accumulo-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ctubb...@apache.org
Subject accumulo git commit: ACCUMULO-4498 Remove vestigial security permission stuffs
Date Wed, 12 Oct 2016 22:31:57 GMT
Repository: accumulo
Updated Branches:
  refs/heads/master f9e630466 -> 693d5be1a


ACCUMULO-4498 Remove vestigial security permission stuffs


Project: http://git-wip-us.apache.org/repos/asf/accumulo/repo
Commit: http://git-wip-us.apache.org/repos/asf/accumulo/commit/693d5be1
Tree: http://git-wip-us.apache.org/repos/asf/accumulo/tree/693d5be1
Diff: http://git-wip-us.apache.org/repos/asf/accumulo/diff/693d5be1

Branch: refs/heads/master
Commit: 693d5be1a60877f704bc48d87965fe0262d3b922
Parents: f9e6304
Author: Christopher Tubbs <ctubbsii@apache.org>
Authored: Wed Oct 12 18:12:34 2016 -0400
Committer: Christopher Tubbs <ctubbsii@apache.org>
Committed: Wed Oct 12 18:12:34 2016 -0400

----------------------------------------------------------------------
 .../accumulo/core/client/impl/Namespaces.java       |  7 -------
 .../apache/accumulo/core/client/impl/Tables.java    |  6 ------
 .../core/client/impl/ThriftTransportPool.java       |  7 -------
 .../file/streams/BoundedRangeFileInputStream.java   | 16 +---------------
 .../accumulo/fate/zookeeper/ZooReaderWriter.java    |  7 -------
 .../server/conf/ServerConfigurationFactory.java     | 16 ----------------
 .../accumulo/server/security/SystemCredentials.java | 11 -----------
 .../apache/accumulo/server/tables/TableManager.java |  6 ------
 8 files changed, 1 insertion(+), 75 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/core/src/main/java/org/apache/accumulo/core/client/impl/Namespaces.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/Namespaces.java b/core/src/main/java/org/apache/accumulo/core/client/impl/Namespaces.java
index 51c7b2d..4eda3db 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/Namespaces.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/Namespaces.java
@@ -18,7 +18,6 @@ package org.apache.accumulo.core.client.impl;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 
-import java.security.SecurityPermission;
 import java.util.LinkedList;
 import java.util.List;
 import java.util.Map.Entry;
@@ -73,18 +72,12 @@ public class Namespaces {
     }
   };
 
-  private static SecurityPermission TABLES_PERMISSION = new SecurityPermission("tablesPermission");
-
   public static final String DEFAULT_NAMESPACE_ID = "+default";
   public static final String DEFAULT_NAMESPACE = "";
   public static final String ACCUMULO_NAMESPACE_ID = "+accumulo";
   public static final String ACCUMULO_NAMESPACE = "accumulo";
 
   private static ZooCache getZooCache(Instance instance) {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(TABLES_PERMISSION);
-    }
     return new ZooCacheFactory().getZooCache(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut());
   }
 

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/core/src/main/java/org/apache/accumulo/core/client/impl/Tables.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/Tables.java b/core/src/main/java/org/apache/accumulo/core/client/impl/Tables.java
index 9f869ff..87ad88d 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/Tables.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/Tables.java
@@ -19,7 +19,6 @@ package org.apache.accumulo.core.client.impl;
 import static com.google.common.base.Preconditions.checkArgument;
 import static java.nio.charset.StandardCharsets.UTF_8;
 
-import java.security.SecurityPermission;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -45,14 +44,9 @@ public class Tables {
 
   public static final String VALID_NAME_REGEX = "^(\\w+\\.)?(\\w+)$";
 
-  private static final SecurityPermission TABLES_PERMISSION = new SecurityPermission("tablesPermission");
   private static final AtomicLong cacheResetCount = new AtomicLong(0);
 
   private static ZooCache getZooCache(Instance instance) {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(TABLES_PERMISSION);
-    }
     return new ZooCacheFactory().getZooCache(instance.getZooKeepers(), instance.getZooKeepersSessionTimeOut());
   }
 

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
b/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
index d9bd4e8..f3ef127 100644
--- a/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
+++ b/core/src/main/java/org/apache/accumulo/core/client/impl/ThriftTransportPool.java
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.core.client.impl;
 
-import java.security.SecurityPermission;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
@@ -43,7 +42,6 @@ import com.google.common.annotations.VisibleForTesting;
 import com.google.common.net.HostAndPort;
 
 public class ThriftTransportPool {
-  private static SecurityPermission TRANSPORT_POOL_PERMISSION = new SecurityPermission("transportPoolPermission");
 
   private static final Random random = new Random();
   private long killTime = 1000 * 3;
@@ -593,11 +591,6 @@ public class ThriftTransportPool {
   private static final AtomicBoolean daemonStarted = new AtomicBoolean(false);
 
   public static ThriftTransportPool getInstance() {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(TRANSPORT_POOL_PERMISSION);
-    }
-
     if (daemonStarted.compareAndSet(false, true)) {
       CountDownLatch closerExitLatch = new CountDownLatch(1);
       new Daemon(new Closer(instance, closerExitLatch), "Thrift Connection Pool Checker").start();

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/core/src/main/java/org/apache/accumulo/core/file/streams/BoundedRangeFileInputStream.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/accumulo/core/file/streams/BoundedRangeFileInputStream.java
b/core/src/main/java/org/apache/accumulo/core/file/streams/BoundedRangeFileInputStream.java
index a033ad4..95ef4ea 100644
--- a/core/src/main/java/org/apache/accumulo/core/file/streams/BoundedRangeFileInputStream.java
+++ b/core/src/main/java/org/apache/accumulo/core/file/streams/BoundedRangeFileInputStream.java
@@ -18,9 +18,6 @@ package org.apache.accumulo.core.file.streams;
 
 import java.io.IOException;
 import java.io.InputStream;
-import java.security.AccessController;
-import java.security.PrivilegedActionException;
-import java.security.PrivilegedExceptionAction;
 
 import org.apache.hadoop.fs.Seekable;
 
@@ -94,18 +91,7 @@ public class BoundedRangeFileInputStream extends InputStream {
         throw new IOException("Stream closed");
       }
       ((Seekable) in).seek(pos);
-      try {
-        ret = AccessController.doPrivileged(new PrivilegedExceptionAction<Integer>()
{
-          @Override
-          public Integer run() throws IOException {
-            int ret = 0;
-            ret = in.read(b, off, n);
-            return ret;
-          }
-        });
-      } catch (PrivilegedActionException e) {
-        throw (IOException) e.getException();
-      }
+      ret = in.read(b, off, n);
     }
     if (ret < 0) {
       end = pos;

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooReaderWriter.java
----------------------------------------------------------------------
diff --git a/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooReaderWriter.java b/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooReaderWriter.java
index e7ba7d5..6baa57e 100644
--- a/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooReaderWriter.java
+++ b/fate/src/main/java/org/apache/accumulo/fate/zookeeper/ZooReaderWriter.java
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.fate.zookeeper;
 
-import java.security.SecurityPermission;
 import java.util.Arrays;
 import java.util.List;
 
@@ -35,8 +34,6 @@ import org.slf4j.LoggerFactory;
 public class ZooReaderWriter extends ZooReader implements IZooReaderWriter {
   private static final Logger log = LoggerFactory.getLogger(ZooReaderWriter.class);
 
-  private static SecurityPermission ZOOWRITER_PERMISSION = new SecurityPermission("zookeeperWriterPermission");
-
   private static ZooReaderWriter instance = null;
   private final String scheme;
   private final byte[] auth;
@@ -44,10 +41,6 @@ public class ZooReaderWriter extends ZooReader implements IZooReaderWriter
{
 
   @Override
   public ZooKeeper getZooKeeper() {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(ZOOWRITER_PERMISSION);
-    }
     return getSession(keepers, timeout, scheme, auth);
   }
 

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/server/base/src/main/java/org/apache/accumulo/server/conf/ServerConfigurationFactory.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/conf/ServerConfigurationFactory.java
b/server/base/src/main/java/org/apache/accumulo/server/conf/ServerConfigurationFactory.java
index 5cea8b5..464dbdd 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/conf/ServerConfigurationFactory.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/conf/ServerConfigurationFactory.java
@@ -16,7 +16,6 @@
  */
 package org.apache.accumulo.server.conf;
 
-import java.security.SecurityPermission;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -56,15 +55,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
     }
   }
 
-  private static final SecurityPermission CONFIGURATION_PERMISSION = new SecurityPermission("configurationPermission");
-  private static final SecurityManager SM = System.getSecurityManager();
-
-  private static void checkPermissions() {
-    if (SM != null) {
-      SM.checkPermission(CONFIGURATION_PERMISSION);
-    }
-  }
-
   static boolean removeCachedTableConfiguration(String instanceId, String tableId) {
     synchronized (tableConfigs) {
       return tableConfigs.get(instanceId).remove(tableId) != null;
@@ -119,7 +109,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
 
   public synchronized SiteConfiguration getSiteConfiguration() {
     if (siteConfig == null) {
-      checkPermissions();
       siteConfig = SiteConfiguration.getInstance(getDefaultConfiguration());
     }
     return siteConfig;
@@ -127,7 +116,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
 
   public synchronized DefaultConfiguration getDefaultConfiguration() {
     if (defaultConfig == null) {
-      checkPermissions();
       defaultConfig = DefaultConfiguration.getInstance();
     }
     return defaultConfig;
@@ -136,7 +124,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
   @Override
   public synchronized AccumuloConfiguration getConfiguration() {
     if (systemConfig == null) {
-      checkPermissions();
       systemConfig = new ZooConfigurationFactory().getInstance(instance, zcf, getSiteConfiguration());
     }
     return systemConfig;
@@ -144,7 +131,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
 
   @Override
   public TableConfiguration getTableConfiguration(String tableId) {
-    checkPermissions();
     TableConfiguration conf;
     synchronized (tableConfigs) {
       conf = tableConfigs.get(instanceID).get(tableId);
@@ -181,7 +167,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
   }
 
   public NamespaceConfiguration getNamespaceConfigurationForTable(String tableId) {
-    checkPermissions();
     NamespaceConfiguration conf;
     synchronized (tableParentConfigs) {
       conf = tableParentConfigs.get(instanceID).get(tableId);
@@ -201,7 +186,6 @@ public class ServerConfigurationFactory extends ServerConfiguration {
 
   @Override
   public NamespaceConfiguration getNamespaceConfiguration(String namespaceId) {
-    checkPermissions();
     NamespaceConfiguration conf;
     // can't hold the lock during the construction and validation of the config,
     // which may result in creating multiple objects for the same id, but that's ok.

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
b/server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
index 161e15e..2510f67 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/security/SystemCredentials.java
@@ -23,7 +23,6 @@ import java.io.DataOutputStream;
 import java.io.IOException;
 import java.security.MessageDigest;
 import java.security.NoSuchAlgorithmException;
-import java.security.SecurityPermission;
 import java.util.Base64;
 import java.util.Map.Entry;
 
@@ -46,8 +45,6 @@ import org.apache.hadoop.io.Writable;
  */
 public final class SystemCredentials extends Credentials {
 
-  private static final SecurityPermission SYSTEM_CREDENTIALS_PERMISSION = new SecurityPermission("systemCredentialsPermission");
-
   private static final String SYSTEM_PRINCIPAL = "!SYSTEM";
 
   private final TCredentials AS_THRIFT;
@@ -57,15 +54,7 @@ public final class SystemCredentials extends Credentials {
     AS_THRIFT = super.toThrift(instance);
   }
 
-  private static void check_permission() {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(SYSTEM_CREDENTIALS_PERMISSION);
-    }
-  }
-
   public static SystemCredentials get(Instance instance) {
-    check_permission();
     String principal = SYSTEM_PRINCIPAL;
     AccumuloConfiguration conf = SiteConfiguration.getInstance();
     if (conf.getBoolean(Property.INSTANCE_RPC_SASL_ENABLED)) {

http://git-wip-us.apache.org/repos/asf/accumulo/blob/693d5be1/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java
----------------------------------------------------------------------
diff --git a/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java
b/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java
index 0b23061..61ea682 100644
--- a/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java
+++ b/server/base/src/main/java/org/apache/accumulo/server/tables/TableManager.java
@@ -18,7 +18,6 @@ package org.apache.accumulo.server.tables;
 
 import static java.nio.charset.StandardCharsets.UTF_8;
 
-import java.security.SecurityPermission;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -49,7 +48,6 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 public class TableManager {
-  private static SecurityPermission TABLE_MANAGER_PERMISSION = new SecurityPermission("tableManagerPermission");
 
   private static final Logger log = LoggerFactory.getLogger(TableManager.class);
   private static final Set<TableObserver> observers = Collections.synchronizedSet(new
HashSet<TableObserver>());
@@ -91,10 +89,6 @@ public class TableManager {
   }
 
   public synchronized static TableManager getInstance() {
-    SecurityManager sm = System.getSecurityManager();
-    if (sm != null) {
-      sm.checkPermission(TABLE_MANAGER_PERMISSION);
-    }
     if (tableManager == null)
       tableManager = new TableManager();
     return tableManager;


Mime
View raw message