Example 1 with LIST
use of org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.LIST in project ozone by apache.
the class OMMultiTenantManagerImpl method listUsersInTenant.
@Override
public TenantUserList listUsersInTenant(String tenantID, String prefix) throws IOException {
List<UserAccessIdInfo> userAccessIds = new ArrayList<>();
tenantCacheLock.readLock().lock();
try {
if (!omMetadataManager.getTenantStateTable().isExist(tenantID)) {
throw new IOException("Tenant '" + tenantID + "' not found!");
}
CachedTenantState cachedTenantState = tenantCache.get(tenantID);
if (cachedTenantState == null) {
throw new IOException("Inconsistent in memory Tenant cache '" + tenantID + "' not found in cache, but present in OM DB!");
}
cachedTenantState.getAccessIdInfoMap().entrySet().stream().filter(// Include if user principal matches the prefix
k -> StringUtils.isEmpty(prefix) || k.getValue().getUserPrincipal().startsWith(prefix)).forEach(k -> {
final String accessId = k.getKey();
final CachedAccessIdInfo cacheEntry = k.getValue();
userAccessIds.add(UserAccessIdInfo.newBuilder().setUserPrincipal(cacheEntry.getUserPrincipal()).setAccessId(accessId).build());
});
} finally {
tenantCacheLock.readLock().unlock();
}
return new TenantUserList(userAccessIds);
}
Also used :
ALLOW(org.apache.hadoop.ozone.om.multitenant.AccessPolicy.AccessGrantType.ALLOW)
OZONE_OM_MULTITENANCY_RANGER_SYNC_TIMEOUT_DEFAULT(org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_MULTITENANCY_RANGER_SYNC_TIMEOUT_DEFAULT)
INTERNAL_ERROR(org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.INTERNAL_ERROR)
ProtobufRpcEngine(org.apache.hadoop.ipc.ProtobufRpcEngine)
AuthorizerLock(org.apache.hadoop.ozone.om.multitenant.AuthorizerLock)
LoggerFactory(org.slf4j.LoggerFactory)
LIST(org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.LIST)
READ(org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.READ)
MultiTenantAccessAuthorizer(org.apache.hadoop.ozone.om.multitenant.MultiTenantAccessAuthorizer)
StringUtils(org.apache.commons.lang3.StringUtils)
VOLUME(org.apache.hadoop.ozone.security.acl.OzoneObj.ResourceType.VOLUME)
AccessPolicy(org.apache.hadoop.ozone.om.multitenant.AccessPolicy)
READ_ACL(org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.READ_ACL)
AuthorizerLockImpl(org.apache.hadoop.ozone.om.multitenant.AuthorizerLockImpl)
Optional(com.google.common.base.Optional)
Map(java.util.Map)
ALL(org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.ALL)
TenantUserList(org.apache.hadoop.ozone.om.helpers.TenantUserList)
UserAccessIdInfo(org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.UserAccessIdInfo)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
TENANT_NOT_FOUND(org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.TENANT_NOT_FOUND)
List(java.util.List)
OMRangerBGSyncService(org.apache.hadoop.ozone.om.multitenant.OMRangerBGSyncService)
OmDBAccessIdInfo(org.apache.hadoop.ozone.om.helpers.OmDBAccessIdInfo)
OzoneObjInfo(org.apache.hadoop.ozone.security.acl.OzoneObjInfo)
OMException(org.apache.hadoop.ozone.om.exceptions.OMException)
OzoneObj(org.apache.hadoop.ozone.security.acl.OzoneObj)
MultiTenantAccessAuthorizerDummyPlugin(org.apache.hadoop.ozone.om.multitenant.MultiTenantAccessAuthorizerDummyPlugin)
OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL(org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL)
CREATE(org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.CREATE)
KeyValue(org.apache.hadoop.hdds.utils.db.Table.KeyValue)
OzoneConfiguration(org.apache.hadoop.hdds.conf.OzoneConfiguration)
MultiTenantAccessAuthorizerRangerPlugin(org.apache.hadoop.ozone.om.multitenant.MultiTenantAccessAuthorizerRangerPlugin)
OZONE(org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE)
HashMap(java.util.HashMap)
BucketNameSpace(org.apache.hadoop.ozone.om.multitenant.BucketNameSpace)
ReentrantReadWriteLock(java.util.concurrent.locks.ReentrantReadWriteLock)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
TENANT_AUTHORIZER_ERROR(org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.TENANT_AUTHORIZER_ERROR)
BUCKET(org.apache.hadoop.ozone.security.acl.OzoneObj.ResourceType.BUCKET)
UserGroupInformation(org.apache.hadoop.security.UserGroupInformation)
OmDBUserPrincipalInfo(org.apache.hadoop.ozone.om.helpers.OmDBUserPrincipalInfo)
OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL_DEFAULT(org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL_DEFAULT)
OzoneTenant(org.apache.hadoop.ozone.om.multitenant.OzoneTenant)
Tenant(org.apache.hadoop.ozone.om.multitenant.Tenant)
INVALID_ACCESS_ID(org.apache.hadoop.ozone.om.exceptions.OMException.ResultCodes.INVALID_ACCESS_ID)
OzoneOwnerPrincipal(org.apache.hadoop.ozone.om.multitenant.OzoneOwnerPrincipal)
Logger(org.slf4j.Logger)
IOException(java.io.IOException)
OmDBTenantState(org.apache.hadoop.ozone.om.helpers.OmDBTenantState)
CachedTenantState(org.apache.hadoop.ozone.om.multitenant.CachedTenantState)
KEY(org.apache.hadoop.ozone.security.acl.OzoneObj.ResourceType.KEY)
TimeUnit(java.util.concurrent.TimeUnit)
OzoneTenantRolePrincipal(org.apache.hadoop.ozone.om.multitenant.OzoneTenantRolePrincipal)
Table(org.apache.hadoop.hdds.utils.db.Table)
OZONE_OM_MULTITENANCY_RANGER_SYNC_TIMEOUT(org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_MULTITENANCY_RANGER_SYNC_TIMEOUT)
Preconditions(com.google.common.base.Preconditions)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
TableIterator(org.apache.hadoop.hdds.utils.db.TableIterator)
CachedAccessIdInfo(org.apache.hadoop.ozone.om.multitenant.CachedTenantState.CachedAccessIdInfo)
Collections(java.util.Collections)
RangerAccessPolicy(org.apache.hadoop.ozone.om.multitenant.RangerAccessPolicy)
ArrayList(java.util.ArrayList)
TenantUserList(org.apache.hadoop.ozone.om.helpers.TenantUserList)
IOException(java.io.IOException)
CachedTenantState(org.apache.hadoop.ozone.om.multitenant.CachedTenantState)
UserAccessIdInfo(org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.UserAccessIdInfo)
CachedAccessIdInfo(org.apache.hadoop.ozone.om.multitenant.CachedTenantState.CachedAccessIdInfo)
Aggregations
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
Optional (com.google.common.base.Optional)1
Preconditions (com.google.common.base.Preconditions)1
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
Collections (java.util.Collections)1
HashMap (java.util.HashMap)1
HashSet (java.util.HashSet)1
List (java.util.List)1
Map (java.util.Map)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
TimeUnit (java.util.concurrent.TimeUnit)1
ReentrantReadWriteLock (java.util.concurrent.locks.ReentrantReadWriteLock)1
StringUtils (org.apache.commons.lang3.StringUtils)1
OzoneConfiguration (org.apache.hadoop.hdds.conf.OzoneConfiguration)1
Table (org.apache.hadoop.hdds.utils.db.Table)1
KeyValue (org.apache.hadoop.hdds.utils.db.Table.KeyValue)1
TableIterator (org.apache.hadoop.hdds.utils.db.TableIterator)1
ProtobufRpcEngine (org.apache.hadoop.ipc.ProtobufRpcEngine)1
OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL (org.apache.hadoop.ozone.om.OMConfigKeys.OZONE_OM_MULTITENANCY_RANGER_SYNC_INTERVAL)1
