Details

    • Type: New Feature New Feature
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Duplicate
    • Affects Version/s: None
    • Fix Version/s: None
    • Component/s: tserver
    • Labels:
      None

      Description

      It would be nice to set a default access to a table so adding a new user does not require adding all the permissions for each table they will read.

        Issue Links

          Activity

          Hide
          jv added a comment -

          To clarify, for my own purposes- we want to have a set of table permissions that all users get, regardless of their own access. That is, a users access for each permission is going to be the union of their own permissions and the table default permission.

          Show
          jv added a comment - To clarify, for my own purposes- we want to have a set of table permissions that all users get, regardless of their own access. That is, a users access for each permission is going to be the union of their own permissions and the table default permission.
          Hide
          Ivan Bella added a comment -

          I would like to promote this ticket and perhaps slightly modify it. I have a user that has permissions to create tables. However when that user creates a new table, I would like the user to be able to read, write, alter, bulk_import, and grant for that new table. I do not want to give the user global permissions as such, only for new tables the user creates. Otherwise I have to manually give the user those permissions for the new table everytime a new table is created.

          Show
          Ivan Bella added a comment - I would like to promote this ticket and perhaps slightly modify it. I have a user that has permissions to create tables. However when that user creates a new table, I would like the user to be able to read, write, alter, bulk_import, and grant for that new table. I do not want to give the user global permissions as such, only for new tables the user creates. Otherwise I have to manually give the user those permissions for the new table everytime a new table is created.
          Hide
          John Vines added a comment -

          That should be the default behavior? Is this not the case and/or did it change in 1.5?

          Show
          John Vines added a comment - That should be the default behavior? Is this not the case and/or did it change in 1.5?
          Hide
          Ivan Bella added a comment -

          It does not appear to be the case in 1.4.3+. I have a user creating a table and subsequently getting errors somewhere down in a doesTableExist method which disappear once I specifically grant permissions on the new table. I will try to include more specifics when I get back to work later this month.

          Show
          Ivan Bella added a comment - It does not appear to be the case in 1.4.3+. I have a user creating a table and subsequently getting errors somewhere down in a doesTableExist method which disappear once I specifically grant permissions on the new table. I will try to include more specifics when I get back to work later this month.
          Hide
          John Vines added a comment -

          I just tested this on 1.4.2 release, 1.4.3 SNAPSHOT, and 1.5.0 SNAPSHOT, and I'm not seeing any changes in this behavior. A user was created, given create table, switched to that user, and then created a table and they had all TABLE permissions for the newly created table.

          Furthermore, this ticket was about adding a new feature to Accumulo regarding Table permissions, which wouldn't have had any diminishing effect in this behavior. All it would have done would have allowed a marking on tables such that newly created users would automatically have a set of TABLE permissions for it.

          Show
          John Vines added a comment - I just tested this on 1.4.2 release, 1.4.3 SNAPSHOT, and 1.5.0 SNAPSHOT, and I'm not seeing any changes in this behavior. A user was created, given create table, switched to that user, and then created a table and they had all TABLE permissions for the newly created table. Furthermore, this ticket was about adding a new feature to Accumulo regarding Table permissions, which wouldn't have had any diminishing effect in this behavior. All it would have done would have allowed a marking on tables such that newly created users would automatically have a set of TABLE permissions for it.
          Hide
          Eric Newton added a comment -

          If a user has CREATE_TABLE, they are granted Table.READ, Table.WRITE, Table.BULK_IMPORT, Table.ALTER_TABLE, Table.GRANT, Table.DROP_TABLE to the tables they create.

          Show
          Eric Newton added a comment - If a user has CREATE_TABLE, they are granted Table.READ, Table.WRITE, Table.BULK_IMPORT, Table.ALTER_TABLE, Table.GRANT, Table.DROP_TABLE to the tables they create.
          Hide
          John Vines added a comment -

          This ticket wasn't a bug, it was a feature request to add a table level access. So you could create a table and give it a global read/write/modify/etc. so any users created after the table could be given automatic access to it.

          Show
          John Vines added a comment - This ticket wasn't a bug, it was a feature request to add a table level access. So you could create a table and give it a global read/write/modify/etc. so any users created after the table could be given automatic access to it.
          Hide
          Christopher Tubbs added a comment -

          Will ACCUMULO-1479 satisfy this ticket? Can I close this as a duplicate?

          Show
          Christopher Tubbs added a comment - Will ACCUMULO-1479 satisfy this ticket? Can I close this as a duplicate?
          Hide
          John Vines added a comment -

          Looks like it, yes

          Show
          John Vines added a comment - Looks like it, yes

            People

            • Assignee:
              John Vines
              Reporter:
              Eric Newton
            • Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved:

                Development