Search in sources :

Example 86 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testRemoveAcl.

@Test
public void testRemoveAcl() throws IOException {
    FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 0750));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, ALL), aclEntry(ACCESS, USER, "foo", ALL), aclEntry(ACCESS, GROUP, READ_EXECUTE), aclEntry(ACCESS, OTHER, NONE), aclEntry(DEFAULT, USER, "foo", ALL));
    fs.setAcl(path, aclSpec);
    fs.removeAcl(path);
    AclStatus s = fs.getAclStatus(path);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] {}, returned);
    assertPermission((short) 0750);
    assertAclFeature(false);
}
Also used : AclStatus(org.apache.hadoop.fs.permission.AclStatus) AclEntry(org.apache.hadoop.fs.permission.AclEntry) Test(org.junit.Test)

Example 87 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testModifyAclEntriesMinimal.

@Test
public void testModifyAclEntriesMinimal() throws IOException {
    fs.create(path).close();
    fs.setPermission(path, FsPermission.createImmutable((short) 0640));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, "foo", READ_WRITE));
    fs.modifyAclEntries(path, aclSpec);
    AclStatus s = fs.getAclStatus(path);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] { aclEntry(ACCESS, USER, "foo", READ_WRITE), aclEntry(ACCESS, GROUP, READ) }, returned);
    assertPermission((short) 010660);
    assertAclFeature(true);
}
Also used : AclStatus(org.apache.hadoop.fs.permission.AclStatus) AclEntry(org.apache.hadoop.fs.permission.AclEntry) Test(org.junit.Test)

Example 88 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testSetAclOnlyAccess.

@Test
public void testSetAclOnlyAccess() throws IOException {
    fs.create(path).close();
    fs.setPermission(path, FsPermission.createImmutable((short) 0640));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, READ_WRITE), aclEntry(ACCESS, USER, "foo", READ), aclEntry(ACCESS, GROUP, READ), aclEntry(ACCESS, OTHER, NONE));
    fs.setAcl(path, aclSpec);
    AclStatus s = fs.getAclStatus(path);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] { aclEntry(ACCESS, USER, "foo", READ), aclEntry(ACCESS, GROUP, READ) }, returned);
    assertPermission((short) 010640);
    assertAclFeature(true);
}
Also used : AclStatus(org.apache.hadoop.fs.permission.AclStatus) AclEntry(org.apache.hadoop.fs.permission.AclEntry) Test(org.junit.Test)

Example 89 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSDirAclOp method getAclStatus.

static AclStatus getAclStatus(FSDirectory fsd, String src) throws IOException {
    checkAclsConfigFlag(fsd);
    FSPermissionChecker pc = fsd.getPermissionChecker();
    fsd.readLock();
    try {
        INodesInPath iip = fsd.resolvePath(pc, src, DirOp.READ);
        // non-null, unpopulated AclStatus.  This is similar to getFileInfo.
        if (iip.isDotSnapshotDir() && fsd.getINode4DotSnapshot(iip) != null) {
            return new AclStatus.Builder().owner("").group("").build();
        }
        INode inode = FSDirectory.resolveLastINode(iip);
        int snapshotId = iip.getPathSnapshotId();
        List<AclEntry> acl = AclStorage.readINodeAcl(fsd.getAttributes(iip));
        FsPermission fsPermission = inode.getFsPermission(snapshotId);
        return new AclStatus.Builder().owner(inode.getUserName()).group(inode.getGroupName()).stickyBit(fsPermission.getStickyBit()).setPermission(fsPermission).addEntries(acl).build();
    } finally {
        fsd.readUnlock();
    }
}
Also used : AclStatus(org.apache.hadoop.fs.permission.AclStatus) AclEntry(org.apache.hadoop.fs.permission.AclEntry) FsPermission(org.apache.hadoop.fs.permission.FsPermission)

Example 90 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSNamesystem method getAclStatus.

AclStatus getAclStatus(String src) throws IOException {
    final String operationName = "getAclStatus";
    checkOperation(OperationCategory.READ);
    final AclStatus ret;
    readLock();
    try {
        checkOperation(OperationCategory.READ);
        ret = FSDirAclOp.getAclStatus(dir, src);
    } catch (AccessControlException ace) {
        logAuditEvent(false, operationName, src);
        throw ace;
    } finally {
        readUnlock(operationName);
    }
    logAuditEvent(true, operationName, src);
    return ret;
}
Also used : AclStatus(org.apache.hadoop.fs.permission.AclStatus) AccessControlException(org.apache.hadoop.security.AccessControlException) SnapshotAccessControlException(org.apache.hadoop.hdfs.protocol.SnapshotAccessControlException)

Aggregations

AclStatus (org.apache.hadoop.fs.permission.AclStatus)96 AclEntry (org.apache.hadoop.fs.permission.AclEntry)84 Test (org.junit.Test)76 Path (org.apache.hadoop.fs.Path)42 FsPermission (org.apache.hadoop.fs.permission.FsPermission)14 FSAclBaseTest (org.apache.hadoop.hdfs.server.namenode.FSAclBaseTest)10 FileSystem (org.apache.hadoop.fs.FileSystem)8 Configuration (org.apache.hadoop.conf.Configuration)5 FileStatus (org.apache.hadoop.fs.FileStatus)5 IOException (java.io.IOException)3 ArrayList (java.util.ArrayList)3 List (java.util.List)3 DistributedFileSystem (org.apache.hadoop.hdfs.DistributedFileSystem)3 DatanodeInfoBuilder (org.apache.hadoop.hdfs.protocol.DatanodeInfo.DatanodeInfoBuilder)3 UserGroupInformation (org.apache.hadoop.security.UserGroupInformation)3 Builder (org.apache.hadoop.fs.ContentSummary.Builder)2 FsShell (org.apache.hadoop.fs.FsShell)2 MetastoreUnitTest (org.apache.hadoop.hive.metastore.annotation.MetastoreUnitTest)2 AccessControlException (org.apache.hadoop.security.AccessControlException)2 Pair (alluxio.collections.Pair)1