----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/34985/#review86365 -----------------------------------------------------------
Ship it! Ship It! - Madhan Neethiraj On June 3, 2015, 6:17 a.m., Alok Lal wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/34985/ > ----------------------------------------------------------- > > (Updated June 3, 2015, 6:17 a.m.) > > > Review request for ranger and Madhan Neethiraj. > > > Bugs: RANGER-524 > https://issues.apache.org/jira/browse/RANGER-524 > > > Repository: ranger > > > Description > ------- > > hbase shell list command should prune the list of tables returned based on > user's access. > > > Diffs > ----- > > > hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/AuthorizationSession.java > 46ed758 > > hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessor.java > 3a67dd9 > > hbase-agent/src/main/java/org/apache/ranger/authorization/hbase/RangerAuthorizationCoprocessorBase.java > b9076b0 > > Diff: https://reviews.apache.org/r/34985/diff/ > > > Testing > ------- > > Access > - List is pruned if user has access to part of tables. > - all tables returned to super-user and users with full access. > - List is pruned down to empty for users with no access. No error returned. > - list <table-name> comes back empty in case of no access or returns that > table in case of access > - list <reg-ex> comes back with appropriate matching tables > > Audit > - Each table successfully returned by list command is logged for all users > (including super-users) if auditing is turned on. > - Single audit logged for each table returned to the user. > - No negative logging for tables that are denied. > > > Thanks, > > Alok Lal > >
