Re: New installation of HBase ignoring cell visibility (even though it's active)

Sat, 24 Feb 2018 06:41:14 -0800 

As which user you are running the scan shell command? It has to be as
michaelthomasen as u have set auths to this uname. Looks like the user
running the command is the hbase super user who started the RS process.
Then all cells will be returned irrespective of its visibility and scan
auths.

Anoop

On Saturday, February 24, 2018, Mike Thomsen <[email protected]> wrote:

> (hbase-site.xml is attached)
>
> I reinstalled HBase on my development machine and the console shows that
> it's just ignoring the cell visibility settings even though it shows
> they're active:
>
> hbase(main):001:0> list
> TABLE
>
>
>
> 0 row(s) in 0.1630 seconds
>
> => []
> hbase(main):002:0> get_auths "michaelthomsen"
> 0 row(s) in 10.1940 seconds
>
> hbase(main):003:0> add_labels ["U", "PII", "PHI"]
> 0 row(s) in 0.1900 seconds
>
> hbase(main):004:0> set_auths "michaelthomsen",  ["U", "PII", "PHI"]
> 0 row(s) in 0.0500 seconds
>
> hbase(main):005:0> get_auths "michaelthomsen"
> U
>
>
>
> PII
>
>
>
> PHI
>
>
>
> 0 row(s) in 0.0470 seconds
>
> hbase(main):006:0> create 'test', {NAME => 'prop' }
> 0 row(s) in 1.2780 seconds
>
> => Hbase::Table - test
> hbase(main):007:0> put "test", "user1", "prop:name", "John Smith"
> 0 row(s) in 0.0500 seconds
>
> hbase(main):008:0> scan "test"
> ROW
> COLUMN+CELL
>
>
>  user1                                             column=prop:name,
> timestamp=1519476818510, value=John Smith
>
> 1 row(s) in 0.0260 seconds
>
> hbase(main):009:0> set_visibility "test", "PII", { COLUMNS => "prop" }
> 1 row(s) in 0.0130 seconds
>
> hbase(main):010:0> scan "test", { AUTHORIZATIONS => ["PHI", "U"] }
> ROW
> COLUMN+CELL
>
>
>  user1                                             column=prop:name,
> timestamp=1519476818510, value=John Smith
>
> 1 row(s) in 0.0180 seconds
>
> hbase(main):011:0> list_security_capabilities
> SIMPLE_AUTHENTICATION
> CELL_VISIBILITY
>
> => ["SIMPLE_AUTHENTICATION", "CELL_VISIBILITY"]
> hbase(main):012:0> scan "test", { AUTHORIZATIONS => [] }
> ROW
> COLUMN+CELL
>
>
>  user1                                             column=prop:name,
> timestamp=1519476818510, value=John Smith
>
> 1 row(s) in 0.0060 seconds
>
>
> I'm running this on a Mac w/out HDFS. It's HBase 1.3.1. This makes no
> sense because it's allowing me to assign authorizations to my simple auth
> user, set_visibility runs successfully and it's reporting that cell
> visibility is enabled.
>
>

Reply via email to