use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.
the class FSAclBaseTest method testRemoveAcl.
@Test
public void testRemoveAcl() throws IOException {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 0750));
List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, ALL), aclEntry(ACCESS, USER, "foo", ALL), aclEntry(ACCESS, GROUP, READ_EXECUTE), aclEntry(ACCESS, OTHER, NONE), aclEntry(DEFAULT, USER, "foo", ALL));
fs.setAcl(path, aclSpec);
fs.removeAcl(path);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {}, returned);
assertPermission((short) 0750);
assertAclFeature(false);
}
use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.
the class FSAclBaseTest method testModifyAclEntriesMinimal.
@Test
public void testModifyAclEntriesMinimal() throws IOException {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) 0640));
List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, "foo", READ_WRITE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] { aclEntry(ACCESS, USER, "foo", READ_WRITE), aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission((short) 010660);
assertAclFeature(true);
}
use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.
the class FSAclBaseTest method testSetAclOnlyAccess.
@Test
public void testSetAclOnlyAccess() throws IOException {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) 0640));
List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, READ_WRITE), aclEntry(ACCESS, USER, "foo", READ), aclEntry(ACCESS, GROUP, READ), aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] { aclEntry(ACCESS, USER, "foo", READ), aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission((short) 010640);
assertAclFeature(true);
}
use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.
the class FSDirAclOp method getAclStatus.
static AclStatus getAclStatus(FSDirectory fsd, String src) throws IOException {
checkAclsConfigFlag(fsd);
FSPermissionChecker pc = fsd.getPermissionChecker();
fsd.readLock();
try {
INodesInPath iip = fsd.resolvePath(pc, src, DirOp.READ);
// non-null, unpopulated AclStatus. This is similar to getFileInfo.
if (iip.isDotSnapshotDir() && fsd.getINode4DotSnapshot(iip) != null) {
return new AclStatus.Builder().owner("").group("").build();
}
INode inode = FSDirectory.resolveLastINode(iip);
int snapshotId = iip.getPathSnapshotId();
List<AclEntry> acl = AclStorage.readINodeAcl(fsd.getAttributes(iip));
FsPermission fsPermission = inode.getFsPermission(snapshotId);
return new AclStatus.Builder().owner(inode.getUserName()).group(inode.getGroupName()).stickyBit(fsPermission.getStickyBit()).setPermission(fsPermission).addEntries(acl).build();
} finally {
fsd.readUnlock();
}
}
use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.
the class FSNamesystem method getAclStatus.
AclStatus getAclStatus(String src) throws IOException {
final String operationName = "getAclStatus";
checkOperation(OperationCategory.READ);
final AclStatus ret;
readLock();
try {
checkOperation(OperationCategory.READ);
ret = FSDirAclOp.getAclStatus(dir, src);
} catch (AccessControlException ace) {
logAuditEvent(false, operationName, src);
throw ace;
} finally {
readUnlock(operationName);
}
logAuditEvent(true, operationName, src);
return ret;
}
Aggregations