From 8a16aed8171a3ca26297e4ee611591fa6cc50b6b Mon Sep 17 00:00:00 2001 From: lujiefsi Date: Thu, 31 Dec 2020 02:57:57 +0800 Subject: [PATCH] HBASE-25441 : add security check for some APIs in RSRpcServices (#2832) (#2810) Signed-off-by: stack Signed-off-by: Viraj Jasani --- .../org/apache/hadoop/hbase/master/HMaster.java | 13 +++++++++++++ .../hadoop/hbase/regionserver/RSRpcServices.java | 4 ++++ 2 files changed, 17 insertions(+) diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java index 4dd974c95c0..a7155819323 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java @@ -2781,6 +2781,19 @@ public class HMaster extends HRegionServer implements MasterServices, Server { return initialized.isReady(); } + /** + * Report whether this master is started + * + * This method is used for testing. + * + * @return true if master is ready to go, false if not. + */ + + @Override + public boolean isOnline() { + return serviceStarted; + } + /** * Report whether this master is in maintenance mode. * diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java index 47955b5db9c..adef164b81b 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/regionserver/RSRpcServices.java @@ -2224,6 +2224,7 @@ public class RSRpcServices implements HBaseRPCErrorHandler, @QosPriority(priority=HConstants.ADMIN_QOS) public StopServerResponse stopServer(final RpcController controller, final StopServerRequest request) throws ServiceException { + rpcPreCheck("stopServer"); requestCount.increment(); String reason = request.getReason(); regionServer.stop(reason); @@ -2233,6 +2234,7 @@ public class RSRpcServices implements HBaseRPCErrorHandler, @Override public UpdateFavoredNodesResponse updateFavoredNodes(RpcController controller, UpdateFavoredNodesRequest request) throws ServiceException { + rpcPreCheck("updateFavoredNodes"); List openInfoList = request.getUpdateInfoList(); UpdateFavoredNodesResponse.Builder respBuilder = UpdateFavoredNodesResponse.newBuilder(); for (UpdateFavoredNodesRequest.RegionUpdateInfo regionUpdateInfo : openInfoList) { @@ -3334,6 +3336,7 @@ public class RSRpcServices implements HBaseRPCErrorHandler, RpcController controller, UpdateConfigurationRequest request) throws ServiceException { try { + requirePermission("updateConfiguration", Permission.Action.ADMIN); this.regionServer.updateConfiguration(); } catch (Exception e) { throw new ServiceException(e); @@ -3361,6 +3364,7 @@ public class RSRpcServices implements HBaseRPCErrorHandler, @QosPriority(priority=HConstants.ADMIN_QOS) public ClearSlowLogResponses clearSlowLogsResponses(RpcController controller, ClearSlowLogResponseRequest request) throws ServiceException { + rpcPreCheck("clearSlowLogsResponses"); final NamedQueueRecorder namedQueueRecorder = this.regionServer.getNamedQueueRecorder(); boolean slowLogsCleaned = false;