[
https://issues.apache.org/jira/browse/HBASE-11384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
ramkrishna.s.vasudevan updated HBASE-11384:
-------------------------------------------
Attachment: HBASE-11384_1.patch
Updated patch. Address some of the review comments except the checkAuths()
comment because that is the place where the labels are extracted out from the
label expression. Correct all the testcases to pass with the new behaviour.
> [Visibility Controller]Check for users covering authorizations for every
> mutation
> ---------------------------------------------------------------------------------
>
> Key: HBASE-11384
> URL: https://issues.apache.org/jira/browse/HBASE-11384
> Project: HBase
> Issue Type: Sub-task
> Affects Versions: 0.98.3
> Reporter: ramkrishna.s.vasudevan
> Assignee: ramkrishna.s.vasudevan
> Fix For: 0.99.0, 0.98.5
>
> Attachments: HBASE-11384.patch, HBASE-11384_1.patch
>
>
> As part of discussions, it is better that every mutation either Put/Delete
> with Visibility expressions should validate if the expression has labels for
> which the user has authorization. If not fail the mutation.
> Suppose User A is assoicated with A,B and C. The put has a visibility
> expression A&D. Then fail the mutation as D is not associated with User A.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
