use of org.apache.hadoop.ozone.om.helpers.TenantUserList in project ozone by apache.
the class OzoneManagerRequestHandler method tenantListUsers.
@DisallowedUntilLayoutVersion(MULTITENANCY_SCHEMA)
private TenantListUserResponse tenantListUsers(TenantListUserRequest request) throws IOException {
TenantListUserResponse.Builder builder = TenantListUserResponse.newBuilder();
TenantUserList usersInTenant = impl.listUsersInTenant(request.getTenantId(), request.getPrefix());
// Note impl.listUsersInTenant() throws if errs
if (usersInTenant != null) {
builder.addAllUserAccessIdInfo(usersInTenant.getUserAccessIds());
}
return builder.build();
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserList in project ozone by apache.
the class OzoneManager method listUsersInTenant.
@Override
public TenantUserList listUsersInTenant(String tenantId, String prefix) throws IOException {
metrics.incNumTenantUserLists();
if (StringUtils.isEmpty(tenantId)) {
return null;
}
multiTenantManager.checkTenantExistence(tenantId);
final String volumeName = multiTenantManager.getTenantVolumeName(tenantId);
final Map<String, String> auditMap = new LinkedHashMap<>();
auditMap.put(OzoneConsts.TENANT, tenantId);
auditMap.put(OzoneConsts.VOLUME, volumeName);
auditMap.put(OzoneConsts.USER_PREFIX, prefix);
boolean lockAcquired = metadataManager.getLock().acquireReadLock(VOLUME_LOCK, volumeName);
try {
final UserGroupInformation ugi = ProtobufRpcEngine.Server.getRemoteUser();
if (!multiTenantManager.isTenantAdmin(ugi, tenantId, false)) {
throw new OMException("Only tenant and ozone admins can access this " + "API. '" + ugi.getShortUserName() + "' is not an admin.", PERMISSION_DENIED);
}
final TenantUserList userList = multiTenantManager.listUsersInTenant(tenantId, prefix);
AUDIT.logReadSuccess(buildAuditMessageForSuccess(OMAction.TENANT_LIST_USER, auditMap));
return userList;
} catch (IOException ex) {
AUDIT.logReadFailure(buildAuditMessageForFailure(OMAction.TENANT_LIST_USER, auditMap, ex));
throw ex;
} finally {
if (lockAcquired) {
metadataManager.getLock().releaseReadLock(VOLUME_LOCK, volumeName);
}
}
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserList in project ozone by apache.
the class TestOMMultiTenantManagerImpl method testListUsersInTenant.
@Test
public void testListUsersInTenant() throws Exception {
tenantManager.getCacheOp().assignUserToTenant("user1", TENANT_ID, "accessId1");
TenantUserList tenantUserList = tenantManager.listUsersInTenant(TENANT_ID, "");
List<UserAccessIdInfo> userAccessIds = tenantUserList.getUserAccessIds();
assertEquals(2, userAccessIds.size());
for (final UserAccessIdInfo userAccessId : userAccessIds) {
String user = userAccessId.getUserPrincipal();
if (user.equals("user1")) {
assertEquals("accessId1", userAccessId.getAccessId());
} else if (user.equals("seed-user1")) {
assertEquals("seed-accessId1", userAccessId.getAccessId());
} else {
Assert.fail();
}
}
LambdaTestUtils.intercept(IOException.class, "Tenant 'tenant2' not found", () -> {
tenantManager.listUsersInTenant("tenant2", null);
});
assertTrue(tenantManager.listUsersInTenant(TENANT_ID, "abc").getUserAccessIds().isEmpty());
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserList in project ozone by apache.
the class OMMultiTenantManagerImpl method listUsersInTenant.
@Override
public TenantUserList listUsersInTenant(String tenantID, String prefix) throws IOException {
List<UserAccessIdInfo> userAccessIds = new ArrayList<>();
tenantCacheLock.readLock().lock();
try {
if (!omMetadataManager.getTenantStateTable().isExist(tenantID)) {
throw new IOException("Tenant '" + tenantID + "' not found!");
}
CachedTenantState cachedTenantState = tenantCache.get(tenantID);
if (cachedTenantState == null) {
throw new IOException("Inconsistent in memory Tenant cache '" + tenantID + "' not found in cache, but present in OM DB!");
}
cachedTenantState.getAccessIdInfoMap().entrySet().stream().filter(// Include if user principal matches the prefix
k -> StringUtils.isEmpty(prefix) || k.getValue().getUserPrincipal().startsWith(prefix)).forEach(k -> {
final String accessId = k.getKey();
final CachedAccessIdInfo cacheEntry = k.getValue();
userAccessIds.add(UserAccessIdInfo.newBuilder().setUserPrincipal(cacheEntry.getUserPrincipal()).setAccessId(accessId).build());
});
} finally {
tenantCacheLock.readLock().unlock();
}
return new TenantUserList(userAccessIds);
}
use of org.apache.hadoop.ozone.om.helpers.TenantUserList in project ozone by apache.
the class TenantListUsersHandler method execute.
@Override
protected void execute(OzoneClient client, OzoneAddress address) throws IOException {
final TenantUserList usersInTenant = client.getObjectStore().listUsersInTenant(tenantId, prefix);
if (!printJson) {
usersInTenant.getUserAccessIds().forEach(accessIdInfo -> {
out().println("- User '" + accessIdInfo.getUserPrincipal() + "' with accessId '" + accessIdInfo.getAccessId() + "'");
});
} else {
final JsonArray resArray = new JsonArray();
usersInTenant.getUserAccessIds().forEach(accessIdInfo -> {
final JsonObject obj = new JsonObject();
obj.addProperty("user", accessIdInfo.getUserPrincipal());
obj.addProperty("accessId", accessIdInfo.getAccessId());
resArray.add(obj);
});
final Gson gson = new GsonBuilder().setPrettyPrinting().create();
out().println(gson.toJson(resArray));
}
}
Aggregations