phoenix-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Hadoop QA (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (PHOENIX-3756) Users lacking ADMIN on 'SYSTEM' HBase namespace can't connect to Phoenix
Date Thu, 30 Mar 2017 21:05:41 GMT

    [ https://issues.apache.org/jira/browse/PHOENIX-3756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15949826#comment-15949826
] 

Hadoop QA commented on PHOENIX-3756:
------------------------------------

{color:red}-1 overall{color}.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12861301/PHOENIX-3756.001.patch
  against master branch at commit 2074d1f0a2dd2b03c2e3588ffd4d5f2395cc7505.
  ATTACHMENT ID: 12861301

    {color:green}+1 @author{color}.  The patch does not contain any @author tags.

    {color:red}-1 tests included{color}.  The patch doesn't appear to include any new or modified
tests.
                        Please justify why no new tests are needed for this patch.
                        Also please list what manual steps were performed to verify this patch.

    {color:green}+1 javac{color}.  The applied patch does not increase the total number of
javac compiler warnings.

    {color:red}-1 javadoc{color}.  The javadoc tool appears to have generated 45 warning messages.

    {color:green}+1 release audit{color}.  The applied patch does not increase the total number
of release audit warnings.

    {color:red}-1 lineLengths{color}.  The patch introduces the following lines longer than
100:
    +                                    // User might not be privileged to access the Phoenix
system tables
+                                    // in the HBase "SYSTEM" namespace. Let them proceed
without verifying
+                                    logger.warn("Could not check for Phoenix SYSTEM tables,
assuming they exist and are properly configured");

    {color:green}+1 core tests{color}.  The patch passed unit tests in .

Test results: https://builds.apache.org/job/PreCommit-PHOENIX-Build/815//testReport/
Javadoc warnings: https://builds.apache.org/job/PreCommit-PHOENIX-Build/815//artifact/patchprocess/patchJavadocWarnings.txt
Console output: https://builds.apache.org/job/PreCommit-PHOENIX-Build/815//console

This message is automatically generated.

> Users lacking ADMIN on 'SYSTEM' HBase namespace can't connect to Phoenix
> ------------------------------------------------------------------------
>
>                 Key: PHOENIX-3756
>                 URL: https://issues.apache.org/jira/browse/PHOENIX-3756
>             Project: Phoenix
>          Issue Type: Bug
>            Reporter: Josh Elser
>            Assignee: Josh Elser
>             Fix For: 4.11.0
>
>         Attachments: PHOENIX-3756.001.patch
>
>
> Follow-on from PHOENIX-3652:
> The fix provided in PHOENIX-3652 addressed the default situation where users would need
ADMIN on the default HBase namespace. However, when {{phoenix.schema.isNamespaceMappingEnabled=true}}
and Phoenix creates its system tables in the {{SYSTEM}} HBase namespace, unprivileged users
(those lacking ADMIN on {{SYSTEM}}) still cannot connect to Phoenix.
> The root-cause is essentially the same: the code tries to fetch the {{NamespaceDescriptor}}
for the {{SYSTEM}} namespace which requires the ADMIN permission.
> https://github.com/apache/phoenix/blob/8093d10f1a481101d6c93fdf0744ff15ec48f4aa/phoenix-core/src/main/java/org/apache/phoenix/query/ConnectionQueryServicesImpl.java#L1017-L1037



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message