Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm
Precedence: bulk
Date: Fri, 8 Jun 2012 20:26:23 +0000 (UTC)
From: "Hadoop QA (JIRA)" <jira@apache.org>
To: issues@hbase.apache.org
Message-ID: <1942438518.54085.1339187183597.JavaMail.jiratomcat@issues-vm>
In-Reply-To: 
 <1425445499.21973.1328829417768.JavaMail.tomcat@hel.zones.apache.org>
Subject: [jira] [Commented] (HBASE-5372) Table mutation operations should
 check table level rights, not global rights
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit


    [ https://issues.apache.org/jira/browse/HBASE-5372?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13291966#comment-13291966 ] 

Hadoop QA commented on HBASE-5372:
----------------------------------

-1 overall.  Here are the results of testing the latest attachment 
  http://issues.apache.org/jira/secure/attachment/12531389/HBASE-5372.patch
  against trunk revision .

    +1 @author.  The patch does not contain any @author tags.

    +1 tests included.  The patch appears to include 3 new or modified tests.

    +1 hadoop2.0.  The patch compiles against the hadoop 2.0 profile.

    +1 javadoc.  The javadoc tool did not generate any warning messages.

    +1 javac.  The applied patch does not increase the total number of javac compiler warnings.

    -1 findbugs.  The patch appears to introduce 5 new Findbugs (version 1.3.9) warnings.

    +1 release audit.  The applied patch does not increase the total number of release audit warnings.

    +1 core tests.  The patch passed unit tests in .

Test results: https://builds.apache.org/job/PreCommit-HBASE-Build/2130//testReport/
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2130//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-common.html
Findbugs warnings: https://builds.apache.org/job/PreCommit-HBASE-Build/2130//artifact/trunk/patchprocess/newPatchFindbugsWarningshbase-server.html
Console output: https://builds.apache.org/job/PreCommit-HBASE-Build/2130//console

This message is automatically generated.
                
> Table mutation operations should check table level rights, not global rights 
> -----------------------------------------------------------------------------
>
>                 Key: HBASE-5372
>                 URL: https://issues.apache.org/jira/browse/HBASE-5372
>             Project: HBase
>          Issue Type: Sub-task
>          Components: security
>    Affects Versions: 0.94.0, 0.96.0, 0.94.1
>            Reporter: Enis Soztutar
>            Assignee: Laxman
>              Labels: security
>             Fix For: 0.96.0, 0.94.1
>
>         Attachments: HBASE-5372.patch
>
>
> getUserPermissions(tableName)/grant/revoke and drop/modify table operations should not check for global CREATE/ADMIN rights, but table CREATE/ADMIN rights. The reasoning is that if a user is able to admin or read from a table, she should be able to read the table's permissions. We can choose whether we want only READ or ADMIN permissions for getUserPermission(). Since we check for global permissions first for table permissions, configuring table access using global permissions will continue to work. 

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira