Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-17472

Correct the semantic of permission grant

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 1.4.0, 2.0.0
    • Fix Version/s: 1.4.0, 2.0.0
    • Component/s: Admin
    • Labels:
      None
    • Hadoop Flags:
      Incompatible change, Reviewed
    • Release Note:
      Hide
      Before this patch, later granted permissions will override previous granted permissions, and previous granted permissions LOST. this issue re-define grant semantic: for master branch, later granted permissions will merge with previous granted permissions. for branch-1.4, grant keep override behavior for compatibility purpose, and a grant with mergeExistingPermission flag provided.
      Show
      Before this patch, later granted permissions will override previous granted permissions, and previous granted permissions LOST. this issue re-define grant semantic: for master branch, later granted permissions will merge with previous granted permissions. for branch-1.4, grant keep override behavior for compatibility purpose, and a grant with mergeExistingPermission flag provided.

      Description

      Currently, HBase grant operation has following semantic:

      hbase(main):019:0> grant 'hbase_tst', 'RW', 'ycsb'
      0 row(s) in 0.0960 seconds
      
      hbase(main):020:0> user_permission 'ycsb'
      User                                                         Namespace,Table,Family,Qualifier:Permission                                                                                                                                                                                                                                               
       hbase_tst                                                   default,ycsb,,: [Permission:actions=READ,WRITE]                                                                                                                                                                                                           
      1 row(s) in 0.0550 seconds
      
      hbase(main):021:0> grant 'hbase_tst', 'CA', 'ycsb'
      0 row(s) in 0.0820 seconds
      
      hbase(main):022:0> user_permission 'ycsb'
      User                                                         Namespace,Table,Family,Qualifier:Permission                                                                                                                                       
       hbase_tst                                                   default,ycsb,,: [Permission: actions=CREATE,ADMIN]                                                                                                                                
      1 row(s) in 0.0490 seconds
      
      

      Later permission will replace previous granted permissions, which confused most of HBase administrator.

      It's seems more reasonable that HBase merge multiple granted permission.

        Attachments

        1. HBASE-17472.branch-1.3.v6.patch
          47 kB
          Zheng Hu
        2. HBASE-17472.branch-1.v6.patch
          47 kB
          Zheng Hu
        3. HBASE-17472.branch-1.v7.patch
          48 kB
          Zheng Hu
        4. HBASE-17472.master.v6.patch
          45 kB
          Zheng Hu
        5. HBASE-17472.master.v6.patch
          45 kB
          Zheng Hu
        6. HBASE-17472.master.v7.patch
          42 kB
          Zheng Hu
        7. HBASE-17472.v1.patch
          43 kB
          Zheng Hu
        8. HBASE-17472.v2.patch
          42 kB
          Zheng Hu
        9. HBASE-17472.v3.patch
          44 kB
          Zheng Hu
        10. HBASE-17472.v4.patch
          44 kB
          Zheng Hu
        11. HBASE-17472.v5.patch
          46 kB
          Zheng Hu

          Issue Links

            Activity

              People

              • Assignee:
                openinx Zheng Hu
                Reporter:
                openinx Zheng Hu
              • Votes:
                0 Vote for this issue
                Watchers:
                12 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: