[
https://issues.apache.org/jira/browse/ACCUMULO-1018?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13592787#comment-13592787
]
Keith Turner edited comment on ACCUMULO-1018 at 3/4/13 11:21 PM:
-----------------------------------------------------------------
Patch #2 looks good, I have only one issue with it. For the format() function
should create new set for a table if one does not exist. Then it should add
all security error codes to the tables set for each key extent.
I created a little test program to experiment with the patch. I like the
output.
{noformat}
Attemping batch scan :
org.apache.accumulo.core.client.AccumuloSecurityException: Error
PERMISSION_DENIED for user user2 on table table1(ID:3) - User does not have
permission to perform this action
Attemping scan :
org.apache.accumulo.core.client.AccumuloSecurityException: Error
PERMISSION_DENIED for user user2 on table table1(ID:3) - User does not have
permission to perform this action
Attemping batch write :
# constraint violations : 0 security codes:
{table1(ID:3)=[PERMISSION_DENIED]} # server errors 0 # exceptions 0
Attemping to delete table :
Error PERMISSION_DENIED for user user2 on table table1(ID:3) - User
does not have permission to perform this action
{noformat}
was (Author: kturner):
Patch #2 looks good, I have only one issue with it. For the format()
function should create new set for a table if one does not exist. Then it
should add all security error codes to the tables set for each key extent.
I created a little test program to experiment with the patch. I like the
output.
{noformat}
> Client does not give informative message when user can not read table
> ---------------------------------------------------------------------
>
> Key: ACCUMULO-1018
> URL: https://issues.apache.org/jira/browse/ACCUMULO-1018
> Project: Accumulo
> Issue Type: Bug
> Components: client
> Affects Versions: 1.4.0
> Reporter: Keith Turner
> Assignee: Kevin Faro
> Fix For: 1.6.0
>
> Attachments: ACCUMULO-1018-2.patch, ACCUMULO-1018.patch
>
>
> Saw this in 1.4, not sure if its an issue in later versions.
> Assume a user has an application that is reading from many tables and does
> not have permission to read from one table. In this case the exception does
> not tell them which table they can not read from. If not familiar with the
> application, it can take a while to track this issue down on a system with
> many tables.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
