HBASE-12301 user_permission command does not show global permissions
This commit is contained in:
Matteo Bertozzi
parent
feaa8fa9c8
commit
2908c11371
|
|
@ -2279,7 +2279,7 @@ public final class ProtobufUtil {
|
||||||
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
||||||
AccessControlProtos.GetUserPermissionsResponse response =
|
AccessControlProtos.GetUserPermissionsResponse response =
|
||||||
protocol.getUserPermissions(null, request);
|
protocol.getUserPermissions(null, request);
|
||||||
List<UserPermission> perms = new ArrayList<UserPermission>();
|
List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
|
||||||
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
||||||
perms.add(ProtobufUtil.toUserPermission(perm));
|
perms.add(ProtobufUtil.toUserPermission(perm));
|
||||||
}
|
}
|
||||||
|
|
@ -2307,7 +2307,7 @@ public final class ProtobufUtil {
|
||||||
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
||||||
AccessControlProtos.GetUserPermissionsResponse response =
|
AccessControlProtos.GetUserPermissionsResponse response =
|
||||||
protocol.getUserPermissions(null, request);
|
protocol.getUserPermissions(null, request);
|
||||||
List<UserPermission> perms = new ArrayList<UserPermission>();
|
List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
|
||||||
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
||||||
perms.add(ProtobufUtil.toUserPermission(perm));
|
perms.add(ProtobufUtil.toUserPermission(perm));
|
||||||
}
|
}
|
||||||
|
|
@ -2335,7 +2335,7 @@ public final class ProtobufUtil {
|
||||||
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
AccessControlProtos.GetUserPermissionsRequest request = builder.build();
|
||||||
AccessControlProtos.GetUserPermissionsResponse response =
|
AccessControlProtos.GetUserPermissionsResponse response =
|
||||||
protocol.getUserPermissions(null, request);
|
protocol.getUserPermissions(null, request);
|
||||||
List<UserPermission> perms = new ArrayList<UserPermission>();
|
List<UserPermission> perms = new ArrayList<UserPermission>(response.getUserPermissionCount());
|
||||||
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
for (AccessControlProtos.UserPermission perm: response.getUserPermissionList()) {
|
||||||
perms.add(ProtobufUtil.toUserPermission(perm));
|
perms.add(ProtobufUtil.toUserPermission(perm));
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -47,12 +47,11 @@ import org.apache.hadoop.hbase.util.Bytes;
|
||||||
@InterfaceAudience.Public
|
@InterfaceAudience.Public
|
||||||
@InterfaceStability.Evolving
|
@InterfaceStability.Evolving
|
||||||
public class AccessControlClient {
|
public class AccessControlClient {
|
||||||
|
public static final TableName ACL_TABLE_NAME =
|
||||||
|
TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
|
||||||
|
|
||||||
private static HTable getAclTable(Configuration conf) throws IOException {
|
private static HTable getAclTable(Configuration conf) throws IOException {
|
||||||
TableName aclTableName =
|
return new HTable(conf, ACL_TABLE_NAME);
|
||||||
TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR,
|
|
||||||
AccessControlConstants.OP_ATTRIBUTE_ACL);
|
|
||||||
return new HTable(conf, aclTableName.getName());
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static BlockingInterface getAccessControlServiceStub(HTable ht)
|
private static BlockingInterface getAccessControlServiceStub(HTable ht)
|
||||||
|
|
@ -111,12 +110,10 @@ public class AccessControlClient {
|
||||||
|
|
||||||
public static boolean isAccessControllerRunning(Configuration conf)
|
public static boolean isAccessControllerRunning(Configuration conf)
|
||||||
throws MasterNotRunningException, ZooKeeperConnectionException, IOException {
|
