[PHOENIX-4528] PhoenixAccessController checks permissions only at table level when creating views - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 4.14.0, 5.0.0
Component/s: None
Labels:
None

Description

The PhoenixAccessController#preCreateTable() method is invoked everytime a user wants to create a view on a base table. The requireAccess() method takes in tableName as the parameter and checks for user permissions only at that table level. The correct approach is to also check permissions at namespace level, since it is at a larger scope than per table level.

For example, if the table name is TEST_SCHEMA.TEST_TABLE, it will created as TEST_SCHEMA:TEST_TABLE HBase table is namespace mapping is enabled. View creation on this table would fail if permissions are granted to just TEST_SCHEMA and not on TEST_TABLE. It works correctly if same permissions are granted at table level too.

FYI. ankit.singhal twdsilva@gmail.com

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

PHOENIX-4528.repro-test.diff
12/Jan/18 08:28
2 kB
Karan Mehta
PHOENIX-4528.master.001.patch
17/Jan/18 23:42
14 kB
Karan Mehta
PHOENIX-4528.001.patch
14/Jan/18 01:20
14 kB
Karan Mehta
PHOENIX-4528_5.x-HBase-2.0.patch
09/Apr/18 19:00
12 kB
Rajeshbabu Chintaguntla
PHOENIX-4528_5.x-HBase-2.0_v3.patch
14/Jun/18 22:40
16 kB
Rajeshbabu Chintaguntla
PHOENIX-4528_5.x-HBase-2.0_v2.patch
31/May/18 10:38
17 kB
Rajeshbabu Chintaguntla

Issue Links

links to

GitHub Pull Request #289

Activity

People

Assignee:: Karan Mehta

Reporter:: Karan Mehta

Votes:: 0 Vote for this issue

Watchers:: 6 Start watching this issue

Dates

Created:: 11/Jan/18 23:32

Updated:: 26/Jul/18 01:16

Resolved:: 17/Jan/18 23:43