Return-Path: X-Original-To: apmail-hbase-issues-archive@www.apache.org Delivered-To: apmail-hbase-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id D790E10B7B for ; Tue, 1 Apr 2014 17:23:27 +0000 (UTC) Received: (qmail 28848 invoked by uid 500); 1 Apr 2014 17:23:20 -0000 Delivered-To: apmail-hbase-issues-archive@hbase.apache.org Received: (qmail 28735 invoked by uid 500); 1 Apr 2014 17:23:18 -0000 Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Delivered-To: mailing list issues@hbase.apache.org Received: (qmail 28714 invoked by uid 99); 1 Apr 2014 17:23:17 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 01 Apr 2014 17:23:17 +0000 Date: Tue, 1 Apr 2014 17:23:17 +0000 (UTC) From: "ramkrishna.s.vasudevan (JIRA)" To: issues@hbase.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Commented] (HBASE-10883) Restrict the universe of labels and authorizations MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/HBASE-10883?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13956787#comment-13956787 ] ramkrishna.s.vasudevan commented on HBASE-10883: ------------------------------------------------ bq.We better keep the validation at server side? I thought HConstants would help in client side validation. I thought of unifying but decided not to as I thought better to be client side, just on creation of Authorization object. > Restrict the universe of labels and authorizations > -------------------------------------------------- > > Key: HBASE-10883 > URL: https://issues.apache.org/jira/browse/HBASE-10883 > Project: HBase > Issue Type: Improvement > Affects Versions: 0.98.1 > Reporter: Andrew Purtell > Fix For: 0.99.0, 0.98.2 > > Attachments: HBASE-10883.patch, HBASE-10883_1.patch > > > Currently we allow any string as visibility label or request authorization. However as seen on HBASE-10878, we accept for authorizations strings that would not work if provided as labels in visibility expressions. We should throw an exception at least in cases where someone tries to define or use a label or authorization including visibility expression operators '&', '|', '!', '(', ')'. -- This message was sent by Atlassian JIRA (v6.2#6252)