You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Istvan Toth (Jira)" <ji...@apache.org> on 2022/01/07 07:40:00 UTC
[jira] [Created] (HBASE-26652) Unintuitive AccesControlClient.getUserPermissions() semantics
Istvan Toth created HBASE-26652:
-----------------------------------
Summary: Unintuitive AccesControlClient.getUserPermissions() semantics
Key: HBASE-26652
URL: https://issues.apache.org/jira/browse/HBASE-26652
Project: HBase
Issue Type: Improvement
Components: acl
Reporter: Istvan Toth
The behaviour of the AccesControlClient.getUserPermissions() calls is unintuitive.
It takes a tablename regex, and return the union of all permissinons on all tables that it matches.
While the returned UserPermission objects do have the information on the object they apply to, this still requires post-processing the results.
To get the permissions for a single table, one has to either do something like
Admin.getTablePermission(conn, "^"+tableName.getNameWithNamespaceInclAsString()+"$")
or post-process the results of the call.
We should add some methods that return the permission for a single table / family / qualifier without making the caller jump though hoops, or at least call out the non-intuitive behavior in the Javadoc, and advise on how to use the API to get the results the caller likely wants.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)