90d83d
@@ -1341,7 +1341,16 @@
public class AccessController extends BaseMasterAndRegionObserver
   public void preCloneSnapshot(final ObserverContext<MasterCoprocessorEnvironment> ctx,
       final SnapshotDescription snapshot, final HTableDescriptor hTableDescriptor)
       throws IOException {
-    requirePermission(getActiveUser(ctx), "cloneSnapshot " + snapshot.getName(), Action.ADMIN);
+    User user = getActiveUser(ctx);
+    if (SnapshotDescriptionUtils.isSnapshotOwner(snapshot, user)
+        && hTableDescriptor.getNameAsString().equals(snapshot.getTable())) {
+      // Snapshot owner is allowed to create a table with the same name as the snapshot he took
+      AuthResult result = AuthResult.allow("cloneSnapshot " + snapshot.getName(),
+        "Snapshot owner check allowed", user, null, hTableDescriptor.getTableName(), null);
+      logResult(result);
+    } else {
+      requirePermission(user, "cloneSnapshot " + snapshot.getName(), Action.ADMIN);
+    }
   }
 
   @Override
