/** * Creates an AclFeature from the given ACL entries. * * @param accessEntries List<AclEntry> access ACL entries * @param defaultEntries List<AclEntry> default ACL entries * @return AclFeature containing the required ACL entries */ private static AclFeature createAclFeature(List<AclEntry> accessEntries, List<AclEntry> defaultEntries) { // Pre-allocate list size for the explicit entries stored in the feature, // which is all entries minus the 3 entries implicitly stored in the // permission bits. List<AclEntry> featureEntries = Lists.newArrayListWithCapacity( (accessEntries.size() - 3) + defaultEntries.size()); // For the access ACL, the feature only needs to hold the named user and // group entries. For a correctly sorted ACL, these will be in a // predictable range. if (!AclUtil.isMinimalAcl(accessEntries)) { featureEntries.addAll( accessEntries.subList(1, accessEntries.size() - 2)); } // Add all default entries to the feature. featureEntries.addAll(defaultEntries); return new AclFeature(AclEntryStatusFormat.toInt(featureEntries)); }
private static AclFeatureProto.Builder buildAclEntries(AclFeature f) { AclFeatureProto.Builder b = AclFeatureProto.newBuilder(); for (int pos = 0, e; pos < f.getEntriesSize(); pos++) { e = f.getEntryAt(pos); b.addEntries(e); } return b; }
@Override public String toString() { return "AclFeature : " + Integer.toHexString(hashCode()) + " Size of entries : " + entries.length; }
private boolean hasPermission(INodeAttributes inode, FsAction access) { if (inode == null) { return true; } final FsPermission mode = inode.getFsPermission(); final AclFeature aclFeature = inode.getAclFeature(); if (aclFeature != null) { // It's possible that the inode has a default ACL but no access ACL. int firstEntry = aclFeature.getEntryAt(0); if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) { return hasAclPermission(inode, access, mode, aclFeature); } } final FsAction checkAction; if (getUser().equals(inode.getUserName())) { //user class checkAction = mode.getUserAction(); } else if (getGroups().contains(inode.getGroupName())) { //group class checkAction = mode.getGroupAction(); } else { //other class checkAction = mode.getOtherAction(); } return checkAction.implies(access); }
private void deleteSnapshotWithAclAndVerify(AclFeature aclFeature, Path pathToCheckAcl, int totalAclFeatures) throws IOException { hdfs.deleteSnapshot(path, snapshotName); AclFeature afterDeleteAclFeature = FSAclBaseTest.getAclFeature( pathToCheckAcl, cluster); assertSame(aclFeature, afterDeleteAclFeature); assertEquals("Reference count should remain same" + " even after deletion of snapshot", 1, afterDeleteAclFeature.getRefCount()); hdfs.removeAcl(pathToCheckAcl); assertEquals("Reference count should be 0", 0, aclFeature.getRefCount()); assertEquals("Unique ACL features should remain same", totalAclFeatures, AclStorage.getUniqueAclFeatures().getUniqueElementsSize()); }
+ ", origAuthzAsAcl=" + originalAuthzAsAcl + "]\n" + "[" + (aclMap == null ? "null" : aclMap) + "]\n" + "[" + (f == null ? "null" : f.getEntries()) + "]\n");
private boolean hasPermission(INodeAttributes inode, FsAction access) { if (inode == null) { return true; } final FsPermission mode = inode.getFsPermission(); final AclFeature aclFeature = inode.getAclFeature(); if (aclFeature != null) { // It's possible that the inode has a default ACL but no access ACL. int firstEntry = aclFeature.getEntryAt(0); if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) { return hasAclPermission(inode, access, mode, aclFeature); } } final FsAction checkAction; if (getUser().equals(inode.getUserName())) { //user class checkAction = mode.getUserAction(); } else if (isMemberOfGroup(inode.getGroupName())) { //group class checkAction = mode.getGroupAction(); } else { //other class checkAction = mode.getOtherAction(); } return checkAction.implies(access); }
child1AclFeature = getAclFeature(child1, cluster); assertEquals("Reference count should be 1", 1, child1AclFeature.getRefCount()); currentSize++; child2AclFeature); assertEquals("Reference count should be 2", 2, child2AclFeature.getRefCount()); AclFeature modifiedAclFeature = getAclFeature(child1, cluster); assertEquals("Old Reference count should be 1", 1, child1AclFeature.getRefCount()); assertEquals("New Reference count should be 1", 1, modifiedAclFeature.getRefCount()); fs.removeAclEntries(child1, Lists.newArrayList(aclEntry)); assertEquals("Old Reference count should be 2 again", 2, child1AclFeature.getRefCount()); assertEquals("New Reference count should be 0", 0, modifiedAclFeature.getRefCount()); child1AclFeature.getRefCount()); child1AclFeature.getRefCount()); fileAclFeature = getAclFeature(file1, cluster); assertEquals("Reference count should be 1", 1, fileAclFeature.getRefCount()); fs.create(file2).close();
/** * Build list of AclEntries from the AclFeature * @param aclFeature AclFeature * @return List of entries */ @VisibleForTesting static ImmutableList<AclEntry> getEntriesFromAclFeature(AclFeature aclFeature) { if (aclFeature == null) { return ImmutableList.<AclEntry> of(); } ImmutableList.Builder<AclEntry> b = new ImmutableList.Builder<AclEntry>(); for (int pos = 0, entry; pos < aclFeature.getEntriesSize(); pos++) { entry = aclFeature.getEntryAt(pos); b.add(AclEntryStatusFormat.toAclEntry(entry)); } return b.build(); }
int[] entries = AclEntryStatusFormat.toInt(loadAclEntries( f.getAcl(), state.getStringTable())); file.addAclFeature(new AclFeature(entries));
aclFeature.getRefCount()); Path snapshotPath = SnapshotTestHelper.createSnapshot(hdfs, path, snapshotName); assertSame(aclFeature, snapshotAclFeature); assertEquals("Reference count should be increased", 2, snapshotAclFeature.getRefCount()); assertEquals("Reference count should be 1", 1, aclFeature.getRefCount()); Path snapshotPath = SnapshotTestHelper.createSnapshot(hdfs, path, snapshotName); assertSame(aclFeature, snapshotAcl); assertEquals("Reference count should remain same", 1, aclFeature.getRefCount()); assertEquals("Reference count should be 1", 1, aclFeature.getRefCount()); Path snapshotPath = SnapshotTestHelper.createSnapshot(hdfs, path, snapshotName); assertSame(aclFeature, snapshotAcl); assertEquals("Reference count should remain same", 1, aclFeature.getRefCount()); aclFeature = FSAclBaseTest.getAclFeature(path, cluster); assertEquals("Before modification same ACL should be referenced twice", 2, aclFeature.getRefCount()); List<AclEntry> newAcl = Lists.newArrayList(aclEntry(ACCESS, USER, "testNewUser", ALL));
private boolean hasPermission(INodeAttributes inode, FsAction access) { if (inode == null) { return true; } final FsPermission mode = inode.getFsPermission(); final AclFeature aclFeature = inode.getAclFeature(); if (aclFeature != null && aclFeature.getEntriesSize() > 0) { // It's possible that the inode has a default ACL but no access ACL. int firstEntry = aclFeature.getEntryAt(0); if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) { return hasAclPermission(inode, access, mode, aclFeature); } } final FsAction checkAction; if (getUser().equals(inode.getUserName())) { //user class checkAction = mode.getUserAction(); } else if (isMemberOfGroup(inode.getGroupName())) { //group class checkAction = mode.getGroupAction(); } else { //other class checkAction = mode.getOtherAction(); } return checkAction.implies(access); }
.toInt(FSImageFormatPBINode.Loader.loadAclEntries( fileInPb.getAcl(), state.getStringTable())); acl = new AclFeature(entries);
for (int pos = 0, entry; pos < aclFeature.getEntriesSize(); pos++) { entry = aclFeature.getEntryAt(pos); if (AclEntryStatusFormat.getScope(entry) == AclEntryScope.DEFAULT) { break;
/** * Creates an AclFeature from the given ACL entries. * * @param accessEntries List<AclEntry> access ACL entries * @param defaultEntries List<AclEntry> default ACL entries * @return AclFeature containing the required ACL entries */ private static AclFeature createAclFeature(List<AclEntry> accessEntries, List<AclEntry> defaultEntries) { // Pre-allocate list size for the explicit entries stored in the feature, // which is all entries minus the 3 entries implicitly stored in the // permission bits. List<AclEntry> featureEntries = Lists.newArrayListWithCapacity( (accessEntries.size() - 3) + defaultEntries.size()); // For the access ACL, the feature only needs to hold the named user and // group entries. For a correctly sorted ACL, these will be in a // predictable range. if (!AclUtil.isMinimalAcl(accessEntries)) { featureEntries.addAll( accessEntries.subList(1, accessEntries.size() - 2)); } // Add all default entries to the feature. featureEntries.addAll(defaultEntries); return new AclFeature(AclEntryStatusFormat.toInt(featureEntries)); }
/** * Build list of AclEntries from the AclFeature * @param aclFeature AclFeature * @return List of entries */ @VisibleForTesting static ImmutableList<AclEntry> getEntriesFromAclFeature(AclFeature aclFeature) { if (aclFeature == null) { return ImmutableList.<AclEntry> of(); } ImmutableList.Builder<AclEntry> b = new ImmutableList.Builder<AclEntry>(); for (int pos = 0, entry; pos < aclFeature.getEntriesSize(); pos++) { entry = aclFeature.getEntryAt(pos); b.add(AclEntryStatusFormat.toAclEntry(entry)); } return b.build(); }
/** * Creates an AclFeature from the given ACL entries. * * @param accessEntries List<AclEntry> access ACL entries * @param defaultEntries List<AclEntry> default ACL entries * @return AclFeature containing the required ACL entries */ private static AclFeature createAclFeature(List<AclEntry> accessEntries, List<AclEntry> defaultEntries) { // Pre-allocate list size for the explicit entries stored in the feature, // which is all entries minus the 3 entries implicitly stored in the // permission bits. List<AclEntry> featureEntries = Lists.newArrayListWithCapacity( (accessEntries.size() - 3) + defaultEntries.size()); // For the access ACL, the feature only needs to hold the named user and // group entries. For a correctly sorted ACL, these will be in a // predictable range. if (!AclUtil.isMinimalAcl(accessEntries)) { featureEntries.addAll( accessEntries.subList(1, accessEntries.size() - 2)); } // Add all default entries to the feature. featureEntries.addAll(defaultEntries); return new AclFeature(AclEntryStatusFormat.toInt(featureEntries)); }
/** * Build list of AclEntries from the AclFeature * @param aclFeature AclFeature * @return List of entries */ @VisibleForTesting static ImmutableList<AclEntry> getEntriesFromAclFeature(AclFeature aclFeature) { if (aclFeature == null) { return ImmutableList.<AclEntry> of(); } ImmutableList.Builder<AclEntry> b = new ImmutableList.Builder<AclEntry>(); for (int pos = 0, entry; pos < aclFeature.getEntriesSize(); pos++) { entry = aclFeature.getEntryAt(pos); b.add(AclEntryStatusFormat.toAclEntry(entry)); } return b.build(); }
.toInt(FSImageFormatPBINode.Loader.loadAclEntries( dirCopyInPb.getAcl(), state.getStringTable())); acl = new AclFeature(entries);
private static AclFeatureProto.Builder buildAclEntries(AclFeature f, final SaverContext.DeduplicationMap<String> map) { AclFeatureProto.Builder b = AclFeatureProto.newBuilder(); for (int pos = 0, e; pos < f.getEntriesSize(); pos++) { e = f.getEntryAt(pos); int nameId = map.getId(AclEntryStatusFormat.getName(e)); int v = ((nameId & ACL_ENTRY_NAME_MASK) << ACL_ENTRY_NAME_OFFSET) | (AclEntryStatusFormat.getType(e).ordinal() << ACL_ENTRY_TYPE_OFFSET) | (AclEntryStatusFormat.getScope(e).ordinal() << ACL_ENTRY_SCOPE_OFFSET) | (AclEntryStatusFormat.getPermission(e).ordinal()); b.addEntries(v); } return b; }