HBASE-29775 Allow inspecting log levels in Master UI in read-only mode

[jinhyukify]

Jira https://issues.apache.org/jira/browse/HBASE-29775

Please refer to this comment for testing details.

[Apache-HBase]

🎊 +1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 26s		Docker mode activated.
-0 ⚠️	yetus	0m 3s		Unprocessed flag(s): --brief-report-file --spotbugs-strict-precheck --author-ignore-list --blanks-eol-ignore-file --blanks-tabs-ignore-file --quick-hadoopcheck
			_ Prechecks _
			_ master Compile Tests _
+1 💚	mvninstall	3m 26s		master passed
+1 💚	compile	0m 18s		master passed
+1 💚	javadoc	0m 15s		master passed
+1 💚	shadedjars	6m 8s		branch has no errors when building our shaded downstream artifacts.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 0s		the patch passed
+1 💚	compile	0m 18s		the patch passed
+1 💚	javac	0m 18s		the patch passed
+1 💚	javadoc	0m 13s		the patch passed
+1 💚	shadedjars	6m 4s		patch has no errors when building our shaded downstream artifacts.
			_ Other Tests _
+1 💚	unit	0m 49s		hbase-http in the patch passed.
		22m 0s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/1/artifact/yetus-jdk17-hadoop3-check/output/Dockerfile
GITHUB PR	#7540
Optional Tests	javac javadoc unit compile shadedjars
uname	Linux ed09ab6811d7 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / 03444e5
Default Java	Eclipse Adoptium-17.0.11+9
Test Results	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/1/testReport/
Max. process+thread count	315 (vs. ulimit of 30000)
modules	C: hbase-http U: hbase-http
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/1/console
versions	git=2.34.1 maven=3.9.8
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[Apache-HBase]

🎊 +1 overall

Vote	Subsystem	Runtime	Logfile	Comment
+0 🆗	reexec	0m 27s		Docker mode activated.
			_ Prechecks _
+1 💚	dupname	0m 0s		No case conflicting files found.
+0 🆗	codespell	0m 0s		codespell was not available.
+0 🆗	detsecrets	0m 0s		detect-secrets was not available.
+1 💚	@author	0m 0s		The patch does not contain any @author tags.
+1 💚	hbaseanti	0m 0s		Patch does not have any anti-patterns.
			_ master Compile Tests _
+1 💚	mvninstall	3m 32s		master passed
+1 💚	compile	0m 25s		master passed
+1 💚	checkstyle	0m 12s		master passed
+1 💚	spotbugs	0m 27s		master passed
+1 💚	spotless	0m 51s		branch has no errors when running spotless:check.
			_ Patch Compile Tests _
+1 💚	mvninstall	3m 4s		the patch passed
+1 💚	compile	0m 24s		the patch passed
+1 💚	javac	0m 24s		the patch passed
+1 💚	blanks	0m 0s		The patch has no blanks issues.
+1 💚	checkstyle	0m 9s		the patch passed
+1 💚	spotbugs	0m 31s		the patch passed
+1 💚	hadoopcheck	11m 57s		Patch does not cause any errors with Hadoop 3.3.6 3.4.1.
+1 💚	spotless	0m 45s		patch has no errors when running spotless:check.
			_ Other Tests _
+1 💚	asflicense	0m 10s		The patch does not generate ASF License warnings.
		30m 40s

Subsystem	Report/Notes
Docker	ClientAPI=1.43 ServerAPI=1.43 base: https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/1/artifact/yetus-general-check/output/Dockerfile
GITHUB PR	#7540
Optional Tests	dupname asflicense javac spotbugs checkstyle codespell detsecrets compile hadoopcheck hbaseanti spotless
uname	Linux 668153b07c08 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
Build tool	maven
Personality	dev-support/hbase-personality.sh
git revision	master / 03444e5
Default Java	Eclipse Adoptium-17.0.11+9
Max. process+thread count	81 (vs. ulimit of 30000)
modules	C: hbase-http U: hbase-http
Console output	https://ci-hbase.apache.org/job/HBase-PreCommit-GitHub-PR/job/PR-7540/1/console
versions	git=2.34.1 maven=3.9.8 spotbugs=4.7.3
Powered by	Apache Yetus 0.15.0 https://yetus.apache.org

This message was automatically generated.

[NihalJain]

Thank you for the fix @jinhyukify. Changes looks good to me, do you mind extending this class 'TestLogLevel' to cover missing readonly scenario, if any?

[Copilot]

Pull request overview

This PR enables read-only inspection of log levels in the Master UI when hbase.master.ui.readonly is configured. Previously, the readonly check blocked all access to the LogLevel servlet; now it only blocks modification operations while allowing users to view current log levels.

• Moves the readonly configuration check from blocking all requests to only blocking modification requests (when the level parameter is present)
• Relocates Configuration object retrieval to after parameter extraction to support conditional readonly enforcement

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The readonly check at line 333 occurs after the response body has already been written (header.jsp included at line 310, FORMS written at line 316, and potentially more output at lines 326-330). Calling sendError() at this point will not work correctly because the HTTP response has already been committed. The status code cannot be changed after the response body has started being written, which will result in either an IllegalStateException or a malformed HTTP response.

To fix this issue, the readonly check should be moved earlier in the method, before any output is written to the response. One approach would be to check if level is not null and readonly mode is enabled right after retrieving the parameters (around line 320), but before writing any output beyond that point. Alternatively, the check could be conditional on whether we're about to write the forms or process the request.