[ https://issues.apache.org/jira/browse/HBASE-19483?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16291543#comment-16291543 ]
Andrew Purtell commented on HBASE-19483: ---------------------------------------- In branch-1, as long as current interfaces don't change it would be fine to do this refactor. No need to change MasterObserver in branch-1 if we are adding hooks and code to the RSGroupAdminEndpoint. That's big. No worries about compat if the code changes are an internal refactor and sharing of Private annotated code. > Add proper privilege check for rsgroup commands > ----------------------------------------------- > > Key: HBASE-19483 > URL: https://issues.apache.org/jira/browse/HBASE-19483 > Project: HBase > Issue Type: Bug > Reporter: Ted Yu > Assignee: Guangxu Cheng > Fix For: 1.4.1, 1.5.0, 2.0.0-beta-1 > > Attachments: HBASE-19483.master.001.patch, > HBASE-19483.master.002.patch, HBASE-19483.master.003.patch > > > Currently list_rsgroups command can be executed by any user. > This is inconsistent with other list commands such as list_peers and > list_peer_configs. > We should add proper privilege check for list_rsgroups command. > privilege check should be added for get_table_rsgroup / get_server_rsgroup / > get_rsgroup commands. -- This message was sent by Atlassian JIRA (v6.4.14#64029)