HBASE-29775 Allow inspecting log levels in Master UI in read-only mode

[jinhyukify]

Jira https://issues.apache.org/jira/browse/HBASE-29775

Please refer to this comment for testing details.

[NihalJain]

Thank you for the fix @jinhyukify. Changes looks good to me, do you mind extending this class 'TestLogLevel' to cover missing readonly scenario, if any?

[Copilot]

Pull request overview

This PR enables read-only inspection of log levels in the Master UI when hbase.master.ui.readonly is configured. Previously, the readonly check blocked all access to the LogLevel servlet; now it only blocks modification operations while allowing users to view current log levels.

• Moves the readonly configuration check from blocking all requests to only blocking modification requests (when the level parameter is present)
• Relocates Configuration object retrieval to after parameter extraction to support conditional readonly enforcement

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The readonly check at line 333 occurs after the response body has already been written (header.jsp included at line 310, FORMS written at line 316, and potentially more output at lines 326-330). Calling sendError() at this point will not work correctly because the HTTP response has already been committed. The status code cannot be changed after the response body has started being written, which will result in either an IllegalStateException or a malformed HTTP response.

To fix this issue, the readonly check should be moved earlier in the method, before any output is written to the response. One approach would be to check if level is not null and readonly mode is enabled right after retrieving the parameters (around line 320), but before writing any output beyond that point. Alternatively, the check could be conditional on whether we're about to write the forms or process the request.

[Apache-HBase]

🎊 +1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 47s		Docker mode activated.
-0 ⚠️	yetus	0m 3s		Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
			_ Prechecks _
			_ master Compile Tests _
+1 💚	mvninstall	4m 30s		master passed
+1 💚	compile	0m 29s		master passed
+1 💚	javadoc	0m 17s		master passed
+1 💚	shadedjars	7m 20s		branch has no errors when building our shaded downstream artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	4m 25s		the patch passed
+1 💚	compile	0m 30s		the patch passed
+1 💚	javac	0m 30s		the patch passed
+1 💚	javadoc	0m 27s		the patch passed
+1 💚	shadedjars	8m 3s		patch has no errors when building our shaded downstream artifacts.
			_ Other Tests _
+1 💚	unit	1m 22s		hbase-http in the patch passed.
		29m 35s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/2/artifact/yetus-jdk17-hadoop3-check/output/Dockerfile
GITHUB PR	#7540
Optional Tests	javac javadoc unit compile shadedjars
uname	Linux 2cad6aa701f1 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / 91167a0
Default Java	Eclipse Adoptium-17.0.11+9
Test Results	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/2/testReport/
Max. process+thread count	295 (vs. ulimit of 30000)
modules	C: hbase-http U: hbase-http
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/2/console
versions	git=2.34.1 maven=3.9.8
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[Apache-HBase]

🎊 +1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 28s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
+1 💚	hbaseanti	0m 0s		Patch does not have any anti-patterns.
			_ master Compile Tests _
+1 💚	mvninstall	3m 42s		master passed
+1 💚	compile	0m 32s		master passed
+1 💚	checkstyle	0m 12s		master passed
+1 💚	spotbugs	0m 30s		master passed
+1 💚	spotless	0m 51s		branch has no errors when running spotless:check.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 7s		the patch passed
+1 💚	compile	0m 24s		the patch passed
+1 💚	javac	0m 24s		hbase-http generated 0 new + 36 unchanged - 1 fixed = 36 total (was 37)
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	checkstyle	0m 10s		the patch passed
+1 💚	spotbugs	0m 32s		the patch passed
+1 💚	hadoopcheck	12m 5s		Patch does not cause any errors with Hadoop 3.3.6 3.4.1.
+1 💚	spotless	0m 46s		patch has no errors when running spotless:check.
			_ Other Tests _
+1 💚	asflicense	0m 11s		The patch does not generate ASF License warnings.
		31m 10s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/2/artifact/yetus-general-check/output/Dockerfile
GITHUB PR	#7540
Optional Tests	dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname	Linux 7b44975c7730 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / 91167a0
Default Java	Eclipse Adoptium-17.0.11+9
Max. process+thread count	83 (vs. ulimit of 30000)
modules	C: hbase-http U: hbase-http
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/2/console
versions	git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[jinhyukify]

The previous implementation printed results only to standard output, making it hard to write tests. I refactored the code slightly to separate the logic.

[jinhyukify]

This verifies log level updates in read-only mode.

[jinhyukify]

This verifies log level reads in read-only mode.

[jinhyukify]

@NihalJain Thank you for checking this! The current code structure made it difficult to write tests, so I did a small refactoring and added test cases.

[Apache9]

In the old logic, this will go to stderr, but now it will go to stdout? I'm not very familiar with this area, so I'm not sure whether this is a problem...

[jinhyukify]

Thanks for the review. Good catch.

One thing I wanted to mention is that the previous behavior already felt a bit inconsistent.
We were catching only IOException here and printing it to standard error, while other exceptions were simply propagated..

That special handling for IOException feels slightly odd to me. Since this is a CLI command, I am considering not catching IOException here at all and letting it propagate, the same way other exceptions do.

I understand that this could technically be a behavior change for users who rely on standard error, but printing only this specific exception to stderr also seems inconsistent from a CLI semantics point of view.

I would like to hear your thoughts on whether there is a strong reason to keep this special case.