hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From mberto...@apache.org
Subject [3/3] git commit: HBASE-12301 user_permission command does not show global permissions
Date Wed, 22 Oct 2014 09:48:31 GMT
HBASE-12301 user_permission command does not show global permissions


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/babc3a7a
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/babc3a7a
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/babc3a7a

Branch: refs/heads/0.98
Commit: babc3a7ab00220605b89f996c3d629bb545fd7fb
Parents: a93921c
Author: Matteo Bertozzi <matteo.bertozzi@cloudera.com>
Authored: Wed Oct 22 10:08:31 2014 +0100
Committer: Matteo Bertozzi <matteo.bertozzi@cloudera.com>
Committed: Wed Oct 22 10:47:31 2014 +0100

----------------------------------------------------------------------
 .../hadoop/hbase/protobuf/ProtobufUtil.java       |  6 +++---
 .../security/access/AccessControlClient.java      | 18 +++++++-----------
 .../hbase/security/access/AccessControlLists.java |  4 ++--
 hbase-shell/src/main/ruby/hbase/security.rb       |  2 +-
 .../main/ruby/shell/commands/user_permission.rb   |  2 +-
 5 files changed, 14 insertions(+), 18 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/babc3a7a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
index 809167c..41deff6 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/protobuf/ProtobufUtil.java
@@ -2285,7 +2285,7 @@ public final class ProtobufUtil {
     AccessControlProtos.GetUserPermissionsRequest request = builder.build();
     AccessControlProtos.GetUserPermissionsResponse response =
       protocol.getUserPermissions(null, request);
-    List<UserPermission> perms = new ArrayList<UserPermission>();
+    List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
     for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
       perms.add(ProtobufUtil.toUserPermission(perm));
     }
@@ -2313,7 +2313,7 @@ public final class ProtobufUtil {
     AccessControlProtos.GetUserPermissionsRequest request = builder.build();
     AccessControlProtos.GetUserPermissionsResponse response =
       protocol.getUserPermissions(null, request);
-    List<UserPermission> perms = new ArrayList<UserPermission>();
+    List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
     for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
       perms.add(ProtobufUtil.toUserPermission(perm));
     }
@@ -2341,7 +2341,7 @@ public final class ProtobufUtil {
     AccessControlProtos.GetUserPermissionsRequest request = builder.build();
     AccessControlProtos.GetUserPermissionsResponse response =
       protocol.getUserPermissions(null, request);
-    List<UserPermission> perms = new ArrayList<UserPermission>();
+    List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
     for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
       perms.add(ProtobufUtil.toUserPermission(perm));
     }

http://git-wip-us.apache.org/repos/asf/hbase/blob/babc3a7a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
----------------------------------------------------------------------
diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
index 861befd..fb008b1 100644
--- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
+++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlClient.java
@@ -45,12 +45,11 @@ import org.apache.hadoop.hbase.util.Bytes;
 @InterfaceAudience.Public
 @InterfaceStability.Evolving
 public class AccessControlClient {
+  public static final TableName ACL_TABLE_NAME =
+      TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
 
   private static HTable getAclTable(Configuration conf) throws IOException {
-    TableName aclTableName =
-        TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR,
-            AccessControlConstants.OP_ATTRIBUTE_ACL);
-    return new HTable(conf, aclTableName.getName());
+    return new HTable(conf, ACL_TABLE_NAME);
   }
 
   private static BlockingInterface getAccessControlServiceStub(HTable ht)
@@ -108,12 +107,10 @@ public class AccessControlClient {
   }
   public static boolean isAccessControllerRunning(Configuration conf)
       throws MasterNotRunningException, ZooKeeperConnectionException, IOException {
-    TableName aclTableName = TableName
-        .valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
     HBaseAdmin ha = null;
     try {
       ha = new HBaseAdmin(conf);
-      return ha.isTableAvailable(aclTableName.getNameAsString());
+      return ha.isTableAvailable(ACL_TABLE_NAME);
     } finally {
       if (ha != null) {
         ha.close();
@@ -144,6 +141,7 @@ public class AccessControlClient {
       }
     }
   }
+
   /**
    * Revokes the permission on the table for the specified user.
    * @param conf
@@ -178,16 +176,14 @@ public class AccessControlClient {
     HTable ht = null;
     HBaseAdmin ha = null;
     try {
-      TableName aclTableName =
-          TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
       ha = new HBaseAdmin(conf);
-      ht = new HTable(conf, aclTableName.getName());
+      ht = new HTable(conf, ACL_TABLE_NAME);
       CoprocessorRpcChannel service = ht.coprocessorService(HConstants.EMPTY_START_ROW);
       BlockingInterface protocol =
           AccessControlProtos.AccessControlService.newBlockingStub(service);
       HTableDescriptor[] htds = null;
 
-      if (tableRegex == null) {
+      if (tableRegex == null || tableRegex.isEmpty()) {
         permList = ProtobufUtil.getUserPermissions(protocol);
       } else if (tableRegex.charAt(0) == '@') {
         String namespace = tableRegex.substring(1);

http://git-wip-us.apache.org/repos/asf/hbase/blob/babc3a7a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
index c64a7d3..6af8b19 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
@@ -460,7 +460,7 @@ public class AccessControlLists {
    */
   static ListMultimap<String, TablePermission> getPermissions(Configuration conf,
       byte[] entryName) throws IOException {
-    if (entryName == null) entryName = ACL_TABLE_NAME.getName();
+    if (entryName == null) entryName = ACL_GLOBAL_NAME;
 
     // for normal user tables, we just read the table row from _acl_
     ListMultimap<String, TablePermission> perms = ArrayListMultimap.create();
@@ -655,7 +655,7 @@ public class AccessControlLists {
   public static boolean isNamespaceEntry(byte[] entryName) {
     return entryName[0] == NAMESPACE_PREFIX;
   }
-  
+
   public static String toNamespaceEntry(String namespace) {
      return NAMESPACE_PREFIX + namespace;
    }

http://git-wip-us.apache.org/repos/asf/hbase/blob/babc3a7a/hbase-shell/src/main/ruby/hbase/security.rb
----------------------------------------------------------------------
diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 925188c..154c5ca 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -156,7 +156,7 @@ module Hbase
       count  = 0
       all_perms.each do |value|
           user_name = String.from_java_bytes(value.getUser)
-          if (isNamespace?(table_regex))
+          if (table_regex != nil && isNamespace?(table_regex))
             namespace = table_regex[1...table_regex.length]
           else
             namespace = (value.getTableName != nil) ? value.getTableName.getNamespaceAsString()
: ''

http://git-wip-us.apache.org/repos/asf/hbase/blob/babc3a7a/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
----------------------------------------------------------------------
diff --git a/hbase-shell/src/main/ruby/shell/commands/user_permission.rb b/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
index 7c29261..57d83be 100644
--- a/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
+++ b/hbase-shell/src/main/ruby/shell/commands/user_permission.rb
@@ -33,7 +33,7 @@ For example:
 EOF
       end
 
-      def command(table_regex=".*")
+      def command(table_regex=nil)
         #format_simple_command do
         #admin.user_permission(table_regex)
         now = Time.now


Mime
View raw message