[
https://issues.apache.org/jira/browse/HBASE-25118?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17215098#comment-17215098
]
Andrew Kyle Purtell edited comment on HBASE-25118 at 10/16/20, 1:18 AM:
------------------------------------------------------------------------
[~shahrs87] You aren't really supposed to be able to create and submit cells
with tags from the client side. Cell tags are a server side construct. They may
contain sensitive information like ACLs or labels. Tags are special and added
at the server for use by the server. See some other cell tag use cases for
example. Consider ACLs. ACLs are submitted via operation attribute and put into
cell tags at the server only after validation. Notably, RPC strips most tags
before sending the back to the client. (Because, again, tags like ACLs or
labels are sensitive and private metadata enabling server side security
features.) Replication is a special client and obvious exception there.
You would be better served extending Deletes to support having a value (in the
key-value sense) which can serve in place of what you propose tags for. There
are no restrictions on how clients may construct cells with values.
was (Author: apurtell):
[~shahrs87] You aren't really supposed to be able to create and submit cells
with tags from the client side. Cell tags are a server side construct. They may
contain sensitive information like ACLs or labels. Tags are special and added
at the server for use by the server. See some other cell tag use cases for
example. Consider ACLs. ACLs are submitted via operation attribute and put into
cell tags at the server only after validation. Notably, RPC strips most tags
before sending the back to the client. Replication is a special client and
obvious exception there.
You would be better served extending Deletes to support having a value (in the
key-value sense) which can serve in place of what you propose tags for. There
are no restrictions on how clients may construct cells with values.
> Extend Cell Tags to Delete object.
> ----------------------------------
>
> Key: HBASE-25118
> URL: https://issues.apache.org/jira/browse/HBASE-25118
> Project: HBase
> Issue Type: Improvement
> Reporter: Rushabh Shah
> Assignee: Rushabh Shah
> Priority: Major
> Fix For: 3.0.0-alpha-1, 1.7.0, 2.4.0
>
>
> We want to track the source of mutations (especially Deletes) via Phoenix. We
> have multiple use cases which does the deletes namely: customer deleting the
> data, internal process like GDPR compliance, Phoenix TTL MR jobs. For every
> mutations we want to track the source of operation which initiated the
> deletes.
> At my day job, we have custom Backup/Restore tool.
> For example: During GDPR compliance cleanup (lets say at time t0), we
> mistakenly deleted some customer data and it were possible that customer also
> deleted some data from their side (at time t1). To recover mistakenly deleted
> data, we restore from the backup at time (t0 - 1). By doing this, we also
> recovered the data that customer intentionally deleted.
> We need a way for Restore tool to selectively recover data.
> Trying to explain via an example.
> Lets say there are 2 different systems (lets say accidental-delete and
> customer-delete) deleting the data from the same table at almost the same
> time. As the name suggest customer-delete is the intentional delete and
> accidental-delete is deletes done by mistake. We have restore tool which will
> restore all the data between start time and end times (start-ts and end-ts).
> We want to restore the deletes that happened by accidental-delete system and
> not want to restore the deletes done by customer-delete system. By adding
> cell tag to Delete Markers, we can not restore data done by customer-delete
> system.
> In my proposal, I want to add cell tags to Tombstone delete marker so that we
> have that tag in the backups. Incase we have to restore data, we can restore
> specific row depending on the tag present in the cell.
> We want to leverage Cell Tag feature for Delete mutations to store these
> metadata. Currently Delete object doesn't support Tag feature.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
