[
https://issues.apache.org/jira/browse/PHOENIX-672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16172508#comment-16172508
]
Karan Mehta commented on PHOENIX-672:
-------------------------------------
{quote}
Quick question Karan Mehta? , so for
GRANT 'user0', 'RX'
Will it grant user0 RX for all schemas and tables?
{quote}
Yes, that grants permissions across all namespaces and tables (global
permission). Checkout http://hbase.apache.org/book.html#_administration
I and [~twdsi...@gmail.com] had a discussion earlier about this syntax from
Postgres. The HBase API in *1.3* doesn't provide the ability to merge
permissions, for example if the initial permission was 'RW' and the user grants
'X' then it overrides the original permission to 'X'. To implement similar
behavior, we would have to incur an overhead of reading the permissions and
writing it back again. HBase shell, however, uses the former approach. We
decided to stick more closely to HBase in terms of functionality and syntax, so
that the development becomes easier. What do you suggest [~apurtell]?
> Add GRANT and REVOKE commands using HBase AccessController
> ----------------------------------------------------------
>
> Key: PHOENIX-672
> URL: https://issues.apache.org/jira/browse/PHOENIX-672
> Project: Phoenix
> Issue Type: Task
> Reporter: James Taylor
> Assignee: Karan Mehta
> Labels: gsoc2016, security
>
> In HBase 0.98, cell-level security will be available. Take a look at
> [this](https://communities.intel.com/community/datastack/blog/2013/10/29/hbase-cell-security)
> excellent blog post by @apurtell. Once Phoenix works on 0.96, we should add
> support for security to our SQL grammar.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
