HBASE-12647 Truncate table should work with C as well
This commit is contained in:
parent
9fd6db3703
commit
87e4414004
|
@ -932,7 +932,7 @@ public class AccessController extends BaseMasterAndRegionObserver
|
||||||
@Override
|
@Override
|
||||||
public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c,
|
public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c,
|
||||||
final TableName tableName) throws IOException {
|
final TableName tableName) throws IOException {
|
||||||
requirePermission("truncateTable", tableName, null, null, Action.ADMIN);
|
requirePermission("truncateTable", tableName, null, null, Action.ADMIN, Action.CREATE);
|
||||||
final Configuration conf = c.getEnvironment().getConfiguration();
|
final Configuration conf = c.getEnvironment().getConfiguration();
|
||||||
User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
|
User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
|
||||||
@Override
|
@Override
|
||||||
|
|
|
@ -155,6 +155,10 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
// user with no permissions
|
// user with no permissions
|
||||||
private static User USER_NONE;
|
private static User USER_NONE;
|
||||||
|
|
||||||
|
// TODO: convert this test to cover the full matrix in
|
||||||
|
// https://hbase.apache.org/book/appendix_acl_matrix.html
|
||||||
|
// creating all Scope x Permission combinations
|
||||||
|
|
||||||
private static TableName TEST_TABLE2 = TableName.valueOf("testtable2");
|
private static TableName TEST_TABLE2 = TableName.valueOf("testtable2");
|
||||||
private static byte[] TEST_FAMILY = Bytes.toBytes("f1");
|
private static byte[] TEST_FAMILY = Bytes.toBytes("f1");
|
||||||
private static byte[] TEST_QUALIFIER = Bytes.toBytes("q1");
|
private static byte[] TEST_QUALIFIER = Bytes.toBytes("q1");
|
||||||
|
@ -340,8 +344,8 @@ public class TestAccessController extends SecureTestUtil {
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN);
|
verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN, USER_CREATE);
|
||||||
verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE,USER_CREATE, USER_OWNER);
|
verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE, USER_OWNER);
|
||||||
}
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
|
|
Loading…
Reference in New Issue