You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@hbase.apache.org by "Ashish Singhi (JIRA)" <ji...@apache.org> on 2017/07/23 13:58:00 UTC
[jira] [Created] (HBASE-18437) Revoke access permissions of a user
from a table does not work as expected
Ashish Singhi created HBASE-18437:
-------------------------------------
Summary: Revoke access permissions of a user from a table does not work as expected
Key: HBASE-18437
URL: https://issues.apache.org/jira/browse/HBASE-18437
Project: HBase
Issue Type: Bug
Components: security
Affects Versions: 1.1.12
Reporter: Ashish Singhi
Assignee: Ashish Singhi
A table for which a user was granted 'RW' permission. Now when we want to revoke its 'W' permission only, code removes the user itself from that table permissions.
Below is the test code which reproduces the issue.
{noformat}
@Test(timeout = 180000)
public void testRevokeOnlySomePerms() throws Throwable {
TableName name = TableName.valueOf("testAgain");
HTableDescriptor htd = new HTableDescriptor(name);
HColumnDescriptor hcd = new HColumnDescriptor("cf");
htd.addFamily(hcd);
createTable(TEST_UTIL, htd);
TEST_UTIL.waitUntilAllRegionsAssigned(name);
try (Connection conn = ConnectionFactory.createConnection(conf)) {
AccessControlClient.grant(conn, name, USER_RO.getShortName(), null, null, Action.READ, Action.WRITE);
ListMultimap<String, TablePermission> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
// hbase user and USER_RO has permis
assertEquals(2, tablePermissions.size());
AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null, null, Action.READ, Action.WRITE);
tablePermissions = AccessControlLists.getTablePermissions(conf, name);
List<TablePermission> userPerm = tablePermissions.get(USER_RO.getShortName());
assertEquals(1, userPerm.size());
} finally {
deleteTable(TEST_UTIL, name);
}
}
{noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)