Package org.apache.hadoop.hbase.security.visibility
package org.apache.hadoop.hbase.security.visibility
-
ClassDescriptionThis class contains visibility labels associated with a Scan/Get deciding which all labeled data current scan/get can access.This contains a visibility expression which can be associated with a cell.This is an implementation for ScanLabelGenerator.This ScanLabelGenerator enforces a set of predefined authorizations for a given user, the set defined by the admin using the VisibilityClient admin interface or the set_auths shell command.If the passed in authorization is null, then this ScanLabelGenerator feeds the set of predefined authorization labels for the given user.This would be the interface which would be used add labels to the RPC context and this would be stored against the UGI.This is a simple implementation for ScanLabelGenerator.Utility client for doing visibility labels admin operations.Coprocessor that has both the MasterObserver and RegionObserver implemented that supports in visibility labelsDuring the read (ie.This Filter checks the visibility expression with each KV against visibility labels associated with the scan.Maintains the cache for visibility labels and also uses the zookeeper to update the labels in the system.The interface which deals with visibility labels and user auths admin service as well as the cell visibility expression storage part and read time evaluation.Manages singleton instance of
VisibilityLabelServiceA simple validator that validates the labels passedSimilar to MvccSensitiveTracker but tracks the visibility expression also before deciding if a Cell can be considered deletedA RegionServerObserver impl that provides the custom VisibilityReplicationEndpoint.Similar to ScanDeletTracker but tracks the visibility expression also before deciding if a Cell can be considered deletedUtility method to support visibilityA zk watcher that watches the labels table znode.