[ https://issues.apache.org/jira/browse/HBASE-5787?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Lars Hofhansl updated HBASE-5787: --------------------------------- Fix Version/s: (was: 0.94.1) 0.94.0 > Table owner can't disable/delete his/her own table > -------------------------------------------------- > > Key: HBASE-5787 > URL: https://issues.apache.org/jira/browse/HBASE-5787 > Project: HBase > Issue Type: Bug > Components: security > Affects Versions: 0.92.1, 0.94.0, 0.96.0 > Reporter: Matteo Bertozzi > Assignee: Matteo Bertozzi > Priority: Minor > Labels: acl, security > Fix For: 0.92.2, 0.94.0, 0.96.0 > > Attachments: HBASE-5787-tests-wrong-names.patch, HBASE-5787-v0.patch, > HBASE-5787-v1.patch > > > An user with CREATE privileges can create a table, but can not disable it, > because disable operation require ADMIN privileges. Also if a table is > already disabled, anyone can remove it. > {code} > public void preDeleteTable(ObserverContext<MasterCoprocessorEnvironment> c, > byte[] tableName) throws IOException { > requirePermission(Permission.Action.CREATE); > } > public void preDisableTable(ObserverContext<MasterCoprocessorEnvironment> c, > byte[] tableName) throws IOException { > /* TODO: Allow for users with global CREATE permission and the table owner > */ > requirePermission(Permission.Action.ADMIN); > } > {code} -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira