[
https://issues.apache.org/jira/browse/HBASE-5371?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13209076#comment-13209076
]
Enis Soztutar commented on HBASE-5371:
--------------------------------------
bq. It can't because it changes the protocol version of
AccessControllerProtocol.
Right, since we bumped the protocol version, it will be incompatible. But
without this, we cannot continue with the patch in HCATALOG-245, which will
hopefully ported to Hive as well. What about re-changing the version to 1,
since we just added a new method, but not changed anything on the wire, it
should be compatible. The only catch is that if you invoke the new API from a
new client, but the server is using the old version, you would get a
NoSuchMethod or smt. Is that asking for too much, wdyt?
> Introduce AccessControllerProtocol.checkPermissions(Permission[] permissons)
> API
> --------------------------------------------------------------------------------
>
> Key: HBASE-5371
> URL: https://issues.apache.org/jira/browse/HBASE-5371
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.94.0, 0.92.1
> Reporter: Enis Soztutar
> Assignee: Enis Soztutar
> Fix For: 0.94.0
>
> Attachments: HBASE-5371_v2.patch, HBASE-5371_v3-noprefix.patch,
> HBASE-5371_v3.patch
>
>
> We need to introduce something like
> AccessControllerProtocol.checkPermissions(Permission[] permissions) API, so
> that clients can check access rights before carrying out the operations. We
> need this kind of operation for HCATALOG-245, which introduces authorization
> providers for hbase over hcat. We cannot use getUserPermissions() since it
> requires ADMIN permissions on the global/table level.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
