[ https://issues.apache.org/jira/browse/HBASE-13239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14361408#comment-14361408 ]
Ted Yu commented on HBASE-13239: -------------------------------- Also confirmed that permission granting based family still works: {code} hbase(main):001:0> user_permission 'IntegrationTestIngest' User Table,Family,Qualifier:Permission @users IntegrationTestIngest,test_cf,: [Permission: actions=READ] hbase IntegrationTestIngest,,: [Permission: actions=READ,WRITE,EXEC,CREATE,ADMIN] ... [root@ty-sec-1-3 ~]# su - hrt_2 [hrt_2@ty-sec-1-3 ~]$ hbase shell 2015-03-13 23:50:41,438 INFO [main] Configuration.deprecation: hadoop.native.lib is deprecated. Instead, use io.native.lib.available HBase Shell; enter 'help<RETURN>' for list of supported commands. Type "exit<RETURN>" to leave the HBase Shell Version 0.98.4.2.2.2.0-2606-hadoop2, r82b3ef1436f1e5d35fa56a3ced1088e5308dd84f, Thu Mar 12 20:38:30 EDT 2015 hbase(main):001:0> count 'IntegrationTestIngest' SLF4J: Class path contains multiple SLF4J bindings. SLF4J: Found binding in [jar:file:/grid/0/hdp/2.2.2.0-2606/hadoop/lib/slf4j-log4j12-1.7.5.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: Found binding in [jar:file:/grid/0/hdp/2.2.2.0-2606/zookeeper/lib/slf4j-log4j12-1.6.1.jar!/org/slf4j/impl/StaticLoggerBinder.class] SLF4J: See http://www.slf4j.org/codes.html#multiple_bindings for an explanation. Current count: 1000, row: 017e3cdfbb52cd9828ec3136354c54b2-49287 Current count: 2000, row: 02ff1fa35bacc1643287baab70d1ce52-121729 Current count: 3000, row: 04851359d83c573e1b9bd3c5b1633618-106751 Current count: 4000, row: 0600480d533e3f41ce2e6e77415aa54e-134553 {code} > Hbase grants at specific column level does not work for Groups > ---------------------------------------------------------------- > > Key: HBASE-13239 > URL: https://issues.apache.org/jira/browse/HBASE-13239 > Project: HBase > Issue Type: Bug > Components: hbase > Affects Versions: 0.98.4 > Reporter: Jaymin Patel > Assignee: Ted Yu > Fix For: 2.0.0, 1.0.1, 1.1.0, 0.98.12 > > Attachments: 13239-v1.txt > > > While performing Grant command to a specific column in a table - to a > specific group does not produce needed results. However, when specific user > is mentioned (instead of group name) in grant command, it becomes effective > Steps to Reproduce : > 1) using super-user, Grant a table/column family/column level grant to a group > 2) login using a user ( part of the above group) and scan the table. It does > not return any results > 3) using super-user, Grant a table/column family/column level grant to a > specific user ( instead of group) > 4) login using that specific user and scan the table. It produces correct > results, i.e. provides only the column where user has select privileges -- This message was sent by Atlassian JIRA (v6.3.4#6332)