[ https://issues.apache.org/jira/browse/HBASE-6209?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13295436#comment-13295436 ]
Laxman commented on HBASE-6209: ------------------------------- Thinking of following approach. grant, revoke, getUserPermissions, checkPermissions - All these apis needs to be authorized against CQ/CF/table/global admin permissions. Append - WRITE Any corrections required? > ACL Corrections for AccessControllerProtocol apis > ------------------------------------------------- > > Key: HBASE-6209 > URL: https://issues.apache.org/jira/browse/HBASE-6209 > Project: HBase > Issue Type: Sub-task > Components: security > Affects Versions: 0.94.0, 0.96.0, 0.94.1 > Reporter: Laxman > Assignee: Laxman > Labels: acl, security > Fix For: 0.96.0, 0.94.1 > > > APIs provided in AccessController are authorized against global-admin > permissions. Instead we need to check for table-admin level permissions. > Edit: Append operation also has no authorization check. We can update it > together. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira