[
https://issues.apache.org/jira/browse/HBASE-19093?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16264668#comment-16264668
]
Anoop Sam John commented on HBASE-19093:
----------------------------------------
Ya that is what.. am not at all sure how we can a real test case for this. This
issue, when raised, the intent is to have a UT or check for each of the
Admin/Table methods to make sure ACL been checked for each of them? Ya a UT if
possible is really good. But if that is really tough (I think so), better we
dont have. WDYT? Lets check each of the API reading code and fix issues if
found any. Lets open sub task for each of the issue. Sounds ok?
> Check Admin/Table to ensure all operations go via AccessControl
> ---------------------------------------------------------------
>
> Key: HBASE-19093
> URL: https://issues.apache.org/jira/browse/HBASE-19093
> Project: HBase
> Issue Type: Sub-task
> Reporter: stack
> Assignee: Balazs Meszaros
> Priority: Blocker
> Fix For: 2.0.0-beta-1
>
> Attachments: HBASE-19093.master.001.patch,
> HBASE-19093.master.002.patch, RegionObserver.txt
>
>
> A cursory review of Admin Interface has a bunch of methods as open, with out
> AccessControl checks. For example, procedure executor has not check on it.
> This issue is about given the Admin and Table Interfaces a once-over to see
> what is missing and to fill in access control where missing.
> This is a follow-on from work over in HBASE-19048
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
