diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java index a0f84c5672c3..81bd8cd022ea 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/HMaster.java @@ -3733,6 +3733,12 @@ public List listTableNamesByNamespace(String name) throws IOException return listTableNames(name, null, true); } + @Override + public List listTableNames() throws IOException { + checkInitialized(); + return listTableNames(null, null, false); + } + @Override public List listTableDescriptorsByNamespace(String name) throws IOException { checkInitialized(); diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterServices.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterServices.java index 745b962860bb..9aade7ab0921 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterServices.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/master/MasterServices.java @@ -255,6 +255,11 @@ long splitRegion(final RegionInfo regionInfo, final byte[] splitRow, final long /** Returns Return table descriptors implementation. */ TableDescriptors getTableDescriptors(); + /** Return the list of table names, should be used at local HMaster end only */ + default List listTableNames() throws IOException { + return null; + } + /** * Registers a new protocol buffer {@link Service} subclass as a master coprocessor endpoint. *

diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/quotas/SnapshotQuotaObserverChore.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/quotas/SnapshotQuotaObserverChore.java index c198f3d9d322..976031f2fa8f 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/quotas/SnapshotQuotaObserverChore.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/quotas/SnapshotQuotaObserverChore.java @@ -18,7 +18,6 @@ package org.apache.hadoop.hbase.quotas; import java.io.IOException; -import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -67,20 +66,21 @@ public class SnapshotQuotaObserverChore extends ScheduledChore { private final Configuration conf; private final MetricsMaster metrics; private final FileSystem fs; + private final HMaster master; public SnapshotQuotaObserverChore(HMaster master, MetricsMaster metrics) { - this(master.getConnection(), master.getConfiguration(), master.getFileSystem(), master, - metrics); + this(master.getConfiguration(), master, master, metrics); } - SnapshotQuotaObserverChore(Connection conn, Configuration conf, FileSystem fs, Stoppable stopper, + SnapshotQuotaObserverChore(Configuration conf, HMaster master, Stoppable stopper, MetricsMaster metrics) { super(QuotaObserverChore.class.getSimpleName(), stopper, getPeriod(conf), getInitialDelay(conf), getTimeUnit(conf)); - this.conn = conn; + this.conn = master.getConnection(); this.conf = conf; this.metrics = metrics; - this.fs = fs; + this.fs = master.getFileSystem(); + this.master = master; } @Override @@ -178,7 +178,7 @@ Multimap getSnapshotsToComputeSize() throws IOException { } // Collect either the table name itself, or all of the tables in the namespace if (null != ns) { - tablesToFetchSnapshotsFrom.addAll(Arrays.asList(admin.listTableNamesByNamespace(ns))); + tablesToFetchSnapshotsFrom.addAll(master.listTableNamesByNamespace(ns)); } else { tablesToFetchSnapshotsFrom.add(tn); } diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java index 3b45e0175cc3..79812e84f71f 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java @@ -2123,15 +2123,18 @@ public void preGetTableDescriptors(ObserverContext if (regex == null && tableNamesList != null && !tableNamesList.isEmpty()) { // Otherwise, if the requestor has ADMIN or CREATE privs for all listed tables, the // request can be granted. - try (Admin admin = ctx.getEnvironment().getConnection().getAdmin()) { - for (TableName tableName : tableNamesList) { - // Skip checks for a table that does not exist - if (!admin.tableExists(tableName)) { - continue; - } - requirePermission(ctx, "getTableDescriptors", tableName, null, null, Action.ADMIN, - Action.CREATE); + List sns = null; + if (ctx.getEnvironment() instanceof HasMasterServices) { + sns = (((HasMasterServices) ctx.getEnvironment()).getMasterServices().listTableNames()); + } + if (sns == null) return; + for (TableName tableName : tableNamesList) { + // Skip checks for a table that does not exist + if (!sns.contains(tableName)) { + continue; } + requirePermission(ctx, "getTableDescriptors", tableName, null, null, Action.ADMIN, + Action.CREATE); } } } diff --git a/hbase-server/src/main/resources/hbase-webapps/master/rsgroup.jsp b/hbase-server/src/main/resources/hbase-webapps/master/rsgroup.jsp index f80e94cb0b2f..d66490d8193f 100644 --- a/hbase-server/src/main/resources/hbase-webapps/master/rsgroup.jsp +++ b/hbase-server/src/main/resources/hbase-webapps/master/rsgroup.jsp @@ -423,10 +423,8 @@ <% if (rsGroupTables != null && rsGroupTables.size() > 0) { - List tables; - try (Admin admin = master.getConnection().getAdmin()) { - tables = master.isInitialized() ? admin.listTableDescriptors(true) : null; - } + List tables = master.isInitialized() ? + master.listTableDescriptorsByNamespace(null) : null; Map tableDescriptors = tables.stream().collect( Collectors.toMap(TableDescriptor::getTableName, Function.identity())); %> diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/quotas/TestSnapshotQuotaObserverChore.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/quotas/TestSnapshotQuotaObserverChore.java index 365b20d54338..c9810fe8adbf 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/quotas/TestSnapshotQuotaObserverChore.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/quotas/TestSnapshotQuotaObserverChore.java @@ -103,8 +103,7 @@ public void setup(TestInfo testInfo) throws Exception { helper = new SpaceQuotaHelperForTests(TEST_UTIL, () -> testName, COUNTER); master = TEST_UTIL.getHBaseCluster().getMaster(); helper.removeAllQuotas(conn); - testChore = new SnapshotQuotaObserverChore(TEST_UTIL.getConnection(), - TEST_UTIL.getConfiguration(), master.getFileSystem(), master, null); + testChore = new SnapshotQuotaObserverChore(master, null); } @Test diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java index 7af3e6f05c58..5df674d2e832 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java @@ -2270,7 +2270,10 @@ public Object run() throws Exception { public Object run() throws Exception { try (Connection conn = ConnectionFactory.createConnection(TEST_UTIL.getConfiguration()); Admin admin = conn.getAdmin()) { - return admin.getDescriptor(TEST_TABLE); + ACCESS_CONTROLLER.requirePermission(ObserverContextImpl.createAndPrepare(CP_ENV), + "getTableDescriptors", admin.getDescriptor(TEST_TABLE).getTableName(), null, null, + Action.ADMIN, Action.CREATE); + return null; } } };