hbase-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From zhang...@apache.org
Subject [25/51] [abbrv] hbase git commit: HBASE-19678 HBase Admin security capabilities should be represented as a Set (BELUGA BEHR)
Date Tue, 02 Jan 2018 02:01:19 GMT
HBASE-19678 HBase Admin security capabilities should be represented as a Set (BELUGA BEHR)


Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/6c2aa4c9
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/6c2aa4c9
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/6c2aa4c9

Branch: refs/heads/HBASE-19397
Commit: 6c2aa4c9ccea04ccf5c9c84de9677bd6232856e1
Parents: 360d465
Author: tedyu <yuzhihong@gmail.com>
Authored: Sun Dec 31 11:31:44 2017 -0800
Committer: tedyu <yuzhihong@gmail.com>
Committed: Sun Dec 31 11:31:44 2017 -0800

----------------------------------------------------------------------
 .../hadoop/hbase/security/Superusers.java       | 25 ++++++++++----------
 .../security/access/TestAccessController.java   |  3 ++-
 2 files changed, 14 insertions(+), 14 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/hbase/blob/6c2aa4c9/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
----------------------------------------------------------------------
diff --git a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
index c52c764..1089197 100644
--- a/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
+++ b/hbase-common/src/main/java/org/apache/hadoop/hbase/security/Superusers.java
@@ -20,8 +20,9 @@
 package org.apache.hadoop.hbase.security;
 
 import java.io.IOException;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Set;
 
 import org.apache.hadoop.conf.Configuration;
 import org.apache.hadoop.hbase.AuthUtil;
@@ -40,8 +41,8 @@ public final class Superusers {
   /** Configuration key for superusers */
   public static final String SUPERUSER_CONF_KEY = "hbase.superuser"; // Not getting a name
 
-  private static List<String> superUsers;
-  private static List<String> superGroups;
+  private static Set<String> superUsers;
+  private static Set<String> superGroups;
   private static User systemUser;
 
   private Superusers(){}
@@ -54,8 +55,8 @@ public final class Superusers {
    * @throws IllegalStateException if current user is null
    */
   public static void initialize(Configuration conf) throws IOException {
-    superUsers = new ArrayList<>();
-    superGroups = new ArrayList<>();
+    superUsers = new HashSet<>();
+    superGroups = new HashSet<>();
     systemUser = User.getCurrent();
 
     if (systemUser == null) {
@@ -63,10 +64,10 @@ public final class Superusers {
         + "authorization checks for internal operations will not work correctly!");
     }
 
-    if (LOG.isTraceEnabled()) {
-      LOG.trace("Current user name is " + systemUser.getShortName());
-    }
     String currentUser = systemUser.getShortName();
+    LOG.trace("Current user name is {}", currentUser);
+    superUsers.add(currentUser);
+
     String[] superUserList = conf.getStrings(SUPERUSER_CONF_KEY, new String[0]);
     for (String name : superUserList) {
       if (AuthUtil.isGroupPrincipal(name)) {
@@ -75,7 +76,6 @@ public final class Superusers {
         superUsers.add(name);
       }
     }
-    superUsers.add(currentUser);
   }
 
   /**
@@ -88,12 +88,11 @@ public final class Superusers {
   public static boolean isSuperUser(User user) {
     if (superUsers == null) {
       throw new IllegalStateException("Super users/super groups lists"
-        + " haven't been initialized properly.");
+        + " have not been initialized properly.");
     }
     if (superUsers.contains(user.getShortName())) {
       return true;
     }
-
     for (String group : user.getGroupNames()) {
       if (superGroups.contains(group)) {
         return true;
@@ -102,7 +101,7 @@ public final class Superusers {
     return false;
   }
 
-  public static List<String> getSuperUsers() {
+  public static Collection<String> getSuperUsers() {
     return superUsers;
   }
 

http://git-wip-us.apache.org/repos/asf/hbase/blob/6c2aa4c9/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
----------------------------------------------------------------------
diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
index 138a40e..f181747 100644
--- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
+++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
@@ -34,6 +34,7 @@ import java.io.IOException;
 import java.security.PrivilegedAction;
 import java.util.ArrayList;
 import java.util.Arrays;
+import java.util.Collection;
 import java.util.Collections;
 import java.util.List;
 
@@ -1677,7 +1678,7 @@ public class TestAccessController extends SecureTestUtil {
       acl.close();
     }
 
-    List<String> superUsers = Superusers.getSuperUsers();
+    Collection<String> superUsers = Superusers.getSuperUsers();
     List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);
     adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),
       AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));


Mime
View raw message