[
https://issues.apache.org/jira/browse/HBASE-5947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293075#comment-13293075
]
Enis Soztutar commented on HBASE-5947:
--------------------------------------
Then let's reduce the scope for this issue to be:
- Check for table / cf existence in grant. not sure about revoke, since we may
end up in an inconsistent state between ACL and table metadata, so revoke can
just remove what is available in ACL table.
- Ensure that there is no table/cf/qualifier level permissions are stored in
ACL in preCreateTable
> Check for valid user/table/family/qualifier and acl state
> ---------------------------------------------------------
>
> Key: HBASE-5947
> URL: https://issues.apache.org/jira/browse/HBASE-5947
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Affects Versions: 0.92.1, 0.94.0, 0.96.0
> Reporter: Matteo Bertozzi
> Assignee: Matteo Bertozzi
> Labels: acl
>
> HBase Shell grant/revoke doesn't check for valid user or
> table/family/qualifier so can you end up having rights for something that
> doesn't exists.
> We might also want to ensure, upon table/column creation, that no entries are
> already stored at the acl table. We might still have residual acl entries if
> something goes wrong, in postDeleteTable(), postDeleteColumn().
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
