Hi hbase-dev,
Why do we need ADMIN permissions for
AccessController#preListDecommissionedRegionServers
API ?
>From Phoenix, we are calling Admin#getRegionServers(true) where the
argument excludeDecommissionedRS is set to true. [1]
If excludeDecommissionedRS is set to true and if we have
AccessController co-proc
attached, it requires ADMIN permissions to execute
listDecommissionedRegionServers RPC. [2]
Snippet below
@Override
public void
preListDecommissionedRegionServers(ObserverContext<MasterCoprocessorEnvironment>
ctx)
throws IOException {
requirePermission(ctx, "listDecommissionedRegionServers", Action.ADMIN);
}
I understand that we need ADMIN permissions
for preDecommissionRegionServers and preRecommissionRegionServers because
it changes the membership of regionservers but I don’t see any need for
ADMIN permissions for listDecommissionedRegionServers.
Does anyone have objections if we relax the requirement to READ permissions
instead of ADMIN permissions?
I have created HBASE-28391
<https://issues.apache.org/jira/browse/HBASE-28391> to implement this.
Thank you !
1.
https://github.com/apache/hbase/blob/branch-2.5/hbase-client/src/main/java/org/apache/hadoop/hbase/client/Admin.java#L1721-L1730
2.
https://github.com/apache/hbase/blob/branch-2.5/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java#L1205-L1207
