public List<AclEntry> getAclEntries() { return aclStatus == null ? null : Collections.unmodifiableList(aclStatus.getEntries()); }
if (aclEnabled) { if (sourceStatus.getAclEntries() != null) { LOG.trace(sourceStatus.getAclStatus().toString()); aclEntries = new ArrayList<>(sourceStatus.getAclEntries()); removeBaseAclEntries(aclEntries);
/** * Get the effective permission for the AclEntry * @param entry AclEntry to get the effective action */ public FsAction getEffectivePermission(AclEntry entry) { return getEffectivePermission(entry, permission); }
/** Convert a AclStatus object to a Json string. */ public static String toJsonString(final AclStatus status) { if (status == null) { return null; } final Map<String, Object> m = new TreeMap<String, Object>(); m.put("owner", status.getOwner()); m.put("group", status.getGroup()); m.put("stickyBit", status.isStickyBit()); final List<String> stringEntries = new ArrayList<>(); for (AclEntry entry : status.getEntries()) { stringEntries.add(entry.toStringStable()); } m.put("entries", stringEntries); FsPermission perm = status.getPermission(); if (perm != null) { m.put("permission", toString(perm)); } final Map<String, Map<String, Object>> finalMap = new TreeMap<String, Map<String, Object>>(); finalMap.put(AclStatus.class.getSimpleName(), m); try { return MAPPER.writeValueAsString(finalMap); } catch (IOException ignored) { } return null; }
assertEquals("Entries should be empty", 0, aclStatus.getEntries().size()); assertEquals("Permission should be carried by AclStatus", fs.getFileStatus(p1).getPermission(), aclStatus.getPermission()); aclStatus = fs.getAclStatus(p1); assertEquals("Entries should contain owner group entry also", 3, aclStatus .getEntries().size()); List<AclEntry> entries = aclStatus.getEntries(); for (AclEntry aclEntry : entries) { if (aclEntry.getName() != null || aclEntry.getType() == GROUP) { assertEquals(FsAction.ALL, aclEntry.getPermission()); assertEquals(FsAction.READ, aclStatus.getEffectivePermission(aclEntry));
/** * Builds a new AclStatus populated with the set properties. * * @return AclStatus new AclStatus */ public AclStatus build() { return new AclStatus(owner, group, stickyBit, entries, permission); } }
/** Converts an <code>AclStatus</code> object into a JSON object. * * @param aclStatus AclStatus object * * @return The JSON representation of the ACLs for the file */ @SuppressWarnings({"unchecked"}) private static Map<String,Object> aclStatusToJSON(AclStatus aclStatus) { Map<String,Object> json = new LinkedHashMap<String,Object>(); Map<String,Object> inner = new LinkedHashMap<String,Object>(); JSONArray entriesArray = new JSONArray(); inner.put(HttpFSFileSystem.OWNER_JSON, aclStatus.getOwner()); inner.put(HttpFSFileSystem.GROUP_JSON, aclStatus.getGroup()); inner.put(HttpFSFileSystem.ACL_STICKY_BIT_JSON, aclStatus.isStickyBit()); for ( AclEntry e : aclStatus.getEntries() ) { entriesArray.add(e.toString()); } inner.put(HttpFSFileSystem.ACL_ENTRIES_JSON, entriesArray); json.put(HttpFSFileSystem.ACL_STATUS_JSON, inner); return json; }
/** * Builds a new AclStatus populated with the set properties. * * @return AclStatus new AclStatus */ public AclStatus build() { return new AclStatus(owner, group, stickyBit, entries, permission); } }
List<AclEntry> getAclEntries() { return aclStatus == null ? null : Collections.unmodifiableList(aclStatus.getEntries()); }
m.put("owner", status.getOwner()); m.put("group", status.getGroup()); m.put("stickyBit", status.isStickyBit()); for (AclEntry entry : status.getEntries()) { stringEntries.add(entry.toString()); FsPermission perm = status.getPermission(); if (perm != null) { m.put("permission", toString(perm));
/** * Tests that link HdfsUtils#setFullFileStatus * does not thrown an exception when setting ACLs and without recursion. */ @Test public void testSetFullFileStatusFailInheritAcls() throws IOException { Configuration conf = new Configuration(); conf.set("dfs.namenode.acls.enabled", "true"); HdfsUtils.HadoopFileStatus mockHadoopFileStatus = mock(HdfsUtils.HadoopFileStatus.class); FileStatus mockSourceStatus = mock(FileStatus.class); AclStatus mockAclStatus = mock(AclStatus.class); FileSystem mockFs = mock(FileSystem.class); when(mockSourceStatus.getPermission()).thenReturn(new FsPermission((short) 777)); when(mockAclStatus.toString()).thenReturn(""); when(mockHadoopFileStatus.getFileStatus()).thenReturn(mockSourceStatus); when(mockHadoopFileStatus.getAclEntries()).thenReturn(new ArrayList<>()); when(mockHadoopFileStatus.getAclStatus()).thenReturn(mockAclStatus); doThrow(RuntimeException.class).when(mockFs).setAcl(any(Path.class), any(List.class)); HdfsUtils.setFullFileStatus(conf, mockHadoopFileStatus, null, mockFs, new Path("fakePath"), false); verify(mockFs).setAcl(any(Path.class), any(List.class)); }
