I think the problem is that, in MasterRpcService.execProcedure, we do not know the type of the Procedure so it is not possible for us to require different permissions for them.
Please open an issue for this, maybe we need to push down the permission check for execProcedure/execProcedureWithRet down to a place where we know the actual type of the procedure. Thanks. 2018-03-13 3:52 GMT+08:00 Josh Elser <[email protected]>: > Thanks to Ted for digging down to find HBASE-19400 as the cause of this > one. > > @Appy, curious on whether my initial assessment was correct on how we got > here. Would like to know if this was a conscious decision on your part for > flushes :) > > > On 3/12/18 3:29 PM, Mike Drob wrote: > >> Table/Namespace/Global Admin sounds fine to me. >> >> On Mon, Mar 12, 2018 at 2:21 PM, Josh Elser <[email protected]> wrote: >> >> Hi, >>> >>> In some $dayjob testing, we've noticed that flushing a table requires >>> ADMIN permission by virtue of submitting the FlushProcedure (not >>> consciously about the flush operation itself). >>> >>> I can see this going both ways, but I felt like ADMIN at the table level >>> is more appropriate than requiring the global ADMIN permission. >>> >>> Thoughts? >>> >>> - Josh >>> >>> >>
