Uploaded image for project: 'HBase'
  1. HBase
  2. HBASE-5352 ACL improvements
  3. HBASE-5372

Table mutation operations should check table level rights, not global rights

    XMLWordPrintableJSON

Details

    • Sub-task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 0.94.0, 0.94.1, 0.95.2
    • 0.94.1, 0.95.0
    • security
    • Reviewed
    • Huawei

    Description

      drop/modify/disable/enable etc table operations should not check for global CREATE/ADMIN rights, but table CREATE/ADMIN rights. Since we check for global permissions first for table permissions, configuring table access using global permissions will continue to work.

      Attachments

        1. HBASE-5372.patch
          5 kB
          Laxman

        Issue Links

          is duplicated by

          Sub-task - The sub-task of the issue HBASE-6086 Admin operations on a table should be authorized against table permissions instead of global permissions.

          • Major - Major loss of function.
          • Closed
          is related to

          Sub-task - The sub-task of the issue HBASE-6209 ACL Corrections for AccessControllerProtocol apis

          • Major - Major loss of function.
          • Closed

          Activity

            People

              lakshman Laxman
              enis Enis Soztutar
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: