Search in sources :

Example 56 with AccessControlException

use of alluxio.exception.AccessControlException in project alluxio by Alluxio.

the class DefaultFileSystemMaster method listStatus.

@Override
public void listStatus(AlluxioURI path, ListStatusContext context, ResultStream<FileInfo> resultStream) throws AccessControlException, FileDoesNotExistException, InvalidPathException, IOException {
    Metrics.GET_FILE_INFO_OPS.inc();
    LockingScheme lockingScheme = new LockingScheme(path, LockPattern.READ, false);
    boolean ufsAccessed = false;
    try (RpcContext rpcContext = createRpcContext(context);
        FileSystemMasterAuditContext auditContext = createAuditContext("listStatus", path, null, null)) {
        DescendantType descendantType = context.getOptions().getRecursive() ? DescendantType.ALL : DescendantType.ONE;
        if (!syncMetadata(rpcContext, path, context.getOptions().getCommonOptions(), descendantType, auditContext, LockedInodePath::getInodeOrNull, (inodePath, permChecker) -> permChecker.checkPermission(Mode.Bits.READ, inodePath), false).equals(NOT_NEEDED)) {
            // If synced, do not load metadata.
            context.getOptions().setLoadMetadataType(LoadMetadataPType.NEVER);
            ufsAccessed = true;
        }
        /*
      See the comments in #getFileIdInternal for an explanation on why the loop here is required.
       */
        DescendantType loadDescendantType;
        if (context.getOptions().getLoadMetadataType() == LoadMetadataPType.NEVER) {
            loadDescendantType = DescendantType.NONE;
        } else if (context.getOptions().getRecursive()) {
            loadDescendantType = DescendantType.ALL;
        } else {
            loadDescendantType = DescendantType.ONE;
        }
        // load metadata for 1 level of descendants, or all descendants if recursive
        LoadMetadataContext loadMetadataContext = LoadMetadataContext.mergeFrom(LoadMetadataPOptions.newBuilder().setCreateAncestors(true).setLoadType(context.getOptions().getLoadMetadataType()).setLoadDescendantType(GrpcUtils.toProto(loadDescendantType)).setCommonOptions(FileSystemMasterCommonPOptions.newBuilder().setTtl(context.getOptions().getCommonOptions().getTtl()).setTtlAction(context.getOptions().getCommonOptions().getTtlAction())));
        boolean loadMetadata = false;
        boolean run = true;
        while (run) {
            run = false;
            if (loadMetadata) {
                loadMetadataIfNotExist(rpcContext, path, loadMetadataContext, false);
                ufsAccessed = true;
            }
            // We just synced; the new lock pattern should not sync.
            try (LockedInodePath inodePath = mInodeTree.lockInodePath(lockingScheme)) {
                auditContext.setSrcInode(inodePath.getInodeOrNull());
                try {
                    mPermissionChecker.checkPermission(Mode.Bits.READ, inodePath);
                } catch (AccessControlException e) {
                    auditContext.setAllowed(false);
                    throw e;
                }
                if (!loadMetadata) {
                    Inode inode;
                    boolean isLoaded = true;
                    if (inodePath.fullPathExists()) {
                        inode = inodePath.getInode();
                        if (inode.isDirectory() && context.getOptions().getLoadMetadataType() != LoadMetadataPType.ALWAYS) {
                            InodeDirectory inodeDirectory = inode.asDirectory();
                            isLoaded = inodeDirectory.isDirectChildrenLoaded();
                            if (context.getOptions().getRecursive()) {
                                isLoaded = areDescendantsLoaded(inodeDirectory);
                            }
                            if (isLoaded) {
                                // no need to load again.
                                loadMetadataContext.getOptions().setLoadDescendantType(LoadDescendantPType.NONE);
                            }
                        }
                    } else {
                        checkLoadMetadataOptions(context.getOptions().getLoadMetadataType(), inodePath.getUri());
                    }
                    if (shouldLoadMetadataIfNotExists(inodePath, loadMetadataContext)) {
                        loadMetadata = true;
                        run = true;
                        continue;
                    }
                }
                ensureFullPathAndUpdateCache(inodePath);
                auditContext.setSrcInode(inodePath.getInode());
                MountTable.Resolution resolution;
                if (!context.getOptions().hasLoadMetadataOnly() || !context.getOptions().getLoadMetadataOnly()) {
                    DescendantType descendantTypeForListStatus = (context.getOptions().getRecursive()) ? DescendantType.ALL : DescendantType.ONE;
                    try {
                        resolution = mMountTable.resolve(path);
                    } catch (InvalidPathException e) {
                        throw new FileDoesNotExistException(e.getMessage(), e);
                    }
                    listStatusInternal(context, rpcContext, inodePath, auditContext, descendantTypeForListStatus, resultStream, 0, Metrics.getUfsOpsSavedCounter(resolution.getUfsMountPointUri(), Metrics.UFSOps.GET_FILE_INFO));
                    if (!ufsAccessed) {
                        Metrics.getUfsOpsSavedCounter(resolution.getUfsMountPointUri(), Metrics.UFSOps.LIST_STATUS).inc();
                    }
                }
                auditContext.setSucceeded(true);
                Metrics.FILE_INFOS_GOT.inc();
            }
        }
    }
}
Also used : FileDoesNotExistException(alluxio.exception.FileDoesNotExistException) AccessControlException(alluxio.exception.AccessControlException) MountTable(alluxio.master.file.meta.MountTable) InvalidPathException(alluxio.exception.InvalidPathException) LockedInodePath(alluxio.master.file.meta.LockedInodePath) InodeDirectory(alluxio.master.file.meta.InodeDirectory) LoadMetadataContext(alluxio.master.file.contexts.LoadMetadataContext) Inode(alluxio.master.file.meta.Inode) LockingScheme(alluxio.master.file.meta.LockingScheme) DescendantType(alluxio.file.options.DescendantType)

Example 57 with AccessControlException

use of alluxio.exception.AccessControlException in project alluxio by Alluxio.

the class DefaultFileSystemMaster method createFile.

@Override
public FileInfo createFile(AlluxioURI path, CreateFileContext context) throws AccessControlException, InvalidPathException, FileAlreadyExistsException, BlockInfoException, IOException, FileDoesNotExistException {
    if (isOperationComplete(context)) {
        Metrics.COMPLETED_OPERATION_RETRIED_COUNT.inc();
        LOG.warn("A completed \"createFile\" operation has been retried. {}", context);
        return getFileInfo(path, GetStatusContext.create(GetStatusPOptions.newBuilder().setCommonOptions(FileSystemMasterCommonPOptions.newBuilder().setSyncIntervalMs(-1)).setLoadMetadataType(LoadMetadataPType.NEVER).setUpdateTimestamps(false)));
    }
    Metrics.CREATE_FILES_OPS.inc();
    try (RpcContext rpcContext = createRpcContext(context);
        FileSystemMasterAuditContext auditContext = createAuditContext("createFile", path, null, null)) {
        syncMetadata(rpcContext, path, context.getOptions().getCommonOptions(), DescendantType.ONE, auditContext, (inodePath) -> context.getOptions().getRecursive() ? inodePath.getLastExistingInode() : inodePath.getParentInodeOrNull(), (inodePath, permChecker) -> permChecker.checkParentPermission(Mode.Bits.WRITE, inodePath), false);
        LockingScheme lockingScheme = createLockingScheme(path, context.getOptions().getCommonOptions(), LockPattern.WRITE_EDGE);
        try (LockedInodePath inodePath = mInodeTree.lockInodePath(lockingScheme)) {
            auditContext.setSrcInode(inodePath.getParentInodeOrNull());
            if (context.getOptions().getRecursive()) {
                auditContext.setSrcInode(inodePath.getLastExistingInode());
            }
            try {
                mPermissionChecker.checkParentPermission(Mode.Bits.WRITE, inodePath);
            } catch (AccessControlException e) {
                auditContext.setAllowed(false);
                throw e;
            }
            mMountTable.checkUnderWritableMountPoint(path);
            if (context.isPersisted()) {
                // Check if ufs is writable
                checkUfsMode(path, OperationType.WRITE);
            }
            createFileInternal(rpcContext, inodePath, context);
            auditContext.setSrcInode(inodePath.getInode()).setSucceeded(true);
            cacheOperation(context);
            return getFileInfoInternal(inodePath);
        }
    }
}
Also used : LockedInodePath(alluxio.master.file.meta.LockedInodePath) LockingScheme(alluxio.master.file.meta.LockingScheme) AccessControlException(alluxio.exception.AccessControlException)

Example 58 with AccessControlException

use of alluxio.exception.AccessControlException in project alluxio by Alluxio.

the class DefaultFileSystemMaster method rename.

