Examples with AclEntry alluxio.security.authorization.AclEntry used on opensource projects

Search in sources :

Example 6 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method setRecursiveAcl.

@Test
public void setRecursiveAcl() throws Exception {
    final int files = 10;
    SetAclContext context = SetAclContext.mergeFrom(SetAclPOptions.newBuilder().setRecursive(true));
    // Test files in root directory.
    for (int i = 0; i < files; i++) {
        createFileWithSingleBlock(ROOT_URI.join("file" + String.format("%05d", i)));
    }
    // Test files in nested directory.
    for (int i = 0; i < files; i++) {
        createFileWithSingleBlock(NESTED_URI.join("file" + String.format("%05d", i)));
    }
    // Test files in nested directory.
    for (int i = 0; i < files; i++) {
        createFileWithSingleBlock(NESTED_DIR_URI.join("file" + String.format("%05d", i)));
    }
    // replace
    Set<String> newEntries = Sets.newHashSet("user::rw-", "group::r-x", "other::-wx");
    mFileSystemMaster.setAcl(ROOT_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    List<FileInfo> infos = mFileSystemMaster.listStatus(ROOT_URI, ListStatusContext.mergeFrom(ListStatusPOptions.newBuilder().setLoadMetadataType(LoadMetadataPType.ONCE).setRecursive(true)));
    assertEquals(files * 3 + 3, infos.size());
    for (FileInfo info : infos) {
        assertEquals(newEntries, Sets.newHashSet(info.convertAclToStringEntries()));
    }
}
Also used : FileInfo(alluxio.wire.FileInfo) AclEntry(alluxio.security.authorization.AclEntry) SetAclContext(alluxio.master.file.contexts.SetAclContext) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) Test(org.junit.Test)

Example 7 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class FileSystemMasterTest method setAcl.

@Test
public void setAcl() throws Exception {
    SetAclContext context = SetAclContext.defaults();
    createFileWithSingleBlock(NESTED_FILE_URI);
    Set<String> entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(3, entries.size());
    // replace
    Set<String> newEntries = Sets.newHashSet("user::rwx", "group::rwx", "other::rwx");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(newEntries, entries);
    // replace
    newEntries = Sets.newHashSet("user::rw-", "group::r--", "other::r--");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REPLACE, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(newEntries, entries);
    // modify existing
    newEntries = Sets.newHashSet("user::rwx", "group::r--", "other::r-x");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(newEntries, entries);
    // modify add
    Set<String> oldEntries = new HashSet<>(entries);
    newEntries = Sets.newHashSet("user:usera:---", "group:groupa:--x");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertTrue(entries.containsAll(oldEntries));
    assertTrue(entries.containsAll(newEntries));
    // check if the mask got updated correctly
    assertTrue(entries.contains("mask::r-x"));
    // modify existing and add
    newEntries = Sets.newHashSet("user:usera:---", "group:groupa:--x", "other::r-x");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertTrue(entries.containsAll(newEntries));
    // remove all
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REMOVE_ALL, Collections.emptyList(), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertEquals(3, entries.size());
    // remove
    newEntries = Sets.newHashSet("user:usera:---", "user:userb:rwx", "group:groupa:--x", "group:groupb:-wx");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.MODIFY, newEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    oldEntries = new HashSet<>(entries);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    assertTrue(entries.containsAll(oldEntries));
    Set<String> deleteEntries = Sets.newHashSet("user:userb:rwx", "group:groupa:--x");
    mFileSystemMaster.setAcl(NESTED_FILE_URI, SetAclAction.REMOVE, deleteEntries.stream().map(AclEntry::fromCliString).collect(Collectors.toList()), context);
    entries = Sets.newHashSet(mFileSystemMaster.getFileInfo(NESTED_FILE_URI, GET_STATUS_CONTEXT).convertAclToStringEntries());
    Set<String> remainingEntries = new HashSet<>(newEntries);
    assertTrue(remainingEntries.removeAll(deleteEntries));
    assertTrue(entries.containsAll(remainingEntries));
    final Set<String> finalEntries = entries;
    assertTrue(deleteEntries.stream().noneMatch(finalEntries::contains));
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) SetAclContext(alluxio.master.file.contexts.SetAclContext) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 8 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class SetFaclCommand method runPlainPath.

