acl = new DefaultAccessControlList(); } else { acl = new AccessControlList(); acl.setOwningUser(owner); acl.setOwningGroup(owningGroup); acl.setEntry(aclEntry);
/** * @return the list of string entries */ public List<String> toStringEntries() { List<String> entries = new ArrayList<>(); for (AclEntry entry : getEntries()) { entries.add(entry.toCliString()); } return entries; }
/** * Tests getting and setting owner and group. */ @Test public void ownerGroup() { AccessControlList acl = new AccessControlList(); acl.setOwningUser(OWNING_USER); acl.setOwningGroup(OWNING_GROUP); Assert.assertEquals(OWNING_USER, acl.getOwningUser()); Assert.assertEquals(OWNING_GROUP, acl.getOwningGroup()); }
/** * Update the mask to be the union of owning group entry, named user entry and named group entry. * This method must be called when the aforementioned entries are modified. */ public void updateMask() { if (hasExtended()) { AclActions actions = getOwningGroupActions(); mExtendedEntries.updateMask(actions); } }
/** * Serialize an AccessControlList object. * @param accessControlList the ACL object to be serialized * @param jsonGenerator json generator * @param serializerProvider default serializer * @throws IOException */ @Override public void serialize(AccessControlList accessControlList, JsonGenerator jsonGenerator, SerializerProvider serializerProvider) throws IOException { jsonGenerator.writeStartObject(); jsonGenerator.writeStringField(OWNER_FIELD, accessControlList.getOwningUser()); jsonGenerator.writeStringField(OWNING_GROUP_FIELD, accessControlList.getOwningGroup()); jsonGenerator.writeObjectField(STRING_ENTRY_FIELD, accessControlList.toStringEntries()); jsonGenerator.writeEndObject(); } }
protected MoreObjects.ToStringHelper toStringHelper() { return MoreObjects.toStringHelper(this) .add("id", mId) .add("name", mName) .add("parentId", mParentId) .add("creationTimeMs", mCreationTimeMs) .add("pinned", mPinned) .add("deleted", mDeleted) .add("ttl", mTtl) .add("ttlAction", mTtlAction) .add("directory", mDirectory) .add("persistenceState", mPersistenceState) .add("lastModificationTimeMs", mLastModificationTimeMs) .add("owner", mAcl.getOwningUser()) .add("group", mAcl.getOwningGroup()) .add("permission", mAcl.getMode()) .add("ufsFingerprint", mUfsFingerprint); }
/** * @param acl the access control list to convert * @return the proto representation of this object */ public static PAcl toProto(AccessControlList acl) { PAcl.Builder pAcl = PAcl.newBuilder(); pAcl.setOwner(acl.getOwningUser()); pAcl.setOwningGroup(acl.getOwningGroup()); pAcl.setMode(acl.getMode()); if (acl.hasExtended()) { for (AclEntry entry : acl.getExtendedEntries().getEntries()) { pAcl.addEntries(toProto(entry)); } } pAcl.setIsDefault(false); return pAcl.build(); }
builder.setOwningUser(acl.getOwningUser()); builder.setOwningGroup(acl.getOwningGroup()); .setActions(toProto(acl.getOwningUserActions())) .build()); builder.addGroupActions(Acl.NamedAclActions.newBuilder() .setName(AccessControlList.OWNING_GROUP_KEY) .setActions(toProto(acl.getOwningGroupActions())) .build()); builder.setOtherActions(toProto(acl.getOtherActions())); if (acl.getExtendedEntries() != null) { builder.addAllUserActions(getNamedUsersProto(acl.getExtendedEntries())); builder.addAllGroupActions(getNamedGroupsProto(acl.getExtendedEntries())); builder.setMaskActions(toProto(acl.getExtendedEntries().getMask()));
return new AclActions(getOwningUserActions()); if (hasExtended()) { AclActions actions = mExtendedEntries.getNamedUser(user); if (actions != null) { if (groups.contains(mOwningGroup)) { isGroupKnown = true; groupActions.merge(getOwningGroupActions()); if (hasExtended()) { for (String group : groups) { AclActions actions = mExtendedEntries.getNamedGroup(group); if (hasExtended()) { groupActions.mask(mExtendedEntries.mMaskActions); return getOtherActions();
/** * Tests the constructor contract. */ @Test public void constructor() { AccessControlList acl = new AccessControlList(); Assert.assertEquals("", acl.getOwningUser()); Assert.assertEquals("", acl.getOwningGroup()); }
/** * Tests {@link AccessControlList#getMode()}. */ @Test public void getMode() { AccessControlList acl = new AccessControlList(); Assert.assertEquals(0, acl.getMode()); acl.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_USER).setSubject(OWNING_USER) .addAction(AclAction.READ).build()); acl.setEntry(new AclEntry.Builder().setType(AclEntryType.OWNING_GROUP).setSubject(OWNING_GROUP) .addAction(AclAction.WRITE).build()); acl.setEntry(new AclEntry.Builder().setType(AclEntryType.OTHER) .addAction(AclAction.EXECUTE).build()); Assert.assertEquals(new Mode(Mode.Bits.READ, Mode.Bits.WRITE, Mode.Bits.EXECUTE).toShort(), acl.getMode()); }
/** * Tests {@link AccessControlList#setMode(short)}. */ @Test public void setMode() { AccessControlList acl = new AccessControlList(); short mode = new Mode(Mode.Bits.EXECUTE, Mode.Bits.WRITE, Mode.Bits.READ).toShort(); acl.setMode(mode); Assert.assertEquals(mode, acl.getMode()); }
@Override public String getFingerprint(String path) { // TODO(yuzhu): include default ACL in the fingerprint try { UfsStatus status = getStatus(path); Pair<AccessControlList, DefaultAccessControlList> aclPair = getAclPair(path); if (aclPair == null || aclPair.getFirst() == null || !aclPair.getFirst().hasExtended()) { return Fingerprint.create(getUnderFSType(), status).serialize(); } else { return Fingerprint.create(getUnderFSType(), status, aclPair.getFirst()).serialize(); } } catch (Exception e) { // In certain scenarios, it is expected that the UFS path does not exist. LOG.debug("Failed fingerprint. path: {} error: {}", path, e.toString()); return Constants.INVALID_UFS_FINGERPRINT; } }
protected MutableInode(long id, boolean isDirectory) { mCreationTimeMs = System.currentTimeMillis(); mDeleted = false; mDirectory = isDirectory; mId = id; mTtl = Constants.NO_TTL; mTtlAction = TtlAction.DELETE; mLastModificationTimeMs = mCreationTimeMs; mName = null; mParentId = InodeTree.NO_PARENT; mPersistenceState = PersistenceState.NOT_PERSISTED; mPinned = false; mAcl = new AccessControlList(); mUfsFingerprint = Constants.INVALID_UFS_FINGERPRINT; }
@Override public void setEntry(AclEntry entry) { if (isEmpty() && mAccessAcl != null) { mMode = mAccessAcl.mMode; } super.setEntry(entry); setEmpty(false); }
@Override public String getOwner() { return mAcl.getOwningUser(); }
@Override public String getGroup() { return mAcl.getOwningGroup(); }
@Override public AclActions getPermission(String user, List<String> groups) { return mAcl.getPermission(user, groups); }
/** * @param group the group of the inode * @return the updated object */ public T setGroup(String group) { mAcl.setOwningGroup(group); if (isDirectory()) { getDefaultACL().setOwningGroup(group); } return getThis(); }
/** * @param owner the owner name of the inode * @return the updated object */ public T setOwner(String owner) { mAcl.setOwningUser(owner); if (isDirectory()) { getDefaultACL().setOwningUser(owner); } return getThis(); }