[ https://issues.apache.org/jira/browse/HBASE-12348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14241365#comment-14241365 ]
Andrew Purtell commented on HBASE-12348: ---------------------------------------- Thanks, I'll look at this again today > preModifyColumn and preDeleteColumn in AC denies user to perform its > operation though it has required rights > ------------------------------------------------------------------------------------------------------------ > > Key: HBASE-12348 > URL: https://issues.apache.org/jira/browse/HBASE-12348 > Project: HBase > Issue Type: Bug > Components: security > Affects Versions: 0.98.5 > Reporter: Ashish Singhi > Assignee: Ashish Singhi > Fix For: 1.0.0, 2.0.0, 0.98.10 > > Attachments: HBASE-12348-v1.patch, HBASE-12348-v3.patch, > HBASE-12348.patch > > > A user with ADMIN and CREATE rights {{only on the column family}} is denied > from performing DeleteColumn and ModifyColumn operations on the table. > also > Family name can be added in audit log for addColumn > {noformat} > alter 't', 'd2' > 2014-10-27 20:44:45,635 TRACE > SecurityLogger.org.apache.hadoop.hbase.security.access.AccessController: > Access allowed for user ashish; reason: Table permission granted; remote > address: /10.18.40.106; request: addColumn; context: (user=ashish, scope=t, > family=, action=ADMIN) > {noformat} -- This message was sent by Atlassian JIRA (v6.3.4#6332)