-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/34985/
-----------------------------------------------------------
Review request for ranger and Madhan Neethiraj.
Bugs: RANGER-524
https://issues.apache.org/jira/browse/RANGER-524
Repository: ranger
Description
-------
hbase shell list command should prune the list of tables returned based on
user's access.
Diffs
-----
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/AuthorizationSession.java
46ed758
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java
3a67dd9
hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessorBase.java
b9076b0
Diff: https://reviews.apache.org/r/34985/diff/
Testing
-------
Access
- List is pruned if user has access to part of tables.
- all tables returned to super-user and users with full access.
- List is pruned down to empty for users with no access. No error returned.
- list <table-name> comes back empty in case of no access or returns that table
in case of access
- list <reg-ex> comes back with appropriate matching tables
Audit
- Each table successfully returned by list command is logged for all users
(including super-users) if auditing is turned on.
- Single audit logged for each table returned to the user.
- No negative logging for tables that are denied.
Thanks,
Alok Lal
