[ https://issues.apache.org/jira/browse/HBASE-19634?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Duo Zhang updated HBASE-19634: ------------------------------ Attachment: HBASE-19634-HBASE-19397-v2.patch Temporary ignore the permission check for executeProcedures to let the UT pass. [~stack] I'm a bit confused sir, is master required to be started with a super user? If not then how can we check permission for the cluster management rpc calls? In HBaseTestingUtility, we will start master and regionserver as different users... Thanks. > Add permission check for executeProcedures in AccessController > -------------------------------------------------------------- > > Key: HBASE-19634 > URL: https://issues.apache.org/jira/browse/HBASE-19634 > Project: HBase > Issue Type: Sub-task > Components: proc-v2, Replication > Reporter: Duo Zhang > Assignee: Duo Zhang > Attachments: HBASE-19634-HBASE-19397-v1.patch, > HBASE-19634-HBASE-19397-v1.patch, HBASE-19634-HBASE-19397-v2.patch, > HBASE-19634-HBASE-19397.patch > > > This is important, the actual refresh on RS is trigger by the > executeProcedure call and it will pass some information. These information > should not be fully trusted since anyone can all this method. We need to make > sure that the actual data/state for a replication peer is always loaded from > the replication storage, not from the parameter of the executeProcedure call. -- This message was sent by Atlassian JIRA (v6.4.14#64029)