/** * @param user the user to get groups for * @return the groups for the given user * @throws AccessControlException if the group service information cannot be accessed */ private List<String> getGroups(String user) throws AccessControlException { try { return CommonUtils.getGroups(user, ServerConfiguration.global()); } catch (IOException e) { throw new AccessControlException( ExceptionMessage.PERMISSION_DENIED.getMessage(e.getMessage())); } }
mPermissionChecker.checkPermission(Mode.Bits.WRITE, childPath); } catch (AccessControlException e) { failedChildren.add(e.getMessage()); throw new AccessControlException(ExceptionMessage.DELETE_FAILED_DIR_CHILDREN .getMessage(path, StringUtils.join(failedChildren, ",")));
} catch (AccessControlException e) { response .setPermissionError("Error: File " + file + " cannot be accessed " + e.getMessage()); return response;
LOG.warn(e.getMessage()); failureReason = e.getMessage(); } catch (IOException e) { LOG.warn(e.getMessage());
/** * Gets the user name from the {@link ThreadLocal} variable. * * @param conf Alluxio configuration * @return the client user in string * @throws AccessControlException there is no authenticated user for this thread or * the authentication is not enabled */ public static String getClientUser(AlluxioConfiguration conf) throws AccessControlException { try { User user = get(conf); if (user == null) { throw new AccessControlException( ExceptionMessage.AUTHORIZED_CLIENT_USER_IS_NULL.getMessage()); } return user.getName(); } catch (IOException e) { throw new AccessControlException(ExceptionMessage.AUTHENTICATION_IS_NOT_ENABLED.getMessage()); } }
mPermissionChecker.checkPermission(Mode.Bits.WRITE, child); } catch (AccessControlException e) { failedChildren.add(e.getMessage()); throw new AccessControlException( ExceptionMessage.DELETE_FAILED_DIR_CHILDREN.getMessage(path, StringUtils.join(failedChildren, ",")));
} catch (AccessControlException e) { response.setInvalidPathError( "Error: File " + currentPath + " cannot be accessed " + e.getMessage()); return response; } catch (AccessControlException e) { response.setAccessControlException( "Error: File " + currentPath + " cannot be accessed " + e.getMessage()); return response;
return; throw new AccessControlException(ExceptionMessage.PERMISSION_DENIED .getMessage("user=" + user + " is not the owner of path=" + path));
/** * Tests check of readonly mount points. */ @Test public void readOnlyMount() throws Exception { MountPOptions options = MountContext.defaults(MountPOptions.newBuilder().setReadOnly(true)).getOptions().build(); String mountPath = "/mnt/foo"; AlluxioURI alluxioUri = new AlluxioURI("alluxio://localhost:1234" + mountPath); mMountTable.add(NoopJournalContext.INSTANCE, alluxioUri, new AlluxioURI("hdfs://localhost:5678/foo"), 2L, options); try { mMountTable.checkUnderWritableMountPoint(alluxioUri); Assert.fail("Readonly mount point should not be writable."); } catch (AccessControlException e) { // Exception expected Assert.assertEquals(ExceptionMessage.MOUNT_READONLY.getMessage(alluxioUri, mountPath), e.getMessage()); } try { String path = mountPath + "/sub/directory"; alluxioUri = new AlluxioURI("alluxio://localhost:1234" + path); mMountTable.checkUnderWritableMountPoint(alluxioUri); Assert.fail("Readonly mount point should not be writable."); } catch (AccessControlException e) { // Exception expected Assert.assertEquals(ExceptionMessage.MOUNT_READONLY.getMessage(alluxioUri, mountPath), e.getMessage()); } }
/** * @return a specific {@link AlluxioException} corresponding to this exception if there is one; * otherwise return a generic {@link AlluxioException} */ public AlluxioException toAlluxioException() { switch (mStatus) { // Fall throughs are intentional. case PERMISSION_DENIED: case UNAUTHENTICATED: return new AccessControlException(getMessage(), this); case ABORTED: case ALREADY_EXISTS: case CANCELED: case DATA_LOSS: case DEADLINE_EXCEEDED: case FAILED_PRECONDITION: case INTERNAL: case INVALID_ARGUMENT: case NOT_FOUND: case OUT_OF_RANGE: case RESOURCE_EXHAUSTED: case UNAVAILABLE: case UNIMPLEMENTED: case UNKNOWN: default: return new AlluxioException(getMessage(), this); } }
@Test public void deleteDirRecursiveWithInsufficientPermissions() throws Exception { // userA has permissions to delete directory but not one of the nested files createFileWithSingleBlock(NESTED_FILE_URI); createFileWithSingleBlock(NESTED_FILE2_URI); mFileSystemMaster.setAttribute(NESTED_URI, SetAttributeContext .defaults(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto()))); mFileSystemMaster.setAttribute(NESTED_FILE_URI, SetAttributeContext .defaults(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0700).toProto()))); mFileSystemMaster.setAttribute(NESTED_FILE2_URI, SetAttributeContext .defaults(SetAttributePOptions.newBuilder().setMode(new Mode((short) 0777).toProto()))); try (AuthenticatedClientUserResource userA = new AuthenticatedClientUserResource("userA", ServerConfiguration.global())) { mFileSystemMaster.delete(NESTED_URI, DeleteContext.defaults(DeletePOptions.newBuilder().setRecursive(true))); fail("Deleting a directory w/ insufficient permission on child should fail"); } catch (AccessControlException e) { String expectedChildMessage = ExceptionMessage.PERMISSION_DENIED .getMessage("user=userA, access=-w-, path=" + NESTED_FILE_URI + ": failed at file"); assertTrue(e.getMessage().startsWith(ExceptionMessage.DELETE_FAILED_DIR_CHILDREN .getMessage(NESTED_URI, expectedChildMessage))); } assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_URI)); assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE_URI)); assertNotEquals(IdUtils.INVALID_FILE_ID, mFileSystemMaster.getFileId(NESTED_FILE2_URI)); }
/** * Checks to see if a write operation is allowed for the specified Alluxio path, by determining * if it is under a readonly mount point. * * @param alluxioUri an Alluxio path URI * @throws InvalidPathException if the Alluxio path is invalid * @throws AccessControlException if the Alluxio path is under a readonly mount point */ public void checkUnderWritableMountPoint(AlluxioURI alluxioUri) throws InvalidPathException, AccessControlException { try (LockResource r = new LockResource(mReadLock)) { // This will re-acquire the read lock, but that is allowed. String mountPoint = getMountPoint(alluxioUri); MountInfo mountInfo = mState.getMountTable().get(mountPoint); if (mountInfo.getOptions().getReadOnly()) { throw new AccessControlException(ExceptionMessage.MOUNT_READONLY, alluxioUri, mountPoint); } } }
} catch (AccessControlException e) { request.setAttribute("permissionError", "Error: File " + file + " cannot be accessed " + e.getMessage()); getServletContext().getRequestDispatcher("/memory.jsp").forward(request, response); return;
/** * Checks whether the user is a super user or in super group. * * @throws AccessControlException if the user is not a super user */ private void checkSuperUser() throws AccessControlException { // collects user and groups String user = AuthenticatedClientUser.getClientUser(ServerConfiguration.global()); List<String> groups = getGroups(user); if (!isPrivilegedUser(user, groups)) { throw new AccessControlException(ExceptionMessage.PERMISSION_DENIED .getMessage(user + " is not a super user or in super group")); } }
} catch (AccessControlException e) { request.setAttribute("invalidPathError", "Error: File " + currentPath + " cannot be accessed " + e.getMessage()); getServletContext().getRequestDispatcher("/browse.jsp").forward(request, response); return; } catch (AccessControlException e) { request.setAttribute("AccessControlException", "Error: File " + currentPath + " cannot be accessed " + e.getMessage()); getServletContext().getRequestDispatcher("/browse.jsp").forward(request, response); return;
/** * This method checks requested permission on a given inode, represented by its fileInfo. * * @param user who requests access permission * @param groups in which user belongs to * @param inode whose attributes used for permission check logic * @param bits requested {@link Mode.Bits} by user * @param path the path to check permission on * @throws AccessControlException if permission checking fails */ private void checkInode(String user, List<String> groups, Inode inode, Mode.Bits bits, String path) throws AccessControlException { if (inode == null) { return; } for (AclAction action : bits.toAclActionSet()) { if (!inode.checkPermission(user, groups, action)) { throw new AccessControlException(ExceptionMessage.PERMISSION_DENIED .getMessage(toExceptionMessage(user, bits, path, inode))); } } }
LOG.warn(e.getMessage()); failureReason = e.getMessage(); } catch (IOException e) { LOG.warn(e.getMessage());
/** * Check if the specified operation type is allowed to the ufs. * * @param alluxioPath the Alluxio path * @param opType the operation type */ private void checkUfsMode(AlluxioURI alluxioPath, OperationType opType) throws AccessControlException, InvalidPathException { MountTable.Resolution resolution = mMountTable.resolve(alluxioPath); try (CloseableResource<UnderFileSystem> ufsResource = resolution.acquireUfsResource()) { UnderFileSystem ufs = ufsResource.get(); UfsMode ufsMode = ufs.getOperationMode(mUfsManager.getPhysicalUfsState(ufs.getPhysicalStores())); switch (ufsMode) { case NO_ACCESS: throw new AccessControlException(ExceptionMessage.UFS_OP_NOT_ALLOWED.getMessage(opType, resolution.getUri(), UfsMode.NO_ACCESS)); case READ_ONLY: if (opType == OperationType.WRITE) { throw new AccessControlException(ExceptionMessage.UFS_OP_NOT_ALLOWED.getMessage(opType, resolution.getUri(), UfsMode.READ_ONLY)); } break; default: // All operations are allowed break; } } }
private void setUfsAcl(LockedInodePath inodePath) throws InvalidPathException, AccessControlException { Inode inode = inodePath.getInodeOrNull(); checkUfsMode(inodePath.getUri(), OperationType.WRITE); MountTable.Resolution resolution = mMountTable.resolve(inodePath.getUri()); String ufsUri = resolution.getUri().toString(); try (CloseableResource<UnderFileSystem> ufsResource = resolution.acquireUfsResource()) { UnderFileSystem ufs = ufsResource.get(); if (ufs.isObjectStorage()) { LOG.warn("SetACL is not supported to object storage UFS via Alluxio. " + "UFS: " + ufsUri + ". This has no effect on the underlying object."); } else { try { List<AclEntry> entries = new ArrayList<>(inode.getACL().getEntries()); if (inode.isDirectory()) { entries.addAll(inode.asDirectory().getDefaultACL().getEntries()); } ufs.setAclEntries(ufsUri, entries); } catch (IOException e) { throw new AccessControlException("Could not setAcl for UFS file: " + ufsUri); } } } }
ufs.setOwner(ufsUri, owner, group); } catch (IOException e) { throw new AccessControlException("Could not setOwner for UFS file " + ufsUri + " . Aborting the setAttribute operation in Alluxio.", e); ufs.setMode(ufsUri, ModeUtils.protoToShort(protoOptions.getMode())); } catch (IOException e) { throw new AccessControlException("Could not setMode for UFS file " + ufsUri + " . Aborting the setAttribute operation in Alluxio.", e);