org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.isMemberOfGroup java code examples

Common ways to obtain FSPermissionChecker

private void myMethod () {
 FSPermissionChecker f =FSDirectory fsd;fsd.getPermissionChecker()
FSNamesystem fSNamesystem;fSNamesystem.getPermissionChecker()
FSDirectory fSDirectory;String fsOwner;String superGroup;fSDirectory.getPermissionChecker(fsOwner, superGroup, NameNode.getRemoteUser())
Smart code suggestions by Tabnine
}

/**
 * Whether a cache pool can be accessed by the current context
 *
 * @param pool CachePool being accessed
 * @param access type of action being performed on the cache pool
 * @throws AccessControlException if pool cannot be accessed
 */
public void checkPermission(CachePool pool, FsAction access)
  throws AccessControlException {
 FsPermission mode = pool.getMode();
 if (isSuperUser()) {
  return;
 }
 if (getUser().equals(pool.getOwnerName())
   && mode.getUserAction().implies(access)) {
  return;
 }
 if (isMemberOfGroup(pool.getGroupName())
   && mode.getGroupAction().implies(access)) {
  return;
 }
 if (!getUser().equals(pool.getOwnerName())
   && !isMemberOfGroup(pool.getGroupName())
   && mode.getOtherAction().implies(access)) {
  return;
 }
 throw new AccessControlException("Permission denied while accessing pool "
   + pool.getPoolName() + ": user " + getUser() + " does not have "
   + access.toString() + " permissions.");
}

private boolean hasPermission(INodeAttributes inode, FsAction access) {
 if (inode == null) {
  return true;
 }
 final FsPermission mode = inode.getFsPermission();
 final AclFeature aclFeature = inode.getAclFeature();
 if (aclFeature != null && aclFeature.getEntriesSize() > 0) {
  // It's possible that the inode has a default ACL but no access ACL.
  int firstEntry = aclFeature.getEntryAt(0);
  if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) {
   return hasAclPermission(inode, access, mode, aclFeature);
  }
 }
 final FsAction checkAction;
 if (getUser().equals(inode.getUserName())) { //user class
  checkAction = mode.getUserAction();
 } else if (isMemberOfGroup(inode.getGroupName())) { //group class
  checkAction = mode.getGroupAction();
 } else { //other class
  checkAction = mode.getOtherAction();
 }
 return checkAction.implies(access);
}

static FileStatus setOwner(
  FSDirectory fsd, FSPermissionChecker pc, String src, String username,
  String group) throws IOException {
 if (FSDirectory.isExactReservedName(src)) {
  throw new InvalidPathException(src);
 }
 INodesInPath iip;
 fsd.writeLock();
 try {
  iip = fsd.resolvePath(pc, src, DirOp.WRITE);
  fsd.checkOwner(pc, iip);
  if (!pc.isSuperUser()) {
   if (username != null && !pc.getUser().equals(username)) {
    throw new AccessControlException("User " + pc.getUser()
      + " is not a super user (non-super user cannot change owner).");
   }
   if (group != null && !pc.isMemberOfGroup(group)) {
    throw new AccessControlException(
      "User " + pc.getUser() + " does not belong to " + group);
   }
  }
  unprotectedSetOwner(fsd, iip, username, group);
 } finally {
  fsd.writeUnlock();
 }
 fsd.getEditLog().logSetOwner(iip.getPath(), username, group);
 return fsd.getAuditFileInfo(iip);
}

if (isMemberOfGroup(group)) {
 FsAction masked = AclEntryStatusFormat.getPermission(entry).and(
   mode.getGroupAction());

