private CreateUfsFileOptions(AlluxioConfiguration alluxioConf) { mOwner = SecurityUtils.getOwnerFromLoginModule(alluxioConf); mGroup = SecurityUtils.getGroupFromLoginModule(alluxioConf); mMode = ModeUtils.applyFileUMask(Mode.defaults(), alluxioConf .get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK)); // TODO(chaomin): set permission based on the alluxio file. Not needed for now since the // file is always created with default permission. } }
private CompleteUfsFileOptions(AlluxioConfiguration alluxioConf) { mOwner = SecurityUtils.getOwnerFromLoginModule(alluxioConf); mGroup = SecurityUtils.getGroupFromLoginModule(alluxioConf); mMode = ModeUtils.applyFileUMask(Mode.defaults(), alluxioConf.get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK)); // TODO(chaomin): set permission based on the alluxio file. Not needed for now since the // file is always created with default permission. } }
/** * Tests the {@link SecurityUtils#getOwnerFromLoginModule()} method. */ @Test public void getOwnerFromLoginModule() throws Exception { // When security is not enabled, user and group are not set mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.NOSASL.getAuthName()); Assert.assertEquals("", SecurityUtils.getOwnerFromLoginModule(mConfiguration)); // When authentication is enabled, user and group are inferred from login module mConfiguration.set(PropertyKey.SECURITY_AUTHENTICATION_TYPE, AuthType.SIMPLE.getAuthName()); mConfiguration.set(PropertyKey.SECURITY_LOGIN_USERNAME, "test_login_user"); mConfiguration.set(PropertyKey.SECURITY_GROUP_MAPPING_CLASS, IdentityUserGroupsMapping.class.getName()); Assert.assertEquals("test_login_user", SecurityUtils.getOwnerFromLoginModule(mConfiguration)); }
private OutStreamOptions(AlluxioConfiguration alluxioConf) { mBlockSizeBytes = alluxioConf.getBytes(PropertyKey.USER_BLOCK_SIZE_BYTES_DEFAULT); mTtl = Constants.NO_TTL; mTtlAction = TtlAction.DELETE; mLocationPolicy = CommonUtils.createNewClassInstance(alluxioConf.<FileWriteLocationPolicy>getClass( PropertyKey.USER_FILE_WRITE_LOCATION_POLICY), new Class[] {AlluxioConfiguration.class}, new Object[] {alluxioConf}); mWriteTier = alluxioConf.getInt(PropertyKey.USER_FILE_WRITE_TIER_DEFAULT); mWriteType = alluxioConf.getEnum(PropertyKey.USER_FILE_WRITE_TYPE_DEFAULT, WriteType.class); mOwner = SecurityUtils.getOwnerFromLoginModule(alluxioConf); mGroup = SecurityUtils.getGroupFromLoginModule(alluxioConf); mMode = ModeUtils.applyFileUMask(Mode.defaults(), alluxioConf .get(PropertyKey.SECURITY_AUTHORIZATION_PERMISSION_UMASK)); mMountId = IdUtils.INVALID_MOUNT_ID; mReplicationDurable = alluxioConf.getInt(PropertyKey.USER_FILE_REPLICATION_DURABLE); mReplicationMax = alluxioConf.getInt(PropertyKey.USER_FILE_REPLICATION_MAX); mReplicationMin = alluxioConf.getInt(PropertyKey.USER_FILE_REPLICATION_MIN); }
try (JournalContext context = createJournalContext()) { mInodeTree.initializeRoot( SecurityUtils.getOwnerFromLoginModule(ServerConfiguration.global()), SecurityUtils.getGroupFromLoginModule(ServerConfiguration.global()), ModeUtils.applyDirectoryUMask(Mode.createFullAccess(), String serverOwner = SecurityUtils.getOwnerFromLoginModule(ServerConfiguration.global()); if (SecurityUtils.isSecurityEnabled(ServerConfiguration.global()) && !root.getOwner().isEmpty() && !root.getOwner().equals(serverOwner)) {
if (root == null) { try (JournalContext context = createJournalContext()) { mInodeTree.initializeRoot(SecurityUtils.getOwnerFromLoginModule(), SecurityUtils.getGroupFromLoginModule(), Mode.createFullAccess().applyDirectoryUMask(), context); String serverOwner = SecurityUtils.getOwnerFromLoginModule(); if (SecurityUtils.isSecurityEnabled() && !root.getOwner().isEmpty() && !root.getOwner().equals(serverOwner)) {