You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by gx...@apache.org on 2020/04/14 02:43:42 UTC
[hbase] branch branch-2 updated: HBASE-24176 user_permission '.*'
command failed to show all table permissions (#1499)
This is an automated email from the ASF dual-hosted git repository.
gxcheng pushed a commit to branch branch-2
in repository https://gitbox.apache.org/repos/asf/hbase.git
The following commit(s) were added to refs/heads/branch-2 by this push:
new a66bd7a HBASE-24176 user_permission '.*' command failed to show all table permissions (#1499)
a66bd7a is described below
commit a66bd7a7690534d592f71eb5a10f6e0d31e63873
Author: EEPROM <so...@users.noreply.github.com>
AuthorDate: Tue Apr 14 10:14:21 2020 +0800
HBASE-24176 user_permission '.*' command failed to show all table permissions (#1499)
* user_permission failed when show table permissions with '.*' argument
Signed-off-by: Guangxu Cheng <gx...@apache.org>
---
hbase-shell/src/main/ruby/hbase/security.rb | 6 +++++-
hbase-shell/src/test/ruby/hbase/security_admin_test.rb | 9 +++++++++
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 570cdeb..6157ded 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -150,7 +150,7 @@ module Hbase
if !table_regex.nil? && isNamespace?(table_regex)
nsPerm = permission.to_java(org.apache.hadoop.hbase.security.access.NamespacePermission)
namespace = nsPerm.getNamespace
- elsif !table_regex.nil?
+ elsif !table_regex.nil? && isTablePermission?(permission)
tblPerm = permission.to_java(org.apache.hadoop.hbase.security.access.TablePermission)
namespace = tblPerm.getNamespace
table = !tblPerm.getTableName.nil? ? tblPerm.getTableName.getNameAsString : ''
@@ -183,6 +183,10 @@ module Hbase
table_name.start_with?('@')
end
+ def isTablePermission?(permission)
+ permission.java_kind_of?(org.apache.hadoop.hbase.security.access.TablePermission)
+ end
+
# Does Namespace exist
def namespace_exists?(namespace_name)
return !@admin.getNamespaceDescriptor(namespace_name).nil?
diff --git a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
index e19c22c..e1360c2 100644
--- a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
@@ -92,6 +92,15 @@ module Hbase
assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
found_permission = false
+ security_admin.user_permission('.*') do |user, permission|
+ if user == global_user_name
+ assert_match(/WRITE/, permission.to_s)
+ found_permission = true
+ end
+ end
+ assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
+
+ found_permission = false
security_admin.revoke(global_user_name)
security_admin.user_permission do |user, _|
found_permission = true if user == global_user_name