fsd.checkPathAccess(pc, iip, FsAction.READ);
static FileStatus concat(FSDirectory fsd, FSPermissionChecker pc, String target, String[] srcs, boolean logRetryCache) throws IOException { validatePath(target, srcs); assert srcs != null; if (FSDirectory.LOG.isDebugEnabled()) { FSDirectory.LOG.debug("concat {} to {}", Arrays.toString(srcs), target); } final INodesInPath targetIIP = fsd.resolvePath(pc, target, DirOp.WRITE); // write permission for the target if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, targetIIP, FsAction.WRITE); } // check the target verifyTargetFile(fsd, target, targetIIP); // check the srcs INodeFile[] srcFiles = verifySrcFiles(fsd, srcs, targetIIP, pc); if(NameNode.stateChangeLog.isDebugEnabled()) { NameNode.stateChangeLog.debug("DIR* NameSystem.concat: " + Arrays.toString(srcs) + " to " + target); } long timestamp = now(); fsd.writeLock(); try { unprotectedConcat(fsd, targetIIP, srcFiles, timestamp); } finally { fsd.writeUnlock(); } fsd.getEditLog().logConcat(target, srcs, timestamp, logRetryCache); return fsd.getAuditFileInfo(targetIIP); }
static List<XAttr> listXAttrs( FSDirectory fsd, FSPermissionChecker pc, String src) throws IOException { FSDirXAttrOp.checkXAttrsConfigFlag(fsd); final boolean isRawPath = FSDirectory.isReservedRawName(src); final INodesInPath iip = fsd.resolvePath(pc, src, DirOp.READ); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.READ); } final List<XAttr> all = FSDirXAttrOp.getXAttrs(fsd, iip); return XAttrPermissionFilter. filterXAttrsForApi(pc, all, isRawPath); }
/** * Get the encryption zone for the specified path. * * @param fsd fsdirectory * @param srcArg the path of a file or directory to get the EZ for * @param pc permission checker to check fs permission * @return the EZ with file status. */ static Map.Entry<EncryptionZone, FileStatus> getEZForPath( final FSDirectory fsd, final String srcArg, final FSPermissionChecker pc) throws IOException { final INodesInPath iip; final EncryptionZone ret; fsd.readLock(); try { iip = fsd.resolvePath(pc, srcArg, DirOp.READ); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.READ); } ret = fsd.ezManager.getEZINodeForPath(iip); } finally { fsd.readUnlock(); } FileStatus auditStat = fsd.getAuditFileInfo(iip); return new AbstractMap.SimpleImmutableEntry<>(ret, auditStat); }
static INodesInPath resolvePathForStartFile(FSDirectory dir, FSPermissionChecker pc, String src, EnumSet<CreateFlag> flag, boolean createParent) throws IOException { INodesInPath iip = dir.resolvePath(pc, src, DirOp.CREATE); if (dir.isPermissionEnabled()) { dir.checkAncestorAccess(pc, iip, FsAction.WRITE); } INode inode = iip.getLastINode(); if (inode != null) { // Verify that the destination does not exist as a directory already. if (inode.isDirectory()) { throw new FileAlreadyExistsException(iip.getPath() + " already exists as a directory"); } // Verifies it's indeed a file and perms allow overwrite INodeFile.valueOf(inode, src); if (dir.isPermissionEnabled() && flag.contains(CreateFlag.OVERWRITE)) { dir.checkPathAccess(pc, iip, FsAction.WRITE); } } else { if (!createParent) { dir.verifyParentDir(iip); } if (!flag.contains(CreateFlag.CREATE)) { throw new FileNotFoundException("Can't overwrite non-existent " + src); } } return iip; }
static BlockStoragePolicy getStoragePolicy(FSDirectory fsd, FSPermissionChecker pc, BlockManager bm, String path) throws IOException { fsd.readLock(); try { final INodesInPath iip = fsd.resolvePath(pc, path, DirOp.READ_LINK); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.READ); } INode inode = iip.getLastINode(); if (inode == null) { throw new FileNotFoundException("File/Directory does not exist: " + iip.getPath()); } return bm.getStoragePolicy(inode.getStoragePolicyID()); } finally { fsd.readUnlock(); } }
static FileStatus setStoragePolicy(FSDirectory fsd, FSPermissionChecker pc, BlockManager bm, String src, final byte policyId, final String operation) throws IOException { if (!fsd.isStoragePolicyEnabled()) { throw new IOException(String.format( "Failed to %s storage policy since %s is set to false.", operation, DFS_STORAGE_POLICY_ENABLED_KEY)); } INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } unprotectedSetStoragePolicy(fsd, bm, iip, policyId); fsd.getEditLog().logSetStoragePolicy(iip.getPath(), policyId); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