/** * Prints a single extended ACL entry. If the mask restricts the * permissions of the entry, then also prints the restricted version as the * effective permissions. The mask applies to all named entries and also * the unnamed group entry. * @param aclStatus AclStatus for the path * @param fsPerm FsPermission for the path * @param entry AclEntry extended ACL entry to print */ private void printExtendedAclEntry(AclStatus aclStatus, FsPermission fsPerm, AclEntry entry) { if (entry.getName() != null || entry.getType() == AclEntryType.GROUP) { FsAction entryPerm = entry.getPermission(); FsAction effectivePerm = aclStatus .getEffectivePermission(entry, fsPerm); if (entryPerm != effectivePerm) { out.println(String.format("%s\t#effective:%s", entry, effectivePerm.SYMBOL)); } else { out.println(entry.toStringStable()); } } else { out.println(entry.toStringStable()); } } }
/** * Builds a new AclStatus populated with the set properties. * * @return AclStatus new AclStatus */ public AclStatus build() { return new AclStatus(owner, group, stickyBit, entries, permission); } }
@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } final AclStatus aclStatus; final List<AclEntry> entries; if (item.stat.hasAcl()) { aclStatus = item.fs.getAclStatus(item.path); entries = aclStatus.getEntries(); } else { aclStatus = null; entries = Collections.<AclEntry> emptyList(); } ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }
public static GetAclStatusResponseProto convert(AclStatus e) { AclStatusProto.Builder builder = AclStatusProto.newBuilder(); builder.setOwner(e.getOwner()) .setGroup(e.getGroup()).setSticky(e.isStickyBit()) .addAllEntries(convertAclEntryProto(e.getEntries())); if (e.getPermission() != null) { builder.setPermission(convert(e.getPermission())); } AclStatusProto r = builder.build(); return GetAclStatusResponseProto.newBuilder().setResult(r).build(); }
/** * Tests that HdfsUtils#setFullFileStatus * does not thrown an exception when setting ACLs and with recursion. */ @Test public void testSetFullFileStatusFailInheritAclsRecursive() throws Exception { Configuration conf = new Configuration(); conf.set("dfs.namenode.acls.enabled", "true"); Path fakeTarget = new Path("fakePath"); HdfsUtils.HadoopFileStatus mockHadoopFileStatus = mock(HdfsUtils.HadoopFileStatus.class); FileStatus mockSourceStatus = mock(FileStatus.class); FsShell mockFsShell = mock(FsShell.class); AclStatus mockAclStatus = mock(AclStatus.class); when(mockSourceStatus.getPermission()).thenReturn(new FsPermission((short) 777)); when(mockAclStatus.toString()).thenReturn(""); when(mockHadoopFileStatus.getFileStatus()).thenReturn(mockSourceStatus); when(mockHadoopFileStatus.getAclEntries()).thenReturn(new ArrayList<>()); when(mockHadoopFileStatus.getAclStatus()).thenReturn(mockAclStatus); doThrow(RuntimeException.class).when(mockFsShell).run(any(String[].class)); HdfsUtils.setFullFileStatus(conf, mockHadoopFileStatus, "", mock(FileSystem.class), fakeTarget, true, mockFsShell); verify(mockFsShell).run(new String[]{"-setfacl", "-R", "--set", any(String.class), fakeTarget.toString()}); }
/** * Get the effective permission for the AclEntry * @param entry AclEntry to get the effective action */ public FsAction getEffectivePermission(AclEntry entry) { return getEffectivePermission(entry, permission); }
/** * Builds a new AclStatus populated with the set properties. * * @return AclStatus new AclStatus */ public AclStatus build() { return new AclStatus(owner, group, stickyBit, entries, permission); } }
FsPermission perm = src.stat.getPermission(); List<AclEntry> srcEntries = src.fs.getAclStatus(src.path).getEntries(); List<AclEntry> srcFullEntries = AclUtil.getAclFromPermAndEntries(perm, srcEntries);
public static GetAclStatusResponseProto convert(AclStatus e) { AclStatusProto.Builder builder = AclStatusProto.newBuilder(); builder.setOwner(e.getOwner()) .setGroup(e.getGroup()).setSticky(e.isStickyBit()) .addAllEntries(convertAclEntryProto(e.getEntries())); if (e.getPermission() != null) { builder.setPermission(convert(e.getPermission())); } AclStatusProto r = builder.build(); return GetAclStatusResponseProto.newBuilder().setResult(r).build(); }