[jira] [Commented] (HBASE-13241) Add tests for group level grants

Tue, 17 Mar 2015 09:59:29 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-13241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14365516#comment-14365516
 ] 

Ashish Singhi commented on HBASE-13241:
---------------------------------------

Thanks Ted for looking into it.

Thanks Srikanth for your comments.

bq. Please avoid checking whether grants are possible and verification of the 
scans in one test.
To verify scan, I will have to grant permission to a entity in the table which 
I will already do it as part of grant check. So wouldn't it duplicate the code ?

bq. Please avoid doing things like USER1_TESTGROUP_TABLE.runAs. As you can see 
from the existing testing infrastructure, we generally create an action and use 
it with verifyAllowed and verifyDenied.
I thought of doing it in that way, but in that case I will not be able to 
assert the result of scan operation output and this what is mainly required to 
test HBASE-13239

bq. In short, as already suggested, I'm looking for something similar to 
TestAccessController#testGrantRevoke for verifying whether groups belonging to 
proper groups can grant and 
TestAccessController#testPostGrantRevokeAtQualifierLevel for verifying whether 
scans work assuming grants were already involved.
As I told in my first response this will lead to duplication of code if I break 
veryification of grants/revokes whether it is possible or not and assertion of 
scan result.

As [~busbey] asked 
[here|https://issues.apache.org/jira/browse/HBASE-13241?focusedCommentId=14361909&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14361909]
 I have broke the tests at table, column family and qualifier level and added 
tests to verify scan result.

> Add tests for group level grants
> --------------------------------
>
>                 Key: HBASE-13241
>                 URL: https://issues.apache.org/jira/browse/HBASE-13241
>             Project: HBase
>          Issue Type: Improvement
>          Components: security, test
>            Reporter: Sean Busbey
>            Assignee: Ashish Singhi
>            Priority: Critical
>         Attachments: HBASE-13241-v1.patch, HBASE-13241-v2.patch, 
> HBASE-13241-v3.patch, HBASE-13241-v4.patch, HBASE-13241.patch
>
>
> We need to have tests for group-level grants for various scopes. ref: 
> HBASE-13239



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to