void checkAccess(String src, FsAction mode) throws IOException { final String operationName = "checkAccess"; checkOperation(OperationCategory.READ); final FSPermissionChecker pc = getPermissionChecker(); readLock(); try { checkOperation(OperationCategory.READ); final INodesInPath iip = dir.resolvePath(pc, src, DirOp.READ); src = iip.getPath(); INode inode = iip.getLastINode(); if (inode == null) { throw new FileNotFoundException("Path not found"); } if (isPermissionEnabled) { dir.checkPathAccess(pc, iip, mode); } } catch (AccessControlException e) { logAuditEvent(false, operationName, src); throw e; } finally { readUnlock(operationName); } }
private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
static FileStatus setTimes( FSDirectory fsd, FSPermissionChecker pc, String src, long mtime, long atime) throws IOException { INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); // Write access is required to set access and modification times if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } final INode inode = iip.getLastINode(); if (inode == null) { throw new FileNotFoundException("File/Directory " + iip.getPath() + " does not exist."); } boolean changed = unprotectedSetTimes(fsd, iip, mtime, atime, true); if (changed) { fsd.getEditLog().logTimes(iip.getPath(), mtime, atime); } } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
final INodesInPath iip = fsd.resolvePath(pc, src, DirOp.READ); if (fsn.isPermissionEnabled()) { fsn.getFSDirectory().checkPathAccess(pc, iip, FsAction.READ);
static boolean setReplication( FSDirectory fsd, FSPermissionChecker pc, BlockManager bm, String src, final short replication) throws IOException { bm.verifyReplication(src, replication, null); final boolean isFile; fsd.writeLock(); try { final INodesInPath iip = fsd.resolvePath(pc, src, DirOp.WRITE); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } final BlockInfo[] blocks = unprotectedSetReplication(fsd, iip, replication); isFile = blocks != null; if (isFile) { fsd.getEditLog().logSetReplication(iip.getPath(), replication); } } finally { fsd.writeUnlock(); } return isFile; }
fsd.checkPathAccess(pc, iip, FsAction.WRITE);
static DirectoryListing getListingInt(FSDirectory fsd, FSPermissionChecker pc, final String srcArg, byte[] startAfter, boolean needLocation) throws IOException { final INodesInPath iip = fsd.resolvePath(pc, srcArg, DirOp.READ); // Get file name when startAfter is an INodePath. This is not the // common case so avoid any unnecessary processing unless required. if (startAfter.length > 0 && startAfter[0] == Path.SEPARATOR_CHAR) { final String startAfterString = DFSUtil.bytes2String(startAfter); if (FSDirectory.isReservedName(startAfterString)) { try { byte[][] components = INode.getPathComponents(startAfterString); components = FSDirectory.resolveComponents(components, fsd); startAfter = components[components.length - 1]; } catch (IOException e) { // Possibly the inode is deleted throw new DirectoryListingStartAfterNotFoundException( "Can't find startAfter " + startAfterString); } } } boolean isSuperUser = true; if (fsd.isPermissionEnabled()) { if (iip.getLastINode() != null && iip.getLastINode().isDirectory()) { fsd.checkPathAccess(pc, iip, FsAction.READ_EXECUTE); } isSuperUser = pc.isSuperUser(); } return getListing(fsd, iip, startAfter, needLocation, isSuperUser); }
fsd.checkPathAccess(pc, iip, FsAction.WRITE);
final INodeFile inode = INodeFile.valueOf(iip.getLastINode(), src); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.READ); fsd.checkUnreadableBySuperuser(pc, iip);
fsd.checkPathAccess(pc, iip, FsAction.WRITE);
fsd.checkPathAccess(pc, iip, FsAction.READ); // read the file
dir.checkPathAccess(pc, iip, FsAction.WRITE);
src = iip.getPath(); if (fsd.isPermissionEnabled()) { fsd.checkPathAccess(pc, iip, FsAction.WRITE);