You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Guanghao Zhang (JIRA)" <ji...@apache.org> on 2019/03/04 09:02:00 UTC
[jira] [Reopened] (HBASE-21255) [acl] Refactor TablePermission into
three classes (Global, Namespace, Table)
[ https://issues.apache.org/jira/browse/HBASE-21255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Guanghao Zhang reopened HBASE-21255:
------------------------------------
> [acl] Refactor TablePermission into three classes (Global, Namespace, Table)
> ----------------------------------------------------------------------------
>
> Key: HBASE-21255
> URL: https://issues.apache.org/jira/browse/HBASE-21255
> Project: HBase
> Issue Type: Improvement
> Reporter: Reid Chan
> Assignee: Reid Chan
> Priority: Major
> Labels: ACLs, security-issue
> Fix For: 3.0.0, 2.2.0
>
> Attachments: HBASE-21225.master.001.patch, HBASE-21225.master.002.patch, HBASE-21225.master.007.patch, HBASE-21225.master.008.patch, HBASE-21225.master.009.patch, HBASE-21225.master.009.patch, HBASE-21255.master.003.patch, HBASE-21255.master.004.patch, HBASE-21255.master.005.patch, HBASE-21255.master.006.patch, HBASE-21255.master.006.patch
>
>
> A TODO in {{TablePermission.java}}
> {code:java}
> //TODO refactor this class
> //we need to refacting this into three classes (Global, Table, Namespace)
> {code}
> Change Notes:
> * Divide origin TablePermission into three classes GlobalPermission, NamespacePermission, TablePermission
> * New UserPermission consists of a user name(string, not byte[], for convenience) and a permission in one of [Global, Namespace, Table]Permission.
> * Rename TableAuthManager to AuthManager(it is IA.P), and rename some methods for readability.
> * Make PermissionCache thread safe, and the ListMultiMap is changed to Set.
> * User cache and group cache in AuthManager is combined together.
> * Wire proto is kept, BC should be under guarantee.
> * Fix HBASE-21390.
> * Resolve a small {{TODO}} global entry should be handled differently in AccessControlLists
> * Add a new api in {{Permission#getAccessScope()}}
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)