[
https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293128#comment-13293128
]
Andrew Purtell edited comment on HBASE-6188 at 6/11/12 10:10 PM:
-----------------------------------------------------------------
bq. DDL operations can't be done by ADMIN.
I'm not sure there is a situation where it would make sense to disallow an
administrator from making a DDL operation.
You've convinced me of this:
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn,
ModifyTable, DisableTable, EnableTable
ADMIN - All of the above plus Flush, Split, Compact
It's not useful to give add/delete/modify schema privileges without
enable/disable to have them take effect. So either we do the above or we get
rid of CREATE. I think the above distinction is still useful.
Edit: I don't like that non-ADMIN can do enable/disable table, because it can
really affect the cluster if the table is large. However I think on balance it
would be more confusing than useful to remove EnableTable and DisableTable from
the set of operations CREATE permission allows until online schema
update-in-place without disable is always possible.
Thanks for having the discussion.
was (Author: apurtell):
bq. DDL operations can't be done by ADMIN.
I'm not sure there is a situation where it would make sense to disallow an
administrator from making a DDL operation.
You've convinced me of this:
CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn,
ModifyTable, DisableTable, EnableTable
ADMIN - All of the above plus Flush, Split, Compact
It's not useful to give add/delete/modify schema privileges without
enable/disable to have them take effect. So either we do the above or we get
rid of CREATE. I think the above distinction is still useful.
Thanks for having the discussion.
> Remove the concept of table owner
> ---------------------------------
>
> Key: HBASE-6188
> URL: https://issues.apache.org/jira/browse/HBASE-6188
> Project: HBase
> Issue Type: Sub-task
> Components: security
> Reporter: Andrew Purtell
> Assignee: Laxman
> Labels: security
>
> The table owner concept was a design simplification in the initial drop.
> First, the design changes under review means only a user with GLOBAL CREATE
> permission can create a table, which will probably be an administrator.
> Then, granting implicit permissions may lead to oversights and it adds
> unnecessary conditionals to our code. So instead the administrator with
> GLOBAL CREATE permission should make the appropriate grants at table create
> time.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators:
https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
