/** * Grants permission on the specified table for the specified user * @param conf * @param tableName * @param userName * @param family * @param qual * @param actions * @return GrantResponse * @throws Throwable */ public static GrantResponse grant(Configuration conf, final TableName tableName, final String userName, final byte[] family, final byte[] qual, final AccessControlProtos.Permission.Action... actions) throws Throwable { HTable ht = null; try { TableName aclTableName = TableName.valueOf(NamespaceDescriptor.SYSTEM_NAMESPACE_NAME_STR, "acl"); ht = new HTable(conf, aclTableName.getName()); Batch.Call<AccessControlService, GrantResponse> callable = new Batch.Call<AccessControlService, GrantResponse>() { ServerRpcController controller = new ServerRpcController(); BlockingRpcCallback<GrantResponse> rpcCallback = new BlockingRpcCallback<GrantResponse>(); @Override public GrantResponse call(AccessControlService service) throws IOException { GrantRequest.Builder builder = GrantRequest.newBuilder(); AccessControlProtos.Permission.Builder ret = AccessControlProtos.Permission.newBuilder(); AccessControlProtos.TablePermission.Builder permissionBuilder = AccessControlProtos.TablePermission .newBuilder(); for (AccessControlProtos.Permission.Action a : actions) { permissionBuilder.addAction(a); } permissionBuilder.setTableName(ProtobufUtil.toProtoTableName(tableName)); if (family != null) { permissionBuilder.setFamily(HBaseZeroCopyByteString.wrap(family)); } if (qual != null) { permissionBuilder.setQualifier(HBaseZeroCopyByteString.wrap(qual)); } ret.setType(AccessControlProtos.Permission.Type.Table).setTablePermission( permissionBuilder); builder.setUserPermission(AccessControlProtos.UserPermission.newBuilder() .setUser(ByteString.copyFromUtf8(userName)).setPermission(ret)); service.grant(controller, builder.build(), rpcCallback); return rpcCallback.get(); } }; Map<byte[], GrantResponse> result = ht.coprocessorService(AccessControlService.class, HConstants.EMPTY_BYTE_ARRAY, HConstants.EMPTY_BYTE_ARRAY, callable); return result.values().iterator().next(); // There will be exactly one // region for labels // table and so one entry in // result Map. } finally { if (ht != null) { ht.close(); } } }
@Override public void grant(RpcController controller, GrantRequest request, RpcCallback<GrantResponse> done) {}