[
https://issues.apache.org/jira/browse/HBASE-5371?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13207476#comment-13207476
]
[email protected] commented on HBASE-5371:
------------------------------------------------------
bq. On 2012-02-13 19:10:02, Ted Yu wrote:
bq. >
security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java,
line 972
bq. > <https://reviews.apache.org/r/3829/diff/2/?file=74388#file74388line972>
bq. >
bq. > Please clarify the comment in code.
bq.
bq. enis wrote:
bq. On second thought, I think it's the clients responsibility to optimize
the permissions[] array to not contain duplicates, and to group the permissions
having the same table/cf/cq. The server side should not try to optimize what is
passed for this. I'll just remove the comment instead.
Sounds good.
- Andrew
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/3829/#review5053
-----------------------------------------------------------
On 2012-02-13 19:54:36, enis wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/3829/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2012-02-13 19:54:36)
bq.
bq.
bq. Review request for hbase.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. We need to introduce something like
AccessControllerProtocol.checkPermissions(Permission[] permissions) API, so
that clients can check access rights before carrying out the operations. We
need this kind of operation for HCATALOG-245, which introduces authorization
providers for hbase over hcat. We cannot use getUserPermissions() since it
requires ADMIN permissions on the global/table level.
bq.
bq.
bq. This addresses bug HBASE-5371.
bq. https://issues.apache.org/jira/browse/HBASE-5371
bq.
bq.
bq. Diffs
bq. -----
bq.
bq.
security/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
5091b7d
bq.
security/src/main/java/org/apache/hadoop/hbase/security/access/AccessControllerProtocol.java
5fa2edb
bq.
security/src/test/java/org/apache/hadoop/hbase/security/access/TestAccessController.java
f864373
bq.
bq. Diff: https://reviews.apache.org/r/3829/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq.
bq. Thanks,
bq.
bq. enis
bq.
bq.
> Introduce AccessControllerProtocol.checkPermissions(Permission[] permissons)
> API
> --------------------------------------------------------------------------------
>
> Key: HBASE-5371
> URL: https://issues.apache.org/jira/browse/HBASE-5371
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.92.1
> Reporter: Enis Soztutar
> Assignee: Enis Soztutar
> Attachments: HBASE-5371_v2.patch
>
>
> We need to introduce something like
> AccessControllerProtocol.checkPermissions(Permission[] permissions) API, so
> that clients can check access rights before carrying out the operations. We
> need this kind of operation for HCATALOG-245, which introduces authorization
> providers for hbase over hcat. We cannot use getUserPermissions() since it
> requires ADMIN permissions on the global/table level.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
