[
https://issues.apache.org/jira/browse/PHOENIX-5274?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16929657#comment-16929657
]
Ankit Jain commented on PHOENIX-5274:
-------------------------------------
Hey Lars, I can look into the failing tests next week.
Thanks for letting us know.
> ConnectionQueryServiceImpl#ensureNamespaceCreated and ensureTableCreated
> should use HBase APIs that do not require ADMIN permissions for existence
> checks
> ---------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: PHOENIX-5274
> URL: https://issues.apache.org/jira/browse/PHOENIX-5274
> Project: Phoenix
> Issue Type: Improvement
> Affects Versions: 5.0.0, 4.15.0, 4.14.2
> Reporter: Chinmay Kulkarni
> Assignee: Ankit Jain
> Priority: Major
> Fix For: 5.0.0, 4.15.1
>
> Attachments: PHOENIX-5274.4.x-HBase-1.5.v1.patch,
> PHOENIX-5274.4.x-HBase-1.5.v2.patch, PHOENIX-5274.4.x-HBase-1.5.v3.patch
>
> Time Spent: 1h 10m
> Remaining Estimate: 0h
>
> [HBASE-22377|https://issues.apache.org/jira/browse/HBASE-22377] will
> introduce a new API that does not require ADMIN permissions to check the
> existence of a namespace.
> Currently, CQSI#ensureNamespaceCreated calls
> HBaseAdmin#getNamespaceDescriptor which eventually on the server causes a
> call to AccessController#preGetNamespaceDescriptor. This tries to acquire
> ADMIN permissions on the namespace. We should ideally use the new API
> provided by HBASE-22377 which does not require the phoenix client to get
> ADMIN permissions on the namespace. We should acquire ADMIN permissions only
> in case we need to create the namespace if it doesn't already exist.
> Similarly, CQSI#ensureTableCreated should first check the existence of a
> table before trying to do HBaseAdmin#getTableDescriptor since this requires
> CREATE and ADMIN permissions.
--
This message was sent by Atlassian Jira
(v8.3.2#803003)
