You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hbase.apache.org by ss...@apache.org on 2015/04/27 05:13:55 UTC
hbase git commit: HBASE-13359 Update ACL matrix to include table
owner.
Repository: hbase
Updated Branches:
refs/heads/master 75507af9f -> 4182fc1a9
HBASE-13359 Update ACL matrix to include table owner.
Project: http://git-wip-us.apache.org/repos/asf/hbase/repo
Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/4182fc1a
Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/4182fc1a
Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/4182fc1a
Branch: refs/heads/master
Commit: 4182fc1a9bc261f50efd7efd27c61a702bc1bfbf
Parents: 75507af
Author: Srikanth Srungarapu <ss...@cloudera.com>
Authored: Sun Apr 26 20:13:23 2015 -0700
Committer: Srikanth Srungarapu <ss...@cloudera.com>
Committed: Sun Apr 26 20:13:23 2015 -0700
----------------------------------------------------------------------
.../asciidoc/_chapters/appendix_acl_matrix.adoc | 94 ++++++++++----------
1 file changed, 47 insertions(+), 47 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/hbase/blob/4182fc1a/src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
----------------------------------------------------------------------
diff --git a/src/main/asciidoc/_chapters/appendix_acl_matrix.adoc b/src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
index bf35c1a..cb285f3 100644
--- a/src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
+++ b/src/main/asciidoc/_chapters/appendix_acl_matrix.adoc
@@ -81,77 +81,77 @@ In case the table goes out of date, the unit tests which check for accuracy of p
|===
| Interface | Operation | Permissions
| Master | createTable | superuser\|global\(C)\|NS\(C)
-| | modifyTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | deleteTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | truncateTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | addColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | modifyColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)\|column(A)\|column\(C)
-| | deleteColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)\|column(A)\|column\(C)
-| | enableTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | disableTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
+| | modifyTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | deleteTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | truncateTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | addColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | modifyColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)\|column(A)\|column\(C)
+| | deleteColumn | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)\|column(A)\|column\(C)
+| | enableTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | disableTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
| | disableAclTable | Not allowed
-| | move | superuser\|global(A)\|NS(A)\|Table(A)
-| | assign | superuser\|global(A)\|NS(A)\|Table(A)
-| | unassign | superuser\|global(A)\|NS(A)\|Table(A)
-| | regionOffline | superuser\|global(A)\|NS(A)\|Table(A)
+| | move | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
+| | assign | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
+| | unassign | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
+| | regionOffline | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
| | balance | superuser\|global(A)
| | balanceSwitch | superuser\|global(A)
| | shutdown | superuser\|global(A)
| | stopMaster | superuser\|global(A)
-| | snapshot | superuser\|global(A)\|NS(A)\|Table(A)
+| | snapshot | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
| | listSnapshot | superuser\|global(A)\|SnapshotOwner
| | cloneSnapshot | superuser\|global(A)
-| | restoreSnapshot | superuser\|global(A)\|SnapshotOwner & (NS(A)\|Table(A))
+| | restoreSnapshot | superuser\|global(A)\|SnapshotOwner & (NS(A)\|TableOwner\|table(A))
| | deleteSnapshot | superuser\|global(A)\|SnapshotOwner
| | createNamespace | superuser\|global(A)
| | deleteNamespace | superuser\|global(A)
| | modifyNamespace | superuser\|global(A)
| | getNamespaceDescriptor | superuser\|global(A)\|NS(A)
| | listNamespaceDescriptors* | superuser\|global(A)\|NS(A)
-| | flushTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS(\C)\|table(A)\|table\(C)
-| | getTableDescriptors* | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|table(A)\|table\(C)
-| | getTableNames* | Any global or table perm
+| | flushTable | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | getTableDescriptors* | superuser\|global(A)\|global\(C)\|NS(A)\|NS\(C)\|TableOwner\|table(A)\|table\(C)
+| | getTableNames* | superuser\|TableOwner\|Any global or table perm
| | setUserQuota(global level) | superuser\|global(A)
| | setUserQuota(namespace level) | superuser\|global(A)
-| | setUserQuota(Table level) | superuser\|global(A)\|NS(A)\|Table(A)
