[ https://issues.apache.org/jira/browse/RANGER-1958?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16379495#comment-16379495 ]
Ramesh Mani commented on RANGER-1958: ------------------------------------- [~an...@apache.org] do you have patch ready for this? > [HBase] Implement getUserPermissions API of AccessControlService.Interface to > allow clients to access HBase permissions stored in Ranger > ---------------------------------------------------------------------------------------------------------------------------------------- > > Key: RANGER-1958 > URL: https://issues.apache.org/jira/browse/RANGER-1958 > Project: Ranger > Issue Type: Bug > Components: plugins > Reporter: Ankit Singhal > Priority: Major > > We have added the support of ACLs in Phoenix as part of PHOENIX-4198. > Currently, the implementation relies on some of the APIs provided by > AccessControlService.Interface to get the user permission of the table but we > see that the API "AccessControlService.Interface#getUserPermissions" is not > yet implemented in Ranger authorization module for HBase and thus, we are > unable to access permissions stored for HBase Table in Phoenix. > In class RangerAuthorizationCoprocessor > {code} > @Override > public void getUserPermissions(RpcController controller, > AccessControlProtos.GetUserPermissionsRequest request, > RpcCallback<AccessControlProtos.GetUserPermissionsResponse> done) { > LOG.debug("getUserPermissions(): "); > } > {code} > If we just implement this API, we can leverage the current HBase Ranger > plugin for Phoenix too. > Although the long-term solution for Ranger could be to implement the > coprocessor hooks for Phoenix as how it has been done for HBase so that we > can also authorize new entities like VIEW, SEQUENCES, FUNCTIONs (which can > not be supported with native HBase ACLs) along with Table and Schema. > Let me know your thoughts, I can try to put up a patch soon. -- This message was sent by Atlassian JIRA (v7.6.3#76005)