[jira] [Commented] (HBASE-12745) Visibility Labels: support visibility labels for user groups.

Thu, 22 Jan 2015 00:21:08 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-12745?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14287102#comment-14287102
 ] 

Hudson commented on HBASE-12745:
--------------------------------

FAILURE: Integrated in HBase-TRUNK #6044 (See 
[https://builds.apache.org/job/HBase-TRUNK/6044/])
HBASE-12745 Visibility Labels:  support visibility labels for user groups. 
(Jerry He) (anoopsamjohn: rev 833feefbf977a8208f8f71f5f3bd9b027d54961f)
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/FeedUserAuthScanLabelGenerator.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelsCache.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityLabelService.java
* 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/TestVisibilityLablesWithGroups.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityController.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/EnforcingScanLabelGenerator.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/DefaultVisibilityLabelServiceImpl.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/VisibilityUtils.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/visibility/DefinedSetFilterScanLabelGenerator.java
* 
hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessControlLists.java
* 
hbase-server/src/test/java/org/apache/hadoop/hbase/security/visibility/ExpAsStringVisibilityLabelServiceImpl.java


> Visibility Labels:  support visibility labels for user groups.
> --------------------------------------------------------------
>
>                 Key: HBASE-12745
>                 URL: https://issues.apache.org/jira/browse/HBASE-12745
>             Project: HBase
>          Issue Type: Improvement
>          Components: security
>    Affects Versions: 1.0.0, 0.98.9, 0.99.2
>            Reporter: Jerry He
>            Assignee: Jerry He
>             Fix For: 1.0.0, 2.0.0, 0.98.10, 1.1.0
>
>         Attachments: HBASE-12745-master-v1.patch, 
> HBASE-12745-master-v2.patch, HBASE-12745-master-v3.patch, 
> HBASE-12745-master-v4.patch, HBASE-12745-master-v5.patch, 
> HBASE-12745-master-v6.patch, HBASE-12745-master-v7.patch, 
> HBASE-12745-v7-0.98-with-update.patch, HBASE-12745-v7-0.98.patch, 
> HBASE-12745-v7-branch1.patch
>
>
> The thinking is that we should support visibility labels to be associated 
> with user groups.
> We will then be able grant visibility labels to a group in addition to 
> individual users, which provides convenience and usability.
> We will use '@group' to denote a group name, as similarly done in 
> AcccessController.
> For example, 
> {code}
> set_auths '@group1', ['SECRET','PRIVATE']
> {code}
> {code}
> get_auth '@group1'
> {code}
> A user belonging to 'group1' will have all the visibility labels granted to 
> 'group1'
> We'll also support super user groups as specified in hbase-site.xml.
> The code update will mainly be on the server side VisibilityLabelService 
> implementation.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to