="sourceLineNo">2067</span> ACCESS_CONTROLLER.preSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2067"></a>
-<span class="sourceLineNo">2068</span> snapshot, htd);<a name="line.2068"></a>
-<span class="sourceLineNo">2069</span> return null;<a name="line.2069"></a>
-<span class="sourceLineNo">2070</span> }<a name="line.2070"></a>
-<span class="sourceLineNo">2071</span> };<a name="line.2071"></a>
-<span class="sourceLineNo">2072</span> verifyAllowed(snapshotAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);<a name="line.2072"></a>
-<span class="sourceLineNo">2073</span> verifyDenied(snapshotAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2073"></a>
-<span class="sourceLineNo">2074</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2074"></a>
-<span class="sourceLineNo">2075</span><a name="line.2075"></a>
-<span class="sourceLineNo">2076</span> AccessTestAction deleteAction = new AccessTestAction() {<a name="line.2076"></a>
-<span class="sourceLineNo">2077</span> @Override<a name="line.2077"></a>
-<span class="sourceLineNo">2078</span> public Object run() throws Exception {<a name="line.2078"></a>
-<span class="sourceLineNo">2079</span> ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2079"></a>
-<span class="sourceLineNo">2080</span> snapshot);<a name="line.2080"></a>
-<span class="sourceLineNo">2081</span> return null;<a name="line.2081"></a>
-<span class="sourceLineNo">2082</span> }<a name="line.2082"></a>
-<span class="sourceLineNo">2083</span> };<a name="line.2083"></a>
-<span class="sourceLineNo">2084</span> verifyAllowed(deleteAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);<a name="line.2084"></a>
-<span class="sourceLineNo">2085</span> verifyDenied(deleteAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2085"></a>
-<span class="sourceLineNo">2086</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2086"></a>
-<span class="sourceLineNo">2087</span><a name="line.2087"></a>
-<span class="sourceLineNo">2088</span> AccessTestAction restoreAction = new AccessTestAction() {<a name="line.2088"></a>
-<span class="sourceLineNo">2089</span> @Override<a name="line.2089"></a>
-<span class="sourceLineNo">2090</span> public Object run() throws Exception {<a name="line.2090"></a>
-<span class="sourceLineNo">2091</span> ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2091"></a>
-<span class="sourceLineNo">2092</span> snapshot, htd);<a name="line.2092"></a>
-<span class="sourceLineNo">2093</span> return null;<a name="line.2093"></a>
-<span class="sourceLineNo">2094</span> }<a name="line.2094"></a>
-<span class="sourceLineNo">2095</span> };<a name="line.2095"></a>
-<span class="sourceLineNo">2096</span> verifyAllowed(restoreAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);<a name="line.2096"></a>
-<span class="sourceLineNo">2097</span> verifyDenied(restoreAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2097"></a>
-<span class="sourceLineNo">2098</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2098"></a>
-<span class="sourceLineNo">2099</span><a name="line.2099"></a>
-<span class="sourceLineNo">2100</span> AccessTestAction cloneAction = new AccessTestAction() {<a name="line.2100"></a>
-<span class="sourceLineNo">2101</span> @Override<a name="line.2101"></a>
-<span class="sourceLineNo">2102</span> public Object run() throws Exception {<a name="line.2102"></a>
-<span class="sourceLineNo">2103</span> ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2103"></a>
-<span class="sourceLineNo">2104</span> snapshot, htd);<a name="line.2104"></a>
-<span class="sourceLineNo">2105</span> return null;<a name="line.2105"></a>
-<span class="sourceLineNo">2106</span> }<a name="line.2106"></a>
-<span class="sourceLineNo">2107</span> };<a name="line.2107"></a>
-<span class="sourceLineNo">2108</span> verifyAllowed(cloneAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN, USER_OWNER);<a name="line.2108"></a>
-<span class="sourceLineNo">2109</span> verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2109"></a>
-<span class="sourceLineNo">2110</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2110"></a>
