[jira] [Assigned] (RANGER-1958) [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger
[
https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Velmurugan Periasamy reassigned RANGER-1958:
Assignee: Ankit Singhal (was: Ankita Sinha)
> [HBase] Implement getUserPermissions API of AccessControlService.Interface to
> allow clients to access HBase permissions stored in Ranger
>
>
> Key: RANGER-1958
> URL: https://issues.apache.org/jira/browse/RANGER-1958
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Reporter: Ankit Singhal
>Assignee: Ankit Singhal
>Priority: Major
> Attachments: RANGER-1958.patch
>
>
> We have added the support of ACLs in Phoenix as part of PHOENIX-4198.
> Currently, the implementation relies on some of the APIs provided by
> AccessControlService.Interface to get the user permission of the table but we
> see that the API "AccessControlService.Interface#getUserPermissions" is not
> yet implemented in Ranger authorization module for HBase and thus, we are
> unable to access permissions stored for HBase Table in Phoenix.
> In class RangerAuthorizationCoprocessor
> {code}
> @Override
> public void getUserPermissions(RpcController controller,
> AccessControlProtos.GetUserPermissionsRequest request,
> RpcCallback done) {
> LOG.debug("getUserPermissions(): ");
> }
> {code}
> If we just implement this API, we can leverage the current HBase Ranger
> plugin for Phoenix too.
> Although the long-term solution for Ranger could be to implement the
> coprocessor hooks for Phoenix as how it has been done for HBase so that we
> can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs (which can
> not be supported with native HBase ACLs) along with Table and Schema.
> Let me know your thoughts, I can try to put up a patch soon.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (RANGER-1958) [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger
[
https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramesh Mani reassigned RANGER-1958:
---
Assignee: Ramesh Mani
> [HBase] Implement getUserPermissions API of AccessControlService.Interface to
> allow clients to access HBase permissions stored in Ranger
>
>
> Key: RANGER-1958
> URL: https://issues.apache.org/jira/browse/RANGER-1958
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Reporter: Ankit Singhal
>Assignee: Ramesh Mani
>Priority: Major
> Attachments: RANGER-1958.patch
>
>
> We have added the support of ACLs in Phoenix as part of PHOENIX-4198.
> Currently, the implementation relies on some of the APIs provided by
> AccessControlService.Interface to get the user permission of the table but we
> see that the API "AccessControlService.Interface#getUserPermissions" is not
> yet implemented in Ranger authorization module for HBase and thus, we are
> unable to access permissions stored for HBase Table in Phoenix.
> In class RangerAuthorizationCoprocessor
> {code}
> @Override
> public void getUserPermissions(RpcController controller,
> AccessControlProtos.GetUserPermissionsRequest request,
> RpcCallback done) {
> LOG.debug("getUserPermissions(): ");
> }
> {code}
> If we just implement this API, we can leverage the current HBase Ranger
> plugin for Phoenix too.
> Although the long-term solution for Ranger could be to implement the
> coprocessor hooks for Phoenix as how it has been done for HBase so that we
> can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs (which can
> not be supported with native HBase ACLs) along with Table and Schema.
> Let me know your thoughts, I can try to put up a patch soon.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
[jira] [Assigned] (RANGER-1958) [HBase] Implement getUserPermissions API of AccessControlService.Interface to allow clients to access HBase permissions stored in Ranger
[
https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ramesh Mani reassigned RANGER-1958:
---
Assignee: Ankita Sinha (was: Ramesh Mani)
> [HBase] Implement getUserPermissions API of AccessControlService.Interface to
> allow clients to access HBase permissions stored in Ranger
>
>
> Key: RANGER-1958
> URL: https://issues.apache.org/jira/browse/RANGER-1958
> Project: Ranger
> Issue Type: Bug
> Components: plugins
>Reporter: Ankit Singhal
>Assignee: Ankita Sinha
>Priority: Major
> Attachments: RANGER-1958.patch
>
>
> We have added the support of ACLs in Phoenix as part of PHOENIX-4198.
> Currently, the implementation relies on some of the APIs provided by
> AccessControlService.Interface to get the user permission of the table but we
> see that the API "AccessControlService.Interface#getUserPermissions" is not
> yet implemented in Ranger authorization module for HBase and thus, we are
> unable to access permissions stored for HBase Table in Phoenix.
> In class RangerAuthorizationCoprocessor
> {code}
> @Override
> public void getUserPermissions(RpcController controller,
> AccessControlProtos.GetUserPermissionsRequest request,
> RpcCallback done) {
> LOG.debug("getUserPermissions(): ");
> }
> {code}
> If we just implement this API, we can leverage the current HBase Ranger
> plugin for Phoenix too.
> Although the long-term solution for Ranger could be to implement the
> coprocessor hooks for Phoenix as how it has been done for HBase so that we
> can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs (which can
> not be supported with native HBase ACLs) along with Table and Schema.
> Let me know your thoughts, I can try to put up a patch soon.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
