You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Matteo Bertozzi (JIRA)" <ji...@apache.org> on 2012/05/21 22:03:41 UTC
[jira] [Created] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Matteo Bertozzi created HBASE-6061:
--------------------------------------
Summary: Fix ACL "Admin" Table inconsistent permission check
Key: HBASE-6061
URL: https://issues.apache.org/jira/browse/HBASE-6061
Project: HBase
Issue Type: Sub-task
Components: security
Affects Versions: 0.94.0, 0.92.1, 0.96.0
Reporter: Matteo Bertozzi
Assignee: Matteo Bertozzi
Fix For: 0.92.2, 0.96.0, 0.94.1
the requirePermission() check for "admin" operation on a table is currently inconsistent.
Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280583#comment-13280583 ]
Hadoop QA commented on HBASE-6061:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12528508/HBASE-6061-0.92.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no new tests are needed for this patch.
Also please list what manual steps were performed to verify this patch.
+1 hadoop23. The patch compiles against the hadoop 0.23.x profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 33 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.replication.TestReplication
org.apache.hadoop.hbase.regionserver.TestSplitTransactionOnCluster
org.apache.hadoop.hbase.replication.TestMultiSlaveReplication
org.apache.hadoop.hbase.replication.TestMasterReplication
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/1951//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/1951//artifact/trunk/patchprocess/newPatchFindbugsWarnings.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/1951//console
This message is automatically generated.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282191#comment-13282191 ]
Laxman commented on HBASE-6061:
-------------------------------
Thanks Ted. Filed under HBASE-6086.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280681#comment-13280681 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-0.94 #207 (See [https://builds.apache.org/job/HBase-0.94/207/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341267)
Result = FAILURE
tedyu :
Files :
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Zhihong Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280615#comment-13280615 ]
Zhihong Yu commented on HBASE-6061:
-----------------------------------
Integrated to 0.92, 0.94 and trunk.
Thanks for the patch, Matteo.
Thanks for the review, Andy.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Status: Patch Available (was: Open)
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.92.1, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280448#comment-13280448 ]
Andrew Purtell commented on HBASE-6061:
---------------------------------------
+1 yes, this is better, since the direction here is to let the creator take any action on the table, pulling up the logic to a small helper method is cleaner, fixes the issue, and will avoid error going forward.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Attachment: HBASE-6061-v0.patch
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Attachment: HBASE-6061-v1.patch
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280694#comment-13280694 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-0.92 #416 (See [https://builds.apache.org/job/HBase-0.92/416/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341268)
Result = FAILURE
tedyu :
Files :
* /hbase/branches/0.92/CHANGES.txt
* /hbase/branches/0.92/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282173#comment-13282173 ]
Laxman commented on HBASE-6061:
-------------------------------
Sorry for late reporting.
Still some inconsistency exists after patch. We actually need to check for table permissions instead of global permissions here.
{code}
+ private void requireTableAdminPermission(MasterCoprocessorEnvironment e,
+ byte[] tableName) throws IOException {
+ if (isActiveUserTableOwner(e, tableName)) {
+ requirePermission(Permission.Action.CREATE);
+ } else {
+ requirePermission(Permission.Action.ADMIN);
+ }
+ }
{code}
I think this needs to be handled as separate jira.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13283269#comment-13283269 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-0.92-security #108 (See [https://builds.apache.org/job/HBase-0.92-security/108/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341268)
Result = FAILURE
tedyu :
Files :
* /hbase/branches/0.92/CHANGES.txt
* /hbase/branches/0.92/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Zhihong Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282176#comment-13282176 ]
Zhihong Yu commented on HBASE-6061:
-----------------------------------
Opening another issue is fine.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Attachment: HBASE-6061-v1.patch
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Zhihong Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Zhihong Yu updated HBASE-6061:
------------------------------
Resolution: Fixed
Hadoop Flags: Reviewed
Status: Resolved (was: Patch Available)
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280680#comment-13280680 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-TRUNK #2914 (See [https://builds.apache.org/job/HBase-TRUNK/2914/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341265)
Result = FAILURE
tedyu :
Files :
* /hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13281290#comment-13281290 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-0.94-security #28 (See [https://builds.apache.org/job/HBase-0.94-security/28/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341267)
Result = FAILURE
tedyu :
Files :
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Zhihong Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280516#comment-13280516 ]
Zhihong Yu commented on HBASE-6061:
-----------------------------------
@Matteo:
Do you mind providing patch for 0.92 / 0.94 ?
