Displaying Default Column Family Permissions
Use either the Control System or the maprcli
command to find out the
users, groups, or roles that have permissions on the default column family.
Viewing Default Column Family Permissions in the Control System
Procedure
Log in to the Control System and go to the Column Families tab
from the table information page.
The Default Column Family Authorization pane displays the
following permissions for users, groups, and roles.
- Binary Table Default Column Family Authorization Permissions
-
Permission Permission Description Read Data Can do column reads. Reads require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family. Write Data Can do column writes. Writes require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family. Append Data Can do column appends. Column appends require permission both at the column-family level and at the column level. Set Version Can set or change the maximum and minimum number of versions of column values to keep. Set Compression Can set or change the compression setting for the column family. - JSON Table Default Column Family Authorization Permissions
-
Permission Permission Description Read Data Can do column reads. Reads require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family. Write Data Can do column writes. Writes require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family. Traverse Data Can pass over fields in JSON documents. For example, suppose that a JSON table contains documents of this general structure:
Suppose further that the user sjohnson has read permission on{ "_id" : "ID", "a" : { "b" : "value", "c" : "value" } }
a.b
, but not ona
. For sjohnson to reada.b
, the user needs the traverse permission ona
. The user can then pass over fielda
toa.b
. This permission is inherited by fields within the column family.Set Compression Can set or change the compression setting for the column family. Unmasked Data Can perform unmasked column reads if the user also has read data permission. Unmasked data require permission both at the column family level and at the field level. This permission is inherited by fields within the column family.
Retrieving the Default Column Family Permissions Using the CLI
About this task
To display the permissions on a column family, run this command:
maprcli table cf colperm get -path <path> -cfname <name of column family> -json
To display the permissions on a column, add the
-name
parameter:maprcli table cf colperm get -path <path> -cfname <name of column family> -name
<name of column> -json
The format of the value of the -path
parameter depends on whether you
are viewing a table on a local cluster or a remote cluster.
The json
parameter displays the output as a JSON document.