use of alluxio.security.authorization.Mode in project alluxio by Alluxio.
the class AbstractFileSystem method create.
/**
* Attempts to create a file. Overwrite will not succeed if the path exists and is a folder.
*
* @param path path to create
* @param permission permissions of the created file/folder
* @param overwrite overwrite if file exists
* @param bufferSize the size in bytes of the buffer to be used
* @param replication under filesystem replication factor, this is ignored
* @param blockSize block size in bytes
* @param progress queryable progress
* @return an {@link FSDataOutputStream} created at the indicated path of a file
*/
@Override
public FSDataOutputStream create(Path path, FsPermission permission, boolean overwrite, int bufferSize, short replication, long blockSize, Progressable progress) throws IOException {
LOG.debug("create({}, {}, {}, {}, {}, {}, {})", path, permission, overwrite, bufferSize, replication, blockSize, progress);
if (mStatistics != null) {
mStatistics.incrementWriteOps(1);
}
AlluxioURI uri = getAlluxioPath(path);
CreateFilePOptions options = CreateFilePOptions.newBuilder().setBlockSizeBytes(blockSize).setMode(new Mode(permission.toShort()).toProto()).setRecursive(true).build();
FileOutStream outStream;
try {
outStream = mFileSystem.createFile(uri, options);
} catch (AlluxioException e) {
// now we should consider the override parameter
try {
if (mFileSystem.exists(uri)) {
if (!overwrite) {
throw new IOException("Not allowed to create() (overwrite=false) for existing Alluxio path: " + uri);
}
if (mFileSystem.getStatus(uri).isFolder()) {
throw new IOException(ExceptionMessage.FILE_CREATE_IS_DIRECTORY.getMessage(uri));
}
mFileSystem.delete(uri);
}
outStream = mFileSystem.createFile(uri, options);
} catch (AlluxioException e2) {
throw new IOException(e2);
}
}
return new FSDataOutputStream(outStream, mStatistics);
}
use of alluxio.security.authorization.Mode in project alluxio by Alluxio.
the class OutStreamOptionsTest method fields.
/**
* Tests getting and setting fields.
*/
@Test
public void fields() throws Exception {
Random random = new Random();
long blockSize = random.nextLong();
BlockLocationPolicy locationPolicy = new RoundRobinPolicy(mConf);
String owner = CommonUtils.randomAlphaNumString(10);
String group = CommonUtils.randomAlphaNumString(10);
Mode mode = new Mode((short) random.nextInt());
int ttl = 5;
TtlAction ttlAction = TtlAction.FREE;
int writeTier = random.nextInt();
WriteType writeType = WriteType.NONE;
mConf.set(PropertyKey.USER_FILE_CREATE_TTL, ttl);
mConf.set(PropertyKey.USER_FILE_CREATE_TTL_ACTION, ttlAction);
ClientContext clientContext = ClientContext.create(mConf);
OutStreamOptions options = OutStreamOptions.defaults(clientContext);
options.setBlockSizeBytes(blockSize);
options.setLocationPolicy(locationPolicy);
options.setOwner(owner);
options.setGroup(group);
options.setMode(mode);
options.setWriteTier(writeTier);
options.setWriteType(writeType);
assertEquals(blockSize, options.getBlockSizeBytes());
assertEquals(locationPolicy, options.getLocationPolicy());
assertEquals(owner, options.getOwner());
assertEquals(group, options.getGroup());
assertEquals(mode, options.getMode());
assertEquals(ttl, options.getCommonOptions().getTtl());
assertEquals(ttlAction, options.getCommonOptions().getTtlAction());
assertEquals(writeTier, options.getWriteTier());
assertEquals(writeType.getAlluxioStorageType(), options.getAlluxioStorageType());
assertEquals(writeType.getUnderStorageType(), options.getUnderStorageType());
}
use of alluxio.security.authorization.Mode in project alluxio by Alluxio.
the class FileSystemMasterTest method deleteDirRecursiveWithPermissions.
@Test
public void deleteDirRecursiveWithPermissions() throws Exception {
// userA has permissions to delete directory and nested file
createFileWithSingleBlock(NESTED_FILE_URI);
mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
mFileSystemMaster.setAttribute(NESTED_FILE_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
mFileSystemMaster.delete(NESTED_URI, DeleteContext.mergeFrom(DeletePOptions.newBuilder().setRecursive(true)));
}
assertEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_URI));
assertEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE_URI));
}
use of alluxio.security.authorization.Mode in project alluxio by Alluxio.
the class FileSystemMasterTest method listStatusRecursivePermissions.
@Test
public void listStatusRecursivePermissions() throws Exception {
final int files = 10;
List<FileInfo> infos;
List<String> filenames;
// Test files in root directory.
for (int i = 0; i < files; i++) {
createFileWithSingleBlock(ROOT_URI.join("file" + String.format("%05d", i)));
}
// Test files in nested directory.
for (int i = 0; i < files; i++) {
createFileWithSingleBlock(NESTED_URI.join("file" + String.format("%05d", i)));
}
// Test with permissions
mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0400).toProto()).setRecursive(true)));
try (Closeable r = new AuthenticatedUserRule("test_user1", ServerConfiguration.global()).toResource()) {
// Test recursive listStatus
infos = mFileSystemMaster.listStatus(ROOT_URI, ListStatusContext.mergeFrom(ListStatusPOptions.newBuilder().setLoadMetadataType(LoadMetadataPType.ALWAYS).setRecursive(true)));
// 10 files in each directory, 1 level of directories
assertEquals(files + 1, infos.size());
}
}
use of alluxio.security.authorization.Mode in project alluxio by Alluxio.
the class FileSystemMasterTest method deleteDirRecursiveWithInsufficientPermissions.
@Test
public void deleteDirRecursiveWithInsufficientPermissions() throws Exception {
// userA has permissions to delete directory but not one of the nested files
createFileWithSingleBlock(NESTED_FILE_URI);
createFileWithSingleBlock(NESTED_FILE2_URI);
mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
mFileSystemMaster.setAttribute(NESTED_FILE_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0700).toProto())));
mFileSystemMaster.setAttribute(NESTED_FILE2_URI, SetAttributeContext.mergeFrom(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto())));
try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) {
mFileSystemMaster.delete(NESTED_URI, DeleteContext.mergeFrom(DeletePOptions.newBuilder().setRecursive(true)));
fail("Deleting a directory w/ insufficient permission on child should fail");
} catch (AccessControlException e) {
String expectedChildMessage = ExceptionMessage.PERMISSION_DENIED.getMessage("user=userA, access=-w-, path=" + NESTED_FILE_URI + ": failed at file");
assertTrue(e.getMessage().startsWith(ExceptionMessage.DELETE_FAILED_DIR_CHILDREN.getMessage(NESTED_URI, expectedChildMessage)));
}
assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_URI));
assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE_URI));
assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE2_URI));
}
Aggregations