Skip to content

Commit

Permalink
HBASE-27493: Allow namespace admins to clone snapshots created by them (
Browse files Browse the repository at this point in the history
#4885)

Signed-off-by: Duo Zhang <[email protected]>
Signed-off-by: Peter Somogyi <[email protected]>
(cherry picked from commit ad8f28e)
  • Loading branch information
BukrosSzabolcs authored and petersomogyi committed Jan 18, 2023
1 parent 29a430e commit 40b4349
Show file tree
Hide file tree
Showing 2 changed files with 61 additions and 8 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1073,6 +1073,9 @@ public void preCloneSnapshot(final ObserverContext<MasterCoprocessorEnvironment>
AuthResult result = AuthResult.allow("cloneSnapshot " + snapshot.getName(),
"Snapshot owner check allowed", user, null, hTableDescriptor.getTableName(), null);
AccessChecker.logResult(result);
} else if (SnapshotDescriptionUtils.isSnapshotOwner(snapshot, user)) {
requireNamespacePermission(ctx, "cloneSnapshot",
hTableDescriptor.getTableName().getNamespaceAsString(), Action.ADMIN);
} else {
accessChecker.requirePermission(user, "cloneSnapshot " + snapshot.getName(), null,
Action.ADMIN);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,7 @@
import org.apache.hadoop.hbase.client.Admin;
import org.apache.hadoop.hbase.client.Append;
import org.apache.hadoop.hbase.client.BalanceRequest;
import org.apache.hadoop.hbase.client.ColumnFamilyDescriptorBuilder;
import org.apache.hadoop.hbase.client.Connection;
import org.apache.hadoop.hbase.client.ConnectionFactory;
import org.apache.hadoop.hbase.client.Delete;
Expand All @@ -79,6 +80,8 @@
import org.apache.hadoop.hbase.client.Scan;
import org.apache.hadoop.hbase.client.SnapshotDescription;
import org.apache.hadoop.hbase.client.Table;
import org.apache.hadoop.hbase.client.TableDescriptor;
import org.apache.hadoop.hbase.client.TableDescriptorBuilder;
import org.apache.hadoop.hbase.client.TableState;
import org.apache.hadoop.hbase.client.security.SecurityCapability;
import org.apache.hadoop.hbase.coprocessor.CoprocessorHost;
Expand Down Expand Up @@ -2068,16 +2071,16 @@ public Object run() throws Exception {
USER_GROUP_WRITE, USER_GROUP_CREATE);

verifyAllowed(cloneAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
verifyDenied(deleteAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,
USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ,
USER_GROUP_WRITE, USER_GROUP_CREATE);

verifyAllowed(restoreAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
verifyDenied(restoreAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,
USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);

verifyAllowed(deleteAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER, USER_GROUP_READ,
USER_GROUP_WRITE, USER_GROUP_CREATE);
verifyDenied(deleteAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_OWNER,
USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);
}

@Test
Expand Down Expand Up @@ -2120,18 +2123,65 @@ public Object run() throws Exception {
verifyAllowed(restoreAction, SUPERUSER, USER_ADMIN, USER_OWNER, USER_GROUP_ADMIN);
verifyDenied(restoreAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,
USER_GROUP_WRITE, USER_GROUP_CREATE);
}

AccessTestAction cloneAction = new AccessTestAction() {
@Test
public void testCloneSnapshotWithOwner() throws Exception {
Admin admin = TEST_UTIL.getAdmin();
final TableDescriptor originalTd = admin.getDescriptor(TEST_TABLE);
final SnapshotDescription snapshot = new SnapshotDescription(
TEST_TABLE.getNameAsString() + "-snapshot", TEST_TABLE, null, USER_OWNER.getName());
String namespace = "testCloneSnapshot";
NamespaceDescriptor desc = NamespaceDescriptor.create(namespace).build();
createNamespace(TEST_UTIL, desc);

String differentTableString = "testtable2";
TableName differentTable = TableName.valueOf(namespace, differentTableString);
TableDescriptor diffrentTd = TableDescriptorBuilder.newBuilder(differentTable)
.setColumnFamily(ColumnFamilyDescriptorBuilder.of(TEST_FAMILY)).build();

// recreating the original table
AccessTestAction cloneOriginalAction = new AccessTestAction() {
@Override
public Object run() throws Exception {
ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV), snapshot,
htd);
originalTd);
return null;
}
};
verifyAllowed(cloneAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN, USER_OWNER);
verifyDenied(cloneAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,
verifyAllowed(cloneOriginalAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN, USER_OWNER);
verifyDenied(cloneOriginalAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,
USER_GROUP_WRITE, USER_GROUP_CREATE);

// cloning to a different table
AccessTestAction cloneDifferentAction = new AccessTestAction() {
@Override
public Object run() throws Exception {
ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV), snapshot,
diffrentTd);
return null;
}
};
verifyAllowed(cloneDifferentAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN);
verifyDenied(cloneDifferentAction, USER_CREATE, USER_RW, USER_RO, USER_NONE, USER_GROUP_READ,
USER_GROUP_WRITE, USER_GROUP_CREATE, USER_OWNER);

// cloning to a different table where user is namespace admin
grantOnNamespace(TEST_UTIL, USER_OWNER.getShortName(), namespace, Action.ADMIN);

AccessTestAction cloneNamespaceAdminAction = new AccessTestAction() {
@Override
public Object run() throws Exception {
ACCESS_CONTROLLER.preCloneSnapshot(ObserverContextImpl.createAndPrepare(CP_ENV), snapshot,
diffrentTd);
return null;
}
};
verifyAllowed(cloneNamespaceAdminAction, SUPERUSER, USER_ADMIN, USER_GROUP_ADMIN, USER_OWNER);
verifyDenied(cloneNamespaceAdminAction, USER_CREATE, USER_RW, USER_RO, USER_NONE,
USER_GROUP_READ, USER_GROUP_WRITE, USER_GROUP_CREATE);

deleteNamespace(TEST_UTIL, namespace);
}

@Test
Expand Down

0 comments on commit 40b4349

Please sign in to comment.