The directory structure has changed.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280459#comment-13280459 ]
Matteo Bertozzi commented on HBASE-6061:
----------------------------------------
Not related but maybe we can squeeze into this one... preCheckAndPut() and preCheckAndDelete() checks for READ when they also want to WRITE...
for me checking for WRITE permission is the right thing... what do you say about that? keep READ, replace with WRITE.. open new jira?
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280508#comment-13280508 ]
Hadoop QA commented on HBASE-6061:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12528475/HBASE-6061-v0.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no new tests are needed for this patch.
Also please list what manual steps were performed to verify this patch.
+1 hadoop23. The patch compiles against the hadoop 0.23.x profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 33 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.replication.TestReplication
org.apache.hadoop.hbase.replication.TestMultiSlaveReplication
org.apache.hadoop.hbase.replication.TestMasterReplication
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/1947//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/1947//artifact/trunk/patchprocess/newPatchFindbugsWarnings.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/1947//console
This message is automatically generated.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282190#comment-13282190 ]
Matteo Bertozzi commented on HBASE-6061:
----------------------------------------
@Laxman
{quote}Still some inconsistency exists after patch. We actually need to check for table permissions instead of global permissions here.{quote}
Is a different permission check not an inconsistent state...
HBASE-5372 was opened to change from global rights to table rights.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Lars Hofhansl (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lars Hofhansl closed HBASE-6061.
--------------------------------
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.94.1, 0.96.0
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Attachment: (was: HBASE-6061-v1.patch)
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Matteo Bertozzi updated HBASE-6061:
-----------------------------------
Attachment: HBASE-6061-0.92.patch
Attached the 0.92 patch, also good for 0.94
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280652#comment-13280652 ]
Hudson commented on HBASE-6061:
-------------------------------
Integrated in HBase-TRUNK-on-Hadoop-2.0.0 #13 (See [https://builds.apache.org/job/HBase-TRUNK-on-Hadoop-2.0.0/13/])
HBASE-6061 Fix ACL "Admin" Table inconsistent permission check (Matteo Bertozzi) (Revision 1341265)
Result = FAILURE
tedyu :
Files :
* /hbase/trunk/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280466#comment-13280466 ]
Andrew Purtell commented on HBASE-6061:
---------------------------------------
bq. Not related but maybe we can squeeze into this one... preCheckAndPut() and preCheckAndDelete() checks for READ when they also want to WRITE
Yes, new jira.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Zhihong Yu (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280442#comment-13280442 ]
Zhihong Yu commented on HBASE-6061:
-----------------------------------
Minor comment:
{code}
+ * If current user is the table owner, and has CREATE permission is a table admin,
{code}
', and has CREATE permission is a table admin' -> ' and has CREATE permission, then he/she has table admin permission.' (wrap if line is too long)
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-v0.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6061) Fix ACL "Admin" Table inconsistent
permission check
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6061?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13280540#comment-13280540 ]
Hadoop QA commented on HBASE-6061:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12528491/HBASE-6061-v1.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no new tests are needed for this patch.
Also please list what manual steps were performed to verify this patch.
+1 hadoop23. The patch compiles against the hadoop 0.23.x profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 33 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.replication.TestReplication
org.apache.hadoop.hbase.replication.TestMultiSlaveReplication
org.apache.hadoop.hbase.replication.TestMasterReplication
org.apache.hadoop.hbase.master.TestSplitLogManager
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/1950//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/1950//artifact/trunk/patchprocess/newPatchFindbugsWarnings.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/1950//console
This message is automatically generated.
> Fix ACL "Admin" Table inconsistent permission check
> ---------------------------------------------------
>
> Key: HBASE-6061
> URL: https://issues.apache.org/jira/browse/HBASE-6061
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl, security
> Fix For: 0.92.2, 0.96.0, 0.94.1
>
> Attachments: HBASE-6061-0.92.patch, HBASE-6061-v0.patch, HBASE-6061-v1.patch
>
>
> the requirePermission() check for "admin" operation on a table is currently inconsistent.
> Table Owner with CREATE rights (that means, the owner has created that table) can enable/disable and delete the table but needs ADMIN rights to add/remove/modify a column.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira