org.apache.hadoop.hdfs.server.namenode.AclFeature Java Examples
The following examples show how to use
org.apache.hadoop.hdfs.server.namenode.AclFeature.
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
| Source File: Snapshot.java From hadoop with Apache License 2.0 | 6 votes |
|
Root(INodeDirectory other) {
// Always preserve ACL, XAttr.
super(other, false, Lists.newArrayList(
Iterables.filter(Arrays.asList(other.getFeatures()), new Predicate<Feature>() {
@Override
public boolean apply(Feature input) {
if (AclFeature.class.isInstance(input)
|| XAttrFeature.class.isInstance(input)) {
return true;
}
return false;
}
}))
.toArray(new Feature[0]));
}
Example #2
| Source File: Snapshot.java From big-c with Apache License 2.0 | 6 votes |
|
Root(INodeDirectory other) {
// Always preserve ACL, XAttr.
super(other, false, Lists.newArrayList(
Iterables.filter(Arrays.asList(other.getFeatures()), new Predicate<Feature>() {
@Override
public boolean apply(Feature input) {
if (AclFeature.class.isInstance(input)
|| XAttrFeature.class.isInstance(input)) {
return true;
}
return false;
}
}))
.toArray(new Feature[0]));
}
Example #3
| Source File: TestAclWithSnapshot.java From hadoop with Apache License 2.0 | 5 votes |
|
private void deleteSnapshotWithAclAndVerify(AclFeature aclFeature,
Path pathToCheckAcl, int totalAclFeatures) throws IOException {
hdfs.deleteSnapshot(path, snapshotName);
AclFeature afterDeleteAclFeature = FSAclBaseTest.getAclFeature(
pathToCheckAcl, cluster);
assertSame(aclFeature, afterDeleteAclFeature);
assertEquals("Reference count should remain same"
+ " even after deletion of snapshot", 1,
afterDeleteAclFeature.getRefCount());
hdfs.removeAcl(pathToCheckAcl);
assertEquals("Reference count should be 0", 0, aclFeature.getRefCount());
assertEquals("Unique ACL features should remain same", totalAclFeatures,
AclStorage.getUniqueAclFeatures().getUniqueElementsSize());
}
Example #4
| Source File: TestAclWithSnapshot.java From big-c with Apache License 2.0 | 5 votes |
|
private void deleteSnapshotWithAclAndVerify(AclFeature aclFeature,
Path pathToCheckAcl, int totalAclFeatures) throws IOException {
hdfs.deleteSnapshot(path, snapshotName);
AclFeature afterDeleteAclFeature = FSAclBaseTest.getAclFeature(
pathToCheckAcl, cluster);
assertSame(aclFeature, afterDeleteAclFeature);
assertEquals("Reference count should remain same"
+ " even after deletion of snapshot", 1,
afterDeleteAclFeature.getRefCount());
hdfs.removeAcl(pathToCheckAcl);
assertEquals("Reference count should be 0", 0, aclFeature.getRefCount());
assertEquals("Unique ACL features should remain same", totalAclFeatures,
AclStorage.getUniqueAclFeatures().getUniqueElementsSize());
}
Example #5
| Source File: SentryAuthorizationProvider.java From incubator-sentry with Apache License 2.0 | 5 votes |
|
private void checkAndRemoveHdfsAcl(INodeAuthorizationInfo node,
boolean warn) {
AclFeature f = defaultAuthzProvider.getAclFeature(node,
Snapshot.CURRENT_STATE_ID);
if (f != null) {
defaultAuthzProvider.removeAclFeature(node);
} else {
if (warn) {
LOG.warn("### removeAclFeature is requested on {}, but it does not " +
"have any acl.", node);
}
}
}
Example #6
| Source File: SentryAuthorizationProvider.java From incubator-sentry with Apache License 2.0 | 5 votes |
|
@Override
public void addAclFeature(INodeAuthorizationInfo node, AclFeature f) {
// always fall through to defaultAuthZProvider,
// issue warning when the path is sentry managed
if (isSentryManaged(node)) {
LOG.warn("### addAclFeature {} (sentry managed path) {}, update HDFS." +
WARN_VISIBILITY,
node.getFullPathName(), f.toString());
// For Sentry-managed path, remove ACL silently before adding new ACL
checkAndRemoveHdfsAcl(node, false);
}
defaultAuthzProvider.addAclFeature(node, f);
}
Example #7
| Source File: SentryAuthorizationProvider.java From incubator-sentry with Apache License 2.0 | 4 votes |
|
@Override
public AclFeature getAclFeature(INodeAuthorizationInfo node, int snapshotId) {
AclFeature f = null;
String[] pathElements = getPathElements(node);
String p = Arrays.toString(pathElements);
boolean isPrefixed = false;
boolean isStale = false;
boolean hasAuthzObj = false;
Map<String, AclEntry> aclMap = null;
if (!authzInfo.isUnderPrefix(pathElements)) {
isPrefixed = false;
f = defaultAuthzProvider.getAclFeature(node, snapshotId);
} else if (!authzInfo.doesBelongToAuthzObject(pathElements)) {
isPrefixed = true;
f = defaultAuthzProvider.getAclFeature(node, snapshotId);
} else {
isPrefixed = true;
hasAuthzObj = true;
aclMap = new HashMap<String, AclEntry>();
if (originalAuthzAsAcl) {
String user = defaultAuthzProvider.getUser(node, snapshotId);
String group = getDefaultProviderGroup(node, snapshotId);
FsPermission perm = defaultAuthzProvider.getFsPermission(node, snapshotId);
addToACLMap(aclMap, createAclEntries(user, group, perm));
} else {
addToACLMap(aclMap,
createAclEntries(this.user, this.group, this.permission));
}
if (!authzInfo.isStale()) {
isStale = false;
addToACLMap(aclMap, authzInfo.getAclEntries(pathElements));
f = new SentryAclFeature(ImmutableList.copyOf(aclMap.values()));
} else {
isStale = true;
f = new SentryAclFeature(ImmutableList.copyOf(aclMap.values()));
}
}
if (LOG.isDebugEnabled()) {
LOG.debug("### getAclEntry \n[" + p + "] : ["
+ "isPreifxed=" + isPrefixed
+ ", isStale=" + isStale
+ ", hasAuthzObj=" + hasAuthzObj
+ ", origAuthzAsAcl=" + originalAuthzAsAcl + "]\n"
+ "[" + (aclMap == null ? "null" : aclMap) + "]\n"
+ "[" + (f == null ? "null" : f.getEntries()) + "]\n");
}
return f;
}
