[jira] [Commented] (HBASE-15147) Shell should use Admin.listTableNames() instead of Admin.listTables()

Wed, 20 Jan 2016 20:03:07 -0800 

    [ 
https://issues.apache.org/jira/browse/HBASE-15147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15110001#comment-15110001
 ] 

Matteo Bertozzi commented on HBASE-15147:
-----------------------------------------

+1 on the list patch

{quote}We check for Table R or W, not CF I think{quote}
yeah, I was saying to change the check to for each HTD filter the information 
based on the user. If the user has not A or C, We can lookup from the acl cache 
which cfs the user can see and strip the HTD of all the information that the 
user is not supposed to see

> Shell should use Admin.listTableNames() instead of Admin.listTables() 
> ----------------------------------------------------------------------
>
>                 Key: HBASE-15147
>                 URL: https://issues.apache.org/jira/browse/HBASE-15147
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Enis Soztutar
>            Assignee: Enis Soztutar
>             Fix For: 2.0.0, 1.2.0, 1.3.0, 1.1.4
>
>         Attachments: hbase-15147_v1.patch
>
>
> It seems that getTableDescriptors() in master checks for A and C permissions 
> while getTableNames() checks for any privilege on the table. The reasoning is 
> explained here: 
> https://issues.apache.org/jira/browse/HBASE-12564?focusedCommentId=14234504&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-14234504
>  
> We should change the shell command for {{list}} to use the getTableNames() 
> version because of this. Otherwise a user having only R or W cannot list the 
> table name. 
> This has been reported from a user here: 
> https://community.hortonworks.com/questions/10742/why-does-a-user-need-create-permission-for-list-co.html#comment-11000.
>  
> While we are at it, should we revisit the fact that you cannot get a table 
> descriptor if you have only R or W? It seems strange that you cannot even 
> know the CF names of a table that you can read from. I could not find info 
> about the "describe" privileges on SQL databases. However, if there are use 
> cases where Table descriptor might contain sensitive info, the current 
> semantics seems fine. cc [~apurtell] and [~mbertozzi]. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to