private boolean hasPermission(INodeAttributes inode, FsAction access) {
 if (inode == null) {
  return true;
 }
 final FsPermission mode = inode.getFsPermission();
 final AclFeature aclFeature = inode.getAclFeature();
 if (aclFeature != null) {
  // It's possible that the inode has a default ACL but no access ACL.
  int firstEntry = aclFeature.getEntryAt(0);
  if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) {
   return hasAclPermission(inode, access, mode, aclFeature);
  }
 }
 final FsAction checkAction;
 if (getUser().equals(inode.getUserName())) { //user class
  checkAction = mode.getUserAction();
 } else if (isMemberOfGroup(inode.getGroupName())) { //group class
  checkAction = mode.getGroupAction();
 } else { //other class
  checkAction = mode.getOtherAction();
 }
 return checkAction.implies(access);
}

static HdfsFileStatus setOwner(
  FSDirectory fsd, String src, String username, String group)
  throws IOException {
 FSPermissionChecker pc = fsd.getPermissionChecker();
 INodesInPath iip;
 fsd.writeLock();
 try {
  iip = fsd.resolvePathForWrite(pc, src);
  src = iip.getPath();
  fsd.checkOwner(pc, iip);
  if (!pc.isSuperUser()) {
   if (username != null && !pc.getUser().equals(username)) {
    throw new AccessControlException("User " + username
      + " is not a super user (non-super user cannot change owner).");
   }
   if (group != null && !pc.isMemberOfGroup(group)) {
    throw new AccessControlException(
      "User " + username + " does not belong to " + group);
   }
  }
  unprotectedSetOwner(fsd, src, username, group);
 } finally {
  fsd.writeUnlock();
 }
 fsd.getEditLog().logSetOwner(src, username, group);
 return fsd.getAuditFileInfo(iip);
}

 /**
  * Whether a cache pool can be accessed by the current context
  *
  * @param pool CachePool being accessed
  * @param access type of action being performed on the cache pool
  * @throws AccessControlException if pool cannot be accessed
  */
 public void checkPermission(CachePool pool, FsAction access)
   throws AccessControlException {
  FsPermission mode = pool.getMode();
  if (isSuperUser()) {
   return;
  }
  if (getUser().equals(pool.getOwnerName())
    && mode.getUserAction().implies(access)) {
   return;
  }
  if (isMemberOfGroup(pool.getGroupName())
    && mode.getGroupAction().implies(access)) {
   return;
  }
  if (mode.getOtherAction().implies(access)) {
   return;
  }
  throw new AccessControlException("Permission denied while accessing pool "
    + pool.getPoolName() + ": user " + getUser() + " does not have "
    + access.toString() + " permissions.");
 }
}

if (isMemberOfGroup(group)) {
 FsAction masked = AclEntryStatusFormat.getPermission(entry).and(
   mode.getGroupAction());

Popular methods of FSPermissionChecker

checkPermission
Check whether current user have permissions to access the path. Traverse is always checked. Parent p
<init>
check
Guarded by FSNamesystem#readLock()
checkOwner
Guarded by FSNamesystem#readLock()
checkSubAccess
Guarded by FSNamesystem#readLock()
checkTraverse
Guarded by FSNamesystem#readLock()
checkStickyBit
Guarded by FSNamesystem#readLock()
checkSuperuserPrivilege
Verify if the caller has the required permission. This will result into an exception if the caller i
getAccessControlEnforcer
getAttributesProvider
getINodeAttrs
getUser

Popular in Java

Parsing JSON documents to java classes using gson
setScale (BigDecimal)
getSharedPreferences (Context)
addToBackStack (FragmentTransaction)
Rectangle (java.awt)
A Rectangle specifies an area in a coordinate space that is enclosed by the Rectangle object's top-
Time (java.sql)
Java representation of an SQL TIME value. Provides utilities to format and parse the time's represen
TimeUnit (java.util.concurrent)
A TimeUnit represents time durations at a given unit of granularity and provides utility methods to
JPanel (javax.swing)
Join (org.hibernate.mapping)
Option (scala)
Top 25 Plugins for Webstorm

How to use isMemberOfGroupmethodin org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker

Best Java code snippets using org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker.isMemberOfGroup (Showing top 8 results out of 315)

How to use
isMemberOfGroup
method
in
org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker