/** The same as getFsPermission(Snapshot.CURRENT_STATE_ID). */ @Override public final FsPermission getFsPermission() { return getFsPermission(Snapshot.CURRENT_STATE_ID); }
@Override public final FsPermission getFsPermission(int snapshotId) { return referred.getFsPermission(snapshotId); }
/** The same as getFsPermission(Snapshot.CURRENT_STATE_ID). */ @Override public final FsPermission getFsPermission() { return getFsPermission(Snapshot.CURRENT_STATE_ID); }
private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
FsPermission perm = inode.getFsPermission(); List<AclEntry> featureEntries = AclStorage.getEntriesFromAclFeature(f); if (featureEntries.get(0).getScope() == AclEntryScope.ACCESS) {
@Override public final FsPermission getFsPermission(int snapshotId) { return referred.getFsPermission(snapshotId); }
/** The same as getFsPermission(Snapshot.CURRENT_STATE_ID). */ @Override public final FsPermission getFsPermission() { return getFsPermission(Snapshot.CURRENT_STATE_ID); }
@Override public final FsPermission getFsPermission(int snapshotId) { return referred.getFsPermission(snapshotId); }
FsPermission perm = inode.getFsPermission(); AclFeature f = inode.getAclFeature(); if (f == null) {
inode.getModificationTime(snapshot), inode.getAccessTime(snapshot), inode.getFsPermission(snapshot), inode.getUserName(snapshot), inode.getGroupName(snapshot),
int snapshotId) throws AclException, QuotaExceededException { assert newAcl.size() >= 3; FsPermission perm = inode.getFsPermission(); final FsPermission newPerm; if (!AclUtil.isMinimalAcl(newAcl)) {
parentDefaultEntries.size()); FsPermission childPerm = child.getFsPermission();
private static final void logAuditEvent(UserGroupInformation ugi, InetAddress addr, String cmd, String src, String dst, INode node) { final StringBuilder builder = auditStringBuilder.get(); builder.setLength(0); builder.append("ugi=").append(ugi).append("\t"). append("ip=").append(addr).append("\t"). append("cmd=").append(cmd).append("\t"). append("src=").append(src).append("\t"). append("dst=").append(dst).append("\t"). append("perm="); if (node == null) { builder.append("null"); } else { builder.append(node.getUserName() + ':' + node.getGroupName() + ':' + node.getFsPermission()); } auditLog.info(builder.toString()); }
static AclStatus getAclStatus( FSDirectory fsd, FSPermissionChecker pc, String src) throws IOException { checkAclsConfigFlag(fsd); fsd.readLock(); try { INodesInPath iip = fsd.resolvePath(pc, src, DirOp.READ); // There is no real inode for the path ending in ".snapshot", so return a // non-null, unpopulated AclStatus. This is similar to getFileInfo. if (iip.isDotSnapshotDir() && fsd.getINode4DotSnapshot(iip) != null) { return new AclStatus.Builder().owner("").group("").build(); } INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getPathSnapshotId(); List<AclEntry> acl = AclStorage.readINodeAcl(fsd.getAttributes(iip)); FsPermission fsPermission = inode.getFsPermission(snapshotId); return new AclStatus.Builder() .owner(inode.getUserName()).group(inode.getGroupName()) .stickyBit(fsPermission.getStickyBit()) .setPermission(fsPermission) .addEntries(acl).build(); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.readUnlock(); } }
/** Get the {@link PermissionStatus} */ protected PermissionStatus getPermissionStatus() { return new PermissionStatus(getUserName(),getGroupName(),getFsPermission()); } private synchronized void updatePermissionStatus(
/** Get the {@link PermissionStatus} */ protected PermissionStatus getPermissionStatus() { return new PermissionStatus(getUserName(),getGroupName(),getFsPermission()); } private synchronized void updatePermissionStatus(
/** * Create HdfsFileStatus by file INode */ static FileStatus createFileStatus(String path, INode node) { // length is zero for directories return new FileStatus(node.isDirectory() ? 0 : node.computeContentSummary().getLength(), node.isDirectory(), node.isDirectory() ? 0 : ((INodeFile)node).getReplication(), node.isDirectory() ? 0 : ((INodeFile)node).getPreferredBlockSize(), node.getModificationTime(), node.getAccessTime(), node.getFsPermission(), node.getUserName(), node.getGroupName(), new Path(path)); }
private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
/** * Create FileStatus by file INode */ private static FileStatus createFileStatus(String path, INode node) { // length is zero for directories return new FileStatus(node.isDirectory() ? 0 : node.computeContentSummary().getLength(), node.isDirectory(), node.isDirectory() ? 0 : ((INodeFile)node).getReplication(), node.isDirectory() ? 0 : ((INodeFile)node).getPreferredBlockSize(), node.getModificationTime(), node.getAccessTime(), node.getFsPermission(), node.getUserName(), node.getGroupName(), new Path(path)); } }
@Test public void testSetPermissionCannotSetAclBit() throws IOException { FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short)0750)); fs.setPermission(path, FsPermission.createImmutable((short)0700)); assertPermission((short)0700); fs.setPermission(path, new FsPermissionExtension(FsPermission. createImmutable((short)0755), true, true)); INode inode = cluster.getNamesystem().getFSDirectory().getINode( path.toUri().getPath(), false); assertNotNull(inode); FsPermission perm = inode.getFsPermission(); assertNotNull(perm); assertEquals(0755, perm.toShort()); assertEquals(0755, perm.toExtendedShort()); assertAclFeature(false); }