[HBASE-17472] Correct the semantic of permission grant - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.4.0, 2.0.0
Fix Version/s: 1.4.0, 2.0.0
Component/s: Admin
Labels:
None

Hadoop Flags:

Incompatible change, Reviewed
Release Note:

Hide
Before this patch, later granted permissions will override previous granted permissions, and previous granted permissions LOST. this issue re-define grant semantic: for master branch, later granted permissions will merge with previous granted permissions. for branch-1.4, grant keep override behavior for compatibility purpose, and a grant with mergeExistingPermission flag provided.

Show
Before this patch, later granted permissions will override previous granted permissions, and previous granted permissions LOST. this issue re-define grant semantic: for master branch, later granted permissions will merge with previous granted permissions. for branch-1.4, grant keep override behavior for compatibility purpose, and a grant with mergeExistingPermission flag provided.

Description

Currently, HBase grant operation has following semantic:

hbase(main):019:0> grant 'hbase_tst', 'RW', 'ycsb'
0 row(s) in 0.0960 seconds

hbase(main):020:0> user_permission 'ycsb'
User                                                         Namespace,Table,Family,Qualifier:Permission                                                                                                                                                                                                                                               
 hbase_tst                                                   default,ycsb,,: [Permission:actions=READ,WRITE]                                                                                                                                                                                                           
1 row(s) in 0.0550 seconds

hbase(main):021:0> grant 'hbase_tst', 'CA', 'ycsb'
0 row(s) in 0.0820 seconds

hbase(main):022:0> user_permission 'ycsb'
User                                                         Namespace,Table,Family,Qualifier:Permission                                                                                                                                       
 hbase_tst                                                   default,ycsb,,: [Permission: actions=CREATE,ADMIN]                                                                                                                                
1 row(s) in 0.0490 seconds

Later permission will replace previous granted permissions, which confused most of HBase administrator.

It's seems more reasonable that HBase merge multiple granted permission.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HBASE-17472.branch-1.3.v6.patch
16/Feb/17 10:28
47 kB
Zheng Hu
HBASE-17472.branch-1.v6.patch
16/Feb/17 15:08
47 kB
Zheng Hu
HBASE-17472.branch-1.v7.patch
17/Feb/17 02:59
48 kB
Zheng Hu
HBASE-17472.master.v6.patch
16/Feb/17 07:43
45 kB
Zheng Hu
HBASE-17472.master.v6.patch
16/Feb/17 07:33
45 kB
Zheng Hu
HBASE-17472.master.v7.patch
17/Feb/17 04:18
42 kB
Zheng Hu
HBASE-17472.v1.patch
07/Feb/17 13:10
43 kB
Zheng Hu
HBASE-17472.v2.patch
07/Feb/17 13:38
42 kB
Zheng Hu
HBASE-17472.v3.patch
08/Feb/17 03:59
44 kB
Zheng Hu
HBASE-17472.v4.patch
15/Feb/17 03:53
44 kB
Zheng Hu
HBASE-17472.v5.patch
15/Feb/17 08:40
46 kB
Zheng Hu

Issue Links

links to

Review Link

Sub-Tasks

Add a flag for grant ruby shell command to merge existing permissions.

Open

Zheng Hu

Activity

People

Assignee:: Zheng Hu

Reporter:: Zheng Hu

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 16/Jan/17 04:15

Updated:: 14/Feb/18 01:59

Resolved:: 20/Feb/17 12:37