Examples with AclStatus org.apache.hadoop.fs.permission.AclStatus used on opensource projects

Example 16 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSImageLoader method getAclStatus.

/**
   * Return the JSON formatted ACL status of the specified file.
   * @param path a path specifies a file
   * @return JSON formatted AclStatus
   * @throws IOException if failed to serialize fileStatus to JSON.
   */
String getAclStatus(String path) throws IOException {
    PermissionStatus p = getPermissionStatus(path);
    List<AclEntry> aclEntryList = getAclEntryList(path);
    FsPermission permission = p.getPermission();
    AclStatus.Builder builder = new AclStatus.Builder();
    builder.owner(p.getUserName()).group(p.getGroupName()).addEntries(aclEntryList).setPermission(permission).stickyBit(permission.getStickyBit());
    AclStatus aclStatus = builder.build();
    return JsonUtil.toJsonString(aclStatus);
}

Example 17 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testRemoveDefaultAclOnlyDefault.

@Test
public void testRemoveDefaultAclOnlyDefault() throws Exception {
    FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 0750));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(DEFAULT, USER, "foo", ALL));
    fs.setAcl(path, aclSpec);
    fs.removeDefaultAcl(path);
    AclStatus s = fs.getAclStatus(path);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] {}, returned);
    assertPermission((short) 0750);
    assertAclFeature(false);
    // restart of the cluster
    restartCluster();
    s = fs.getAclStatus(path);
    AclEntry[] afterRestart = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(returned, afterRestart);
}

Example 18 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testDefaultMinimalAclNewFile.

@Test
public void testDefaultMinimalAclNewFile() throws Exception {
    FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 0750));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(DEFAULT, USER, ALL), aclEntry(DEFAULT, GROUP, READ_EXECUTE), aclEntry(DEFAULT, OTHER, NONE));
    fs.setAcl(path, aclSpec);
    Path filePath = new Path(path, "file1");
    fs.create(filePath).close();
    AclStatus s = fs.getAclStatus(filePath);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] {}, returned);
    assertPermission(filePath, (short) 0640);
    assertAclFeature(filePath, false);
}

Example 19 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testEffectiveAccess.

@Test
public void testEffectiveAccess() throws Exception {
    Path p1 = new Path("/testEffectiveAccess");
    fs.mkdirs(p1);
    // give all access at first
    fs.setPermission(p1, FsPermission.valueOf("-rwxrwxrwx"));
    AclStatus aclStatus = fs.getAclStatus(p1);
    assertEquals("Entries should be empty", 0, aclStatus.getEntries().size());
    assertEquals("Permission should be carried by AclStatus", fs.getFileStatus(p1).getPermission(), aclStatus.getPermission());
    // Add a named entries with all access
    fs.modifyAclEntries(p1, Lists.newArrayList(aclEntry(ACCESS, USER, "bruce", ALL), aclEntry(ACCESS, GROUP, "groupY", ALL)));
    aclStatus = fs.getAclStatus(p1);
    assertEquals("Entries should contain owner group entry also", 3, aclStatus.getEntries().size());
    // restrict the access
    fs.setPermission(p1, FsPermission.valueOf("-rwxr-----"));
    // latest permissions should be reflected as effective permission
    aclStatus = fs.getAclStatus(p1);
    List<AclEntry> entries = aclStatus.getEntries();
    for (AclEntry aclEntry : entries) {
        if (aclEntry.getName() != null || aclEntry.getType() == GROUP) {
            assertEquals(FsAction.ALL, aclEntry.getPermission());
            assertEquals(FsAction.READ, aclStatus.getEffectivePermission(aclEntry));
        }
    }
    fsAsBruce.access(p1, READ);
    try {
        fsAsBruce.access(p1, WRITE);
        fail("Access should not be given");
    } catch (AccessControlException e) {
    // expected
    }
    fsAsBob.access(p1, READ);
    try {
        fsAsBob.access(p1, WRITE);
        fail("Access should not be given");
    } catch (AccessControlException e) {
    // expected
    }
}

Example 20 with AclStatus

use of org.apache.hadoop.fs.permission.AclStatus in project hadoop by apache.

the class FSAclBaseTest method testSetAclStickyBit.

@Test
public void testSetAclStickyBit() throws IOException {
    FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
    List<AclEntry> aclSpec = Lists.newArrayList(aclEntry(ACCESS, USER, ALL), aclEntry(ACCESS, USER, "foo", ALL), aclEntry(ACCESS, GROUP, READ_EXECUTE), aclEntry(ACCESS, OTHER, NONE), aclEntry(DEFAULT, USER, "foo", ALL));
    fs.setAcl(path, aclSpec);
    AclStatus s = fs.getAclStatus(path);
    AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
    assertArrayEquals(new AclEntry[] { aclEntry(ACCESS, USER, "foo", ALL), aclEntry(ACCESS, GROUP, READ_EXECUTE), aclEntry(DEFAULT, USER, ALL), aclEntry(DEFAULT, USER, "foo", ALL), aclEntry(DEFAULT, GROUP, READ_EXECUTE), aclEntry(DEFAULT, MASK, ALL), aclEntry(DEFAULT, OTHER, NONE) }, returned);
    assertPermission((short) 011770);
    assertAclFeature(true);
}