use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.
the class ProtoUtils method fromProto.
/**
* @param acl the protobuf representation
* @return {@link AccessControlList}
*/
public static AccessControlList fromProto(Acl.AccessControlList acl) {
AccessControlList ret;
if (acl.hasIsDefault() && acl.getIsDefault()) {
ret = new DefaultAccessControlList();
} else {
ret = new AccessControlList();
}
ret.setOwningUser(acl.getOwningUser().intern());
ret.setOwningGroup(acl.getOwningGroup().intern());
if (acl.getIsEmpty()) {
return ret;
}
// true if there are any extended entries (named user or named group)
boolean hasExtended = false;
for (Acl.NamedAclActions namedActions : acl.getUserActionsList()) {
String name = namedActions.getName();
AclActions actions = fromProto(namedActions.getActions());
AclEntry entry;
if (name.equals(AccessControlList.OWNING_USER_KEY)) {
entry = new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(acl.getOwningUser()).setActions(actions).build();
} else {
hasExtended = true;
entry = new AclEntry.Builder().setType(AclEntryType.NAMED_USER).setSubject(name).setActions(actions).build();
}
ret.setEntry(entry);
}
for (Acl.NamedAclActions namedActions : acl.getGroupActionsList()) {
String name = namedActions.getName();
AclActions actions = fromProto(namedActions.getActions());
AclEntry entry;
if (name.equals(AccessControlList.OWNING_GROUP_KEY)) {
entry = new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(acl.getOwningGroup()).setActions(actions).build();
} else {
hasExtended = true;
entry = new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(name).setActions(actions).build();
}
ret.setEntry(entry);
}
if (hasExtended) {
// Only set the mask if there are any extended acl entries.
AclActions actions = fromProto(acl.getMaskActions());
AclEntry entry = new AclEntry.Builder().setType(AclEntryType.MASK).setActions(actions).build();
ret.setEntry(entry);
}
AclActions actions = fromProto(acl.getOtherActions());
AclEntry entry = new AclEntry.Builder().setType(AclEntryType.OTHER).setActions(actions).build();
ret.setEntry(entry);
return ret;
}
use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.
the class ProtoUtils method toProto.
/**
* @param aclEntry the acl entry
* @return the proto representation of instance
*/
public static Acl.AclEntry toProto(AclEntry aclEntry) {
Acl.AclEntry.Builder builder = Acl.AclEntry.newBuilder();
builder.setType(toProto(aclEntry.getType()));
builder.setSubject(aclEntry.getSubject());
builder.setIsDefault(aclEntry.isDefault());
for (AclAction action : aclEntry.getActions().getActions()) {
builder.addActions(toProto(action));
}
return builder.build();
}
use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.
the class DefaultFileSystemMaster method setUfsAcl.
private void setUfsAcl(LockedInodePath inodePath) throws InvalidPathException, AccessControlException {
Inode inode = inodePath.getInodeOrNull();
checkUfsMode(inodePath.getUri(), OperationType.WRITE);
MountTable.Resolution resolution = mMountTable.resolve(inodePath.getUri());
String ufsUri = resolution.getUri().toString();
try (CloseableResource<UnderFileSystem> ufsResource = resolution.acquireUfsResource()) {
UnderFileSystem ufs = ufsResource.get();
if (ufs.isObjectStorage()) {
LOG.warn("SetACL is not supported to object storage UFS via Alluxio. " + "UFS: " + ufsUri + ". This has no effect on the underlying object.");
} else {
try {
List<AclEntry> entries = new ArrayList<>(inode.getACL().getEntries());
if (inode.isDirectory()) {
entries.addAll(inode.asDirectory().getDefaultACL().getEntries());
}
ufs.setAclEntries(ufsUri, entries);
} catch (IOException e) {
throw new AccessControlException("Could not setAcl for UFS file: " + ufsUri);
}
}
}
}
use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.
the class GrpcUtils method toProto.
/**
* @param acl the access control list to convert
* @return the proto representation of this object
*/
public static PAcl toProto(AccessControlList acl) {
PAcl.Builder pAcl = PAcl.newBuilder();
pAcl.setOwner(acl.getOwningUser());
pAcl.setOwningGroup(acl.getOwningGroup());
pAcl.setMode(acl.getMode());
if (acl.hasExtended()) {
for (AclEntry entry : acl.getExtendedEntries().getEntries()) {
pAcl.addEntries(toProto(entry));
}
}
pAcl.setIsDefault(false);
return pAcl.build();
}
use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.
the class MutableInode method removeAcl.
/**
* Removes ACL entries.
*
* @param entries the ACL entries to remove
* @return the updated object
*/
public T removeAcl(List<AclEntry> entries) {
for (AclEntry entry : entries) {
if (entry.isDefault()) {
AccessControlList defaultAcl = getDefaultACL();
defaultAcl.removeEntry(entry);
} else {
mAcl.removeEntry(entry);
}
}
updateMask(entries);
return getThis();
}
Aggregations