Srikanth Srungarapu created HBASE-12925:
-------------------------------------------
Summary: Use acl cache for doing access control checks in prepare
and clean phases of Bulkloading.
Key: HBASE-12925
URL: https://issues.apache.org/jira/browse/HBASE-12925
Project: HBase
Issue Type: Bug
Reporter: Srikanth Srungarapu
Assignee: Srikanth Srungarapu
Currently, prepareBulkLoad and cleanupBulkLoad are using "hasSomeAccess", which
performs scan on ACL table, instead of using TableAuthManager. Also, the method
"hasSomeAccess" has a logical error, as it doesn't filter the acl scan results
by the current active user. More specifically
{code}
for (UserPermission userPerm: perms) {
for (Action userAction: userPerm.getActions()) {
if (userAction.equals(action)) {
return AuthResult.allow(method, "Access allowed", requestUser,
action, tableName, null, null);
}
}
}
{code}
The if clause ideally should be having something like
userPerm.getUser.equals(requestUser). This issue will help us in getting rid of
this problematic implementation.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
