HBASE-7526 create table does not log the table name in audit log

git-svn-id: https://svn.apache.org/repos/asf/hbase/trunk@1431162 13f79535-47bb-0310-9956-ffa450edef68
2013-01-10 00:34:32 +00:00 · 2013-01-10 00:34:32 +00:00 · f31d7f7eb2
parent 19b8272c48
commit f31d7f7eb2
1 changed files with 7 additions and 10 deletions
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@ -347,15 +347,7 @@ public class AccessController extends BaseRegionObserver
   * @throws AccessDeniedException if authorization is denied
   */
  private void requirePermission(String request, Permission.Action perm) throws IOException {
-    User user = getActiveUser();
-    if (authManager.authorize(user, perm)) {
-      logResult(AuthResult.allow(request, "Global check allowed", user, perm, null, null));
-    } else {
-      logResult(AuthResult.deny(request, "Global check failed", user, perm, null, null));
-      throw new AccessDeniedException("Insufficient permissions for user '" +
-          (user != null ? user.getShortName() : "null") +"' (global, action=" +
-          perm.toString() + ")");
-    }
+    requireGlobalPermission(request, perm, null, null);
  }

  /**
@ -482,7 +474,12 @@ public class AccessController extends BaseRegionObserver
  @Override
  public void preCreateTable(ObserverContext<MasterCoprocessorEnvironment> c,
      HTableDescriptor desc, HRegionInfo[] regions) throws IOException {
-    requirePermission("createTable", Permission.Action.CREATE);
+    Set<byte[]> families = desc.getFamiliesKeys();
+    HashMap<byte[], Set<byte[]>> familyMap = Maps.newHashMapWithExpectedSize(families.size());
+    for (byte[] family: families) {
+      familyMap.put(family, null);
+    }
+    requireGlobalPermission("createTable", Permission.Action.CREATE, desc.getName(), familyMap);
  }

  @Override