You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@hbase.apache.org by "Andrew Purtell (JIRA)" <ji...@apache.org> on 2012/06/07 14:54:23 UTC
[jira] [Created] (HBASE-6188) Remove the concept of table owner
Andrew Purtell created HBASE-6188:
-------------------------------------
Summary: Remove the concept of table owner
Key: HBASE-6188
URL: https://issues.apache.org/jira/browse/HBASE-6188
Project: HBase
Issue Type: Sub-task
Reporter: Andrew Purtell
The table owner concept was a design simplification in the initial drop.
First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13295948#comment-13295948 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
TestAccessController doesn't pass for me.
The new code in postCreateTable must make a special case for the ACL table. It's not possible to call AccessControlLists.addUserPermission before the ACL table is deployed, i.e. created.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292939#comment-13292939 ]
Laxman commented on HBASE-6188:
-------------------------------
Thanks Ram for pitching in.
Andy, we definitely agree to your point. Just reiterating my previous comments.
{quote}
I agree with you Andy. But if we keep DisableTable/EnableTable permission with ADMIN alone, to delete/modify a table a user should have both ADMIN and CREATE permissions. ADMIN access to disable a table and CREATE access to delete/modify the table. Or user with CREATE only access has to request the ADMIN user to disable/enable the table before/after DDL.
{quote}
So, to delete a table requires two different users or one user with both permissions. This is my only concern.
Thanks for clarification. Please provide your opinion of this.
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable
ADMIN - DisableTable, EnableTable
bq. it is a large subset of ADMIN permission.
Please note that above are two disjoint sets. That means, DDL operations can't be done by ADMIN. Hope that should make them clean.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396568#comment-13396568 ]
Laxman commented on HBASE-6188:
-------------------------------
Thanks Andy. I didn't notice TEST_UTIL.waitTableAvailable earlier.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Status: Patch Available (was: Open)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293803#comment-13293803 ]
Laxman commented on HBASE-6188:
-------------------------------
Test failures and findbugs are not relevant to the current patch.
Please review the patch.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Attachment: org.apache.hadoop.hbase.security.access.TestAccessController.txt
Patch v4 still fails for me. See attached. Testing with 'mvn -PlocalTests -Dtest=TestAccessController clean test'
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292420#comment-13292420 ]
Laxman commented on HBASE-6188:
-------------------------------
I agree with you Andy. But if we keep DisableTable/EnableTable permission with ADMIN alone, to delete/modify a table a user should have both ADMIN and CREATE permissions. ADMIN access to disable a table and CREATE access to delete/modify the table. Or user with CREATE only access has to request the ADMIN user to disable/enable the table before/after DDL.
So, I feel its better to keep DDL permissions with CREATE alone and clean separation between CREATE and ADMIN.
*Current implementation*
CREATE - CreateTable
OWNER+CREATE *or* ADMIN - AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
*Proposed implementation*
CREATE - CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Status: Patch Available (was: Open)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "ramkrishna.s.vasudevan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292878#comment-13292878 ]
ramkrishna.s.vasudevan commented on HBASE-6188:
-----------------------------------------------
@Andy
Had a small discussion with Laxman regarding the role of CREATE. I think the suggestion given by Laxman makes sense. Even if online schema modification is introduced the role of CREATE with the above said functions will still apply. Just wanted to add my thoughts in this.
Thanks Andy and Laxman.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Attachment: HBASE-6188.4.patch
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294583#comment-13294583 ]
Laxman commented on HBASE-6188:
-------------------------------
Attached the new patch after fixing the review comments.
This patch includes new testcases for owner and change of owner.
Please review.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396481#comment-13396481 ]
Hudson commented on HBASE-6188:
-------------------------------
Integrated in HBase-TRUNK #3042 (See [https://builds.apache.org/job/HBase-TRUNK/3042/])
HBASE-6188. Remove the concept of table owner (Revision 1351556)
Result = SUCCESS
apurtell :
Files :
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/HTableDescriptor.java
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* /hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Attachment: HBASE-6188.3.patch
Attached the new patch
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Comment: was deleted
(was: -1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12531920/HBASE-6188.1.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 3 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 6 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
+1 core tests. The patch passed unit tests in .
