[
https://issues.apache.org/jira/browse/HBASE-11013?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16007591#comment-16007591
]
stack commented on HBASE-11013:
-------------------------------
bq. Is there any reason that we do not shade them in hbase-protocol-shaded
module?
[~Apache9] Reasoning is that AccessControl is implemented as coprocessor
endpoints. These protos are 'public', not internal only. We want endpoints to
keep working ever after we internally move to protobuf 3.1. Endpoints keep on
with protobuf 2.5.
bq. ....so I have to move SnapshotDescription PB into Snapshot.proto to avoid
recursive import.
Can we be careful and make sure we do not break an hbase-2.0.0 being able to
read old hbase-1.x manifests?
I like the [~zghaobac] suggestion of extending the existing proto. Would it be
less trouble if the additions to snapshot descriptor were NOT the AccessControl
protos and code does the conveyance between the endpoint 2.5 pb field and the
internal Access/Username?
> Clone Snapshots on Secure Cluster Should provide option to apply Retained
> User Permissions
> ------------------------------------------------------------------------------------------
>
> Key: HBASE-11013
> URL: https://issues.apache.org/jira/browse/HBASE-11013
> Project: HBase
> Issue Type: Improvement
> Components: snapshots
> Reporter: Ted Yu
> Assignee: Zheng Hu
> Fix For: 2.0.0
>
> Attachments: HBASE-11013.master.addendum.patch, HBASE-11013.v1.patch,
> HBASE-11013.v2.patch
>
>
> Currently,
> {code}
> sudo su - test_user
> create 't1', 'f1'
> sudo su - hbase
> snapshot 't1', 'snap_one'
> clone_snapshot 'snap_one', 't2'
> {code}
> In this scenario the user - test_user would not have permissions for the
> clone table t2.
> We need to add improvement feature such that the permissions of the original
> table are recorded in snapshot metadata and an option is provided for
> applying them to the new table as part of the clone process.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
