Displaying Default Column Family Permissions

Use either the Control System or the maprcli command to find out the users, groups, or roles that have permissions on the default column family.

Viewing Default Column Family Permissions in the Control System

Procedure

Log in to the Control System and go to the Column Families tab from the table information page.
The Default Column Family Authorization pane displays the following permissions for users, groups, and roles.
Binary Table Default Column Family Authorization Permissions
Permission Permission Description
Read Data Can do column reads. Reads require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family.
Write Data Can do column writes. Writes require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family.
Append Data Can do column appends. Column appends require permission both at the column-family level and at the column level.
Set Version Can set or change the maximum and minimum number of versions of column values to keep.
Set Compression Can set or change the compression setting for the column family.
JSON Table Default Column Family Authorization Permissions
Permission Permission Description
Read Data Can do column reads. Reads require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family.
Write Data Can do column writes. Writes require permission both at the column-family level and at the field level. This permission is inherited by fields within the column family.
Traverse Data Can pass over fields in JSON documents. For example, suppose that a JSON table contains documents of this general structure:
{
     "_id" : "ID",
     "a" :
          {
               "b" : "value",
               "c" : "value"
          }
}
Suppose further that the user sjohnson has read permission on a.b, but not on a. For sjohnson to read a.b, the user needs the traverse permission on a. The user can then pass over field a to a.b. This permission is inherited by fields within the column family.
Set Compression Can set or change the compression setting for the column family.
Unmasked Data Can perform unmasked column reads if the user also has read data permission. Unmasked data require permission both at the column family level and at the field level. This permission is inherited by fields within the column family.

Retrieving the Default Column Family Permissions Using the CLI

About this task

To display the permissions on a column family, run this command:
maprcli table cf colperm get -path <path> -cfname <name of column family> -json
To display the permissions on a column, add the -name parameter:
maprcli table cf colperm get -path <path> -cfname <name of column family> -name 
            <name of column> -json

The format of the value of the -path parameter depends on whether you are viewing a table on a local cluster or a remote cluster.

The json parameter displays the output as a JSON document.