[ https://issues.apache.org/jira/browse/HBASE-6188?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13293128#comment-13293128 ]
Andrew Purtell edited comment on HBASE-6188 at 6/11/12 10:10 PM: ----------------------------------------------------------------- bq. DDL operations can't be done by ADMIN. I'm not sure there is a situation where it would make sense to disallow an administrator from making a DDL operation. You've convinced me of this: CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable ADMIN - All of the above plus Flush, Split, Compact It's not useful to give add/delete/modify schema privileges without enable/disable to have them take effect. So either we do the above or we get rid of CREATE. I think the above distinction is still useful. Edit: I don't like that non-ADMIN can do enable/disable table, because it can really affect the cluster if the table is large. However I think on balance it would be more confusing than useful to remove EnableTable and DisableTable from the set of operations CREATE permission allows until online schema update-in-place without disable is always possible. Thanks for having the discussion. was (Author: apurtell): bq. DDL operations can't be done by ADMIN. I'm not sure there is a situation where it would make sense to disallow an administrator from making a DDL operation. You've convinced me of this: CREATE -(DDL) CreateTable, AddColumn, DeleteColumn, DeleteTable, ModifyColumn, ModifyTable, DisableTable, EnableTable ADMIN - All of the above plus Flush, Split, Compact It's not useful to give add/delete/modify schema privileges without enable/disable to have them take effect. So either we do the above or we get rid of CREATE. I think the above distinction is still useful. Thanks for having the discussion. > Remove the concept of table owner > --------------------------------- > > Key: HBASE-6188 > URL: https://issues.apache.org/jira/browse/HBASE-6188 > Project: HBase > Issue Type: Sub-task > Components: security > Reporter: Andrew Purtell > Assignee: Laxman > Labels: security > > The table owner concept was a design simplification in the initial drop. > First, the design changes under review means only a user with GLOBAL CREATE > permission can create a table, which will probably be an administrator. > Then, granting implicit permissions may lead to oversights and it adds > unnecessary conditionals to our code. So instead the administrator with > GLOBAL CREATE permission should make the appropriate grants at table create > time. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira