Repository: hbase Updated Branches: refs/heads/master 9fd6db370 -> 87e441400
HBASE-12647 Truncate table should work with C as well Project: http://git-wip-us.apache.org/repos/asf/hbase/repo Commit: http://git-wip-us.apache.org/repos/asf/hbase/commit/87e44140 Tree: http://git-wip-us.apache.org/repos/asf/hbase/tree/87e44140 Diff: http://git-wip-us.apache.org/repos/asf/hbase/diff/87e44140 Branch: refs/heads/master Commit: 87e44140040ab9a864e592c13f164dcde6ed6c03 Parents: 9fd6db3 Author: Enis Soztutar <[email protected]> Authored: Sun Dec 7 20:57:04 2014 -0800 Committer: Enis Soztutar <[email protected]> Committed: Sun Dec 7 20:57:04 2014 -0800 ---------------------------------------------------------------------- .../hadoop/hbase/security/access/AccessController.java | 2 +- .../hadoop/hbase/security/access/TestAccessController.java | 8 ++++++-- 2 files changed, 7 insertions(+), 3 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/hbase/blob/87e44140/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java index 6695f94..a9e5302 100644 --- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java +++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java @@ -932,7 +932,7 @@ public class AccessController extends BaseMasterAndRegionObserver @Override public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c, final TableName tableName) throws IOException { - requirePermission("truncateTable", tableName, null, null, Action.ADMIN); + requirePermission("truncateTable", tableName, null, null, Action.ADMIN, Action.CREATE); final Configuration conf = c.getEnvironment().getConfiguration(); User.runAsLoginUser(new PrivilegedExceptionAction<Void>() { @Override http://git-wip-us.apache.org/repos/asf/hbase/blob/87e44140/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java ---------------------------------------------------------------------- diff --git a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java index 9f5c2d7..9f268c9 100644 --- a/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java +++ b/hbase-server/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java @@ -155,6 +155,10 @@ public class TestAccessController extends SecureTestUtil { // user with no permissions private static User USER_NONE; + // TODO: convert this test to cover the full matrix in + // https://hbase.apache.org/book/appendix_acl_matrix.html + // creating all Scope x Permission combinations + private static TableName TEST_TABLE2 = TableName.valueOf("testtable2"); private static byte[] TEST_FAMILY = Bytes.toBytes("f1"); private static byte[] TEST_QUALIFIER = Bytes.toBytes("q1"); @@ -340,8 +344,8 @@ public class TestAccessController extends SecureTestUtil { } }; - verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN); - verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE,USER_CREATE, USER_OWNER); + verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN, USER_CREATE); + verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE, USER_OWNER); } @Test
