From 8793383b66f06819b8d6d0070185d5bef29a66c8 Mon Sep 17 00:00:00 2001
From: Enis Soztutar <enis@apache.org>
Date: Wed, 21 Jan 2015 17:03:55 -0800
Subject: [PATCH] HBASE-12774 Fix the inconsistent permission checks for
 bulkloading. (Srikanth Srungarapu)

---
 .../hadoop/hbase/security/access/AccessController.java | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
index 48464f66f9f..94f141955fb 100644
--- a/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
+++ b/hbase-server/src/main/java/org/apache/hadoop/hbase/security/access/AccessController.java
@@ -1958,7 +1958,7 @@ public class AccessController extends BaseMasterAndRegionObserver
   }
 
   /**
-   * Verifies user has WRITE privileges on
+   * Verifies user has CREATE privileges on
    * the Column Families involved in the bulkLoadHFile
    * request. Specific Column Write privileges are presently
    * ignored.
@@ -2015,11 +2015,11 @@ public class AccessController extends BaseMasterAndRegionObserver
                                  PrepareBulkLoadRequest request) throws IOException {
     RegionCoprocessorEnvironment e = ctx.getEnvironment();
 
-    AuthResult authResult = hasSomeAccess(e, "prePrepareBulkLoad", Action.WRITE);
+    AuthResult authResult = hasSomeAccess(e, "prePrepareBulkLoad", Action.CREATE);
     logResult(authResult);
     if (!authResult.isAllowed()) {
       throw new AccessDeniedException("Insufficient permissions (table=" +
-        e.getRegion().getTableDesc().getTableName() + ", action=WRITE)");
+        e.getRegion().getTableDesc().getTableName() + ", action=CREATE)");
     }
   }
 
@@ -2035,11 +2035,11 @@ public class AccessController extends BaseMasterAndRegionObserver
                                  CleanupBulkLoadRequest request) throws IOException {
     RegionCoprocessorEnvironment e = ctx.getEnvironment();
 
-    AuthResult authResult = hasSomeAccess(e, "preCleanupBulkLoad", Action.WRITE);
+    AuthResult authResult = hasSomeAccess(e, "preCleanupBulkLoad", Action.CREATE);
     logResult(authResult);
     if (!authResult.isAllowed()) {
       throw new AccessDeniedException("Insufficient permissions (table=" +
-        e.getRegion().getTableDesc().getTableName() + ", action=WRITE)");
+        e.getRegion().getTableDesc().getTableName() + ", action=CREATE)");
     }
   }