HBASE-19678 HBase Admin security capabilities should be represented as a Set - revert due to wrong issue

This commit is contained in:
tedyu 2018-01-01 14:16:01 -08:00
parent cafd4e4ad7
commit 73ab51e946
2 changed files with 14 additions and 14 deletions

View File

@ -20,9 +20,8 @@
package org.apache.hadoop.hbase.security;
import java.io.IOException;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
import java.util.ArrayList;
import java.util.List;
import org.apache.hadoop.conf.Configuration;
import org.apache.hadoop.hbase.AuthUtil;
@ -41,8 +40,8 @@ public final class Superusers {
/** Configuration key for superusers */
public static final String SUPERUSER_CONF_KEY = "hbase.superuser"; // Not getting a name
private static Set<String> superUsers;
private static Set<String> superGroups;
private static List<String> superUsers;
private static List<String> superGroups;
private static User systemUser;
private Superusers(){}
@ -55,8 +54,8 @@ public final class Superusers {
* @throws IllegalStateException if current user is null
*/
public static void initialize(Configuration conf) throws IOException {
superUsers = new HashSet<>();
superGroups = new HashSet<>();
superUsers = new ArrayList<>();
superGroups = new ArrayList<>();
systemUser = User.getCurrent();
if (systemUser == null) {
@ -64,10 +63,10 @@ public final class Superusers {
+ "authorization checks for internal operations will not work correctly!");
}
if (LOG.isTraceEnabled()) {
LOG.trace("Current user name is " + systemUser.getShortName());
}
String currentUser = systemUser.getShortName();
LOG.trace("Current user name is {}", currentUser);
superUsers.add(currentUser);
String[] superUserList = conf.getStrings(SUPERUSER_CONF_KEY, new String[0]);
for (String name : superUserList) {
if (AuthUtil.isGroupPrincipal(name)) {
@ -76,6 +75,7 @@ public final class Superusers {
superUsers.add(name);
}
}
superUsers.add(currentUser);
}
/**
@ -88,11 +88,12 @@ public final class Superusers {
public static boolean isSuperUser(User user) {
if (superUsers == null) {
throw new IllegalStateException("Super users/super groups lists"
+ " have not been initialized properly.");
+ " haven't been initialized properly.");
}
if (superUsers.contains(user.getShortName())) {
return true;
}
for (String group : user.getGroupNames()) {
if (superGroups.contains(group)) {
return true;
@ -101,7 +102,7 @@ public final class Superusers {
return false;
}
public static Collection<String> getSuperUsers() {
public static List<String> getSuperUsers() {
return superUsers;
}

View File

@ -34,7 +34,6 @@ import java.io.IOException;
import java.security.PrivilegedAction;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
@ -1678,7 +1677,7 @@ public class TestAccessController extends SecureTestUtil {
acl.close();
}
Collection<String> superUsers = Superusers.getSuperUsers();
List<String> superUsers = Superusers.getSuperUsers();
List<UserPermission> adminPerms = new ArrayList<>(superUsers.size() + 1);
adminPerms.add(new UserPermission(Bytes.toBytes(USER_ADMIN.getShortName()),
AccessControlLists.ACL_TABLE_NAME, null, null, Bytes.toBytes("ACRW")));