Return-Path: 
 <issues-return-152154-apmail-hbase-issues-archive=hbase.apache.org@hbase.apache.org>
X-Original-To: apmail-hbase-issues-archive@www.apache.org
Delivered-To: apmail-hbase-issues-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id B0737111B2
	for <apmail-hbase-issues-archive@www.apache.org>;
 Mon,  7 Jul 2014 17:00:39 +0000 (UTC)
Received: (qmail 88202 invoked by uid 500); 7 Jul 2014 17:00:36 -0000
Delivered-To: apmail-hbase-issues-archive@hbase.apache.org
Received: (qmail 88162 invoked by uid 500); 7 Jul 2014 17:00:36 -0000
Mailing-List: contact issues-help@hbase.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:issues-help@hbase.apache.org>
List-Unsubscribe: <mailto:issues-unsubscribe@hbase.apache.org>
List-Post: <mailto:issues@hbase.apache.org>
List-Id: <issues.hbase.apache.org>
Delivered-To: mailing list issues@hbase.apache.org
Received: (qmail 88079 invoked by uid 99); 7 Jul 2014 17:00:36 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 07 Jul 2014 17:00:36 +0000
Date: Mon, 7 Jul 2014 17:00:35 +0000 (UTC)
From: "ramkrishna.s.vasudevan (JIRA)" <jira@apache.org>
To: issues@hbase.apache.org
Message-ID: <JIRA.12722718.1403247915011.13200.1404752435957@arcas>
In-Reply-To: <JIRA.12722718.1403247915011@arcas>
References: <JIRA.12722718.1403247915011@arcas>
Subject: [jira] [Updated] (HBASE-11384) [Visibility Controller]Check for
 users covering authorizations for every mutation
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/HBASE-11384?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

ramkrishna.s.vasudevan updated HBASE-11384:
-------------------------------------------

    Attachment: HBASE-11384_2.patch

Wraps long line.  TestScannersWithLabels passes now.

> [Visibility Controller]Check for users covering authorizations for every mutation
> ---------------------------------------------------------------------------------
>
>                 Key: HBASE-11384
>                 URL: https://issues.apache.org/jira/browse/HBASE-11384
>             Project: HBase
>          Issue Type: Sub-task
>    Affects Versions: 0.98.3
>            Reporter: ramkrishna.s.vasudevan
>            Assignee: ramkrishna.s.vasudevan
>             Fix For: 0.99.0, 0.98.5
>
>         Attachments: HBASE-11384.patch, HBASE-11384_1.patch, HBASE-11384_2.patch
>
>
> As part of discussions, it is better that every mutation either Put/Delete with Visibility expressions should validate if the expression has labels for which the user has authorization.  If not fail the mutation.
> Suppose User A is assoicated with A,B and C.  The put has a visibility expression A&D. Then fail the mutation as D is not associated with User A.



--
This message was sent by Atlassian JIRA
(v6.2#6252)