I don't really understand how HBase permission is expected to work then. A user needs the Create permission in order to be able to create their own tables. But that permission also allows them to "drop" and "alter" the tables created by others. Even if those operations are set up to only work when a table is disabled, the ability to disable a table is also given by the Create permission. What am I missing?
On Tue, Feb 25, 2014 at 3:25 PM, Alex Nastetsky <[email protected]>wrote: > Sounds like either permission is sufficient. Either way, the documentation > could be improved. > > Thanks. > > > On Tue, Feb 25, 2014 at 3:22 PM, Ted Yu <[email protected]> wrote: > >> Here is related code from AccessController: >> {code} >> public void >> preDisableTable(ObserverContext<MasterCoprocessorEnvironment> >> c, byte[] tableName) >> ... >> requirePermission("disableTable", tableName, null, null, Action.ADMIN, >> Action.CREATE); >> {code} >> requirePermission() iterates through the above permissions and would >> return >> error for the second permission (CREATE) if validation fails. >> >> Cheers >> >> >> On Tue, Feb 25, 2014 at 12:12 PM, Alex Nastetsky <[email protected] >> >wrote: >> >> > According to >> > >> > >> http://hbase.apache.org/book/hbase.accesscontrol.configuration.html#d2566e5780 >> > , >> > the Enable/Disable operation is controlled by the Admin permission. >> > However, it seems to be controlled instead by the Create permission. Is >> > this a bug or a typo in the documentation? >> > >> > hbase(main):002:0> disable 'foo' >> > >> > ERROR: org.apache.hadoop.hbase.security.AccessDeniedException: >> Insufficient >> > permissions ([email protected], scope=foo, family=, >> action=CREATE) >> > >> > Thanks in advance, >> > Alex. >> > >> > >
