hbase-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashish Singhi (JIRA)" <j...@apache.org>
Subject [jira] [Created] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
Date Sun, 23 Jul 2017 13:58:00 GMT
Ashish Singhi created HBASE-18437:
-------------------------------------

             Summary: Revoke access permissions of a user from a table does not work as expected
                 Key: HBASE-18437
                 URL: https://issues.apache.org/jira/browse/HBASE-18437
             Project: HBase
          Issue Type: Bug
          Components: security
    Affects Versions: 1.1.12
            Reporter: Ashish Singhi
            Assignee: Ashish Singhi


A table for which a user was granted 'RW' permission. Now when we want to revoke its 'W' permission
only, code removes the user itself from that table permissions.
Below is the test code which reproduces the issue.

{noformat}
@Test(timeout = 180000)
  public void testRevokeOnlySomePerms() throws Throwable {
    TableName name = TableName.valueOf("testAgain");
    HTableDescriptor htd = new HTableDescriptor(name);
    HColumnDescriptor hcd = new HColumnDescriptor("cf");
    htd.addFamily(hcd);
    createTable(TEST_UTIL, htd);
    TEST_UTIL.waitUntilAllRegionsAssigned(name);

    try (Connection conn = ConnectionFactory.createConnection(conf)) {
      AccessControlClient.grant(conn, name, USER_RO.getShortName(), null, null, Action.READ,
Action.WRITE);
      ListMultimap<String, TablePermission> tablePermissions = AccessControlLists.getTablePermissions(conf,
name);
      // hbase user and USER_RO has permis
      assertEquals(2, tablePermissions.size());

      AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null, null, Action.READ,
Action.WRITE);
      tablePermissions = AccessControlLists.getTablePermissions(conf, name);
      List<TablePermission> userPerm = tablePermissions.get(USER_RO.getShortName());
      assertEquals(1, userPerm.size());

    } finally {
      deleteTable(TEST_UTIL, name);
    }
  }
{noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message