From commits-return-67907-archive-asf-public=cust-asf.ponee.io@hbase.apache.org Thu Feb 15 05:33:32 2018 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 581491807A1 for ; Thu, 15 Feb 2018 05:33:31 +0100 (CET) Received: (qmail 43746 invoked by uid 500); 15 Feb 2018 04:33:29 -0000 Mailing-List: contact commits-help@hbase.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@hbase.apache.org Delivered-To: mailing list commits@hbase.apache.org Received: (qmail 43363 invoked by uid 99); 15 Feb 2018 04:33:29 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 15 Feb 2018 04:33:29 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 36CB1F323C; Thu, 15 Feb 2018 04:33:27 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: zhangduo@apache.org To: commits@hbase.apache.org Date: Thu, 15 Feb 2018 04:33:31 -0000 Message-Id: <4fb432e2d8314c6eba156530c9d00fe5@git.apache.org> In-Reply-To: <35bc54bbf00247a7a84b9c215604893e@git.apache.org> References: <35bc54bbf00247a7a84b9c215604893e@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [05/30] hbase git commit: HBASE-19970 Remove unused functions from TableAuthManager. HBASE-19970 Remove unused functions from TableAuthManager. Functions deleted: setTableUserPermissions, setTableGroupPermissions, setNamespaceUserPermissions, setNamespaceGroupPermissions, writeTableToZooKeeper, writeNamespaceToZooKeeper Project: http://git-wip-us.apache.org/repos/asf/hbase/repo Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/7cc239fb Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/7cc239fb Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/7cc239fb Branch: refs/heads/HBASE-19064 Commit: 7cc239fb5ac0ce3f22d93d1dbf7e80609427710a Parents: c2ee82c Author: Apekshit Sharma Authored: Fri Feb 9 18:32:20 2018 -0800 Committer: Apekshit Sharma Committed: Mon Feb 12 16:01:29 2018 -0800 ---------------------------------------------------------------------- .../security/access/AccessControlLists.java | 3 +- .../hbase/security/access/AccessController.java | 6 +- .../hbase/security/access/TableAuthManager.java | 75 -------------------- .../security/access/TestTablePermissions.java | 2 +- .../access/TestZKPermissionWatcher.java | 55 +++++++------- 5 files changed, 33 insertions(+), 108 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hbase/blob/7cc239fb/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java index b0f33bd..663d0c5 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java @@ -644,8 +644,7 @@ public class AccessControlLists { * * Writes a set of permission [user: table permission] */ - public static byte[] writePermissionsAsBytes(ListMultimap perms, - Configuration conf) { + public static byte[] writePermissionsAsBytes(ListMultimap perms) { return ProtobufUtil.prependPBMagic(AccessControlUtil.toUserTablePermissions(perms).toByteArray()); } http://git-wip-us.apache.org/repos/asf/hbase/blob/7cc239fb/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java index 1fbf01d..3ac92b8 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java @@ -247,7 +247,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor, tables.entrySet()) { byte[] entry = t.getKey(); ListMultimap perms = t.getValue(); - byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms, conf); + byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms); getAuthManager().getZKPermissionWatcher().writeToZookeeper(entry, serialized); } initialized = true; @@ -284,7 +284,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor, currentEntry = entry; ListMultimap perms = AccessControlLists.getPermissions(conf, entry, t); - byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms, conf); + byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms); zkw.writeToZookeeper(entry, serialized); } } catch(IOException ex) { @@ -2456,7 +2456,7 @@ public class AccessController implements MasterCoprocessor, RegionCoprocessor, throws IOException { requirePermission(ctx, "replicateLogEntries", Action.WRITE); } - + @Override public void preClearCompactionQueues(ObserverContext ctx) throws IOException { http://git-wip-us.apache.org/repos/asf/hbase/blob/7cc239fb/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java index 76feff4..fdfd5c8 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/TableAuthManager.java @@ -656,81 +656,6 @@ public class TableAuthManager implements Closeable { tableCache.remove(table); } - /** - * Overwrites the existing permission set for a given user for a table, and - * triggers an update for zookeeper synchronization. - * @param username - * @param table - * @param perms - */ - public void setTableUserPermissions(String username, TableName table, - List perms) { - PermissionCache tablePerms = getTablePermissions(table); - tablePerms.replaceUser(username, perms); - writeTableToZooKeeper(table, tablePerms); - } - - /** - * Overwrites the existing permission set for a group and triggers an update - * for zookeeper synchronization. - * @param group - * @param table - * @param perms - */ - public void setTableGroupPermissions(String group, TableName table, - List perms) { - PermissionCache tablePerms = getTablePermissions(table); - tablePerms.replaceGroup(group, perms); - writeTableToZooKeeper(table, tablePerms); - } - - /** - * Overwrites the existing permission set for a given user for a table, and - * triggers an update for zookeeper synchronization. - * @param username - * @param namespace - * @param perms - */ - public void setNamespaceUserPermissions(String username, String namespace, - List perms) { - PermissionCache