HBASE-12647 Truncate table should work with C as well

This commit is contained in:
Enis Soztutar 2014-12-07 20:57:04 -08:00
parent 9fd6db3703
commit 87e4414004
2 changed files with 7 additions and 3 deletions

View File

@ -932,7 +932,7 @@ public class AccessController extends BaseMasterAndRegionObserver
@Override @Override
public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c, public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c,
final TableName tableName) throws IOException { final TableName tableName) throws IOException {
requirePermission("truncateTable", tableName, null, null, Action.ADMIN); requirePermission("truncateTable", tableName, null, null, Action.ADMIN, Action.CREATE);
final Configuration conf = c.getEnvironment().getConfiguration(); final Configuration conf = c.getEnvironment().getConfiguration();
User.runAsLoginUser(new PrivilegedExceptionAction<Void>() { User.runAsLoginUser(new PrivilegedExceptionAction<Void>() {
@Override @Override

View File

@ -155,6 +155,10 @@ public class TestAccessController extends SecureTestUtil {
// user with no permissions // user with no permissions
private static User USER_NONE; private static User USER_NONE;
// TODO: convert this test to cover the full matrix in
// https://hbase.apache.org/book/appendix_acl_matrix.html
// creating all Scope x Permission combinations
private static TableName TEST_TABLE2 = TableName.valueOf("testtable2"); private static TableName TEST_TABLE2 = TableName.valueOf("testtable2");
private static byte[] TEST_FAMILY = Bytes.toBytes("f1"); private static byte[] TEST_FAMILY = Bytes.toBytes("f1");
private static byte[] TEST_QUALIFIER = Bytes.toBytes("q1"); private static byte[] TEST_QUALIFIER = Bytes.toBytes("q1");
@ -340,8 +344,8 @@ public class TestAccessController extends SecureTestUtil {
} }
}; };
verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN); verifyAllowed(truncateTable, SUPERUSER, USER_ADMIN, USER_CREATE);
verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE,USER_CREATE, USER_OWNER); verifyDenied(truncateTable, USER_RW, USER_RO, USER_NONE, USER_OWNER);
} }
@Test @Test