From a66bd7a7690534d592f71eb5a10f6e0d31e63873 Mon Sep 17 00:00:00 2001
From: EEPROM <songxincun@users.noreply.github.com>
Date: Tue, 14 Apr 2020 10:14:21 +0800
Subject: [PATCH] HBASE-24176 user_permission '.*' command failed to show all
 table permissions (#1499)

* user_permission failed when show table permissions with '.*' argument

Signed-off-by: Guangxu Cheng <gxcheng@apache.org>
---
 hbase-shell/src/main/ruby/hbase/security.rb            | 6 +++++-
 hbase-shell/src/test/ruby/hbase/security_admin_test.rb | 9 +++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 570cdeb9218..6157ded3eda 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -150,7 +150,7 @@ module Hbase
         if !table_regex.nil? && isNamespace?(table_regex)
           nsPerm = permission.to_java(org.apache.hadoop.hbase.security.access.NamespacePermission)
           namespace = nsPerm.getNamespace
-        elsif !table_regex.nil?
+        elsif !table_regex.nil? && isTablePermission?(permission)
           tblPerm = permission.to_java(org.apache.hadoop.hbase.security.access.TablePermission)
           namespace = tblPerm.getNamespace
           table = !tblPerm.getTableName.nil? ? tblPerm.getTableName.getNameAsString : ''
@@ -183,6 +183,10 @@ module Hbase
       table_name.start_with?('@')
     end
 
+    def isTablePermission?(permission)
+      permission.java_kind_of?(org.apache.hadoop.hbase.security.access.TablePermission)
+    end
+
     # Does Namespace exist
     def namespace_exists?(namespace_name)
       return !@admin.getNamespaceDescriptor(namespace_name).nil?
diff --git a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
index e19c22cea3a..e1360c27301 100644
--- a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
@@ -91,6 +91,15 @@ module Hbase
       end
       assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
 
+      found_permission = false
+      security_admin.user_permission('.*') do |user, permission|
+        if user == global_user_name
+          assert_match(/WRITE/, permission.to_s)
+          found_permission = true
+        end
+      end
+      assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
+
       found_permission = false
       security_admin.revoke(global_user_name)
       security_admin.user_permission do |user, _|