Details
-
Bug
-
Status: Closed
-
Minor
-
Resolution: Invalid
-
0.99.0
-
None
-
None
Description
For the checkAndPut operation, the AccessController only checks the read and write permission for the family and qualifier to check, but ignores the write permission for the family map of "put". What's more, we don't need the write permission for the family and qualifier to check.
See the code AccessController.java #1538
Map<byte[],? extends Collection<byte[]>> families = makeFamilyMap(family, qualifier); User user = getActiveUser(); AuthResult authResult = permissionGranted(OpType.CHECK_AND_PUT, user, env, families, Action.READ, Action.WRITE);
Same problem for checkAndDelete operation.