[
https://issues.apache.org/jira/browse/HBASE-13241?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14366897#comment-14366897
]
Matteo Bertozzi commented on HBASE-13241:
-----------------------------------------
I see only in one place the assert on the scan result
{code}
+ Scan s1 = new Scan();
+ try (ResultScanner scanner1 = table.getScanner(s1);) {
+ Result[] next1 = scanner1.next(5);
+ assertTrue(next1.length == 3);
+ }
{code}
all the other checks seem to just verify if the AccessDeniedException was
received or not, so verifyAllowed()/verifyDenied() should be enough. if not
why? what is the difference with the other scanAction we have already?
{code}
+ try (ResultScanner scanner1 = table.getScanner(s1);) {
+ fail("Access should be denied as the user " + USER1_TESTGROUP_QUALIFIER
+ + " read privilege has been revoked on column family qualifier "
+ + Bytes.toString(TEST_FAMILY) + ':' + Bytes.toString(Q1));
+ } catch (AccessDeniedException ignore) {
+ }
{code}
> Add tests for group level grants
> --------------------------------
>
> Key: HBASE-13241
> URL: https://issues.apache.org/jira/browse/HBASE-13241
> Project: HBase
> Issue Type: Improvement
> Components: security, test
> Reporter: Sean Busbey
> Assignee: Ashish Singhi
> Priority: Critical
> Attachments: HBASE-13241-v1.patch, HBASE-13241-v2.patch,
> HBASE-13241-v3.patch, HBASE-13241-v4.patch, HBASE-13241-v5.patch,
> HBASE-13241.patch
>
>
> We need to have tests for group-level grants for various scopes. ref:
> HBASE-13239
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