-<span class="sourceLineNo">2111</span> }<a name="line.2111"></a>
-<span class="sourceLineNo">2112</span><a name="line.2112"></a>
-<span class="sourceLineNo">2113</span> @Test<a name="line.2113"></a>
-<span class="sourceLineNo">2114</span> public void testGlobalAuthorizationForNewRegisteredRS() throws Exception {<a name="line.2114"></a>
-<span class="sourceLineNo">2115</span> LOG.debug("Test for global authorization for a new registered RegionServer.");<a name="line.2115"></a>
-<span class="sourceLineNo">2116</span> MiniHBaseCluster hbaseCluster = TEST_UTIL.getHBaseCluster();<a name="line.2116"></a>
-<span class="sourceLineNo">2117</span><a name="line.2117"></a>
-<span class="sourceLineNo">2118</span> final Admin admin = TEST_UTIL.getAdmin();<a name="line.2118"></a>
-<span class="sourceLineNo">2119</span> HTableDescriptor htd = new HTableDescriptor(TEST_TABLE2);<a name="line.2119"></a>
-<span class="sourceLineNo">2120</span> htd.addFamily(new HColumnDescriptor(TEST_FAMILY));<a name="line.2120"></a>
-<span class="sourceLineNo">2121</span> createTable(TEST_UTIL, htd);<a name="line.2121"></a>
-<span class="sourceLineNo">2122</span><a name="line.2122"></a>
-<span class="sourceLineNo">2123</span> // Starting a new RegionServer.<a name="line.2123"></a>
-<span class="sourceLineNo">2124</span> JVMClusterUtil.RegionServerThread newRsThread = hbaseCluster<a name="line.2124"></a>
-<span class="sourceLineNo">2125</span> .startRegionServer();<a name="line.2125"></a>
-<span class="sourceLineNo">2126</span> final HRegionServer newRs = newRsThread.getRegionServer();<a name="line.2126"></a>
-<span class="sourceLineNo">2127</span><a name="line.2127"></a>
-<span class="sourceLineNo">2128</span> // Move region to the new RegionServer.<a name="line.2128"></a>
-<span class="sourceLineNo">2129</span> List<HRegionLocation> regions;<a name="line.2129"></a>
-<span class="sourceLineNo">2130</span> try (RegionLocator locator = systemUserConnection.getRegionLocator(TEST_TABLE2)) {<a name="line.2130"></a>
-<span class="sourceLineNo">2131</span> regions = locator.getAllRegionLocations();<a name="line.2131"></a>
-<span class="sourceLineNo">2132</span> }<a name="line.2132"></a>
-<span class="sourceLineNo">2133</span> HRegionLocation location = regions.get(0);<a name="line.2133"></a>
-<span class="sourceLineNo">2134</span> final HRegionInfo hri = location.getRegionInfo();<a name="line.2134"></a>
-<span class="sourceLineNo">2135</span> final ServerName server = location.getServerName();<a name="line.2135"></a>
-<span class="sourceLineNo">2136</span> try (Table table = systemUserConnection.getTable(TEST_TABLE2)) {<a name="line.2136"></a>
-<span class="sourceLineNo">2137</span> AccessTestAction moveAction = new AccessTestAction() {<a name="line.2137"></a>
-<span class="sourceLineNo">2138</span> @Override<a name="line.2138"></a>
-<span class="sourceLineNo">2139</span> public Object run() throws Exception {<a name="line.2139"></a>
-<span class="sourceLineNo">2140</span> admin.move(hri.getEncodedNameAsBytes(),<a name="line.2140"></a>
-<span class="sourceLineNo">2141</span> Bytes.toBytes(newRs.getServerName().getServerName()));<a name="line.2141"></a>
-<span class="sourceLineNo">2142</span> return null;<a name="line.2142"></a>
-<span class="sourceLineNo">2143</span> }<a name="line.2143"></a>
-<span class="sourceLineNo">2144</span> };<a name="line.2144"></a>
-<span class="sourceLineNo">2145</span> SUPERUSER.runAs(moveAction);<a name="line.2145"></a>
-<span class="sourceLineNo">2146</span><a name="line.2146"></a>
-<span class="sourceLineNo">2147</span> final int RETRIES_LIMIT = 10;<a name="line.2147"></a>
-<span class="sourceLineNo">2148</span> int retries = 0;<a name="line.2148"></a>
-<span class="sourceLineNo">2149</span> while (newRs.getRegions(TEST_TABLE2).size() < 1 && retries < RETRIES_LIMIT) {<a name="line.2149"></a>
-<span class="sourceLineNo">2150</span> LOG.debug("Waiting for region to be opened. Already retried " + retries<a name="line.2150"></a>
-<span class="sourceLineNo">2151</span> + " times.");<a name="line.2151"></a>
-<span class="sourceLineNo">2152</span> try {<a name="line.2152"></a>
-<span class="sourceLineNo">2153</span> Thread.sleep(1000);<a name="line.2153"></a>
-<span class="sourceLineNo">2154</span> } catch (InterruptedException e) {<a name="line.2154"></a>
-<span class="sourceLineNo">2155</span> }<a name="line.2155"></a>
-<span class="sourceLineNo">2156</span> retries++;<a name="line.2156"></a>
-<span class="sourceLineNo">2157</span> if (retries == RETRIES_LIMIT - 1) {<a name="line.2157"></a>
-<span class="sourceLineNo">2158</span> fail("Retry exhaust for waiting region to be opened.");<a name="line.2158"></a>
-<span class="sourceLineNo">2159</span> }<a name="line.2159"></a>
-<span class="sourceLineNo">2160</span> }<a name="line.2160"></a>
-<span class="sourceLineNo">2161</span> // Verify write permission for user "admin2" who has the global<a name="line.2161"></a>
-<span class="sourceLineNo">2162</span> // permissions.<a name="line.2162"></a>
-<span class="sourceLineNo">2163</span> AccessTestAction putAction = new AccessTestAction() {<a name="line.2163"></a>
-<span class="sourceLineNo">2164</span> @Override<a name="line.2164"></a>
-<span class="sourceLineNo">2165</span> public Object run() throws Exception {<a name="line.2165"></a>
-<span class="sourceLineNo">2166</span> Put put = new Put(Bytes.toBytes("test"));<a name="line.2166"></a>
-<span class="sourceLineNo">2167</span> put.addColumn(TEST_FAMILY, Bytes.toBytes("qual"), Bytes.toBytes("value"));<a name="line.2167"></a>
-<span class="sourceLineNo">2168</span> table.put(put);<a name="line.2168"></a>
-<span class="sourceLineNo">2169</span> return null;<a name="line.2169"></a>
-<span class="sourceLineNo">2170</span> }<a name="line.2170"></a>
-<span class="sourceLineNo">2171</span> };<a name="line.2171"></a>
-<span class="sourceLineNo">2172</span> USER_ADMIN.runAs(putAction);<a name="line.2172"></a>
-<span class="sourceLineNo">2173</span> }<a name="line.2173"></a>
-<span class="sourceLineNo">2174</span> }<a name="line.2174"></a>
-<span class="sourceLineNo">2175</span><a name="line.2175"></a>
-<span class="sourceLineNo">2176</span> @Test<a name="line.2176"></a>
-<span class="sourceLineNo">2177</span> public void testTableDescriptorsEnumeration() throws Exception {<a name="line.2177"></a>
-<span class="sourceLineNo">2178</span> User TABLE_ADMIN = User.createUserForTesting(conf, "UserA", new String[0]);<a name="line.2178"></a>
-<span class="sourceLineNo">2179</span><a name="line.2179"></a>
-<span class="sourceLineNo">2180</span> // Grant TABLE ADMIN privs<a name="line.2180"></a>
-<span class="sourceLineNo">2181</span> grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), TEST_TABLE, null, null,<a name="line.2181"></a>
-<span class="sourceLineNo">2182</span> Permission.Action.ADMIN);<a name="line.2182"></a>
-<span class="sourceLineNo">2183</span> try {<a name="line.2183"></a>
-<span class="sourceLineNo">2184</span> AccessTestAction listTablesAction = new AccessTestAction() {<a name="line.2184"></a>
-<span class="sourceLineNo">2185</span> @Override<a name="line.2185"></a>
-<span class="sourceLineNo">2186</span> public Object run() throws Exception {<a name="line.2186"></a>
-<span class="sourceLineNo">2187</span> try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());<a name="line.2187"></a>
-<span class="sourceLineNo">2188</span> Admin admin = conn.getAdmin()) {<a name="line.2188"></a>
-<span class="sourceLineNo">2189</span> return Arrays.asList(admin.listTables());<a name="line.2189"></a>
-<span class="sourceLineNo">2190</span> }<a name="line.2190"></a>
-<span class="sourceLineNo">2191</span> }<a name="line.2191"></a>
-<span class="sourceLineNo">2192</span> };<a name="line.2192"></a>
-<span class="sourceLineNo">2193</span><a name="line.2193"></a>
-<span class="sourceLineNo">2194</span> AccessTestAction getTableDescAction = new AccessTestAction() {<a name="line.2194"></a>
-<span class="sourceLineNo">2195</span> @Override<a name="line.2195"></a>
-<span class="sourceLineNo">2196</span> public Object run() throws Exception {<a name="line.2196"></a>
-<span class="sourceLineNo">2197</span> try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());<a name="line.2197"></a>
-<span class="sourceLineNo">2198</span> Admin admin = conn.getAdmin()) {<a name="line.2198"></a>
-<span class="sourceLineNo">2199</span> return admin.getTableDescriptor(TEST_TABLE);<a name="line.2199"></a>
-<span class="sourceLineNo">2200</span> }<a name="line.2200"></a>
-<span class="sourceLineNo">2201</span> }<a name="line.2201"></a>
-<span class="sourceLineNo">2202</span> };<a name="line.2202"></a>
-<span class="sourceLineNo">2203</span><a name="line.2203"></a>
-<span class="sourceLineNo">2204</span> verifyAllowed(listTablesAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, TABLE_ADMIN,<a name="line.2204"></a>
-<span class="sourceLineNo">2205</span> USER_GROUP_CREATE, USER_GROUP_ADMIN);<a name="line.2205"></a>
-<span class="sourceLineNo">2206</span> verifyIfEmptyList(listTablesAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2206"></a>
-<span class="sourceLineNo">2207</span> USER_GROUP_WRITE);<a name="line.2207"></a>
-<span class="sourceLineNo">2208</span><a name="line.2208"></a>
-<span class="sourceLineNo">2209</span> verifyAllowed(getTableDescAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER,<a name="line.2209"></a>
-<span class="sourceLineNo">2210</span> TABLE_ADMIN, USER_GROUP_CREATE, USER_GROUP_ADMIN);<a name="line.2210"></a>
-<span class="sourceLineNo">2211</span> verifyDenied(getTableDescAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2211"></a>
-<span class="sourceLineNo">2212</span> USER_GROUP_WRITE);<a name="line.2212"></a>
-<span class="sourceLineNo">2213</span> } finally {<a name="line.2213"></a>
-<span class="sourceLineNo">2214</span> // Cleanup, revoke TABLE ADMIN privs<a name="line.2214"></a>
-<span class="sourceLineNo">2215</span> revokeFromTable(TEST_UTIL, TABLE_ADMIN.getShortName(), TEST_TABLE, null, null,<a name="line.2215"></a>
-<span class="sourceLineNo">2216</span> Permission.Action.ADMIN);<a name="line.2216"></a>
-<span class="sourceLineNo">2217</span> }<a name="line.2217"></a>
-<span class="sourceLineNo">2218</span> }<a name="line.2218"></a>
-<span class="sourceLineNo">2219</span><a name="line.2219"></a>
-<span class="sourceLineNo">2220</span> @Test<a name="line.2220"></a>
-<span class="sourceLineNo">2221</span> public void testTableNameEnumeration() throws Exception {<a name="line.2221"></a>
-<span class="sourceLineNo">2222</span> AccessTestAction listTablesAction = new AccessTestAction() {<a name="line.2222"></a>
-<span class="sourceLineNo">2223</span> @Override<a name="line.2223"></a>
-<span class="sourceLineNo">2224</span> public Object run() throws Exception {<a name="line.2224"></a>
-<span class="sourceLineNo">2225</span> Connection unmanagedConnection =<a name="line.2225"></a>
-<span class="sourceLineNo">2226</span> ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());<a name="line.2226"></a>
-<span class="sourceLineNo">2227</span> Admin admin = unmanagedConnection.getAdmin();<a name="line.2227"></a>
-<span class="sourceLineNo">2228</span> try {<a name="line.2228"></a>
-<span class="sourceLineNo">2229</span> return Arrays.asList(admin.listTableNames());<a name="line.2229"></a>
-<span class="sourceLineNo">2230</span> } finally {<a name="line.2230"></a>
-<span class="sourceLineNo">2231</span> admin.close();<a name="line.2231"></a>
-<span class="sourceLineNo">2232</span> unmanagedConnection.close();<a name="line.2232"></a>
-<span class="sourceLineNo">2233</span> }<a name="line.2233"></a>
-<span class="sourceLineNo">2234</span> }<a name="line.2234"></a>
-<span class="sourceLineNo">2235</span> };<a name="line.2235"></a>
-<span class="sourceLineNo">2236</span><a name="line.2236"></a>
-<span class="sourceLineNo">2237</span> verifyAllowed(listTablesAction, SUPERUSER, USER_ADMIN, USER_CREATE, USER_OWNER, USER_RW,<a name="line.2237"></a>
-<span class="sourceLineNo">2238</span> USER_RO, USER_GROUP_CREATE, USER_GROUP_ADMIN, USER_GROUP_READ, USER_GROUP_WRITE);<a name="line.2238"></a>
-<span class="sourceLineNo">2239</span> verifyIfEmptyList(listTablesAction, USER_NONE);<a name="line.2239"></a>
-<span class="sourceLineNo">2240</span> }<a name="line.2240"></a>
-<span class="sourceLineNo">2241</span><a name="line.2241"></a>
-<span class="sourceLineNo">2242</span> @Test<a name="line.2242"></a>
-<span class="sourceLineNo">2243</span> public void testTableDeletion() throws Exception {<a name="line.2243"></a>
-<span class="sourceLineNo">2244</span> User TABLE_ADMIN = User.createUserForTesting(conf, "TestUser", new String[0]);<a name="line.2244"></a>
-<span class="sourceLineNo">2245</span> final TableName tableName = TableName.valueOf(name.getMethodName());<a name="line.2245"></a>
-<span class="sourceLineNo">2246</span> createTestTable(tableName);<a name="line.2246"></a>
-<span class="sourceLineNo">2247</span><a name="line.2247"></a>
-<span class="sourceLineNo">2248</span> // Grant TABLE ADMIN privs<a name="line.2248"></a>
-<span class="sourceLineNo">2249</span> grantOnTable(TEST_UTIL, TABLE_ADMIN.getShortName(), tableName, null, null, Permission.Action.ADMIN);<a name="line.2249"></a>
-<span class="sourceLineNo">2250</span><a name="line.2250"></a>
-<span class="sourceLineNo">2251</span> AccessTestAction deleteTableAction = new AccessTestAction() {<a name="line.2251"></a>
-<span class="sourceLineNo">2252</span> @Override<a name="line.2252"></a>
-<span class="sourceLineNo">2253</span> public Object run() throws Exception {<a name="line.2253"></a>
-<span class="sourceLineNo">2254</span> Connection unmanagedConnection =<a name="line.2254"></a>
-<span class="sourceLineNo">2255</span> ConnectionFactory.createConnection(TEST_UTIL.getConfiguration());<a name="line.2255"></a>
-<span class="sourceLineNo">2256</span> Admin admin = unmanagedConnection.getAdmin();<a name="line.2256"></a>
-<span class="sourceLineNo">2257</span> try {<a name="line.2257"></a>
-<span class="sourceLineNo">2258</span> deleteTable(TEST_UTIL, admin, tableName);<a name="line.2258"></a>
-<span class="sourceLineNo">2259</span> } finally {<a name="line.2259"></a>
-<span class="sourceLineNo">2260</span> admin.close();<a name="line.2260"></a>
-<span class="sourceLineNo">2261</span> unmanagedConnection.close();<a name="line.2261"></a>
-<span class="sourceLineNo">2262</span> }<a name="line.2262"></a>
-<span class="sourceLineNo">2263</span> return null;<a name="line.2263"></a>
-<span class="sourceLineNo">2264</span> }<a name="line.2264"></a>
-<span class="sourceLineNo">2265</span> };<a name="line.2265"></a>
-<span class="sourceLineNo">2266</span><a name="line.2266"></a>
-<span class="sourceLineNo">2267</span> verifyDenied(deleteTableAction, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2267"></a>
-<span class="sourceLineNo">2268</span> USER_GROUP_WRITE);<a name="line.2268"></a>
-<span class="sourceLineNo">2269</span> verifyAllowed(deleteTableAction, TABLE_ADMIN);<a name="line.2269"></a>
-<span class="sourceLineNo">2270</span> }<a name="line.2270"></a>
-<span class="sourceLineNo">2271</span><a name="line.2271"></a>
-<span class="sourceLineNo">2272</span> private void createTestTable(TableName tname) throws Exception {<a name="line.2272"></a>
-<span class="sourceLineNo">2273</span> createTestTable(tname, TEST_FAMILY);<a name="line.2273"></a>
-<span class="sourceLineNo">2274</span> }<a name="line.2274"></a>
-<span class="sourceLineNo">2275</span><a name="line.2275"></a>
-<span class="sourceLineNo">2276</span> private void createTestTable(TableName tname, byte[] cf) throws Exception {<a name="line.2276"></a>
-<span class="sourceLineNo">2277</span> HTableDescriptor htd = new HTableDescriptor(tname);<a name="line.2277"></a>
-<span class="sourceLineNo">2278</span> HColumnDescriptor hcd = new HColumnDescriptor(cf);<a name="line.2278"></a>
-<span class="sourceLineNo">2279</span> hcd.setMaxVersions(100);<a name="line.2279"></a>
-<span class="sourceLineNo">2280</span> htd.addFamily(hcd);<a name="line.2280"></a>
-<span class="sourceLineNo">2281</span> htd.setOwner(USER_OWNER);<a name="line.2281"></a>
-<span class="sourceLineNo">2282</span> createTable(TEST_UTIL, htd, new byte[][] { Bytes.toBytes("s") });<a name="line.2282"></a>
-<span class="sourceLineNo">2283</span> }<a name="line.2283"></a>
-<span class="sourceLineNo">2284</span><a name="line.2284"></a>
-<span class="sourceLineNo">2285</span> @Test<a name="line.2285"></a>
