You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Laxman (JIRA)" <ji...@apache.org> on 2012/05/24 06:55:41 UTC
[jira] [Created] (HBASE-6086) Admin operations on a table should be
authorized against table permissions instead of global permissions.
Laxman created HBASE-6086:
-----------------------------
Summary: Admin operations on a table should be authorized against table permissions instead of global permissions.
Key: HBASE-6086
URL: https://issues.apache.org/jira/browse/HBASE-6086
Project: HBase
Issue Type: Sub-task
Components: security
Affects Versions: 0.94.0
Reporter: Laxman
Assignee: Laxman
Still some inconsistency exists after HBASE-6061. We actually need to authorize against table permissions instead of global permissions here.
{code}
+ private void requireTableAdminPermission(MasterCoprocessorEnvironment e,
+ byte[] tableName) throws IOException {
+ if (isActiveUserTableOwner(e, tableName)) {
+ requirePermission(Permission.Action.CREATE);
+ } else {
+ requirePermission(Permission.Action.ADMIN);
+ }
+ }
{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (HBASE-6086) Admin operations on a table should
be authorized against table permissions instead of global permissions.
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6086?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell resolved HBASE-6086.
-----------------------------------
Resolution: Duplicate
> Admin operations on a table should be authorized against table permissions instead of global permissions.
> ---------------------------------------------------------------------------------------------------------
>
> Key: HBASE-6086
> URL: https://issues.apache.org/jira/browse/HBASE-6086
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0
> Reporter: Laxman
> Assignee: Laxman
> Labels: acl, security
>
> Still some inconsistency exists after HBASE-6061. We actually need to authorize against table permissions instead of global permissions here.
> {code}
> + private void requireTableAdminPermission(MasterCoprocessorEnvironment e,
> + byte[] tableName) throws IOException {
> + if (isActiveUserTableOwner(e, tableName)) {
> + requirePermission(Permission.Action.CREATE);
> + } else {
> + requirePermission(Permission.Action.ADMIN);
> + }
> + }
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6086) Admin operations on a table should
be authorized against table permissions instead of global permissions.
Posted by "Matteo Bertozzi (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282196#comment-13282196 ]
Matteo Bertozzi commented on HBASE-6086:
----------------------------------------
This is the same as HBASE-5372
> Admin operations on a table should be authorized against table permissions instead of global permissions.
> ---------------------------------------------------------------------------------------------------------
>
> Key: HBASE-6086
> URL: https://issues.apache.org/jira/browse/HBASE-6086
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0
> Reporter: Laxman
> Assignee: Laxman
> Labels: acl, security
>
> Still some inconsistency exists after HBASE-6061. We actually need to authorize against table permissions instead of global permissions here.
> {code}
> + private void requireTableAdminPermission(MasterCoprocessorEnvironment e,
> + byte[] tableName) throws IOException {
> + if (isActiveUserTableOwner(e, tableName)) {
> + requirePermission(Permission.Action.CREATE);
> + } else {
> + requirePermission(Permission.Action.ADMIN);
> + }
> + }
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6086) Admin operations on a table should
be authorized against table permissions instead of global permissions.
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6086?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13282197#comment-13282197 ]
Laxman commented on HBASE-6086:
-------------------------------
Thanks Mat. I will discuss in HBASE-5372.
> Admin operations on a table should be authorized against table permissions instead of global permissions.
> ---------------------------------------------------------------------------------------------------------
>
> Key: HBASE-6086
> URL: https://issues.apache.org/jira/browse/HBASE-6086
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0
> Reporter: Laxman
> Assignee: Laxman
> Labels: acl, security
>
> Still some inconsistency exists after HBASE-6061. We actually need to authorize against table permissions instead of global permissions here.
> {code}
> + private void requireTableAdminPermission(MasterCoprocessorEnvironment e,
> + byte[] tableName) throws IOException {
> + if (isActiveUserTableOwner(e, tableName)) {
> + requirePermission(Permission.Action.CREATE);
> + } else {
> + requirePermission(Permission.Action.ADMIN);
> + }
> + }
> {code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira