Examples with OzoneAcl org.apache.hadoop.ozone.OzoneAcl used on opensource projects

Example 1 with OzoneAcl

use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.

the class RpcClient method createVolume.

@Override
public void createVolume(String volumeName, VolumeArgs volArgs) throws IOException {
    verifyVolumeName(volumeName);
    Preconditions.checkNotNull(volArgs);
    verifyCountsQuota(volArgs.getQuotaInNamespace());
    verifySpaceQuota(volArgs.getQuotaInBytes());
    String admin = volArgs.getAdmin() == null ? ugi.getShortUserName() : volArgs.getAdmin();
    String owner = volArgs.getOwner() == null ? ugi.getShortUserName() : volArgs.getOwner();
    long quotaInNamespace = volArgs.getQuotaInNamespace();
    long quotaInBytes = volArgs.getQuotaInBytes();
    List<OzoneAcl> listOfAcls = new ArrayList<>();
    // User ACL
    listOfAcls.add(new OzoneAcl(ACLIdentityType.USER, owner, userRights, ACCESS));
    // Group ACLs of the User
    List<String> userGroups = Arrays.asList(UserGroupInformation.createRemoteUser(owner).getGroupNames());
    userGroups.stream().forEach((group) -> listOfAcls.add(new OzoneAcl(ACLIdentityType.GROUP, group, groupRights, ACCESS)));
    // ACLs from VolumeArgs
    if (volArgs.getAcls() != null) {
        listOfAcls.addAll(volArgs.getAcls());
    }
    OmVolumeArgs.Builder builder = OmVolumeArgs.newBuilder();
    builder.setVolume(volumeName);
    builder.setAdminName(admin);
    builder.setOwnerName(owner);
    builder.setQuotaInBytes(quotaInBytes);
    builder.setQuotaInNamespace(quotaInNamespace);
    builder.setUsedNamespace(0L);
    builder.addAllMetadata(volArgs.getMetadata());
    // Remove duplicates and add ACLs
    for (OzoneAcl ozoneAcl : listOfAcls.stream().distinct().collect(Collectors.toList())) {
        builder.addOzoneAcls(ozoneAcl);
    }
    if (volArgs.getQuotaInBytes() == 0) {
        LOG.info("Creating Volume: {}, with {} as owner.", volumeName, owner);
    } else {
        LOG.info("Creating Volume: {}, with {} as owner " + "and space quota set to {} bytes, counts quota set" + " to {}", volumeName, owner, quotaInBytes, quotaInNamespace);
    }
    ozoneManagerClient.createVolume(builder.build());
}

Example 2 with OzoneAcl

use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.

the class TestOmMetrics method testAclMetricsInternal.

private void testAclMetricsInternal(ObjectStore objectStore, OzoneObj volObj, List<OzoneAcl> acls) throws IOException {
    // Test addAcl
    OMMetrics metrics = ozoneManager.getMetrics();
    long initialValue = metrics.getNumAddAcl();
    objectStore.addAcl(volObj, new OzoneAcl(IAccessAuthorizer.ACLIdentityType.USER, "ozoneuser", IAccessAuthorizer.ACLType.ALL, ACCESS));
    Assert.assertEquals(initialValue + 1, metrics.getNumAddAcl());
    // Test setAcl
    initialValue = metrics.getNumSetAcl();
    objectStore.setAcl(volObj, acls);
    Assert.assertEquals(initialValue + 1, metrics.getNumSetAcl());
    // Test removeAcl
    initialValue = metrics.getNumRemoveAcl();
    objectStore.removeAcl(volObj, acls.get(0));
    Assert.assertEquals(initialValue + 1, metrics.getNumRemoveAcl());
}

Example 3 with OzoneAcl

use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.

the class TestOzoneManagerHAWithACL method testSetPrefixAcl.

public void testSetPrefixAcl() throws Exception {
    OzoneBucket ozoneBucket = setupBucket();
    String remoteUserName = "remoteUser";
    String prefixName = RandomStringUtils.randomAlphabetic(5) + "/";
    OzoneAcl defaultUserAcl = new OzoneAcl(USER, remoteUserName, READ, DEFAULT);
    OzoneObj ozoneObj = OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.PREFIX).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setPrefixName(prefixName).build();
    testSetAcl(remoteUserName, ozoneObj, defaultUserAcl);
}

Example 4 with OzoneAcl

use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.

the class TestOzoneManagerHAWithACL method testAddAcl.

private void testAddAcl(String remoteUserName, OzoneObj ozoneObj, OzoneAcl userAcl) throws Exception {
    ObjectStore objectStore = getObjectStore();
    boolean addAcl = objectStore.addAcl(ozoneObj, userAcl);
    Assert.assertTrue(addAcl);
    List<OzoneAcl> acls = objectStore.getAcl(ozoneObj);
    Assert.assertTrue(containsAcl(userAcl, acls));
    // Add an already existing acl.
    addAcl = objectStore.addAcl(ozoneObj, userAcl);
    Assert.assertFalse(addAcl);
    // Add an acl by changing acl type with same type, name and scope.
    userAcl = new OzoneAcl(USER, remoteUserName, WRITE, DEFAULT);
    addAcl = objectStore.addAcl(ozoneObj, userAcl);
    Assert.assertTrue(addAcl);
}

Example 5 with OzoneAcl

use of org.apache.hadoop.ozone.OzoneAcl in project ozone by apache.

the class TestOzoneManagerHAWithACL method testAddKeyAcl.

public void testAddKeyAcl() throws Exception {
    OzoneBucket ozoneBucket = setupBucket();
    String remoteUserName = "remoteUser";
    OzoneAcl userAcl = new OzoneAcl(USER, remoteUserName, READ, DEFAULT);
    String key = createKey(ozoneBucket);
    OzoneObj ozoneObj = OzoneObjInfo.Builder.newBuilder().setResType(OzoneObj.ResourceType.KEY).setStoreType(OzoneObj.StoreType.OZONE).setVolumeName(ozoneBucket.getVolumeName()).setBucketName(ozoneBucket.getName()).setKeyName(key).build();
    testAddAcl(remoteUserName, ozoneObj, userAcl);
}