You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Appy (JIRA)" <ji...@apache.org> on 2018/02/14 02:00:00 UTC
[jira] [Commented] (HBASE-17472) Correct the semantic of
permission grant
[ https://issues.apache.org/jira/browse/HBASE-17472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16363368#comment-16363368 ]
Appy commented on HBASE-17472:
------------------------------
Sorry for ultra late review.
Seeing the final patch which was committed to branch-1.4, the value of flag is always false, and the one which was committed to master, the flag is always true for production code (there are a few false in only test code, but that shouldn't count).
Going by that high level picture, it feels like we didn't need to make any change in branch-1.4 since adding a param always setting it to false is a no-op.
And for master, only the change to AccessControlLists#addUserPermission would have been sufficient.
We didn't need any new param or updating anything else.
What am i missing?
> Correct the semantic of permission grant
> -----------------------------------------
>
> Key: HBASE-17472
> URL: https://issues.apache.org/jira/browse/HBASE-17472
> Project: HBase
> Issue Type: Improvement
> Components: Admin
> Affects Versions: 2.0.0, 1.4.0
> Reporter: Zheng Hu
> Assignee: Zheng Hu
> Priority: Major
> Fix For: 2.0.0, 1.4.0
>
> Attachments: HBASE-17472.branch-1.3.v6.patch, HBASE-17472.branch-1.v6.patch, HBASE-17472.branch-1.v7.patch, HBASE-17472.master.v6.patch, HBASE-17472.master.v6.patch, HBASE-17472.master.v7.patch, HBASE-17472.v1.patch, HBASE-17472.v2.patch, HBASE-17472.v3.patch, HBASE-17472.v4.patch, HBASE-17472.v5.patch
>
>
> Currently, HBase grant operation has following semantic:
> {code}
> hbase(main):019:0> grant 'hbase_tst', 'RW', 'ycsb'
> 0 row(s) in 0.0960 seconds
> hbase(main):020:0> user_permission 'ycsb'
> User Namespace,Table,Family,Qualifier:Permission
> hbase_tst default,ycsb,,: [Permission:actions=READ,WRITE]
> 1 row(s) in 0.0550 seconds
> hbase(main):021:0> grant 'hbase_tst', 'CA', 'ycsb'
> 0 row(s) in 0.0820 seconds
> hbase(main):022:0> user_permission 'ycsb'
> User Namespace,Table,Family,Qualifier:Permission
> hbase_tst default,ycsb,,: [Permission: actions=CREATE,ADMIN]
> 1 row(s) in 0.0490 seconds
> {code}
> Later permission will replace previous granted permissions, which confused most of HBase administrator.
> It's seems more reasonable that HBase merge multiple granted permission.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)