static FileStatus setAcl( FSDirectory fsd, FSPermissionChecker pc, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); fsd.checkOwner(pc, iip); List<AclEntry> newAcl = unprotectedSetAcl(fsd, iip, aclSpec, false); fsd.getEditLog().logSetAcl(iip.getPath(), newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
AclStatus getAclStatus(String src) throws IOException { final String operationName = "getAclStatus"; checkOperation(OperationCategory.READ); final AclStatus ret; final FSPermissionChecker pc = getPermissionChecker(); readLock(); try { checkOperation(OperationCategory.READ); ret = FSDirAclOp.getAclStatus(dir, pc, src); } catch(AccessControlException ace) { logAuditEvent(false, operationName, src); throw ace; } finally { readUnlock(operationName); } logAuditEvent(true, operationName, src); return ret; }
void modifyAclEntries(final String src, List<AclEntry> aclSpec) throws IOException { final String operationName = "modifyAclEntries"; FileStatus auditStat = null; checkOperation(OperationCategory.WRITE); final FSPermissionChecker pc = getPermissionChecker(); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot modify ACL entries on " + src); auditStat = FSDirAclOp.modifyAclEntries(dir, pc, src, aclSpec); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
static FileStatus removeAcl(FSDirectory fsd, FSPermissionChecker pc, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedRemoveAcl(fsd, iip); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetAcl(src, AclFeature.EMPTY_ENTRY_LIST); return fsd.getAuditFileInfo(iip); }
static FileStatus removeAclEntries( FSDirectory fsd, FSPermissionChecker pc, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); List<AclEntry> newAcl = AclTransformation.filterAclEntriesByAclSpec( existingAcl, aclSpec); AclStorage.updateINodeAcl(inode, newAcl, snapshotId); fsd.getEditLog().logSetAcl(src, newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static List<AclEntry> unprotectedSetAcl(FSDirectory fsd, INodesInPath iip, List<AclEntry> aclSpec, boolean fromEdits) throws IOException { assert fsd.hasWriteLock(); // ACL removal is logged to edits as OP_SET_ACL with an empty list. if (aclSpec.isEmpty()) { unprotectedRemoveAcl(fsd, iip); return AclFeature.EMPTY_ENTRY_LIST; } INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> newAcl = aclSpec; if (!fromEdits) { List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); newAcl = AclTransformation.replaceAclEntries(existingAcl, aclSpec); } AclStorage.updateINodeAcl(inode, newAcl, snapshotId); return newAcl; }
void setAcl(final String src, List<AclEntry> aclSpec) throws IOException { final String operationName = "setAcl"; FileStatus auditStat = null; checkOperation(OperationCategory.WRITE); final FSPermissionChecker pc = getPermissionChecker(); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot set ACL on " + src); auditStat = FSDirAclOp.setAcl(dir, pc, src, aclSpec); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeAcl(final String src) throws IOException { final String operationName = "removeAcl"; FileStatus auditStat = null; checkOperation(OperationCategory.WRITE); final FSPermissionChecker pc = getPermissionChecker(); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove ACL on " + src); auditStat = FSDirAclOp.removeAcl(dir, pc, src); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeDefaultAcl(final String src) throws IOException { final String operationName = "removeDefaultAcl"; FileStatus auditStat = null; checkOperation(OperationCategory.WRITE); final FSPermissionChecker pc = getPermissionChecker(); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove default ACL entries on " + src); auditStat = FSDirAclOp.removeDefaultAcl(dir, pc, src); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeAclEntries(final String src, List<AclEntry> aclSpec) throws IOException { final String operationName = "removeAclEntries"; checkOperation(OperationCategory.WRITE); FileStatus auditStat = null; final FSPermissionChecker pc = getPermissionChecker(); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove ACL entries on " + src); auditStat = FSDirAclOp.removeAclEntries(dir, pc, src, aclSpec); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
SetAclOp setAclOp = (SetAclOp) op; INodesInPath iip = fsDir.getINodesInPath(setAclOp.src, DirOp.WRITE); FSDirAclOp.unprotectedSetAcl(fsDir, iip, setAclOp.aclEntries, true); break;
static HdfsFileStatus removeAcl(FSDirectory fsd, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedRemoveAcl(fsd, iip); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetAcl(src, AclFeature.EMPTY_ENTRY_LIST); return fsd.getAuditFileInfo(iip); }
static FileStatus removeDefaultAcl(FSDirectory fsd, FSPermissionChecker pc, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); List<AclEntry> newAcl = AclTransformation.filterDefaultAclEntries( existingAcl); AclStorage.updateINodeAcl(inode, newAcl, snapshotId); fsd.getEditLog().logSetAcl(src, newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static List<AclEntry> unprotectedSetAcl( FSDirectory fsd, String src, List<AclEntry> aclSpec, boolean fromEdits) throws IOException { assert fsd.hasWriteLock(); final INodesInPath iip = fsd.getINodesInPath4Write( FSDirectory.normalizePath(src), true); // ACL removal is logged to edits as OP_SET_ACL with an empty list. if (aclSpec.isEmpty()) { unprotectedRemoveAcl(fsd, iip); return AclFeature.EMPTY_ENTRY_LIST; } INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> newAcl = aclSpec; if (!fromEdits) { List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); newAcl = AclTransformation.replaceAclEntries(existingAcl, aclSpec); } AclStorage.updateINodeAcl(inode, newAcl, snapshotId); return newAcl; }
void setAcl(final String src, List<AclEntry> aclSpec) throws IOException { final String operationName = "setAcl"; HdfsFileStatus auditStat = null; checkOperation(OperationCategory.WRITE); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot set ACL on " + src); auditStat = FSDirAclOp.setAcl(dir, src, aclSpec); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeAcl(final String src) throws IOException { final String operationName = "removeAcl"; HdfsFileStatus auditStat = null; checkOperation(OperationCategory.WRITE); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove ACL on " + src); auditStat = FSDirAclOp.removeAcl(dir, src); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeDefaultAcl(final String src) throws IOException { final String operationName = "removeDefaultAcl"; HdfsFileStatus auditStat = null; checkOperation(OperationCategory.WRITE); writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove default ACL entries on " + src); auditStat = FSDirAclOp.removeDefaultAcl(dir, src); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
void removeAclEntries(final String src, List<AclEntry> aclSpec) throws IOException { final String operationName = "removeAclEntries"; checkOperation(OperationCategory.WRITE); HdfsFileStatus auditStat = null; writeLock(); try { checkOperation(OperationCategory.WRITE); checkNameNodeSafeMode("Cannot remove ACL entries on " + src); auditStat = FSDirAclOp.removeAclEntries(dir, src, aclSpec); } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { writeUnlock(operationName); } getEditLog().logSync(); logAuditEvent(true, operationName, src, null, auditStat); }
FSDirAclOp.unprotectedSetAcl(fsDir, setAclOp.src, setAclOp.aclEntries, true); break;
static HdfsFileStatus setAcl( FSDirectory fsd, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); List<AclEntry> newAcl = unprotectedSetAcl(fsd, src, aclSpec, false); fsd.getEditLog().logSetAcl(src, newAcl); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }