[
https://issues.apache.org/jira/browse/HBASE-14655?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14971876#comment-14971876
]
Andrew Purtell commented on HBASE-14655:
----------------------------------------
bq. The purpose of the original JIRA is to be able to ACL check and audit the
'request' user before perform the user compaction request. The AccessController
only implemented preCommit(), with no checking or auditing for the other preXXX
(e.g preCompactSelection, preCompactScannerOpen) or postXXX.
postXXX is not where authoritative decisions would be made, so we don't need to
worry about which user is running the code at that step.
We will have coprocessors on preXXX hooks expecting to make authoritative
decisions will all information available to them including the request user.
This used to be easier to reason about back in the 0.94 days. Today the
assumptions the AccessController makes that upcalls are all executing in the
context of the request user are not always valid.
Going forward we can use doAs to set up the user context for upcalls for
coprocessors that care (AccessController), or we can modify those coprocessors
to get the request user using a relevant API, adding such API if missing.
Either approach works. I do agree we should make a comprehensive effort. Both
this and HBASE-14631 are fine on their own. I'm going to make an umbrella and
reparent this and HBASE-14631 to it as subtasks. We can add more tasks as
needed. Since you brought this up [~jerryhe] would you like to do the honors?
> Narrow the scope of doAs() calls to region observer notifications for
> compaction
> --------------------------------------------------------------------------------
>
> Key: HBASE-14655
> URL: https://issues.apache.org/jira/browse/HBASE-14655
> Project: HBase
> Issue Type: Bug
> Reporter: Ted Yu
> Assignee: Ted Yu
> Fix For: 2.0.0, 1.2.0, 1.3.0, 1.0.3, 1.1.3, 0.98.16
>
> Attachments: 14655-0.98-v9.txt, 14655-0.98-v9.txt,
> 14655-branch-1-v5.txt, 14655-branch-1-v6.txt, 14655-branch-1-v7.txt,
> 14655-branch-1-v8.txt, 14655-branch-1-v9.txt, 14655-branch-1.0-v10.txt,
> 14655-branch-1.0-v6.txt, 14655-branch-1.0-v7.txt, 14655-branch-1.0-v8.txt,
> 14655-branch-1.0-v9.txt, 14655-v1.txt, 14655-v2.txt, 14655-v3.txt,
> 14655-v4.txt, 14655-v5.txt, 14655-v6.txt, 14655-v7.txt, 14655-v8.txt,
> 14655-v9.txt
>
>
> As what has been done in HBASE-14631 and HBASE-14605, the scope of calling
> doAs() for compaction related region observer notifications should be
> narrowed.
> User object is passed from CompactSplitThread down to the methods where
> region observer notifications are made.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