throws MasterNotRunningException, ZooKeeperConnectionException, IOException {
|
||||||
TableName aclTableName = TableName
|
|
||||||
.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl");
|
|
||||||
HBaseAdmin ha = null;
|
HBaseAdmin ha = null;
|
||||||
try {
|
try {
|
||||||
ha = new HBaseAdmin(conf);
|
ha = new HBaseAdmin(conf);
|
||||||
return ha.isTableAvailable(aclTableName.getNameAsString());
|
return ha.isTableAvailable(ACL_TABLE_NAME);
|
||||||
} finally {
|
} finally {
|
||||||
if (ha != null) {
|
if (ha != null) {
|
||||||
ha.close();
|
ha.close();
|
||||||
|
|
@ -183,16 +180,14 @@ public class AccessControlClient {
|
||||||
Table ht = null;
|
Table ht = null;
|
||||||
Admin ha = null;
|
Admin ha = null;
|
||||||
try {
|
try {
|
||||||
TableName aclTableName = TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR,
|
|
||||||
"acl");
|
|
||||||
ha = new HBaseAdmin(conf);
|
ha = new HBaseAdmin(conf);
|
||||||
ht = new HTable(conf, aclTableName);
|
ht = new HTable(conf, ACL_TABLE_NAME);
|
||||||
CoprocessorRpcChannel service = ht.coprocessorService(HConstants.EMPTY_START_ROW);
|
CoprocessorRpcChannel service = ht.coprocessorService(HConstants.EMPTY_START_ROW);
|
||||||
BlockingInterface protocol = AccessControlProtos.AccessControlService
|
BlockingInterface protocol = AccessControlProtos.AccessControlService
|
||||||
.newBlockingStub(service);
|
.newBlockingStub(service);
|
||||||
HTableDescriptor[] htds = null;
|
HTableDescriptor[] htds = null;
|
||||||
|
|
||||||
if (tableRegex == null) {
|
if (tableRegex == null || tableRegex.isEmpty()) {
|
||||||
permList = ProtobufUtil.getUserPermissions(protocol);
|
permList = ProtobufUtil.getUserPermissions(protocol);
|
||||||
} else if (tableRegex.charAt(0) == '@') {
|
} else if (tableRegex.charAt(0) == '@') {
|
||||||
String namespace = tableRegex.substring(1);
|
String namespace = tableRegex.substring(1);
|
||||||
|
|
|
||||||
|
|
@ -464,7 +464,7 @@ public class AccessControlLists {
|
||||||
*/
|
*/
|
||||||
static ListMultimap<String, TablePermission> getPermissions(Configuration conf,
|
static ListMultimap<String, TablePermission> getPermissions(Configuration conf,
|
||||||
byte[] entryName) throws IOException {
|
byte[] entryName) throws IOException {
|
||||||
if (entryName == null) entryName = ACL_TABLE_NAME.getName();
|
if (entryName == null) entryName = ACL_GLOBAL_NAME;
|
||||||
|
|
||||||
// for normal user tables, we just read the table row from _acl_
|
// for normal user tables, we just read the table row from _acl_
|
||||||
ListMultimap<String, TablePermission> perms = ArrayListMultimap.create();
|
ListMultimap<String, TablePermission> perms = ArrayListMultimap.create();
|
||||||
|
|
|
||||||
|
|
@ -156,7 +156,7 @@ module Hbase
|
||||||
count = 0
|
count = 0
|
||||||
all_perms.each do |value|
|
all_perms.each do |value|
|
||||||
user_name = String.from_java_bytes(value.getUser)
|
user_name = String.from_java_bytes(value.getUser)
|
||||||
if (isNamespace?(table_regex))
|
if (table_regex != nil && isNamespace?(table_regex))
|
||||||
namespace = table_regex[1...table_regex.length]
|
namespace = table_regex[1...table_regex.length]
|
||||||
else
|
else
|
||||||
namespace = (value.getTableName != nil) ? value.getTableName.getNamespaceAsString() : ''
|
namespace = (value.getTableName != nil) ? value.getTableName.getNamespaceAsString() : ''
|
||||||
|
|
|
||||||
|
|
@ -33,7 +33,7 @@ For example:
|
||||||
EOF
|
EOF
|
||||||
end
|
end
|
||||||
|
|
||||||
def command(table_regex=".*")
|
def command(table_regex=nil)
|
||||||
#format_simple_command do
|
#format_simple_command do
|
||||||
#admin.user_permission(table_regex)
|
#admin.user_permission(table_regex)
|
||||||
now = Time.now
|
now = Time.now
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue