[
https://issues.apache.org/jira/browse/HBASE-7333?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell resolved HBASE-7333.
-----------------------------------
Resolution: Not a Problem
Assignee: (was: Andrew Purtell)
Superseded by a lot of commits.
> Improve the security shell commands
> -----------------------------------
>
> Key: HBASE-7333
> URL: https://issues.apache.org/jira/browse/HBASE-7333
> Project: HBase
> Issue Type: Sub-task
> Components: Coprocessors, security, shell
> Affects Versions: 0.94.4, 0.95.2
> Reporter: Andrew Purtell
>
> The shell commands for security are rudimentary and should be improved. The
> commands we have need to be updated for the "AccessController v2" changes.
> The distinction between the shell and the Java (admin) API is blurry because
> our shell is JRuby but it makes sense to provide some convenient shortcuts
> for common actions.
> At a minimum the current set of commands should validate their arguments.
> 'revoke' should be improved so all access for a given user can be
> conveniently revoked with one command, as opposed to requiring a specific
> revoke for every previous grant. This may involve interaction with a master
> mediated transaction or barrier framework.
> Once HBASE-6222 is in, it should be possible to conveniently construct ACLs
> and add them to DML ops like put and delete; and there should be support for
> dumping ACLs at the cell level too.
> Also, I observed 'user_permission' fail with NPEs on a colleague's
> workstation recently. It could have been the local environment, but I suspect
> there may be some rot here.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
