[jira] [Commented] (HBASE-20639) Implement permission checking through AccessController instead of RSGroupAdminEndpoint

Mon, 28 May 2018 03:38:04 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-20639?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16492510#comment-16492510
 ] 

Hudson commented on HBASE-20639:
--------------------------------

Results for branch branch-2
        [build #792 on 
builds.a.o|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/792/]: 
(x) *{color:red}-1 overall{color}*
----
details (if available):

(/) {color:green}+1 general checks{color}
-- For more information [see general 
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/792//General_Nightly_Build_Report/]




(x) {color:red}-1 jdk8 hadoop2 checks{color}
-- For more information [see jdk8 (hadoop2) 
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/792//JDK8_Nightly_Build_Report_(Hadoop2)/]


(x) {color:red}-1 jdk8 hadoop3 checks{color}
-- For more information [see jdk8 (hadoop3) 
report|https://builds.apache.org/job/HBase%20Nightly/job/branch-2/792//JDK8_Nightly_Build_Report_(Hadoop3)/]


(x) {color:red}-1 source release artifact{color}
-- See build output for details.


> Implement permission checking through AccessController instead of 
> RSGroupAdminEndpoint
> --------------------------------------------------------------------------------------
>
>                 Key: HBASE-20639
>                 URL: https://issues.apache.org/jira/browse/HBASE-20639
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Ted Yu
>            Assignee: Nihal Jain
>            Priority: Major
>             Fix For: 3.0.0, 2.1.0
>
>         Attachments: HBASE-20639.master.001.patch, 
> HBASE-20639.master.002.patch, HBASE-20639.master.002.patch
>
>
> Currently permission checking for various RS group operations is done via 
> RSGroupAdminEndpoint.
> e.g. in RSGroupAdminServiceImpl#moveServers() :
> {code}
>         checkPermission("moveServers");
>         groupAdminServer.moveServers(hostPorts, request.getTargetGroup());
> {code}
> The practice in remaining parts of hbase is to perform permission checking 
> within AccessController.
> Now that observer hooks for RS group operations are in right place, we should 
> follow best practice and move permission checking to AccessController.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to