hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ted Yu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-10883) Restrict the universe of labels and authorizations
Date Wed, 02 Apr 2014 22:51:17 GMT

    [ https://issues.apache.org/jira/browse/HBASE-10883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13958288#comment-13958288
] 

Ted Yu commented on HBASE-10883:
--------------------------------

{code}
+  public static final boolean isValidLabel(List<String> labels) {
{code}
The method can be package-private, right ?
{code}
   public Authorizations(List<String> labels) {
+    if (!VisibilityLabelsValidator.isValidLabel(labels)) {
{code}
Better include the label which is invalid in exception message.

> Restrict the universe of labels and authorizations
> --------------------------------------------------
>
>                 Key: HBASE-10883
>                 URL: https://issues.apache.org/jira/browse/HBASE-10883
>             Project: HBase
>          Issue Type: Improvement
>    Affects Versions: 0.98.1
>            Reporter: Andrew Purtell
>             Fix For: 0.99.0, 0.98.2
>
>         Attachments: HBASE-10883.patch, HBASE-10883_1.patch, HBASE-10883_2.patch
>
>
> Currently we allow any string as visibility label or request authorization. However as
seen on HBASE-10878, we accept for authorizations strings that would not work if provided
as labels in visibility expressions. We should throw an exception at least in cases where
someone tries to define or use a label or authorization including visibility expression operators
'&', '|', '!', '(', ')'.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message