-| | setTableQuota | superuser\|global(A)\|NS(A)\|Table(A)
+| | setUserQuota(Table level) | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
+| | setTableQuota | superuser\|global(A)\|NS(A)\|TableOwner\|table(A)
| | setNamespaceQuota | superuser\|global(A)
| Region | openRegion | superuser\|global(A)
| | closeRegion | superuser\|global(A)
-| | flush | superuser\|global(A)\|global\(C)\|table(A)\|table\(C)
-| | split | superuser\|global(A)\|Table(A)
-| | compact | superuser\|global(A)\|global\(C)\|table(A)\|table\(C)
-| | getClosestRowBefore | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | getOp | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | exists | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | put | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | delete | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | batchMutate | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | checkAndPut | superuser\|global(RW)\|NS(RW)\|Table(RW)\|CF(RW)\|CQ(RW)
-| | checkAndPutAfterRowLock | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | checkAndDelete | superuser\|global(RW)\|NS(RW)\|Table(RW)\|CF(RW)\|CQ(RW)
-| | checkAndDeleteAfterRowLock | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | incrementColumnValue | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | append | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | appendAfterRowLock | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | increment | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | incrementAfterRowLock | superuser\|global(W)\|NS(W)\|Table(W)\|CF(W)\|CQ(W)
-| | scannerOpen | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | scannerNext | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | scannerClose | superuser\|global\(R)\|NS\(R)\|Table\(R)\|CF\(R)\|CQ\(R)
-| | bulkLoadHFile | superuser\|global\(C)\|table\(C)\|CF\(C)
-| | prepareBulkLoad | superuser\|global\(C)\|table\(C)\|CF\(C)
-| | cleanupBulkLoad | superuser\|global\(C)\|table\(C)\|CF\(C)
-| Endpoint | invoke | superuser\|global(X)\|NS(X)\|Table(X)
+| | flush | superuser\|global(A)\|global\(C)\|TableOwner\|table(A)\|table\(C)
+| | split | superuser\|global(A)\|TableOwner\|TableOwner\|table(A)
+| | compact | superuser\|global(A)\|global\(C)\|TableOwner\|table(A)\|table\(C)
+| | getClosestRowBefore | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | getOp | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | exists | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | put | superuser\|global(W)\|NS(W)\|table(W)\|TableOwner\|CF(W)\|CQ(W)
+| | delete | superuser\|global(W)\|NS(W)\|table(W)\|TableOwner\|CF(W)\|CQ(W)
+| | batchMutate | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | checkAndPut | superuser\|global(RW)\|NS(RW)\|TableOwner\|table(RW)\|CF(RW)\|CQ(RW)
+| | checkAndPutAfterRowLock | superuser\|global\(R)\|NS\(R)\|TableOwner\|Table\(R)\|CF\(R)\|CQ\(R)
+| | checkAndDelete | superuser\|global(RW)\|NS(RW)\|TableOwner\|table(RW)\|CF(RW)\|CQ(RW)
+| | checkAndDeleteAfterRowLock | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | incrementColumnValue | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | append | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | appendAfterRowLock | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | increment | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | incrementAfterRowLock | superuser\|global(W)\|NS(W)\|TableOwner\|table(W)\|CF(W)\|CQ(W)
+| | scannerOpen | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | scannerNext | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | scannerClose | superuser\|global\(R)\|NS\(R)\|TableOwner\|table\(R)\|CF\(R)\|CQ\(R)
+| | bulkLoadHFile | superuser\|global\(C)\|TableOwner\|table\(C)\|CF\(C)
+| | prepareBulkLoad | superuser\|global\(C)\|TableOwner\|table\(C)\|CF\(C)
+| | cleanupBulkLoad | superuser\|global\(C)\|TableOwner\|table\(C)\|CF\(C)
+| Endpoint | invoke | superuser\|global(X)\|NS(X)\|TableOwner\|table(X)
| AccessController | grant(global level) | global(A)
| | grant(namespace level) | global(A)\|NS(A)
-| | grant(table level) | global(A)\|NS(A)\|table(A)\|CF(A)\|CQ(A)
+| | grant(table level) | global(A)\|NS(A)\|TableOwner\|table(A)\|CF(A)\|CQ(A)
| | revoke(global level) | global(A)
| | revoke(namespace level) | global(A)\|NS(A)
-| | revoke(table level) | global(A)\|NS(A)\|table(A)\|CF(A)\|CQ(A)
+| | revoke(table level) | global(A)\|NS(A)\|TableOwner\|table(A)\|CF(A)\|CQ(A)
| | getUserPermissions(global level) | global(A)
| | getUserPermissions(namespace level) | global(A)\|NS(A)
-| | getUserPermissions(table level) | global(A)\|NS(A)\|table(A)\|CF(A)\|CQ(A)
+| | getUserPermissions(table level) | global(A)\|NS(A)\|TableOwner\|table(A)\|CF(A)\|CQ(A)
| RegionServer | stopRegionServer | superuser\|global(A)
| | mergeRegions | superuser\|global(A)
| | rollWALWriterRequest | superuser\|global(A)