You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@hbase.apache.org by "Guanghao Zhang (JIRA)" <ji...@apache.org> on 2019/03/04 09:02:00 UTC

[jira] [Reopened] (HBASE-21255) [acl] Refactor TablePermission into three classes (Global, Namespace, Table)

     [ https://issues.apache.org/jira/browse/HBASE-21255?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Guanghao Zhang reopened HBASE-21255:
------------------------------------

> [acl] Refactor TablePermission into three classes (Global, Namespace, Table)
> ----------------------------------------------------------------------------
>
>                 Key: HBASE-21255
>                 URL: https://issues.apache.org/jira/browse/HBASE-21255
>             Project: HBase
>          Issue Type: Improvement
>            Reporter: Reid Chan
>            Assignee: Reid Chan
>            Priority: Major
>              Labels: ACLs, security-issue
>             Fix For: 3.0.0, 2.2.0
>
>         Attachments: HBASE-21225.master.001.patch, HBASE-21225.master.002.patch, HBASE-21225.master.007.patch, HBASE-21225.master.008.patch, HBASE-21225.master.009.patch, HBASE-21225.master.009.patch, HBASE-21255.master.003.patch, HBASE-21255.master.004.patch, HBASE-21255.master.005.patch, HBASE-21255.master.006.patch, HBASE-21255.master.006.patch
>
>
> A TODO in {{TablePermission.java}}
> {code:java}
>   //TODO refactor this class
>   //we need to refacting this into three classes (Global, Table, Namespace)
> {code}
> Change Notes:
>  * Divide origin TablePermission into three classes GlobalPermission, NamespacePermission, TablePermission
>  * New UserPermission consists of a user name(string, not byte[], for convenience) and a permission in one of [Global, Namespace, Table]Permission.
>  * Rename TableAuthManager to AuthManager(it is IA.P), and rename some methods for readability.
>  * Make PermissionCache thread safe, and the ListMultiMap is changed to Set.
>  * User cache and group cache in AuthManager is combined together.
>  * Wire proto is kept, BC should be under guarantee.
>  * Fix HBASE-21390.
>  * Resolve a small {{TODO}} global entry should be handled differently in AccessControlLists
>  * Add a new api in {{Permission#getAccessScope()}}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)