Karan Mehta created PHOENIX-4528:
------------------------------------
Summary: PhoenixAccessController checks permissions only at table
level when creating views
Key: PHOENIX-4528
URL: https://issues.apache.org/jira/browse/PHOENIX-4528
Project: Phoenix
Issue Type: Bug
Reporter: Karan Mehta
The {{PhoenixAccessController#preCreateTable()}} method is invoked everytime a
user wants to create a view on a base table. The {{requireAccess()}} method
takes in tableName as the parameter and checks for user permissions only at
that table level. The correct approach is to also check permissions at
namespace level, since it is at a larger scope than per table level.
For example, if the table name is {{TEST_SCHEMA.TEST_TABLE}}, it will created
as {{TEST_SCHEMA:TEST_TABLE}} HBase table is namespace mapping is enabled. View
creation on this table would fail if permissions are granted to just
{{TEST_SCHEMA}} and not on {{TEST_TABLE}}. It works correctly if same
permissions are granted at table level too.
FYI. [~ankit.singhal] [~twdsi...@gmail.com]
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
