From 57aa791a74edb3335d31fb1b38f87550ca31db0d Mon Sep 17 00:00:00 2001
From: meiyi <myimeiyi@gmail.com>
Date: Wed, 21 Aug 2019 09:29:31 +0800
Subject: [PATCH] HBASE-22879 user_permission command failed to show global
 permission (#511)

(cherry picked from commit 947f6d4788e659a0cd9e8aa84a6fcb73343403f5)

Change-Id: If5de4d376b78a7a13ac26321a464dc91ae12f9de
---
 hbase-shell/src/main/ruby/hbase/security.rb   |  2 +-
 .../apache/hadoop/hbase/client/TestShell.java |  2 +-
 .../test/ruby/hbase/security_admin_test.rb    | 20 +++++++++++++++++++
 3 files changed, 22 insertions(+), 2 deletions(-)

diff --git a/hbase-shell/src/main/ruby/hbase/security.rb b/hbase-shell/src/main/ruby/hbase/security.rb
index 52758989ddf3..d9f763d43d95 100644
--- a/hbase-shell/src/main/ruby/hbase/security.rb
+++ b/hbase-shell/src/main/ruby/hbase/security.rb
@@ -150,7 +150,7 @@ def user_permission(table_regex = nil)
         if !table_regex.nil? && isNamespace?(table_regex)
           nsPerm = permission.to_java(org.apache.hadoop.hbase.security.access.NamespacePermission)
           namespace = nsPerm.getNamespace
-        else
+        elsif !table_regex.nil?
           tblPerm = permission.to_java(org.apache.hadoop.hbase.security.access.TablePermission)
           namespace = tblPerm.getNamespace
           table = !tblPerm.getTableName.nil? ? tblPerm.getTableName.getNameAsString : ''
diff --git a/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java b/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java
index 9bb8eacce894..8f3aefba1808 100644
--- a/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java
+++ b/hbase-shell/src/test/java/org/apache/hadoop/hbase/client/TestShell.java
@@ -35,7 +35,7 @@ public class TestShell extends AbstractTestShell {
   @Test
   public void testRunShellTests() throws IOException {
     System.setProperty("shell.test.exclude", "replication_admin_test.rb,rsgroup_shell_test.rb," +
-      "admin_test.rb,table_test.rb,quotas_test.rb");
+      "admin_test.rb,table_test.rb,quotas_test.rb,admin2_test.rb");
     // Start all ruby tests
     jruby.runScriptlet(PathType.ABSOLUTE, "src/test/ruby/tests_runner.rb");
   }
diff --git a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
index fd8f6ade0a30..e19c22cea3af 100644
--- a/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
+++ b/hbase-shell/src/test/ruby/hbase/security_admin_test.rb
@@ -78,5 +78,25 @@ def teardown
       end
       assert(found_permission, "Permission for user test_grant_revoke was not found.")
     end
+
+    define_test 'Grant and revoke global permission should set access rights appropriately' do
+      global_user_name = 'test_grant_revoke_global'
+      security_admin.grant(global_user_name, 'W')
+      found_permission = false
+      security_admin.user_permission do |user, permission|
+        if user == global_user_name
+          assert_match(/WRITE/, permission.to_s)
+          found_permission = true
+        end
+      end
+      assert(found_permission, 'Permission for user ' + global_user_name + ' was not found.')
+
+      found_permission = false
+      security_admin.revoke(global_user_name)
+      security_admin.user_permission do |user, _|
+        found_permission = true if user == global_user_name
+      end
+      assert(!found_permission, 'Permission for user ' + global_user_name + ' was found.')
+    end
   end
 end