@Override
public void rename(AlluxioURI srcPath, AlluxioURI dstPath, RenameContext context) throws FileAlreadyExistsException, FileDoesNotExistException, InvalidPathException, IOException, AccessControlException {
    if (isOperationComplete(context)) {
        Metrics.COMPLETED_OPERATION_RETRIED_COUNT.inc();
        LOG.warn("A completed \"rename\" operation has been retried. {}", context);
        return;
    }
    Metrics.RENAME_PATH_OPS.inc();
    try (RpcContext rpcContext = createRpcContext(context);
        FileSystemMasterAuditContext auditContext = createAuditContext("rename", srcPath, dstPath, null)) {
        syncMetadata(rpcContext, srcPath, context.getOptions().getCommonOptions(), DescendantType.ONE, auditContext, LockedInodePath::getParentInodeOrNull, (inodePath, permChecker) -> permChecker.checkParentPermission(Mode.Bits.WRITE, inodePath), false);
        syncMetadata(rpcContext, dstPath, context.getOptions().getCommonOptions(), DescendantType.ONE, auditContext, LockedInodePath::getParentInodeOrNull, (inodePath, permChecker) -> permChecker.checkParentPermission(Mode.Bits.WRITE, inodePath), false);
        LockingScheme srcLockingScheme = createLockingScheme(srcPath, context.getOptions().getCommonOptions(), LockPattern.WRITE_EDGE);
        LockingScheme dstLockingScheme = createLockingScheme(dstPath, context.getOptions().getCommonOptions(), LockPattern.WRITE_EDGE);
        try (InodePathPair inodePathPair = mInodeTree.lockInodePathPair(srcLockingScheme.getPath(), srcLockingScheme.getPattern(), dstLockingScheme.getPath(), dstLockingScheme.getPattern())) {
            LockedInodePath srcInodePath = inodePathPair.getFirst();
            LockedInodePath dstInodePath = inodePathPair.getSecond();
            auditContext.setSrcInode(srcInodePath.getParentInodeOrNull());
            try {
                mPermissionChecker.checkParentPermission(Mode.Bits.WRITE, srcInodePath);
                mPermissionChecker.checkParentPermission(Mode.Bits.WRITE, dstInodePath);
            } catch (AccessControlException e) {
                auditContext.setAllowed(false);
                throw e;
            }
            mMountTable.checkUnderWritableMountPoint(srcPath);
            mMountTable.checkUnderWritableMountPoint(dstPath);
            renameInternal(rpcContext, srcInodePath, dstInodePath, context);
            auditContext.setSrcInode(srcInodePath.getInode()).setSucceeded(true);
            cacheOperation(context);
            LOG.debug("Renamed {} to {}", srcPath, dstPath);
        }
    }
}
Also used : LockedInodePath(alluxio.master.file.meta.LockedInodePath) LockingScheme(alluxio.master.file.meta.LockingScheme) AccessControlException(alluxio.exception.AccessControlException) InodePathPair(alluxio.master.file.meta.InodePathPair)

Example 59 with AccessControlException

use of alluxio.exception.AccessControlException in project alluxio by Alluxio.

the class DefaultFileSystemMaster method mount.

@Override
public void mount(AlluxioURI alluxioPath, AlluxioURI ufsPath, MountContext context) throws FileAlreadyExistsException, FileDoesNotExistException, InvalidPathException, IOException, AccessControlException {
    Metrics.MOUNT_OPS.inc();
    try (RpcContext rpcContext = createRpcContext(context);
        FileSystemMasterAuditContext auditContext = createAuditContext("mount", alluxioPath, null, null)) {
        ufsPath = new AlluxioURI(PathUtils.normalizePath(ufsPath.toString(), AlluxioURI.SEPARATOR));
        syncMetadata(rpcContext, alluxioPath, context.getOptions().getCommonOptions(), DescendantType.ONE, auditContext, LockedInodePath::getParentInodeOrNull, (inodePath, permChecker) -> permChecker.checkParentPermission(Mode.Bits.WRITE, inodePath), false);
        LockingScheme lockingScheme = createLockingScheme(alluxioPath, context.getOptions().getCommonOptions(), LockPattern.WRITE_EDGE);
        try (LockedInodePath inodePath = mInodeTree.lockInodePath(lockingScheme)) {
            auditContext.setSrcInode(inodePath.getParentInodeOrNull());
            try {
                mPermissionChecker.checkParentPermission(Mode.Bits.WRITE, inodePath);
            } catch (AccessControlException e) {
                auditContext.setAllowed(false);
                throw e;
            }
            mMountTable.checkUnderWritableMountPoint(alluxioPath);
            mountInternal(rpcContext, inodePath, ufsPath, context);
            auditContext.setSucceeded(true);
            Metrics.PATHS_MOUNTED.inc();
        }
    }
}
Also used : LockedInodePath(alluxio.master.file.meta.LockedInodePath) LockingScheme(alluxio.master.file.meta.LockingScheme) AccessControlException(alluxio.exception.AccessControlException) AlluxioURI(alluxio.AlluxioURI)

Example 60 with AccessControlException

use of alluxio.exception.AccessControlException in project alluxio by Alluxio.

the class DefaultFileSystemMaster method delete.

@Override
public void delete(AlluxioURI path, DeleteContext context) throws IOException, FileDoesNotExistException, DirectoryNotEmptyException, InvalidPathException, AccessControlException {
    if (isOperationComplete(context)) {
        Metrics.COMPLETED_OPERATION_RETRIED_COUNT.inc();
        LOG.warn("A completed \"delete\" operation has been retried. {}", context);
        return;
    }
    Metrics.DELETE_PATHS_OPS.inc();
    try (RpcContext rpcContext = createRpcContext(context);
        FileSystemMasterAuditContext auditContext = createAuditContext("delete", path, null, null)) {
        if (context.getOptions().getAlluxioOnly()) {
            LOG.debug("alluxio-only deletion on path {} skips metadata sync", path);
        } else {
            syncMetadata(rpcContext, path, context.getOptions().getCommonOptions(), context.getOptions().getRecursive() ? DescendantType.ALL : DescendantType.ONE, auditContext, LockedInodePath::getInodeOrNull, (inodePath, permChecker) -> permChecker.checkParentPermission(Mode.Bits.WRITE, inodePath), false);
        }
        LockingScheme lockingScheme = createLockingScheme(path, context.getOptions().getCommonOptions(), LockPattern.WRITE_EDGE);
        try (LockedInodePath inodePath = mInodeTree.lockInodePath(lockingScheme)) {
            mPermissionChecker.checkParentPermission(Mode.Bits.WRITE, inodePath);
            if (context.getOptions().getRecursive()) {
                List<String> failedChildren = new ArrayList<>();
                try (LockedInodePathList descendants = mInodeTree.getDescendants(inodePath)) {
                    for (LockedInodePath childPath : descendants) {
                        try {
                            mPermissionChecker.checkPermission(Mode.Bits.WRITE, childPath);
                            if (mMountTable.isMountPoint(childPath.getUri())) {
                                mMountTable.checkUnderWritableMountPoint(childPath.getUri());
                            }
                        } catch (AccessControlException e) {
                            failedChildren.add(e.getMessage());
                        }
                    }
                    if (failedChildren.size() > 0) {
                        throw new AccessControlException(ExceptionMessage.DELETE_FAILED_DIR_CHILDREN.getMessage(path, StringUtils.join(failedChildren, ",")));
                    }
                } catch (AccessControlException e) {
                    auditContext.setAllowed(false);
                    throw e;
                }
            }
            mMountTable.checkUnderWritableMountPoint(path);
            if (!inodePath.fullPathExists()) {
                throw new FileDoesNotExistException(ExceptionMessage.PATH_DOES_NOT_EXIST.getMessage(path));
            }
            deleteInternal(rpcContext, inodePath, context);
            auditContext.setSucceeded(true);
            cacheOperation(context);
        }
    }
}
Also used : LockedInodePath(alluxio.master.file.meta.LockedInodePath) FileDoesNotExistException(alluxio.exception.FileDoesNotExistException) LockingScheme(alluxio.master.file.meta.LockingScheme) ArrayList(java.util.ArrayList) AccessControlException(alluxio.exception.AccessControlException) LockedInodePathList(alluxio.master.file.meta.LockedInodePathList)

Aggregations

AccessControlException (alluxio.exception.AccessControlException)64 AlluxioURI (alluxio.AlluxioURI)29 LockedInodePath (alluxio.master.file.meta.LockedInodePath)21 Test (org.junit.Test)21 FileDoesNotExistException (alluxio.exception.FileDoesNotExistException)16 LockingScheme (alluxio.master.file.meta.LockingScheme)15 InvalidPathException (alluxio.exception.InvalidPathException)12 BaseIntegrationTest (alluxio.testutils.BaseIntegrationTest)11 IOException (java.io.IOException)11 ArrayList (java.util.ArrayList)10 Inode (alluxio.master.file.meta.Inode)9 MountTable (alluxio.master.file.meta.MountTable)7 FileInfo (alluxio.wire.FileInfo)7 AlluxioException (alluxio.exception.AlluxioException)4 LockedInodePathList (alluxio.master.file.meta.LockedInodePathList)4 Mode (alluxio.security.authorization.Mode)4 UnderFileSystem (alluxio.underfs.UnderFileSystem)4 FileBlockInfo (alluxio.wire.FileBlockInfo)4 DescendantType (alluxio.file.options.DescendantType)3 FileSystemMasterCommonPOptions (alluxio.grpc.FileSystemMasterCommonPOptions)3