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//console
This message is automatically generated.)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393396#comment-13393396 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
@Laxman seems reasonable.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393412#comment-13393412 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532310/HBASE-6188.3.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 7 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.security.access.TestAccessController
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Comment: was deleted
(was: -1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532310/HBASE-6188.3.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 7 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.security.access.TestAccessController
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2175//console
This message is automatically generated.)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292091#comment-13292091 ]
Laxman commented on HBASE-6188:
-------------------------------
In contrast to regular RDBMS notations, I considered all the above operations as DDL. May be I coined a wrong word here.
AddColumn, DeleteColumn, DeleteTable, DisableTable, EnableTable, ModifyColumn, ModifyTable
We have the following options now.
Approach #1: DDL operations requires "C"
Approach #2: DDL operations requires "A"
Approach #3: DDL operatoins requires either "C" or "A"
Personally I prefer to go with #1 as it makes it clean.
Note that above list of operations doesn't contain CreateTable which requires "C".
So this another reason for my preference for #1.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Status: Open (was: Patch Available)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294228#comment-13294228 ]
Laxman commented on HBASE-6188:
-------------------------------
Andy, Thanks for through review.
Updated with my comments in review board.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294014#comment-13294014 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
I'm going to commit HBASE-6092 in a few minutes.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Attachment: HBASE-6188.2.patch
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393616#comment-13393616 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532345/org.apache.hadoop.hbase.security.access.TestAccessController.txt
against trunk revision .
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no new tests are needed for this patch.
Also please list what manual steps were performed to verify this patch.
-1 patch. The patch command could not apply the patch.
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2177//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396487#comment-13396487 ]
Hudson commented on HBASE-6188:
-------------------------------
Integrated in HBase-0.94 #262 (See [https://builds.apache.org/job/HBase-0.94/262/])
HBASE-6188. Remove the concept of table owner (Revision 1351557)
Result = SUCCESS
apurtell :
Files :
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
* /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/HTableDescriptor.java
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393391#comment-13393391 ]
Laxman commented on HBASE-6188:
-------------------------------
Thanks for pointing it out Andy. I couldn't notice these test failures as they are intermittent failures.
Even in QA bot build also passing. I will correct this.
{quote}
The new code in postCreateTable must make a special case for the ACL table. It's not possible to call AccessControlLists.addUserPermission before the ACL table is deployed, i.e. created.
{quote}
Introducing a check like below is fine?
{code}
public void postCreateTable(ObserverContext<MasterCoprocessorEnvironment> c,
HTableDescriptor desc, HRegionInfo[] regions) throws IOException {
if (!AccessControlLists.isAclTable(desc)) {
String owner = desc.getOwnerString();
// default the table owner to current user, if not specified.
if (owner == null) owner = getActiveUser().getShortName();
UserPermission userperm = new UserPermission(Bytes.toBytes(owner), desc.getName(), null,
Action.values());
AccessControlLists.addUserPermission(c.getEnvironment().getConfiguration(), userperm);
}
}
{code}
Apologies for the noise due to multiple submissions for this issue.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Comment: was deleted
(was: -1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532325/HBASE-6188.4.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 7 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.regionserver.TestAtomicOperation
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//console
This message is automatically generated.)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13291292#comment-13291292 ]
Laxman commented on HBASE-6188:
-------------------------------
I think we need to do the following.
1) In PostCreate - We can grant CRWA permissions to the current user(i.e. owner).
2) Remove the usage of owner (ìn AccessController).
3) Deprecate (Or remove?) owner related apis in HTableDescriptor.
4) Modify admin.rb as per #3.
Any other approach?
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Reporter: Andrew Purtell
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Component/s: security
Tags: Huawei
Labels: security (was: )
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292922#comment-13292922 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
The trouble here is CREATE loses most of its meaning when there won't be a concept of "table owner" (initialized to the creator) and it is a large subset of ADMIN permission. A user with CREATE permissions on a table can do everything except assign or move a region? Why does that make sense when disable/enable will move all of the regions around, much more disruptive?
What I am after here is a justification for keeping around the legacy permission CREATE.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Comment Edited] (HBASE-6188) Remove the concept of table
owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292076#comment-13292076 ]
Andrew Purtell edited comment on HBASE-6188 at 6/8/12 11:12 PM:
----------------------------------------------------------------
bq. Should we allow users with "C" to perform DDL?
That makes sense. CREATE permissions allow DDL but only ADMIN permission can do things like force flush, force split, etc.
Edit: Another consideration is CREATE could do DDL if online schema update is possible, but won't have permission if the table must be offlined (which would require ADMIN). The objective is to maintain the legacy CREATE permission with sufficient and useful distinction from ADMIN. If the distinction is not useful, we can consider alternatives.
was (Author: apurtell):
bq. Should we allow users with "C" to perform DDL?
That makes sense. CREATE permissions allow DDL but only ADMIN permission can do things like force flush, force split, etc.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294630#comment-13294630 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532005/HBASE-6188.2.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 6 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Fix Version/s: 0.94.1
0.96.0
Affects Version/s: 0.94.1
0.96.0
0.94.0
Status: Patch Available (was: Open)
Patch attached as per the approach discussed.
And this patch includes HBASE-6092 as that is not commited.
Please review.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Attachment: HBASE-6188.1.patch
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294468#comment-13294468 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
Posted a reply in review board.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Comment Edited] (HBASE-6188) Remove the concept of table
owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294014#comment-13294014 ]
Andrew Purtell edited comment on HBASE-6188 at 6/13/12 12:21 AM:
-----------------------------------------------------------------
HBASE-6092 has been committed.
was (Author: apurtell):
I'm going to commit HBASE-6092 in a few minutes.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13400021#comment-13400021 ]
Hudson commented on HBASE-6188:
-------------------------------
Integrated in HBase-0.94-security #37 (See [https://builds.apache.org/job/HBase-0.94-security/37/])
HBASE-6188. Remove the concept of table owner (Revision 1351557)
Result = SUCCESS
apurtell :
Files :
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
* /hbase/branches/0.94/security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* /hbase/branches/0.94/security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
* /hbase/branches/0.94/src/main/java/org/apache/hadoop/hbase/HTableDescriptor.java
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293667#comment-13293667 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12531829/HBASE-6188.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 3 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 5 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.replication.TestReplication
org.apache.hadoop.hbase.regionserver.TestServerCustomProtocol
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2150//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2150//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2150//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2150//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13291982#comment-13291982 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
The approach looks good to me.
We must deprecate and maintain owner related concepts and methods in the API for one successive major release after the deprecation, but can replace their implementation and modify the internals of admin.rb at any time.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294183#comment-13294183 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12531920/HBASE-6188.1.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 3 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 6 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
+1 core tests. The patch passed unit tests in .
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2160//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Assigned] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman reassigned HBASE-6188:
-----------------------------
Assignee: Laxman
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Reporter: Andrew Purtell
> Assignee: Laxman
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292098#comment-13292098 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
I wonder if enable/disable should be ADMIN actions because they can greatly perturb the cluster.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294514#comment-13294514 ]
Laxman commented on HBASE-6188:
-------------------------------
bq. 1) In PostCreate - We can grant CRWA permissions to the current user(i.e. owner).
I was thinking to ignoring the owner and PostCreate will make use of getActiveUser() to get the requested user. But, as per your comments, i understand that, we still need to consider owner to make it backward compatible.
bq. Forgot to mention that also this needs to happen if the table owner is changed via setOwner().
I think this needs to be handled in postModifyTable. But I can see that raises some more questions.
* Should we revoke permissions for old owner? If yes, how do we track old owner in postModify?
Please correct me if my understanding is incorrect.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293332#comment-13293332 ]
Laxman commented on HBASE-6188:
-------------------------------
bq. CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
bq. ADMIN - All of the above plus Flush, Split, Compact
Thanks a lot Andy. I will consider this.
I didn't consider flush, split and compact as the context is DDL.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293128#comment-13293128 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
bq. DDL operations can't be done by ADMIN.
I'm not sure there is a situation where it would make sense to disallow an administrator from making a DDL operation.
You've convinced me of this:
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
ADMIN - All of the above plus Flush, Split, Compact
It's not useful to give add/delete/modify schema privileges without enable/disable to have them take effect. So either we do the above or we get rid of CREATE. I think the above distinction is still useful.
Thanks for having the discussion.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294144#comment-13294144 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
See https://review.cloudera.org/r/2152/
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Comment Edited] (HBASE-6188) Remove the concept of table
owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293128#comment-13293128 ]
Andrew Purtell edited comment on HBASE-6188 at 6/11/12 10:10 PM:
-----------------------------------------------------------------
bq. DDL operations can't be done by ADMIN.
I'm not sure there is a situation where it would make sense to disallow an administrator from making a DDL operation.
You've convinced me of this:
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
ADMIN - All of the above plus Flush, Split, Compact
It's not useful to give add/delete/modify schema privileges without enable/disable to have them take effect. So either we do the above or we get rid of CREATE. I think the above distinction is still useful.
Edit: I don't like that non-ADMIN can do enable/disable table, because it can really affect the cluster if the table is large. However I think on balance it would be more confusing than useful to remove EnableTable and DisableTable from the set of operations CREATE permission allows until online schema update-in-place without disable is always possible.
Thanks for having the discussion.
was (Author: apurtell):
bq. DDL operations can't be done by ADMIN.
I'm not sure there is a situation where it would make sense to disallow an administrator from making a DDL operation.
You've convinced me of this:
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
ADMIN - All of the above plus Flush, Split, Compact
It's not useful to give add/delete/modify schema privileges without enable/disable to have them take effect. So either we do the above or we get rid of CREATE. I think the above distinction is still useful.
Thanks for having the discussion.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hadoop QA (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393478#comment-13393478 ]
Hadoop QA commented on HBASE-6188:
----------------------------------
-1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532325/HBASE-6188.4.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 7 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
org.apache.hadoop.hbase.regionserver.TestAtomicOperation
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2176//console
This message is automatically generated.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Comment: was deleted
(was: -1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532345/org.apache.hadoop.hbase.security.access.TestAccessController.txt
against trunk revision .
+1 @author. The patch does not contain any @author tags.
-1 tests included. The patch doesn't appear to include any new or modified tests.
Please justify why no new tests are needed for this patch.
Also please list what manual steps were performed to verify this patch.
-1 patch. The patch command could not apply the patch.
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2177//console
This message is automatically generated.)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "ramkrishna.s.vasudevan (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293324#comment-13293324 ]
ramkrishna.s.vasudevan commented on HBASE-6188:
-----------------------------------------------
bq.You've convinced me of this:
bq.CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable
bq. ADMIN - All of the above plus Flush, Split, Compact
Thanks Andy.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Hudson (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13396703#comment-13396703 ]
Hudson commented on HBASE-6188:
-------------------------------
Integrated in HBase-TRUNK-on-Hadoop-2.0.0 #59 (See [https://builds.apache.org/job/HBase-TRUNK-on-Hadoop-2.0.0/59/])
HBASE-6188. Remove the concept of table owner (Revision 1351556)
Result = FAILURE
apurtell :
Files :
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/HTableDescriptor.java
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
* /hbase/trunk/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
* /hbase/trunk/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Resolution: Fixed
Hadoop Flags: Reviewed
Status: Resolved (was: Patch Available)
Committed to trunk and 0.94 branch. TestAccessController fixed on commit:
{noformat}
+ // Wait for the ACL table to become available
+ TEST_UTIL.waitTableAvailable(AccessControlLists.ACL_TABLE_NAME, 5000);
{noformat}
and passes locally.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Closed] (HBASE-6188) Remove the concept of table owner
Posted by "Lars Hofhansl (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lars Hofhansl closed HBASE-6188.
--------------------------------
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.94.1, 0.96.0
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.94.1, 0.96.0
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Andrew Purtell updated HBASE-6188:
----------------------------------
Comment: was deleted
(was: -1 overall. Here are the results of testing the latest attachment
http://issues.apache.org/jira/secure/attachment/12532005/HBASE-6188.2.patch
against trunk revision .
+1 @author. The patch does not contain any @author tags.
+1 tests included. The patch appears to include 6 new or modified tests.
+1 hadoop2.0. The patch compiles against the hadoop 2.0 profile.
+1 javadoc. The javadoc tool did not generate any warning messages.
+1 javac. The applied patch does not increase the total number of javac compiler warnings.
-1 findbugs. The patch appears to introduce 6 new Findbugs (version 1.3.9) warnings.
+1 release audit. The applied patch does not increase the total number of release audit warnings.
-1 core tests. The patch failed these unit tests:
Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2164//console
This message is automatically generated.)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13294943#comment-13294943 ]
Laxman commented on HBASE-6188:
-------------------------------
All tests were passing in QA bot build.
https://builds.apache.org/job/PreCommit-HBASE-Build/2164//testReport/org.apache.hadoop.hbase.security.access/TestAccessController/
Please review.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Status: Open (was: Patch Available)
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Andrew Purtell (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292076#comment-13292076 ]
Andrew Purtell commented on HBASE-6188:
---------------------------------------
bq. Should we allow users with "C" to perform DDL?
That makes sense. CREATE permissions allow DDL but only ADMIN permission can do things like force flush, force split, etc.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13292056#comment-13292056 ]
Laxman commented on HBASE-6188:
-------------------------------
ok Andy. I'm proceeding with this approach.
Earlier we considered owner + create = ADMIN for DDL operations (delete table, add column, disable table, etc.). Now without owner concept, should we allow users with "C" to perform DDL?
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13393685#comment-13393685 ]
Laxman commented on HBASE-6188:
-------------------------------
>From the log attached.
{noformat}
at org.apache.hadoop.hbase.client.HBaseAdmin.createTable(HBaseAdmin.java:347)
at org.apache.hadoop.hbase.security.access.TestAccessController.setupBeforeClass(TestAccessController.java:123)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
{noformat}
>From TestAccessController.setupBeforeClass()
{code}
HTableDescriptor htd = new HTableDescriptor(TEST_TABLE);
htd.addFamily(new HColumnDescriptor(TEST_FAMILY));
htd.setOwner(USER_OWNER);
admin.createTable(htd);
{code}
This indicates acl is table is not yet online by the time of creation of test table.
A small delay (sleep for 1 sec) after starting the cluster may help to resolve this intermittent test failure.
Andy, I couldn't verify this its running fine in my local and QA build. Any other suggestions apart from introducing a delay?
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.96.0, 0.94.1
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Fix For: 0.96.0, 0.94.1
>
> Attachments: HBASE-6188.1.patch, HBASE-6188.2.patch, HBASE-6188.3.patch, HBASE-6188.4.patch, HBASE-6188.patch, org.apache.hadoop.hbase.security.access.TestAccessController.txt
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (HBASE-6188) Remove the concept of table owner
Posted by "Laxman (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Laxman updated HBASE-6188:
--------------------------
Attachment: HBASE-6188.patch
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
> Attachments: HBASE-6188.patch
>
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds unnecessary conditionals to our code. So instead the administrator with GLOBAL CREATE permission should make the appropriate grants at table create time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira