hbase-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ashish Singhi (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
Date Tue, 25 Jul 2017 15:03:00 GMT

     [ https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Ashish Singhi updated HBASE-18437:
----------------------------------
    Status: Patch Available  (was: Open)

> Revoke access permissions of a user from a table does not work as expected
> --------------------------------------------------------------------------
>
>                 Key: HBASE-18437
>                 URL: https://issues.apache.org/jira/browse/HBASE-18437
>             Project: HBase
>          Issue Type: Bug
>          Components: security
>    Affects Versions: 1.1.12
>            Reporter: Ashish Singhi
>            Assignee: Ashish Singhi
>         Attachments: HBASE-18437.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to revoke its
'W' permission only, code removes the user itself from that table permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 180000)
>   public void testRevokeOnlySomePerms() throws Throwable {
>     TableName name = TableName.valueOf("testAgain");
>     HTableDescriptor htd = new HTableDescriptor(name);
>     HColumnDescriptor hcd = new HColumnDescriptor("cf");
>     htd.addFamily(hcd);
>     createTable(TEST_UTIL, htd);
>     TEST_UTIL.waitUntilAllRegionsAssigned(name);
>     try (Connection conn = ConnectionFactory.createConnection(conf)) {
>       AccessControlClient.grant(conn, name, USER_RO.getShortName(), null, null, Action.READ,
Action.WRITE);
>       ListMultimap<String, TablePermission> tablePermissions = AccessControlLists.getTablePermissions(conf,
name);
>       // hbase user and USER_RO has permis
>       assertEquals(2, tablePermissions.size());
>       AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null, null, Action.WRITE);
>       tablePermissions = AccessControlLists.getTablePermissions(conf, name);
>       List<TablePermission> userPerm = tablePermissions.get(USER_RO.getShortName());
>       assertEquals(1, userPerm.size());
>     } finally {
>       deleteTable(TEST_UTIL, name);
>     }
>   }
> {noformat}



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message