From 0e06ade694e8bfd23898c958d219470ae89d1d32 Mon Sep 17 00:00:00 2001 From: tedyu Date: Tue, 17 Jan 2017 09:38:50 -0800 Subject: [PATCH] HBASE-17469 Properly handle empty TableName in TablePermission#readFields and #write (Manjunath Anand) --- .../security/access/TablePermission.java | 20 ++++++++++--------- .../security/access/TestTablePermissions.java | 2 ++ 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java index 3c75730f41a..55eeebbab90 100644 --- a/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java +++ b/hbase-client/src/main/java/org/apache/hadoop/hbase/security/access/TablePermission.java @@ -191,7 +191,7 @@ public class TablePermission extends Permission { * by this permission, false */ public boolean implies(String namespace, Action action) { - if (!this.namespace.equals(namespace)) { + if (this.namespace == null || !this.namespace.equals(namespace)) { return false; } @@ -214,7 +214,7 @@ public class TablePermission extends Permission { */ public boolean implies(TableName table, byte[] family, byte[] qualifier, Action action) { - if (!this.table.equals(table)) { + if (this.table == null || !this.table.equals(table)) { return false; } @@ -244,7 +244,7 @@ public class TablePermission extends Permission { * by this permission, otherwise false */ public boolean implies(TableName table, KeyValue kv, Action action) { - if (!this.table.equals(table)) { + if (this.table == null || !this.table.equals(table)) { return false; } @@ -273,7 +273,7 @@ public class TablePermission extends Permission { * return false. */ public boolean matchesFamily(TableName table, byte[] family, Action action) { - if (!this.table.equals(table)) { + if (this.table == null || !this.table.equals(table)) { return false; } @@ -362,17 +362,16 @@ public class TablePermission extends Permission { str.append("namespace=").append(namespace) .append(", "); } - else if(table != null) { + if(table != null) { str.append("table=").append(table) .append(", family=") .append(family == null ? null : Bytes.toString(family)) .append(", qualifier=") .append(qualifier == null ? null : Bytes.toString(qualifier)) .append(", "); - } else { - str.append("actions="); } if (actions != null) { + str.append("actions="); for (int i=0; i 0) str.append(","); @@ -391,7 +390,9 @@ public class TablePermission extends Permission { public void readFields(DataInput in) throws IOException { super.readFields(in); byte[] tableBytes = Bytes.readByteArray(in); - table = TableName.valueOf(tableBytes); + if(tableBytes.length > 0) { + table = TableName.valueOf(tableBytes); + } if (in.readBoolean()) { family = Bytes.readByteArray(in); } @@ -406,7 +407,8 @@ public class TablePermission extends Permission { @Override public void write(DataOutput out) throws IOException { super.write(out); - Bytes.writeByteArray(out, table.getName()); + // Explicitly writing null to maintain se/deserialize backward compatibility. + Bytes.writeByteArray(out, (table == null) ? null : table.getName()); out.writeBoolean(family != null); if (family != null) { Bytes.writeByteArray(out, family); diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java index 84fa04dbebe..b6d15e72e17 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestTablePermissions.java @@ -340,6 +340,8 @@ public class TestTablePermissions { TablePermission.Action.READ)); permissions.put("hubert", new TablePermission(TEST_TABLE2, null, TablePermission.Action.READ, TablePermission.Action.WRITE)); + permissions.put("bruce",new TablePermission(TEST_NAMESPACE, + TablePermission.Action.READ)); return permissions; }