table cf colperm set
Sets Access Control Expressions (ACEs) for a specified column.
Syntax
- CLI
-
maprcli table cf colperm set -path <path> -cfname <column-family name> -name <column name> [ -appendperm Access Control Expression for column appends ] [ -readperm Access Control Expression for column reads ] [ -writeperm Access Control Expression for column writes ] [ -traverseperm Access Control Expression for column traversals in JSON tables ]
- REST
-
http[s]://<host>:<port>/rest/table/cf/colperm/set?path=<path>&cfname=<name>&name=<name>&readperm=<ACE>& writeperm=<ACE>&appendperm=<ACE>
mapr
user is not treated as a superuser.
MapR-DB does not allow the mapr
user to run this command unless that user
is given the relevant permission or permissions with access-control expressions.Parameters
Parameter |
Description |
---|---|
path |
The path to the table.
|
cfname |
The name of the column family in which the column is located. |
name | For binary tables: The name of the column for which you want to
set the ACEs. For JSON tables: The fieldpath of the field on which you want to set
permissions. For example, if you wanted to grant
readperm to a user on field b in the
following document. the fieldpath would be
a.b .
|
appendperm |
Applies to binary tables only: The Access Control Expression for column appends. Use single quotation marks around the ACE. Column appends require permission both at the column-family level and at the column level. |
readperm |
The Access Control Expression for column reads. Use single quotation marks around the ACE. Reads require permission both at the column-family level and at the column level (for binary tables) or field level (for JSON tables). In JSON tables, this permission is inherited by fields within the column family. |
writeperm |
The Access Control Expression for column writes (puts and deletes). Use single quotation marks around the ACE. Writes require permission both at the column-family level and at the column level (for binary tables) or field level (for JSON tables). In JSON tables, this permission is inherited by fields within the column family. |
traverseperm |
Applies to JSON tables only: The Access Control
Expressions that specifies who has permission to pass over fields in JSON
documents. For example, suppose that a JSON table contains documents of this
general structure:
Suppose
further that the user sjohnson has read permission on
a.b , but not on a . For sjohnson to
read a.b , the user needs the traverse permission on
a . The user can then pass over field a to
a.b . This permission is inherited by fields within the column family. By default, this permission is given to the value of defaulttraverseperm for the JSON table. |
Examples
Setting ACEs for a column- CLI
-
maprcli table cf colperm set -path /mytable -cfname cf1 -name col1 -readperm 'g:group1'
- REST
-
https://r1n1.sj.us:8443/rest/table/cf/set?path=%2Fvolume1%2Fthetable&cfname=mycf&name=col1&readperm='g:group1'