[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell updated HBASE-18437:
---
Fix Version/s: (was: 1.5.0)
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
> Fix For: 2.0.0, 3.0.0, 1.4.0, 1.3.2
>
> Attachments: HBASE-18437-v1.patch, HBASE-18437.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Andrew Purtell updated HBASE-18437:
---
Resolution: Fixed
Hadoop Flags: Reviewed
Fix Version/s: 1.5.0
1.3.2
1.4.0
3.0.0
2.0.0
Status: Resolved (was: Patch Available)
Pushed to branch-1.3, branch-1.4, branch-1, branch-2, and master.
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
> Fix For: 2.0.0, 3.0.0, 1.4.0, 1.3.2, 1.5.0
>
> Attachments: HBASE-18437.patch, HBASE-18437-v1.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ashish Singhi updated HBASE-18437:
--
Attachment: HBASE-18437-v1.patch
Attached patch adding the comments asked for.
Thanks for the reviews.
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
> Attachments: HBASE-18437.patch, HBASE-18437-v1.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ashish Singhi updated HBASE-18437:
--
Status: Patch Available (was: Open)
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
> Attachments: HBASE-18437.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ashish Singhi updated HBASE-18437:
--
Attachment: HBASE-18437.patch
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
> Attachments: HBASE-18437.patch
>
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
[jira] [Updated] (HBASE-18437) Revoke access permissions of a user from a table does not work as expected
[
https://issues.apache.org/jira/browse/HBASE-18437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ashish Singhi updated HBASE-18437:
--
Description:
A table for which a user was granted 'RW' permission. Now when we want to
revoke its 'W' permission only, code removes the user itself from that table
permissions.
Below is the test code which reproduces the issue.
{noformat}
@Test(timeout = 18)
public void testRevokeOnlySomePerms() throws Throwable {
TableName name = TableName.valueOf("testAgain");
HTableDescriptor htd = new HTableDescriptor(name);
HColumnDescriptor hcd = new HColumnDescriptor("cf");
htd.addFamily(hcd);
createTable(TEST_UTIL, htd);
TEST_UTIL.waitUntilAllRegionsAssigned(name);
try (Connection conn = ConnectionFactory.createConnection(conf)) {
AccessControlClient.grant(conn, name, USER_RO.getShortName(), null, null,
Action.READ, Action.WRITE);
ListMultimap tablePermissions =
AccessControlLists.getTablePermissions(conf, name);
// hbase user and USER_RO has permis
assertEquals(2, tablePermissions.size());
AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
null, Action.WRITE);
tablePermissions = AccessControlLists.getTablePermissions(conf, name);
List userPerm =
tablePermissions.get(USER_RO.getShortName());
assertEquals(1, userPerm.size());
} finally {
deleteTable(TEST_UTIL, name);
}
}
{noformat}
was:
A table for which a user was granted 'RW' permission. Now when we want to
revoke its 'W' permission only, code removes the user itself from that table
permissions.
Below is the test code which reproduces the issue.
{noformat}
@Test(timeout = 18)
public void testRevokeOnlySomePerms() throws Throwable {
TableName name = TableName.valueOf("testAgain");
HTableDescriptor htd = new HTableDescriptor(name);
HColumnDescriptor hcd = new HColumnDescriptor("cf");
htd.addFamily(hcd);
createTable(TEST_UTIL, htd);
TEST_UTIL.waitUntilAllRegionsAssigned(name);
try (Connection conn = ConnectionFactory.createConnection(conf)) {
AccessControlClient.grant(conn, name, USER_RO.getShortName(), null, null,
Action.READ, Action.WRITE);
ListMultimap tablePermissions =
AccessControlLists.getTablePermissions(conf, name);
// hbase user and USER_RO has permis
assertEquals(2, tablePermissions.size());
AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
null, Action.READ, Action.WRITE);
tablePermissions = AccessControlLists.getTablePermissions(conf, name);
List userPerm =
tablePermissions.get(USER_RO.getShortName());
assertEquals(1, userPerm.size());
} finally {
deleteTable(TEST_UTIL, name);
}
}
{noformat}
> Revoke access permissions of a user from a table does not work as expected
> --
>
> Key: HBASE-18437
> URL: https://issues.apache.org/jira/browse/HBASE-18437
> Project: HBase
> Issue Type: Bug
> Components: security
>Affects Versions: 1.1.12
>Reporter: Ashish Singhi
>Assignee: Ashish Singhi
>
> A table for which a user was granted 'RW' permission. Now when we want to
> revoke its 'W' permission only, code removes the user itself from that table
> permissions.
> Below is the test code which reproduces the issue.
> {noformat}
> @Test(timeout = 18)
> public void testRevokeOnlySomePerms() throws Throwable {
> TableName name = TableName.valueOf("testAgain");
> HTableDescriptor htd = new HTableDescriptor(name);
> HColumnDescriptor hcd = new HColumnDescriptor("cf");
> htd.addFamily(hcd);
> createTable(TEST_UTIL, htd);
> TEST_UTIL.waitUntilAllRegionsAssigned(name);
> try (Connection conn = ConnectionFactory.createConnection(conf)) {
> AccessControlClient.grant(conn, name, USER_RO.getShortName(), null,
> null, Action.READ, Action.WRITE);
> ListMultimap tablePermissions =
> AccessControlLists.getTablePermissions(conf, name);
> // hbase user and USER_RO has permis
> assertEquals(2, tablePermissions.size());
> AccessControlClient.revoke(conn, name, USER_RO.getShortName(), null,
> null, Action.WRITE);
> tablePermissions = AccessControlLists.getTablePermissions(conf, name);
> List userPerm =
> tablePermissions.get(USER_RO.getShortName());
> assertEquals(1, userPerm.size());
> } finally {
> deleteTable(TEST_UTIL, name);
> }
> }
> {noformat}
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
