accumulo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Josh Elser" <>
Subject Re: Review Request 25915: ACCUMULO-3135 Modify server-side table-operations to throw ThriftTableOperationException when table doesn't exist instead of ThriftSecurityException
Date Tue, 23 Sep 2014 02:12:01 GMT

This is an automatically generated e-mail. To reply, visit:

(Updated Sept. 23, 2014, 2:12 a.m.)

Review request for accumulo and kturner.


Described some (contrived) testing I did.

Bugs: ACCUMULO-3135

Repository: accumulo


The server-side implementations of the table operations typically
follow the pattern of: accept table name, get table id, check
permission, run table operation.

Fetching the table id does a (trusted) check of whether or not
the table that was requested to operate upon actually exists or
not (we don't want to blindly accept table IDs from users in most
cases). However, there is a race condition in which a table may
be deleted after we fetch the table ID and before we can check the
permissions for the user on said table.

SecurityOperation only throws ThriftSecurityExceptions. While this
makes sense in the context of the SecurityOperation class, we have
to translate a ThriftSecurityException for a nonexistent table
into a ThriftTableOperationException so that the client implementation
will throw a TableNotFoundException instead of an AccumuloSecurityException.


  server/src/main/java/org/apache/accumulo/server/master/ 12f8fed 


Testing (updated)

Ran unit tests so far. Modified the MasterClientServiceHandler to sleep before rename and
clone, then used MiniAccumuloCluster to start a rename/clone and delete the source table before
the operation could start. Then, I made sure that the exception coming back out of TableOperations
was a TableNotFoundException, not an AccumuloSecurityException.


Josh Elser

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message