[ https://issues.apache.org/jira/browse/HBASE-13294?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14372606#comment-14372606 ]
Hadoop QA commented on HBASE-13294: ----------------------------------- {color:green}+1 overall{color}. Here are the results of testing the latest attachment http://issues.apache.org/jira/secure/attachment/12706133/HBASE-13294_v5.patch against master branch at commit 8dfed5dc88f1c8008345b22e99224cb945fd0941. ATTACHMENT ID: 12706133 {color:green}+1 @author{color}. The patch does not contain any @author tags. {color:green}+1 tests included{color}. The patch appears to include 21 new or modified tests. {color:green}+1 hadoop versions{color}. The patch compiles with all supported hadoop versions (2.4.1 2.5.2 2.6.0) {color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings. {color:green}+1 javac{color}. The applied patch does not increase the total number of javac compiler warnings. {color:green}+1 javadoc{color}. The javadoc tool did not generate any warning messages. {color:green}+1 checkstyle{color}. The applied patch does not increase the total number of checkstyle errors {color:green}+1 findbugs{color}. The patch does not introduce any new Findbugs (version 2.0.3) warnings. {color:green}+1 release audit{color}. The applied patch does not increase the total number of release audit warnings. {color:green}+1 lineLengths{color}. The patch does not introduce lines longer than 100 {color:green}+1 site{color}. The mvn site goal succeeds with this patch. {color:green}+1 core tests{color}. The patch passed unit tests in . Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//testReport/ Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-rest.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-common.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-client.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-annotations.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop-compat.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-server.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-prefix-tree.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-protocol.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-thrift.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-examples.html Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/newPatchFindbugsWarningshbase-hadoop2-compat.html Checkstyle Errors: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//artifact/patchprocess/checkstyle-aggregate.html Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/13350//console This message is automatically generated. > Fix the critical ancient loopholes in security testing infrastructure. > ---------------------------------------------------------------------- > > Key: HBASE-13294 > URL: https://issues.apache.org/jira/browse/HBASE-13294 > Project: HBase > Issue Type: Bug > Reporter: Srikanth Srungarapu > Assignee: Srikanth Srungarapu > Attachments: HBASE-13294.patch, HBASE-13294_v2.patch, > HBASE-13294_v3.patch, HBASE-13294_v3.patch, HBASE-13294_v4.patch, > HBASE-13294_v5.patch > > > Unfortunately, the "verifyDenied" method doesn't fail when action parameter > returns null. The relevant code snippet > {code} > try { > Object obj = user.runAs(action); > if (requireException) { > fail("Expected exception was not thrown for user '" + > user.getShortName() + "'"); > } > if (obj != null && obj instanceof List<?>) { > List<?> results = (List<?>) obj; > if (results != null && !results.isEmpty()) { > fail("Unexpected results for user '" + user.getShortName() + "'"); > } > } > } > {code} > As you can see, when obj is null, it returns silently. > Fixing this issue has uncovered another major bug. While constructing > actions, we're using TEST_UTIL.getConnection(), which replaces the "doAs" > user with the user who initiated the connection. I really am grateful to > [~mbertozzi] without whom debugging this would have been a nightmare. > Now, fixing these two issues have uncovered more issues in our tests :). The > main one is we're allowing the table owner to truncate table in code. But, in > test, we're not allowing him. We should either remove the code that allows > owner or document that the table owner can truncate table. > The other minor issues include granting permissions to namespace, but > checking whether user was able to access tables inside other namespace. > That's it, folks! -- This message was sent by Atlassian JIRA (v6.3.4#6332)