How to use

isMemberOfGroup

method

in

org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker

/**
 * Whether a cache pool can be accessed by the current context
 *
 * @param pool CachePool being accessed
 * @param access type of action being performed on the cache pool
 * @throws AccessControlException if pool cannot be accessed
 */
public void checkPermission(CachePool pool, FsAction access)
  throws AccessControlException {
 FsPermission mode = pool.getMode();
 if (isSuperUser()) {
  return;
 }
 if (getUser().equals(pool.getOwnerName())
   && mode.getUserAction().implies(access)) {
  return;
 }
 if (isMemberOfGroup(pool.getGroupName())
   && mode.getGroupAction().implies(access)) {
  return;
 }
 if (!getUser().equals(pool.getOwnerName())
   && !isMemberOfGroup(pool.getGroupName())
   && mode.getOtherAction().implies(access)) {
  return;
 }
 throw new AccessControlException("Permission denied while accessing pool "
   + pool.getPoolName() + ": user " + getUser() + " does not have "
   + access.toString() + " permissions.");
}

private boolean hasPermission(INodeAttributes inode, FsAction access) {
 if (inode == null) {
  return true;
 }
 final FsPermission mode = inode.getFsPermission();
 final AclFeature aclFeature = inode.getAclFeature();
 if (aclFeature != null && aclFeature.getEntriesSize() > 0) {
  // It's possible that the inode has a default ACL but no access ACL.
  int firstEntry = aclFeature.getEntryAt(0);
  if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) {
   return hasAclPermission(inode, access, mode, aclFeature);
  }
 }
 final FsAction checkAction;
 if (getUser().equals(inode.getUserName())) { //user class
  checkAction = mode.getUserAction();
 } else if (isMemberOfGroup(inode.getGroupName())) { //group class
  checkAction = mode.getGroupAction();
 } else { //other class
  checkAction = mode.getOtherAction();
 }
 return checkAction.implies(access);
}

static FileStatus setOwner(
  FSDirectory fsd, FSPermissionChecker pc, String src, String username,
  String group) throws IOException {
 if (FSDirectory.isExactReservedName(src)) {
  throw new InvalidPathException(src);
 }
 INodesInPath iip;
 fsd.writeLock();
 try {
  iip = fsd.resolvePath(pc, src, DirOp.WRITE);
  fsd.checkOwner(pc, iip);
  if (!pc.isSuperUser()) {
   if (username != null && !pc.getUser().equals(username)) {
    throw new AccessControlException("User " + pc.getUser()
      + " is not a super user (non-super user cannot change owner).");
   }
   if (group != null && !pc.isMemberOfGroup(group)) {
    throw new AccessControlException(
      "User " + pc.getUser() + " does not belong to " + group);
   }
  }
  unprotectedSetOwner(fsd, iip, username, group);
 } finally {
  fsd.writeUnlock();
 }
 fsd.getEditLog().logSetOwner(iip.getPath(), username, group);
 return fsd.getAuditFileInfo(iip);
}

if (isMemberOfGroup(group)) {
 FsAction masked = AclEntryStatusFormat.getPermission(entry).and(
   mode.getGroupAction());

private boolean hasPermission(INodeAttributes inode, FsAction access) {
 if (inode == null) {
  return true;
 }
 final FsPermission mode = inode.getFsPermission();
 final AclFeature aclFeature = inode.getAclFeature();
 if (aclFeature != null) {
  // It's possible that the inode has a default ACL but no access ACL.
  int firstEntry = aclFeature.getEntryAt(0);
  if (AclEntryStatusFormat.getScope(firstEntry) == AclEntryScope.ACCESS) {
   return hasAclPermission(inode, access, mode, aclFeature);
  }
 }
 final FsAction checkAction;
 if (getUser().equals(inode.getUserName())) { //user class
  checkAction = mode.getUserAction();
 } else if (isMemberOfGroup(inode.getGroupName())) { //group class
  checkAction = mode.getGroupAction();
 } else { //other class
  checkAction = mode.getOtherAction();
 }
 return checkAction.implies(access);
}

static HdfsFileStatus setOwner(
  FSDirectory fsd, String src, String username, String group)
  throws IOException {
 FSPermissionChecker pc = fsd.getPermissionChecker();
 INodesInPath iip;
 fsd.writeLock();
 try {
  iip = fsd.resolvePathForWrite(pc, src);
  src = iip.getPath();
  fsd.checkOwner(pc, iip);
  if (!pc.isSuperUser()) {
   if (username != null && !pc.getUser().equals(username)) {
    throw new AccessControlException("User " + username
      + " is not a super user (non-super user cannot change owner).");
   }
   if (group != null && !pc.isMemberOfGroup(group)) {
    throw new AccessControlException(
      "User " + username + " does not belong to " + group);
   }
  }
  unprotectedSetOwner(fsd, src, username, group);
 } finally {
  fsd.writeUnlock();
 }
 fsd.getEditLog().logSetOwner(src, username, group);
 return fsd.getAuditFileInfo(iip);
}

 /**
  * Whether a cache pool can be accessed by the current context
  *
  * @param pool CachePool being accessed
  * @param access type of action being performed on the cache pool
  * @throws AccessControlException if pool cannot be accessed
  */
 public void checkPermission(CachePool pool, FsAction access)
   throws AccessControlException {
  FsPermission mode = pool.getMode();
  if (isSuperUser()) {
   return;
  }
  if (getUser().equals(pool.getOwnerName())
    && mode.getUserAction().implies(access)) {
   return;
  }
  if (isMemberOfGroup(pool.getGroupName())
    && mode.getGroupAction().implies(access)) {
   return;
  }
  if (mode.getOtherAction().implies(access)) {
   return;
  }
  throw new AccessControlException("Permission denied while accessing pool "
    + pool.getPoolName() + ": user " + getUser() + " does not have "
    + access.toString() + " permissions.");
 }
}

if (isMemberOfGroup(group)) {
 FsAction masked = AclEntryStatusFormat.getPermission(entry).and(
   mode.getGroupAction());