tablePerms = getNamespacePermissions(namespace); - tablePerms.replaceUser(username, perms); - writeNamespaceToZooKeeper(namespace, tablePerms); - } - - /** - * Overwrites the existing permission set for a group and triggers an update - * for zookeeper synchronization. - * @param group - * @param namespace - * @param perms - */ - public void setNamespaceGroupPermissions(String group, String namespace, - List perms) { - PermissionCache tablePerms = getNamespacePermissions(namespace); - tablePerms.replaceGroup(group, perms); - writeNamespaceToZooKeeper(namespace, tablePerms); - } - - public void writeTableToZooKeeper(TableName table, - PermissionCache tablePerms) { - byte[] serialized = new byte[0]; - if (tablePerms != null) { - serialized = AccessControlLists.writePermissionsAsBytes(tablePerms.getAllPermissions(), conf); - } - zkperms.writeToZookeeper(table.getName(), serialized); - } - - public void writeNamespaceToZooKeeper(String namespace, - PermissionCache tablePerms) { - byte[] serialized = new byte[0]; - if (tablePerms != null) { - serialized = AccessControlLists.writePermissionsAsBytes(tablePerms.getAllPermissions(), conf); - } - zkperms.writeToZookeeper(Bytes.toBytes(AccessControlLists.toNamespaceEntry(namespace)), - serialized); - } - public long getMTime() { return mtime.get(); } http://git-wip-us.apache.org/repos/asf/hbase/blob/7cc239fb/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java index 7243690..cabd984 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java @@ -293,7 +293,7 @@ public class TestTablePermissions { public void testSerialization() throws Exception { Configuration conf = UTIL.getConfiguration(); ListMultimap permissions = createPermissions(); - byte[] permsData = AccessControlLists.writePermissionsAsBytes(permissions, conf); + byte[] permsData = AccessControlLists.writePermissionsAsBytes(permissions); ListMultimap copy = AccessControlLists.readPermissions(permsData, conf); http://git-wip-us.apache.org/repos/asf/hbase/blob/7cc239fb/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java index c8ab863..84cdea2 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestZKPermissionWatcher.java @@ -21,6 +21,7 @@ import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; import java.util.ArrayList; +import java.util.Collections; import java.util.List; import java.util.concurrent.atomic.AtomicBoolean; import org.apache.hadoop.conf.Configuration; @@ -33,6 +34,8 @@ import org.apache.hadoop.hbase.security.User; import org.apache.hadoop.hbase.testclassification.LargeTests; import org.apache.hadoop.hbase.testclassification.SecurityTests; import org.apache.hadoop.hbase.zookeeper.ZKWatcher; +import org.apache.hbase.thirdparty.com.google.common.collect.ArrayListMultimap; +import org.apache.hbase.thirdparty.com.google.common.collect.ListMultimap; import org.junit.AfterClass; import org.junit.BeforeClass; import org.junit.ClassRule; @@ -92,6 +95,26 @@ public class TestZKPermissionWatcher { UTIL.shutdownMiniCluster(); } + private void setTableACL( + User user, TableAuthManager srcAuthManager, TableAuthManager destAuthManager, + TablePermission.Action... actions) throws Exception{ + // update ACL: george RW + ListMultimap perms = ArrayListMultimap.create(); + perms.replaceValues(user.getShortName(), + Collections.singletonList(new TablePermission(TEST_TABLE, null, actions))); + byte[] serialized = AccessControlLists.writePermissionsAsBytes(perms); + final long mtime = destAuthManager.getMTime(); + srcAuthManager.getZKPermissionWatcher().writeToZookeeper(TEST_TABLE.getName(), serialized); + // Wait for the update to propagate + UTIL.waitFor(10000, 100, new Predicate() { + @Override + public boolean evaluate() throws Exception { + return destAuthManager.getMTime() > mtime; + } + }); + Thread.sleep(1000); + } + @Test public void testPermissionsWatcher() throws Exception { Configuration conf = UTIL.getConfiguration(); @@ -116,20 +139,9 @@ public class TestZKPermissionWatcher { assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null, TablePermission.Action.WRITE)); - // update ACL: george RW - List acl = new ArrayList<>(1); - acl.add(new TablePermission(TEST_TABLE, null, TablePermission.Action.READ, - TablePermission.Action.WRITE)); - final long mtimeB = AUTH_B.getMTime(); - AUTH_A.setTableUserPermissions(george.getShortName(), TEST_TABLE, acl); - // Wait for the update to propagate - UTIL.waitFor(10000, 100, new Predicate() { - @Override - public boolean evaluate() throws Exception { - return AUTH_B.getMTime() > mtimeB; - } - }); - Thread.sleep(1000); + // update ACL: george, RW + setTableACL(george, AUTH_A, AUTH_B, + TablePermission.Action.READ, TablePermission.Action.WRITE); // check it assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null, @@ -149,19 +161,8 @@ public class TestZKPermissionWatcher { assertFalse(AUTH_B.authorizeUser(hubert, TEST_TABLE, null, TablePermission.Action.WRITE)); - // update ACL: hubert R - acl = new ArrayList<>(1); - acl.add(new TablePermission(TEST_TABLE, null, TablePermission.Action.READ)); - final long mtimeA = AUTH_A.getMTime(); - AUTH_B.setTableUserPermissions("hubert", TEST_TABLE, acl); - // Wait for the update to propagate - UTIL.waitFor(10000, 100, new Predicate() { - @Override - public boolean evaluate() throws Exception { - return AUTH_A.getMTime() > mtimeA; - } - }); - Thread.sleep(1000); + // update ACL: hubert, Read + setTableACL(hubert, AUTH_B, AUTH_A, TablePermission.Action.READ); // check it assertTrue(AUTH_A.authorizeUser(george, TEST_TABLE, null,