[
https://issues.apache.org/jira/browse/HBASE-13239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14361408#comment-14361408
]
Ted Yu commented on HBASE-13239:
--------------------------------
Also confirmed that permission granting based family still works:
{code}
hbase(main):001:0> user_permission 'IntegrationTestIngest'
User Table,Family,Qualifier:Permission
@users IntegrationTestIngest,test_cf,:
[Permission: actions=READ]
hbase IntegrationTestIngest,,:
[Permission: actions=READ,WRITE,EXEC,CREATE,ADMIN]
...
[root@ty-sec-1-3 ~]# su - hrt_2
[hrt_2@ty-sec-1-3 ~]$ hbase shell
2015-03-13 23:50:41,438 INFO [main] Configuration.deprecation:
hadoop.native.lib is deprecated. Instead, use io.native.lib.available
HBase Shell; enter 'help<RETURN>' for list of supported commands.
Type "exit<RETURN>" to leave the HBase Shell
Version 0.98.4.2.2.2.0-2606-hadoop2, r82b3ef1436f1e5d35fa56a3ced1088e5308dd84f,
Thu Mar 12 20:38:30 EDT 2015
hbase(main):001:0> count 'IntegrationTestIngest'
SLF4J: Class path contains multiple SLF4J bindings.
SLF4J: Found binding in
[jar:file:/grid/0/hdp/2.2.2.0-2606/hadoop/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: Found binding in
[jar:file:/grid/0/hdp/2.2.2.0-2606/zookeeper/lib/slf4j-log4j12-1.6.1.jar!/org/slf4j/impl/StaticLoggerBinder.class]
SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation.
Current count: 1000, row: 017e3cdfbb52cd9828ec3136354c54b2-49287
Current count: 2000, row: 02ff1fa35bacc1643287baab70d1ce52-121729
Current count: 3000, row: 04851359d83c573e1b9bd3c5b1633618-106751
Current count: 4000, row: 0600480d533e3f41ce2e6e77415aa54e-134553
{code}
> Hbase grants at specific column level does not work for Groups
> ----------------------------------------------------------------
>
> Key: HBASE-13239
> URL: https://issues.apache.org/jira/browse/HBASE-13239
> Project: HBase
> Issue Type: Bug
> Components: hbase
> Affects Versions: 0.98.4
> Reporter: Jaymin Patel
> Assignee: Ted Yu
> Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.12
>
> Attachments: 13239-v1.txt
>
>
> While performing Grant command to a specific column in a table - to a
> specific group does not produce needed results. However, when specific user
> is mentioned (instead of group name) in grant command, it becomes effective
> Steps to Reproduce :
> 1) using super-user, Grant a table/column family/column level grant to a group
> 2) login using a user ( part of the above group) and scan the table. It does
> not return any results
> 3) using super-user, Grant a table/column family/column level grant to a
> specific user ( instead of group)
> 4) login using that specific user and scan the table. It produces correct
> results, i.e. provides only the column where user has select privileges
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
