use of org.apache.hadoop.ozone.om.helpers.TenantUserInfoValue in project ozone by apache.
the class OzoneManagerRequestHandler method tenantGetUserInfo.
@DisallowedUntilLayoutVersion(MULTITENANCY_SCHEMA)
private TenantGetUserInfoResponse tenantGetUserInfo(TenantGetUserInfoRequest request) throws IOException {
final TenantGetUserInfoResponse.Builder resp = TenantGetUserInfoResponse.newBuilder();
final String userPrincipal = request.getUserPrincipal();
TenantUserInfoValue ret = impl.tenantGetUserInfo(userPrincipal);
// Note impl.tenantGetUserInfo() throws if errs
if (ret != null) {
resp.addAllAccessIdInfo(ret.getAccessIdInfoList());
}
return resp.build();
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserInfoValue in project ozone by apache.
the class OzoneManager method tenantGetUserInfo.
/**
* Tenant get user info.
*/
public TenantUserInfoValue tenantGetUserInfo(String userPrincipal) throws IOException {
metrics.incNumTenantGetUserInfos();
if (StringUtils.isEmpty(userPrincipal)) {
return null;
}
final List<ExtendedUserAccessIdInfo> accessIdInfoList = new ArrayList<>();
// Won't iterate cache here for a similar reason as in OM#listTenant
// tenantGetUserInfo lists all accessIds assigned to a user across
// multiple tenants.
// Retrieve the list of accessIds associated to this user principal
final OmDBUserPrincipalInfo kerberosPrincipalInfo = metadataManager.getPrincipalToAccessIdsTable().get(userPrincipal);
if (kerberosPrincipalInfo == null) {
return null;
}
final Set<String> accessIds = kerberosPrincipalInfo.getAccessIds();
final Map<String, String> auditMap = new LinkedHashMap<>();
auditMap.put("userPrincipal", userPrincipal);
accessIds.forEach(accessId -> {
try {
final OmDBAccessIdInfo accessIdInfo = metadataManager.getTenantAccessIdTable().get(accessId);
if (accessIdInfo == null) {
// As we are not acquiring a lock, the accessId entry might have been
// removed from the TenantAccessIdTable already.
// Log a warning (shouldn't happen very often) and move on.
LOG.warn("Expected accessId '{}' not found in TenantAccessIdTable. " + "Might have been removed already.", accessId);
return;
}
assert (accessIdInfo.getUserPrincipal().equals(userPrincipal));
accessIdInfoList.add(ExtendedUserAccessIdInfo.newBuilder().setUserPrincipal(userPrincipal).setAccessId(accessId).setTenantId(accessIdInfo.getTenantId()).setIsAdmin(accessIdInfo.getIsAdmin()).setIsDelegatedAdmin(accessIdInfo.getIsDelegatedAdmin()).build());
} catch (IOException e) {
LOG.error("Potential DB issue. Failed to retrieve OmDBAccessIdInfo " + "for accessId '{}' in TenantAccessIdTable.", accessId);
// Audit
auditMap.put("accessId", accessId);
AUDIT.logWriteFailure(buildAuditMessageForFailure(OMAction.TENANT_GET_USER_INFO, auditMap, e));
auditMap.remove("accessId");
}
});
AUDIT.logReadSuccess(buildAuditMessageForSuccess(OMAction.TENANT_GET_USER_INFO, auditMap));
return new TenantUserInfoValue(accessIdInfoList);
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserInfoValue in project ozone by apache.
the class GetUserInfoHandler method execute.
@Override
protected void execute(OzoneClient client, OzoneAddress address) throws IOException {
if (StringUtils.isEmpty(userPrincipal)) {
GenericCli.missingSubcommand(spec);
return;
}
final TenantUserInfoValue tenantUserInfo = client.getObjectStore().tenantGetUserInfo(userPrincipal);
final List<ExtendedUserAccessIdInfo> accessIdInfoList = tenantUserInfo.getAccessIdInfoList();
if (accessIdInfoList.size() == 0) {
err().println("User '" + userPrincipal + "' is not assigned to any tenant.");
return;
}
if (!printJson) {
out().println("User '" + userPrincipal + "' is assigned to:");
accessIdInfoList.forEach(accessIdInfo -> {
// Get admin info
final String adminInfoString;
if (accessIdInfo.getIsAdmin()) {
adminInfoString = accessIdInfo.getIsDelegatedAdmin() ? " delegated admin" : " admin";
} else {
adminInfoString = "";
}
out().format("- Tenant '%s'%s with accessId '%s'%n", accessIdInfo.getTenantId(), adminInfoString, accessIdInfo.getAccessId());
});
} else {
final JsonObject resObj = new JsonObject();
resObj.addProperty("user", userPrincipal);
final JsonArray arr = new JsonArray();
accessIdInfoList.forEach(accessIdInfo -> {
final JsonObject tenantObj = new JsonObject();
tenantObj.addProperty("accessId", accessIdInfo.getAccessId());
tenantObj.addProperty("tenantId", accessIdInfo.getTenantId());
tenantObj.addProperty("isAdmin", accessIdInfo.getIsAdmin());
tenantObj.addProperty("isDelegatedAdmin", accessIdInfo.getIsDelegatedAdmin());
arr.add(tenantObj);
});
resObj.add("tenants", arr);
final Gson gson = new GsonBuilder().setPrettyPrinting().create();
out().println(gson.toJson(resObj));
}
}
Aggregations