Enis Soztutar created HBASE-12723:
-------------------------------------
Summary: Update ACL matrix to reflect reality
Key: HBASE-12723
URL: https://issues.apache.org/jira/browse/HBASE-12723
Project: HBase
Issue Type: Bug
Reporter: Enis Soztutar
Fix For: 2.0.0, 1.0.1, 1.1.0
The ACL matrix in the book should be updated with the recent changes.
https://hbase.apache.org/book/appendix_acl_matrix.html
Also the format is not optimal. There is a hierarchy relation between scopes
(GLOBAL > NS > TABLE), but not so much between Permissions (A,C,R)
Some things to do:
- {{Minimum Permission}} column does not make sense. We should replace it.
- Add information about superuser
- grant is a multi level thing. Required permissions depend on the scope.
- See HBASE-12511 and others changed some of the permissions
What I would like to see at the end is something like:
{code}
createNamespace : superuser | global(A)
deleteNamespace : superuser | global(A) | NS(A)
modifyNamespace : superuser | global(A) | NS(A)
getNamespaceDescriptor : superuser | global(A) | NS(A)
listNamespaces : All access*
createTable : superuser | global(C) | NS(C)
grant
NS Perm : superuser | global(A) | NS(A)
Table Perm : ...
revoke
NS Perm : superuser | global(A) | NS(A)
Table Perm : ...
getPerms
NS perm : superuser | global(A) | NS(A)
Table Perm : ...
{code}
See HBASE-12511.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
