HBASE-10860 Insufficient AccessController covering permission check.(Anoop)
git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1582987 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
parent
a3e66356fe
commit
4fa7db7304
|
@ -38,6 +38,7 @@ import org.apache.hadoop.hbase.CellUtil;
|
||||||
import org.apache.hadoop.hbase.CoprocessorEnvironment;
|
import org.apache.hadoop.hbase.CoprocessorEnvironment;
|
||||||
import org.apache.hadoop.hbase.DoNotRetryIOException;
|
import org.apache.hadoop.hbase.DoNotRetryIOException;
|
||||||
import org.apache.hadoop.hbase.HConstants;
|
import org.apache.hadoop.hbase.HConstants;
|
||||||
|
import org.apache.hadoop.hbase.KeyValue.Type;
|
||||||
import org.apache.hadoop.hbase.TableName;
|
import org.apache.hadoop.hbase.TableName;
|
||||||
import org.apache.hadoop.hbase.HColumnDescriptor;
|
import org.apache.hadoop.hbase.HColumnDescriptor;
|
||||||
import org.apache.hadoop.hbase.HRegionInfo;
|
import org.apache.hadoop.hbase.HRegionInfo;
|
||||||
|
@ -526,10 +527,17 @@ public class AccessController extends BaseRegionObserver
|
||||||
if (list == null || list.isEmpty()) {
|
if (list == null || list.isEmpty()) {
|
||||||
get.addFamily(col);
|
get.addFamily(col);
|
||||||
} else {
|
} else {
|
||||||
for (Cell cell: list) {
|
// In case of family delete, a Cell will be added into the list with Qualifier as null.
|
||||||
|
for (Cell cell : list) {
|
||||||
|
if (cell.getQualifierLength() == 0
|
||||||
|
&& (cell.getTypeByte() == Type.DeleteFamily.getCode()
|
||||||
|
|| cell.getTypeByte() == Type.DeleteFamilyVersion.getCode())) {
|
||||||
|
get.addFamily(col);
|
||||||
|
} else {
|
||||||
get.addColumn(col, CellUtil.cloneQualifier(cell));
|
get.addColumn(col, CellUtil.cloneQualifier(cell));
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
throw new RuntimeException("Unhandled collection type " +
|
throw new RuntimeException("Unhandled collection type " +
|
||||||
entry.getValue().getClass().getName());
|
entry.getValue().getClass().getName());
|
||||||
|
|
|
@ -1315,6 +1315,21 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
// user1 should be allowed to delete the cf. (All data under cf for a row)
|
||||||
|
user1.runAs(new PrivilegedExceptionAction<Void>() {
|
||||||
|
@Override
|
||||||
|
public Void run() throws Exception {
|
||||||
|
HTable t = new HTable(conf, TEST_TABLE.getTableName());
|
||||||
|
try {
|
||||||
|
Delete d = new Delete(TEST_ROW2);
|
||||||
|
d.deleteFamily(TEST_FAMILY);
|
||||||
|
t.delete(d);
|
||||||
|
} finally {
|
||||||
|
t.close();
|
||||||
|
}
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
Loading…
Reference in New Issue