Istvan Toth created HBASE-26652:
-----------------------------------
Summary: Unintuitive AccesControlClient.getUserPermissions()
semantics
Key: HBASE-26652
URL: https://issues.apache.org/jira/browse/HBASE-26652
Project: HBase
Issue Type: Improvement
Components: acl
Reporter: Istvan Toth
The behaviour of the AccesControlClient.getUserPermissions() calls is
unintuitive.
It takes a tablename regex, and return the union of all permissinons on all
tables that it matches.
While the returned UserPermission objects do have the information on the object
they apply to, this still requires post-processing the results.
To get the permissions for a single table, one has to either do something like
Admin.getTablePermission(conn,
"^"+tableName.getNameWithNamespaceInclAsString()+"$")
or post-process the results of the call.
We should add some methods that return the permission for a single table /
family / qualifier without making the caller jump though hoops, or at least
call out the non-intuitive behavior in the Javadoc, and advise on how to use
the API to get the results the caller likely wants.
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
