hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ramkrishna.s.vasudevan (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-11384) [Visibility Controller]Check for users covering authorizations for every mutation
Date Mon, 07 Jul 2014 11:08:34 GMT

     [ https://issues.apache.org/jira/browse/HBASE-11384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

ramkrishna.s.vasudevan updated HBASE-11384:
-------------------------------------------

    Attachment: HBASE-11384_1.patch

Updated patch.  Address some of the review comments except the checkAuths() comment because
that is the place where the labels are extracted out from the label expression.  Correct all
the testcases to pass with the new behaviour.

> [Visibility Controller]Check for users covering authorizations for every mutation
> ---------------------------------------------------------------------------------
>
>                 Key: HBASE-11384
>                 URL: https://issues.apache.org/jira/browse/HBASE-11384
>             Project: HBase
>          Issue Type: Sub-task
>    Affects Versions: 0.98.3
>            Reporter: ramkrishna.s.vasudevan
>            Assignee: ramkrishna.s.vasudevan
>             Fix For: 0.99.0, 0.98.5
>
>         Attachments: HBASE-11384.patch, HBASE-11384_1.patch
>
>
> As part of discussions, it is better that every mutation either Put/Delete with Visibility
expressions should validate if the expression has labels for which the user has authorization.
 If not fail the mutation.
> Suppose User A is assoicated with A,B and C.  The put has a visibility expression A&D.
Then fail the mutation as D is not associated with User A.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

Mime
View raw message