Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-15147

Shell should use Admin.listTableNames() instead of Admin.listTables()

VotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.2.0, 1.3.0, 1.1.4, 1.0.4, 2.0.0
    • None
    • None
    • Reviewed

    Description

      It seems that getTableDescriptors() in master checks for A and C permissions while getTableNames() checks for any privilege on the table. The reasoning is explained here: https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504

      We should change the shell command for list to use the getTableNames() version because of this. Otherwise a user having only R or W cannot list the table name.

      This has been reported from a user here: https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.

      While we are at it, should we revisit the fact that you cannot get a table descriptor if you have only R or W? It seems strange that you cannot even know the CF names of a table that you can read from. I could not find info about the "describe" privileges on SQL databases. However, if there are use cases where Table descriptor might contain sensitive info, the current semantics seems fine. cc Andrew Kyle Purtell and Matteo Bertozzi.

      Attachments

        1. hbase-15147_v1.patch
          0.6 kB
          Enis Soztutar

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            enis Enis Soztutar
            enis Enis Soztutar
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment