[ https://issues.apache.org/jira/browse/HBASE-6209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13296030#comment-13296030 ]
Andrew Purtell commented on HBASE-6209: --------------------------------------- bq. Append operation also has no authorization check. Append was added after initial drop, so didn't get coverage. Agree WRITE is needed. Looks good to me. > ACL Corrections for AccessControllerProtocol apis > ------------------------------------------------- > > Key: HBASE-6209 > URL: https://issues.apache.org/jira/browse/HBASE-6209 > Project: HBase > Issue Type: Sub-task > Components: security > Affects Versions: 0.94.0, 0.96.0, 0.94.1 > Reporter: Laxman > Assignee: Laxman > Labels: acl, security > Fix For: 0.96.0, 0.94.1 > > > APIs provided in AccessController are authorized against global-admin > permissions. Instead we need to check for table-admin level permissions. > Edit: Append operation also has no authorization check. We can update it > together. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira