[ https://issues.apache.org/jira/browse/PHOENIX-672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16172409#comment-16172409 ]
Karan Mehta edited comment on PHOENIX-672 at 9/19/17 10:42 PM: --------------------------------------------------------------- The following grammar will be used for {{GRANT}} {code}GRANT 'userOrGroupName', 'permissionString' ON [TABLE | SCHEMA] 'param1', 'param2', 'param3' {code} To specify a group instead of a user the first parameter has to started with "@". Permission String can contain characters {{RWXCA}} case insensitive. If all the permissions are general for the user, then the second part is not needed else the following holds. Token {{ON}} is required For the next parameter, if nothing is specified, it defaults to table. For schema, we need to explicitly use the token {{SCHEMA}}. For schema, it will be followed by a single parameter which is schema name For table, it will be followed by Table name and param2/3 will be optional for Column Family and Column Qualifier Examples {code} GRANT 'user0', 'RX' GRANT 'user1', 'RWX' ON 'table1' GRANT '@group2', 'RC' ON 'table2', 'cf1' GRANT 'user3', 'R' ON SCHEMA 'schema1' {code} Similar goes for {{REVOKE}} as well [~jamestaylor] [~apurtell] Please advice. [~twdsi...@gmail.com] FYI. was (Author: karanmehta93): The following grammar will be used for {{GRANT}} {code}GRANT 'userOrGroupName', 'permissionString' ON [TABLE | SCHEMA] 'param1', 'param2', 'param3' {code} To specify a group instead of a user the first parameter has to started with "@". Permission String can contain characters {{RWXCA}} case insensitive. Token {{ON}} is required For the next parameter, if nothing is specified, it defaults to table. For schema, we need to explicitly use the token {{SCHEMA}}. For schema, it will be followed by a single parameter which is schema name For table, it will be followed by Table name and param2/3 will be optional for Column Family and Column Qualifier Examples {code} GRANT 'user1', 'RWX' ON 'table1' GRANT '@group2', 'RC' ON 'table2', 'cf1' GRANT 'user3', 'R' ON SCHEMA 'schema1' {code} Similar goes for {{REVOKE}} as well [~jamestaylor] [~apurtell] Please advice. [~twdsi...@gmail.com] FYI. > Add GRANT and REVOKE commands using HBase AccessController > ---------------------------------------------------------- > > Key: PHOENIX-672 > URL: https://issues.apache.org/jira/browse/PHOENIX-672 > Project: Phoenix > Issue Type: Task > Reporter: James Taylor > Assignee: Karan Mehta > Labels: gsoc2016, security > > In HBase 0.98, cell-level security will be available. Take a look at > [this](https://communities.intel.com/community/datastack/blog/2013/10/29/hbase-cell-security) > excellent blog post by @apurtell. Once Phoenix works on 0.96, we should add > support for security to our SQL grammar. -- This message was sent by Atlassian JIRA (v6.4.14#64029)