@Override
protected void runPlainPath(AlluxioURI path, CommandLine cl) throws AlluxioException, IOException {
    SetAclPOptions options = SetAclPOptions.newBuilder().setRecursive(cl.hasOption(RECURSIVE_OPTION.getOpt())).build();
    List<AclEntry> entries = Collections.emptyList();
    SetAclAction action = SetAclAction.REPLACE;
    List<String> specifiedActions = new ArrayList<>(1);
    if (cl.hasOption(SET_OPTION.getLongOpt())) {
        specifiedActions.add(SET_OPTION.getLongOpt());
        action = SetAclAction.REPLACE;
        String aclList = cl.getOptionValue(SET_OPTION.getLongOpt());
        if (cl.hasOption(DEFAULT_OPTION.getOpt())) {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::toDefault).map(AclEntry::fromCliString).collect(Collectors.toList());
        } else {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::fromCliString).collect(Collectors.toList());
        }
    }
    if (cl.hasOption(MODIFY_OPTION.getOpt())) {
        specifiedActions.add(MODIFY_OPTION.getOpt());
        action = SetAclAction.MODIFY;
        String aclList = cl.getOptionValue(MODIFY_OPTION.getOpt());
        if (cl.hasOption(DEFAULT_OPTION.getOpt())) {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::toDefault).map(AclEntry::fromCliString).collect(Collectors.toList());
        } else {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::fromCliString).collect(Collectors.toList());
        }
    }
    if (cl.hasOption(REMOVE_OPTION.getOpt())) {
        specifiedActions.add(REMOVE_OPTION.getOpt());
        action = SetAclAction.REMOVE;
        String aclList = cl.getOptionValue(REMOVE_OPTION.getOpt());
        if (cl.hasOption(DEFAULT_OPTION.getOpt())) {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::toDefault).map(AclEntry::fromCliStringWithoutPermissions).collect(Collectors.toList());
        } else {
            entries = Arrays.stream(aclList.split(",")).map(AclEntry::fromCliStringWithoutPermissions).collect(Collectors.toList());
        }
    }
    if (cl.hasOption(REMOVE_ALL_OPTION.getOpt())) {
        specifiedActions.add(REMOVE_ALL_OPTION.getOpt());
        action = SetAclAction.REMOVE_ALL;
    }
    if (cl.hasOption(REMOVE_DEFAULT_OPTION.getOpt())) {
        specifiedActions.add(REMOVE_DEFAULT_OPTION.getOpt());
        action = SetAclAction.REMOVE_DEFAULT;
    }
    if (specifiedActions.isEmpty()) {
        throw new IllegalArgumentException("No actions specified.");
    } else if (specifiedActions.size() > 1) {
        throw new IllegalArgumentException("Only 1 action can be specified: " + String.join(", ", specifiedActions));
    }
    mFileSystem.setAcl(path, action, entries, options);
}
Also used : AclEntry(alluxio.security.authorization.AclEntry) ArrayList(java.util.ArrayList) SetAclPOptions(alluxio.grpc.SetAclPOptions) SetAclAction(alluxio.grpc.SetAclAction)

Example 9 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class CpCommandIntegrationTest method copyFileWithPreservedAttributes.

/**
 * Tests copying a file with attributes preserved.
 */
@Test
public void copyFileWithPreservedAttributes() throws Exception {
    InstancedConfiguration conf = new InstancedConfiguration(ServerConfiguration.global());
    // avoid chown on UFS since test might not be run with root
    conf.set(PropertyKey.USER_FILE_WRITE_TYPE_DEFAULT, "MUST_CACHE");
    try (FileSystemShell fsShell = new FileSystemShell(conf)) {
        String testDir = FileSystemShellUtilsTest.resetFileHierarchy(sFileSystem);
        AlluxioURI srcFile = new AlluxioURI(testDir + "/foobar4");
        String owner = TEST_USER_1.getUser();
        String group = "staff";
        short mode = 0422;
        List<AclEntry> entries = new ArrayList<>();
        entries.add(new AclEntry.Builder().setType(AclEntryType.NAMED_USER).setSubject(TEST_USER_2.getUser()).addAction(AclAction.READ).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        entries.add(new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(group).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        sFileSystem.setAttribute(srcFile, SetAttributePOptions.newBuilder().setOwner(owner).setGroup(group).setMode(new Mode(mode).toProto()).setPinned(true).setReplicationMin(2).setReplicationMax(4).setCommonOptions(FileSystemMasterCommonPOptions.newBuilder().setTtl(12345)).build());
        sFileSystem.setAcl(srcFile, SetAclAction.MODIFY, entries);
        int ret = fsShell.run("cp", "-p", testDir + "/foobar4", testDir + "/bar");
        AlluxioURI dstFile = new AlluxioURI(testDir + "/bar/foobar4");
        Assert.assertEquals(0, ret);
        Assert.assertTrue(sFileSystem.exists(dstFile));
        verifyPreservedAttributes(srcFile, dstFile);
    }
}
Also used : InstancedConfiguration(alluxio.conf.InstancedConfiguration) Mode(alluxio.security.authorization.Mode) AclEntry(alluxio.security.authorization.AclEntry) ArrayList(java.util.ArrayList) FileSystemShell(alluxio.cli.fs.FileSystemShell) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) AlluxioURI(alluxio.AlluxioURI) AbstractFileSystemShellTest(alluxio.client.cli.fs.AbstractFileSystemShellTest) Test(org.junit.Test) FileSystemShellUtilsTest(alluxio.client.cli.fs.FileSystemShellUtilsTest)

Example 10 with AclEntry

use of alluxio.security.authorization.AclEntry in project alluxio by Alluxio.

the class CpCommandIntegrationTest method copyDirectoryWithPreservedAttributes.

/**
 * Tests copying a folder with attributes preserved.
 */
@Test
public void copyDirectoryWithPreservedAttributes() throws Exception {
    InstancedConfiguration conf = new InstancedConfiguration(ServerConfiguration.global());
    conf.set(PropertyKey.USER_FILE_WRITE_TYPE_DEFAULT, "MUST_CACHE");
    try (FileSystemShell fsShell = new FileSystemShell(conf)) {
        String testDir = FileSystemShellUtilsTest.resetFileHierarchy(sFileSystem);
        String newDir = "/copy";
        String subDir = "/foo";
        String file = "/foobar4";
        String owner = TEST_USER_1.getUser();
        String group = "staff";
        short mode = 0422;
        List<AclEntry> entries = new ArrayList<>();
        entries.add(new AclEntry.Builder().setType(AclEntryType.NAMED_USER).setSubject(TEST_USER_2.getUser()).addAction(AclAction.READ).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        entries.add(new AclEntry.Builder().setType(AclEntryType.NAMED_GROUP).setSubject(group).addAction(AclAction.WRITE).addAction(AclAction.EXECUTE).build());
        AlluxioURI srcDir = new AlluxioURI(testDir);
        sFileSystem.setAttribute(srcDir, SetAttributePOptions.newBuilder().setRecursive(true).setOwner(owner).setGroup(group).setMode(new Mode(mode).toProto()).setPinned(true).setReplicationMin(2).setReplicationMax(4).setCommonOptions(FileSystemMasterCommonPOptions.newBuilder().setTtl(12345)).build());
        sFileSystem.setAcl(srcDir, SetAclAction.MODIFY, entries, SetAclPOptions.newBuilder().setRecursive(true).build());
        int ret = fsShell.run("cp", "-R", "-p", testDir, newDir);
        AlluxioURI dstDir = new AlluxioURI(newDir);
        Assert.assertEquals(0, ret);
        Assert.assertTrue(sFileSystem.exists(dstDir));
        verifyPreservedAttributes(srcDir, dstDir);
        verifyPreservedAttributes(srcDir.join(subDir), dstDir.join(subDir));
        verifyPreservedAttributes(srcDir.join(file), dstDir.join(file));
    }
}
Also used : InstancedConfiguration(alluxio.conf.InstancedConfiguration) Mode(alluxio.security.authorization.Mode) AclEntry(alluxio.security.authorization.AclEntry) ArrayList(java.util.ArrayList) FileSystemShell(alluxio.cli.fs.FileSystemShell) CoreMatchers.containsString(org.hamcrest.CoreMatchers.containsString) AlluxioURI(alluxio.AlluxioURI) AbstractFileSystemShellTest(alluxio.client.cli.fs.AbstractFileSystemShellTest) Test(org.junit.Test) FileSystemShellUtilsTest(alluxio.client.cli.fs.FileSystemShellUtilsTest)

Aggregations

AclEntry (alluxio.security.authorization.AclEntry)21 Test (org.junit.Test)11 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)8 Mode (alluxio.security.authorization.Mode)5 AlluxioURI (alluxio.AlluxioURI)4 SetAclContext (alluxio.master.file.contexts.SetAclContext)4 IOException (java.io.IOException)4 ArrayList (java.util.ArrayList)4 SetAclEntry (alluxio.proto.journal.File.SetAclEntry)3 DefaultAccessControlList (alluxio.security.authorization.DefaultAccessControlList)3 AuthenticatedClientUserResource (alluxio.AuthenticatedClientUserResource)2 FileSystemShell (alluxio.cli.fs.FileSystemShell)2 AbstractFileSystemShellTest (alluxio.client.cli.fs.AbstractFileSystemShellTest)2 FileSystemShellUtilsTest (alluxio.client.cli.fs.FileSystemShellUtilsTest)2 InstancedConfiguration (alluxio.conf.InstancedConfiguration)2 AccessControlException (alluxio.exception.AccessControlException)2 SetAclAction (alluxio.grpc.SetAclAction)2 SetAclPOptions (alluxio.grpc.SetAclPOptions)2 Inode (alluxio.master.file.meta.Inode)2 AccessControlList (alluxio.security.authorization.AccessControlList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial