Aneela, >> How can we allow users to add new columns into existing table? Give the users ‘create’ permission on the columns they need to be allowed to create. To allow creation of any column name, specify “*” as the column.
>> because i could not run put 'emp','3','f:age','18' with user having all >> permissions i.e., READ,WRITE,CREATE,ADMIN Can you please check the audit logs to find the details of the denied access? Details like: action, policy-id.. >> How can we apply permissions on HBase Row keys? Can you please elaborate the usecase you are trying to address? Thanks, Madhan From: Aneela Saleem <[email protected]> Reply-To: "[email protected]" <[email protected]> Date: Thursday, December 10, 2015 at 1:23 PM To: "[email protected]" <[email protected]> Subject: Re: HBase test cases Thanks Madhan! Got it. I have couple of questions. Ho can we apply permissions on HBase Row keys? How can we allow users to add new columns into existing table? because i could not run put 'emp','3','f:age','18' with user having all permissions i.e., READ,WRITE,CREATE,ADMIN On Fri, Dec 11, 2015 at 2:08 AM, Madhan Neethiraj <[email protected]> wrote: Aneela, Perhaps because the policy allows for column ‘name’: >> Where HBase Table is 'emp', HBase column family is 'f' and HBase column is 'name', on which this policy is applied. But the put was for column ‘age’? >> put 'emp','1','f:age','18' Can you please check the audit log, for the policy that denied the access? Thanks, Madhan From: Aneela Saleem <[email protected]> Reply-To: "[email protected]" <[email protected]> Date: Thursday, December 10, 2015 at 12:48 PM To: "[email protected]" <[email protected]> Subject: HBase test cases Hi all, Here are my test cases for HBase plugin. I have some confusions regarding write access to different users/groups. Following is my concerned Policy: Where HBase Table is 'emp', HBase column family is 'f' and HBase column is 'name', on which this policy is applied. Following are my test cases: Test_IDUserGroupCommandExpectedActualPolicy 1RogerDevelopersscan 'emp'AllowedAllowedRanger 2RogerDevelopersput 'emp','1','f:age','18'AllowedDeniedRanger 3SmithDevelopersput 'emp','1','f:age','18'DeniedDeniedRanger 4SmithDevelopersscan 'emp'DeniedDeniedranger 5ClarkData-ScientistScan 'emp'AllowedAllowedRanger 6ClarkData-Scientistput 'emp','1','f:age','10'AllowedDeniedRanger 7MikeData-Scientistput 'emp','1','f:age','10'DeniedDeniedRanger 8MikeData-ScientistScan 'emp'AllowedAllowedRanger Can anyone please explain why in Test_Id_(2,6) the actual result is 'Denied'? (IMO it sould be 'Allowed')
