[ 
https://issues.apache.org/jira/browse/HBASE-17472?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16363368#comment-16363368
 ] 

Appy commented on HBASE-17472:
------------------------------

Sorry for ultra late review.
Seeing the final patch which was committed to branch-1.4, the value of flag is 
always false, and the one which was committed to master, the flag is always 
true for production code (there are a few false in only test code, but that 
shouldn't count).
Going by that high level picture, it feels like we didn't need to make any 
change in branch-1.4 since adding a param always setting it to false is a no-op.
And for master, only the change to AccessControlLists#addUserPermission would 
have been sufficient.
We didn't need any new param or updating anything else.
What am i missing?

> Correct the semantic of  permission grant
> -----------------------------------------
>
>                 Key: HBASE-17472
>                 URL: https://issues.apache.org/jira/browse/HBASE-17472
>             Project: HBase
>          Issue Type: Improvement
>          Components: Admin
>    Affects Versions: 2.0.0, 1.4.0
>            Reporter: Zheng Hu
>            Assignee: Zheng Hu
>            Priority: Major
>             Fix For: 2.0.0, 1.4.0
>
>         Attachments: HBASE-17472.branch-1.3.v6.patch, 
> HBASE-17472.branch-1.v6.patch, HBASE-17472.branch-1.v7.patch, 
> HBASE-17472.master.v6.patch, HBASE-17472.master.v6.patch, 
> HBASE-17472.master.v7.patch, HBASE-17472.v1.patch, HBASE-17472.v2.patch, 
> HBASE-17472.v3.patch, HBASE-17472.v4.patch, HBASE-17472.v5.patch
>
>
> Currently, HBase grant operation has following semantic:
> {code}
> hbase(main):019:0> grant 'hbase_tst', 'RW', 'ycsb'
> 0 row(s) in 0.0960 seconds
> hbase(main):020:0> user_permission 'ycsb'
> User                                                         
> Namespace,Table,Family,Qualifier:Permission                                   
>                                                                               
>                                                                               
>                                                 
>  hbase_tst                                                   default,ycsb,,: 
> [Permission:actions=READ,WRITE]                                               
>                                                                               
>                                                                               
> 1 row(s) in 0.0550 seconds
> hbase(main):021:0> grant 'hbase_tst', 'CA', 'ycsb'
> 0 row(s) in 0.0820 seconds
> hbase(main):022:0> user_permission 'ycsb'
> User                                                         
> Namespace,Table,Family,Qualifier:Permission                                   
>                                                                               
>                       
>  hbase_tst                                                   default,ycsb,,: 
> [Permission: actions=CREATE,ADMIN]                                            
>                                                                               
>       
> 1 row(s) in 0.0490 seconds
> {code}  
> Later permission will replace previous granted permissions, which confused 
> most of HBase administrator.
> It's seems more reasonable that HBase merge multiple granted permission.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Reply via email to