d5be58
@@ -173,6 +173,8 @@
public class AccessController extends BaseMasterAndRegionObserver
   private Map<InternalScanner,String> scannerOwners =
       new MapMaker().weakKeys().makeMap();
 
+  private Map<TableName, List<UserPermission>> tableAcls;
+
   // Provider for mapping principal names to Users
   private UserProvider userProvider;
 
@@ -861,6 +863,8 @@
public class AccessController extends BaseMasterAndRegionObserver
     } else {
       throw new RuntimeException("Error obtaining TableAuthManager, zk found null.");
     }
+
+    tableAcls = new MapMaker().weakValues().makeMap();
   }
 
   public void stop(CoprocessorEnvironment env) {
@@ -938,7 +942,24 @@
public class AccessController extends BaseMasterAndRegionObserver
   @Override
   public void preTruncateTable(ObserverContext<MasterCoprocessorEnvironment> c, TableName tableName)
       throws IOException {
-    requirePermission("truncateTable", tableName, null, null, Action.ADMIN, Action.CREATE);
+    requirePermission("truncateTable", tableName, null, null, Action.ADMIN);
+    List<UserPermission> acls = AccessControlLists.getUserTablePermissions(c.getEnvironment()
+        .getConfiguration(), tableName);
+    if (acls != null) {
+      tableAcls.put(tableName, acls);
+    }
+  }
+
+  @Override
+  public void postTruncateTable(ObserverContext<MasterCoprocessorEnvironment> ctx,
+      TableName tableName) throws IOException {
+    List<UserPermission> perms = tableAcls.get(tableName);
+    if (perms != null) {
+      for (UserPermission perm : perms) {
+        AccessControlLists.addUserPermission(ctx.getEnvironment().getConfiguration(), perm);
+      }
+    }
+    tableAcls.remove(tableName);
   }
 
   @Override
