You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by gx...@apache.org on 2020/04/14 02:43:42 UTC

[hbase] branch branch-2 updated: HBASE-24176 user_permission '.*' command failed to show all table permissions (#1499)

This is an automated email from the ASF dual-hosted git repository.

gxcheng pushed a commit to branch branch-2
in repository https://gitbox.apache.org/repos/asf/hbase.git


The following commit(s) were added to refs/heads/branch-2 by this push:
     new a66bd7a  HBASE-24176 user_permission '.*' command failed to show all table permissions (#1499)
a66bd7a is described below

commit a66bd7a7690534d592f71eb5a10f6e0d31e63873
Author: EEPROM <so...@users.noreply.github.com>
AuthorDate: Tue Apr 14 10:14:21 2020 +0800

    HBASE-24176 user_permission '.*' command failed to show all table permissions (#1499)
    
    * user_permission failed when show table permissions with '.*' argument
    
    Signed-off-by: Guangxu Cheng <gx...@apache.org>
---
 hbase-shell/src/main/ruby/hbase/security.rb            | 6 +++++-
 hbase-shell/src/test/ruby/hbase/security_admin_test.rb | 9 +++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 570cdeb..6157ded 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -150,7 +150,7 @@ module Hbase
         if !table_regex.nil? && isNamespace?(table_regex)
           nsPerm = permission.to_java(org.apache.hadoop.hbase.security.access.NamespacePermission)
           namespace = nsPerm.getNamespace
-        elsif !table_regex.nil?
+        elsif !table_regex.nil? && isTablePermission?(permission)
           tblPerm = permission.to_java(org.apache.hadoop.hbase.security.access.TablePermission)
           namespace = tblPerm.getNamespace
           table = !tblPerm.getTableName.nil? ? tblPerm.getTableName.getNameAsString : ''
@@ -183,6 +183,10 @@ module Hbase
       table_name.start_with?('@')
     end
 
+    def isTablePermission?(permission)
+      permission.java_kind_of?(org.apache.hadoop.hbase.security.access.TablePermission)
+    end
+
     # Does Namespace exist
     def namespace_exists?(namespace_name)
       return !@admin.getNamespaceDescriptor(namespace_name).nil?
diff --git a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
index e19c22c..e1360c2 100644
--- a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
@@ -92,6 +92,15 @@ module Hbase
       assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
 
       found_permission = false
+      security_admin.user_permission('.*') do |user, permission|
+        if user == global_user_name
+          assert_match(/WRITE/, permission.to_s)
+          found_permission = true
+        end
+      end
+      assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
+
+      found_permission = false
       security_admin.revoke(global_user_name)
       security_admin.user_permission do |user, _|
         found_permission = true if user == global_user_name