Example 1 with Permission
use of org.apache.hadoop.yarn.security.Permission in project hadoop by apache.
the class FairScheduler method setQueueAcls.
private void setQueueAcls(Map<String, Map<AccessType, AccessControlList>> queueAcls) throws IOException {
authorizer.setPermission(allocsLoader.getDefaultPermissions(), UserGroupInformation.getCurrentUser());
List<Permission> permissions = new ArrayList<>();
for (Entry<String, Map<AccessType, AccessControlList>> queueAcl : queueAcls.entrySet()) {
permissions.add(new Permission(new PrivilegedEntity(EntityType.QUEUE, queueAcl.getKey()), queueAcl.getValue()));
}
authorizer.setPermission(permissions, UserGroupInformation.getCurrentUser());
}
Also used :
ArrayList(java.util.ArrayList)
Permission(org.apache.hadoop.yarn.security.Permission)
PrivilegedEntity(org.apache.hadoop.yarn.security.PrivilegedEntity)
Map(java.util.Map)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
Example 2 with Permission
use of org.apache.hadoop.yarn.security.Permission in project hadoop by apache.
the class CapacitySchedulerQueueManager method setQueueAcls.
@VisibleForTesting
public static /**
* Set the acls for the queues.
* @param authorizer the yarnAuthorizationProvider
* @param queues the queues
* @throws IOException if fails to set queue acls
*/
void setQueueAcls(YarnAuthorizationProvider authorizer, AppPriorityACLsManager appPriorityACLManager, Map<String, CSQueue> queues) throws IOException {
List<Permission> permissions = new ArrayList<>();
for (CSQueue queue : queues.values()) {
AbstractCSQueue csQueue = (AbstractCSQueue) queue;
permissions.add(new Permission(csQueue.getPrivilegedEntity(), csQueue.getACLs()));
if (queue instanceof LeafQueue) {
LeafQueue lQueue = (LeafQueue) queue;
// Clear Priority ACLs first since reinitialize also call same.
appPriorityACLManager.clearPriorityACLs(lQueue.getQueueName());
appPriorityACLManager.addPrioirityACLs(lQueue.getPriorityACLs(), lQueue.getQueueName());
}
}
authorizer.setPermission(permissions, UserGroupInformation.getCurrentUser());
}
Also used :
ArrayList(java.util.ArrayList)
Permission(org.apache.hadoop.yarn.security.Permission)
VisibleForTesting(com.google.common.annotations.VisibleForTesting)
Example 3 with Permission
use of org.apache.hadoop.yarn.security.Permission in project hadoop by apache.
the class AllocationFileLoaderService method getDefaultPermissions.
/**
* Returns the list of default permissions.
* The default permission for the root queue is everybody ("*")
* and the default permission for all other queues is nobody ("").
* The default permission list would be loaded before the permissions
* from allocation file.
* @return default permission list
*/
protected List<Permission> getDefaultPermissions() {
if (defaultPermissions == null) {
defaultPermissions = new ArrayList<>();
Map<AccessType, AccessControlList> acls = new HashMap<>();
for (QueueACL acl : QueueACL.values()) {
acls.put(SchedulerUtils.toAccessType(acl), EVERYBODY_ACL);
}
defaultPermissions.add(new Permission(new PrivilegedEntity(EntityType.QUEUE, ROOT), acls));
}
return defaultPermissions;
}
Also used :
AccessControlList(org.apache.hadoop.security.authorize.AccessControlList)
HashMap(java.util.HashMap)
QueueACL(org.apache.hadoop.yarn.api.records.QueueACL)
Permission(org.apache.hadoop.yarn.security.Permission)
PrivilegedEntity(org.apache.hadoop.yarn.security.PrivilegedEntity)
AccessType(org.apache.hadoop.yarn.security.AccessType)
Aggregations
Permission (org.apache.hadoop.yarn.security.Permission)3
ArrayList (java.util.ArrayList)2
PrivilegedEntity (org.apache.hadoop.yarn.security.PrivilegedEntity)2
VisibleForTesting (com.google.common.annotations.VisibleForTesting)1
HashMap (java.util.HashMap)1
Map (java.util.Map)1
ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)1
AccessControlList (org.apache.hadoop.security.authorize.AccessControlList)1
QueueACL (org.apache.hadoop.yarn.api.records.QueueACL)1
AccessType (org.apache.hadoop.yarn.security.AccessType)1
