You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "ramkrishna.s.vasudevan (JIRA)" <ji...@apache.org> on 2014/06/25 13:23:24 UTC

[jira] [Commented] (HBASE-11384) [Visibility Controller]Check for users covering authorizations for every mutation

    [ https://issues.apache.org/jira/browse/HBASE-11384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14043341#comment-14043341 ] 

ramkrishna.s.vasudevan commented on HBASE-11384:
------------------------------------------------

For the Puts that happen through MR also should be validated against the user? Currently we are supporting loading of Visibility labels thro ImportTSV tool.

> [Visibility Controller]Check for users covering authorizations for every mutation
> ---------------------------------------------------------------------------------
>
>                 Key: HBASE-11384
>                 URL: https://issues.apache.org/jira/browse/HBASE-11384
>             Project: HBase
>          Issue Type: Sub-task
>    Affects Versions: 0.98.3
>            Reporter: ramkrishna.s.vasudevan
>            Assignee: ramkrishna.s.vasudevan
>             Fix For: 0.99.0, 0.98.5
>
>         Attachments: HBASE-11384.patch
>
>
> As part of discussions, it is better that every mutation either Put/Delete with Visibility expressions should validate if the expression has labels for which the user has authorization.  If not fail the mutation.
> Suppose User A is assoicated with A,B and C.  The put has a visibility expression A&D. Then fail the mutation as D is not associated with User A.



--
This message was sent by Atlassian JIRA
(v6.2#6252)