-<span class="sourceLineNo">2286</span> public void testNamespaceUserGrant() throws Exception {<a name="line.2286"></a>
-<span class="sourceLineNo">2287</span> AccessTestAction getAction = new AccessTestAction() {<a name="line.2287"></a>
-<span class="sourceLineNo">2288</span> @Override<a name="line.2288"></a>
-<span class="sourceLineNo">2289</span> public Object run() throws Exception {<a name="line.2289"></a>
-<span class="sourceLineNo">2290</span> try(Connection conn = ConnectionFactory.createConnection(conf);<a name="line.2290"></a>
-<span class="sourceLineNo">2291</span> Table t = conn.getTable(TEST_TABLE)) {<a name="line.2291"></a>
-<span class="sourceLineNo">2292</span> return t.get(new Get(TEST_ROW));<a name="line.2292"></a>
-<span class="sourceLineNo">2293</span> }<a name="line.2293"></a>
-<span class="sourceLineNo">2294</span> }<a name="line.2294"></a>
-<span class="sourceLineNo">2295</span> };<a name="line.2295"></a>
+<span class="sourceLineNo">1933</span> }<a name="line.1933"></a>
+<span class="sourceLineNo">1934</span> }<a name="line.1934"></a>
+<span class="sourceLineNo">1935</span><a name="line.1935"></a>
+<span class="sourceLineNo">1936</span> @Test<a name="line.1936"></a>
+<span class="sourceLineNo">1937</span> public void testStopRegionServer() throws Exception {<a name="line.1937"></a>
+<span class="sourceLineNo">1938</span> AccessTestAction action = new AccessTestAction() {<a name="line.1938"></a>
+<span class="sourceLineNo">1939</span> @Override<a name="line.1939"></a>
+<span class="sourceLineNo">1940</span> public Object run() throws Exception {<a name="line.1940"></a>
+<span class="sourceLineNo">1941</span> ACCESS_CONTROLLER.preStopRegionServer(ObserverContextImpl.createAndPrepare(RSCP_ENV));<a name="line.1941"></a>
+<span class="sourceLineNo">1942</span> return null;<a name="line.1942"></a>
+<span class="sourceLineNo">1943</span> }<a name="line.1943"></a>
+<span class="sourceLineNo">1944</span> };<a name="line.1944"></a>
+<span class="sourceLineNo">1945</span><a name="line.1945"></a>
+<span class="sourceLineNo">1946</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1946"></a>
+<span class="sourceLineNo">1947</span> verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.1947"></a>
+<span class="sourceLineNo">1948</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.1948"></a>
+<span class="sourceLineNo">1949</span> }<a name="line.1949"></a>
+<span class="sourceLineNo">1950</span><a name="line.1950"></a>
+<span class="sourceLineNo">1951</span> @Test<a name="line.1951"></a>
+<span class="sourceLineNo">1952</span> public void testRollWALWriterRequest() throws Exception {<a name="line.1952"></a>
+<span class="sourceLineNo">1953</span> AccessTestAction action = new AccessTestAction() {<a name="line.1953"></a>
+<span class="sourceLineNo">1954</span> @Override<a name="line.1954"></a>
+<span class="sourceLineNo">1955</span> public Object run() throws Exception {<a name="line.1955"></a>
+<span class="sourceLineNo">1956</span> ACCESS_CONTROLLER.preRollWALWriterRequest(ObserverContextImpl.createAndPrepare(RSCP_ENV));<a name="line.1956"></a>
+<span class="sourceLineNo">1957</span> return null;<a name="line.1957"></a>
+<span class="sourceLineNo">1958</span> }<a name="line.1958"></a>
+<span class="sourceLineNo">1959</span> };<a name="line.1959"></a>
+<span class="sourceLineNo">1960</span><a name="line.1960"></a>
+<span class="sourceLineNo">1961</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1961"></a>
+<span class="sourceLineNo">1962</span> verifyDenied(action, USER_CREATE, USER_OWNER, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.1962"></a>
+<span class="sourceLineNo">1963</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.1963"></a>
+<span class="sourceLineNo">1964</span> }<a name="line.1964"></a>
+<span class="sourceLineNo">1965</span><a name="line.1965"></a>
+<span class="sourceLineNo">1966</span> @Test<a name="line.1966"></a>
+<span class="sourceLineNo">1967</span> public void testOpenRegion() throws Exception {<a name="line.1967"></a>
+<span class="sourceLineNo">1968</span> AccessTestAction action = new AccessTestAction() {<a name="line.1968"></a>
+<span class="sourceLineNo">1969</span> @Override<a name="line.1969"></a>
+<span class="sourceLineNo">1970</span> public Object run() throws Exception {<a name="line.1970"></a>
+<span class="sourceLineNo">1971</span> ACCESS_CONTROLLER.preOpen(ObserverContextImpl.createAndPrepare(RCP_ENV));<a name="line.1971"></a>
+<span class="sourceLineNo">1972</span> return null;<a name="line.1972"></a>
+<span class="sourceLineNo">1973</span> }<a name="line.1973"></a>
+<span class="sourceLineNo">1974</span> };<a name="line.1974"></a>
+<span class="sourceLineNo">1975</span><a name="line.1975"></a>
+<span class="sourceLineNo">1976</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1976"></a>
+<span class="sourceLineNo">1977</span> verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE,<a name="line.1977"></a>
+<span class="sourceLineNo">1978</span> USER_GROUP_READ, USER_GROUP_WRITE);<a name="line.1978"></a>
+<span class="sourceLineNo">1979</span> }<a name="line.1979"></a>
+<span class="sourceLineNo">1980</span><a name="line.1980"></a>
+<span class="sourceLineNo">1981</span> @Test<a name="line.1981"></a>
+<span class="sourceLineNo">1982</span> public void testCloseRegion() throws Exception {<a name="line.1982"></a>
+<span class="sourceLineNo">1983</span> AccessTestAction action = new AccessTestAction() {<a name="line.1983"></a>
+<span class="sourceLineNo">1984</span> @Override<a name="line.1984"></a>
+<span class="sourceLineNo">1985</span> public Object run() throws Exception {<a name="line.1985"></a>
+<span class="sourceLineNo">1986</span> ACCESS_CONTROLLER.preClose(ObserverContextImpl.createAndPrepare(RCP_ENV), false);<a name="line.1986"></a>
+<span class="sourceLineNo">1987</span> return null;<a name="line.1987"></a>
+<span class="sourceLineNo">1988</span> }<a name="line.1988"></a>
+<span class="sourceLineNo">1989</span> };<a name="line.1989"></a>
+<span class="sourceLineNo">1990</span><a name="line.1990"></a>
+<span class="sourceLineNo">1991</span> verifyAllowed(action, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.1991"></a>
+<span class="sourceLineNo">1992</span> verifyDenied(action, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_CREATE,<a name="line.1992"></a>
+<span class="sourceLineNo">1993</span> USER_GROUP_READ, USER_GROUP_WRITE);<a name="line.1993"></a>
+<span class="sourceLineNo">1994</span> }<a name="line.1994"></a>
+<span class="sourceLineNo">1995</span><a name="line.1995"></a>
+<span class="sourceLineNo">1996</span> @Test<a name="line.1996"></a>
+<span class="sourceLineNo">1997</span> public void testSnapshot() throws Exception {<a name="line.1997"></a>
+<span class="sourceLineNo">1998</span> Admin admin = TEST_UTIL.getAdmin();<a name="line.1998"></a>
+<span class="sourceLineNo">1999</span> final HTableDescriptor htd = admin.getTableDescriptor(TEST_TABLE);<a name="line.1999"></a>
+<span class="sourceLineNo">2000</span> final SnapshotDescription snapshot = new SnapshotDescription(<a name="line.2000"></a>
+<span class="sourceLineNo">2001</span> TEST_TABLE.getNameAsString() + "-snapshot", TEST_TABLE);<a name="line.2001"></a>
+<span class="sourceLineNo">2002</span> AccessTestAction snapshotAction = new AccessTestAction() {<a name="line.2002"></a>
+<span class="sourceLineNo">2003</span> @Override<a name="line.2003"></a>
+<span class="sourceLineNo">2004</span> public Object run() throws Exception {<a name="line.2004"></a>
+<span class="sourceLineNo">2005</span> ACCESS_CONTROLLER.preSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2005"></a>
+<span class="sourceLineNo">2006</span> snapshot, htd);<a name="line.2006"></a>
+<span class="sourceLineNo">2007</span> return null;<a name="line.2007"></a>
+<span class="sourceLineNo">2008</span> }<a name="line.2008"></a>
+<span class="sourceLineNo">2009</span> };<a name="line.2009"></a>
+<span class="sourceLineNo">2010</span><a name="line.2010"></a>
+<span class="sourceLineNo">2011</span> AccessTestAction deleteAction = new AccessTestAction() {<a name="line.2011"></a>
+<span class="sourceLineNo">2012</span> @Override<a name="line.2012"></a>
+<span class="sourceLineNo">2013</span> public Object run() throws Exception {<a name="line.2013"></a>
+<span class="sourceLineNo">2014</span> ACCESS_CONTROLLER.preDeleteSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2014"></a>
+<span class="sourceLineNo">2015</span> snapshot);<a name="line.2015"></a>
+<span class="sourceLineNo">2016</span> return null;<a name="line.2016"></a>
+<span class="sourceLineNo">2017</span> }<a name="line.2017"></a>
+<span class="sourceLineNo">2018</span> };<a name="line.2018"></a>
+<span class="sourceLineNo">2019</span><a name="line.2019"></a>
+<span class="sourceLineNo">2020</span> AccessTestAction restoreAction = new AccessTestAction() {<a name="line.2020"></a>
+<span class="sourceLineNo">2021</span> @Override<a name="line.2021"></a>
+<span class="sourceLineNo">2022</span> public Object run() throws Exception {<a name="line.2022"></a>
+<span class="sourceLineNo">2023</span> ACCESS_CONTROLLER.preRestoreSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2023"></a>
+<span class="sourceLineNo">2024</span> snapshot, htd);<a name="line.2024"></a>
+<span class="sourceLineNo">2025</span> return null;<a name="line.2025"></a>
+<span class="sourceLineNo">2026</span> }<a name="line.2026"></a>
+<span class="sourceLineNo">2027</span> };<a name="line.2027"></a>
+<span class="sourceLineNo">2028</span><a name="line.2028"></a>
+<span class="sourceLineNo">2029</span> AccessTestAction cloneAction = new AccessTestAction() {<a name="line.2029"></a>
+<span class="sourceLineNo">2030</span> @Override<a name="line.2030"></a>
+<span class="sourceLineNo">2031</span> public Object run() throws Exception {<a name="line.2031"></a>
+<span class="sourceLineNo">2032</span> ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV),<a name="line.2032"></a>
+<span class="sourceLineNo">2033</span> snapshot, null);<a name="line.2033"></a>
+<span class="sourceLineNo">2034</span> return null;<a name="line.2034"></a>
+<span class="sourceLineNo">2035</span> }<a name="line.2035"></a>
+<span class="sourceLineNo">2036</span> };<a name="line.2036"></a>
+<span class="sourceLineNo">2037</span><a name="line.2037"></a>
+<span class="sourceLineNo">2038</span> verifyAllowed(snapshotAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);<a name="line.2038"></a>
+<span class="sourceLineNo">2039</span> verifyDenied(snapshotAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,<a name="line.2039"></a>
+<span class="sourceLineNo">2040</span> USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2040"></a>
+<span class="sourceLineNo">2041</span><a name="line.2041"></a>
+<span class="sourceLineNo">2042</span> verifyAllowed(cloneAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2042"></a>
+<span class="sourceLineNo">2043</span> verifyDenied(deleteAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2043"></a>
+<span class="sourceLineNo">2044</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2044"></a>
+<span class="sourceLineNo">2045</span><a name="line.2045"></a>
+<span class="sourceLineNo">2046</span> verifyAllowed(restoreAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2046"></a>
+<span class="sourceLineNo">2047</span> verifyDenied(restoreAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2047"></a>
+<span class="sourceLineNo">2048</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2048"></a>
+<span class="sourceLineNo">2049</span><a name="line.2049"></a>
+<span class="sourceLineNo">2050</span> verifyAllowed(deleteAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);<a name="line.2050"></a>
+<span class="sourceLineNo">2051</span> verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,<a name="line.2051"></a>
+<span class="sourceLineNo">2052</span> USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);<a name="line.2052"></a>
+<span class="sourceLineNo">2053</span> }<a name="line.2053"></a>
+<span class="sourceLineNo">2054</span><a name="line.2054"></a>
+<span class="sourceLineNo">2055</span> @Test<a name="line.2055"></a>
+<span class="sourceLineNo">2056</span> public void testSnapshotWithOwner() throws Exception {<a name="line.2056"></a>
+<span class="sou
<TRUNCATED>