hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Misty Stanley-Jones (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (HBASE-6192) Document ACL matrix in the book
Date Mon, 16 Jun 2014 04:02:02 GMT

    [ https://issues.apache.org/jira/browse/HBASE-6192?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14032104#comment-14032104
] 

Misty Stanley-Jones commented on HBASE-6192:
--------------------------------------------

I'm going to re-check everything using this approach. Let me know if this doesn't work.

$ less hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java|grep
'requirePermission('
  private void requirePermission(String request, TableName tableName, byte[] family, byte[]
qualifier,
  private void requirePermission(String request, Action perm) throws IOException {
  private void requirePermission(String request, Action perm,
    requirePermission("deleteTable", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("truncateTable", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("modifyTable", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("addColumn", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("modifyColumn", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("deleteColumn", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("enableTable", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("disableTable", tableName, null, null, Action.ADMIN, Action.CREATE);
    requirePermission("move", region.getTable(), null, null, Action.ADMIN);
    requirePermission("assign", regionInfo.getTable(), null, null, Action.ADMIN);
    requirePermission("unassign", regionInfo.getTable(), null, null, Action.ADMIN);
    requirePermission("regionOffline", regionInfo.getTable(), null, null, Action.ADMIN);
    requirePermission("balance", Action.ADMIN);
    requirePermission("balanceSwitch", Action.ADMIN);
    requirePermission("shutdown", Action.ADMIN);
    requirePermission("stopMaster", Action.ADMIN);
    requirePermission("snapshot", Action.ADMIN);
    requirePermission("clone", Action.ADMIN);
    requirePermission("restore", Action.ADMIN);
    requirePermission("deleteSnapshot", Action.ADMIN);
    requirePermission("flushTable", tableName, null, null, Action.ADMIN, Action.CREATE);
        requirePermission("preOpen", Action.ADMIN);
    requirePermission("flush", getTableName(e.getEnvironment()), null, null, Action.ADMIN,
    requirePermission("split", getTableName(e.getEnvironment()), null, null, Action.ADMIN);
    requirePermission("split", getTableName(e.getEnvironment()), null, null, Action.ADMIN);
    requirePermission("compact", getTableName(e.getEnvironment()), null, null, Action.ADMIN,
    requirePermission("compact", getTableName(e.getEnvironment()), null, null, Action.ADMIN);
      requirePermission("preBulkLoadHFile",
      requirePermission("invoke(" + service.getDescriptorForType().getName() + "." +
            requirePermission("grant", perm.getTableName(), perm.getFamily(),
            requirePermission("revoke", perm.getTableName(), perm.getFamily(),
          requirePermission("userPermissions", table, null, null, Action.ADMIN);
            requirePermission("checkPermissions", action, regionEnv, familyMap);
            requirePermission("checkPermissions", action);
    requirePermission("preClose", Action.ADMIN);
    requirePermission("preStopRegionServer", Action.ADMIN);
        requirePermission("getTableDescriptors", tableName, null, null,
    requirePermission("mergeRegions", regionA.getTableDesc().getTableName(), null, null,

> Document ACL matrix in the book
> -------------------------------
>
>                 Key: HBASE-6192
>                 URL: https://issues.apache.org/jira/browse/HBASE-6192
>             Project: HBase
>          Issue Type: Task
>          Components: documentation, security
>    Affects Versions: 0.94.1, 0.95.2
>            Reporter: Enis Soztutar
>            Assignee: Misty Stanley-Jones
>              Labels: documentaion, security
>             Fix For: 0.99.0
>
>         Attachments: HBASE-6192-rebased.patch, HBASE-6192.patch, HBase Security-ACL Matrix.pdf,
HBase Security-ACL Matrix.pdf, HBase Security-ACL Matrix.pdf, HBase Security-ACL Matrix.xls,
HBase Security-ACL Matrix.xls, HBase Security-ACL Matrix.xls
>
>
> We have an excellent matrix at https://issues.apache.org/jira/secure/attachment/12531252/Security-ACL%20Matrix.pdf
for ACL. Once the changes are done, we can adapt that and put it in the book, also add some
more documentation about the new authorization features. 



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message