@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } final AclStatus aclStatus; final List<AclEntry> entries; if (item.stat.hasAcl()) { aclStatus = item.fs.getAclStatus(item.path); entries = aclStatus.getEntries(); } else { aclStatus = null; entries = Collections.<AclEntry> emptyList(); } ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }
/** * Creates a new ScopedAclEntries from the given list. It is assumed that the * list is already sorted such that all access entries precede all default * entries. * * @param aclEntries List<AclEntry> to separate */ public ScopedAclEntries(List<AclEntry> aclEntries) { int pivot = calculatePivotOnDefaultEntries(aclEntries); if (pivot != PIVOT_NOT_FOUND) { accessEntries = pivot != 0 ? aclEntries.subList(0, pivot) : Collections.<AclEntry>emptyList(); defaultEntries = aclEntries.subList(pivot, aclEntries.size()); } else { accessEntries = aclEntries; defaultEntries = Collections.emptyList(); } }
private static void checkMaxEntries(ScopedAclEntries scopedEntries) throws AclException { List<AclEntry> accessEntries = scopedEntries.getAccessEntries(); List<AclEntry> defaultEntries = scopedEntries.getDefaultEntries(); if (accessEntries.size() > MAX_ENTRIES) { throw new AclException("Invalid ACL: ACL has " + accessEntries.size() + " access entries, which exceeds maximum of " + MAX_ENTRIES + "."); } if (defaultEntries.size() > MAX_ENTRIES) { throw new AclException("Invalid ACL: ACL has " + defaultEntries.size() + " default entries, which exceeds maximum of " + MAX_ENTRIES + "."); } }
ScopedAclEntries scopedEntries = new ScopedAclEntries(featureEntries); List<AclEntry> parentDefaultEntries = scopedEntries.getDefaultEntries();
/** * Creates a ValidatedAclSpec by pre-validating and sorting the given ACL * entries. Pre-validation checks that it does not exceed the maximum * entries. This check is performed before modifying the ACL, and it's * actually insufficient for enforcing the maximum number of entries. * Transformation logic can create additional entries automatically,such as * the mask and some of the default entries, so we also need additional * checks during transformation. The up-front check is still valuable here * so that we don't run a lot of expensive transformation logic while * holding the namesystem lock for an attacker who intentionally sent a huge * ACL spec. * * @param aclSpec List<AclEntry> containing unvalidated input ACL spec * @throws AclException if validation fails */ public ValidatedAclSpec(List<AclEntry> aclSpec) throws AclException { Collections.sort(aclSpec, ACL_ENTRY_COMPARATOR); checkMaxEntries(new ScopedAclEntries(aclSpec)); this.aclSpec = aclSpec; }
ScopedAclEntries scopedEntries = new ScopedAclEntries(featureEntries); List<AclEntry> parentDefaultEntries = scopedEntries.getDefaultEntries();
ScopedAclEntries scopedEntries = new ScopedAclEntries(aclBuilder); if (!scopedEntries.getDefaultEntries().isEmpty()) { List<AclEntry> accessEntries = scopedEntries.getAccessEntries(); List<AclEntry> defaultEntries = scopedEntries.getDefaultEntries(); List<AclEntry> copiedEntries = Lists.newArrayListWithCapacity(3); for (AclEntryType type: EnumSet.of(USER, GROUP, OTHER)) {
ScopedAclEntries scopedEntries = new ScopedAclEntries(featureEntries); List<AclEntry> parentDefaultEntries = scopedEntries.getDefaultEntries();
/** * Creates a new ScopedAclEntries from the given list. It is assumed that the * list is already sorted such that all access entries precede all default * entries. * * @param aclEntries List<AclEntry> to separate */ public ScopedAclEntries(List<AclEntry> aclEntries) { int pivot = calculatePivotOnDefaultEntries(aclEntries); if (pivot != PIVOT_NOT_FOUND) { accessEntries = pivot != 0 ? aclEntries.subList(0, pivot) : Collections.<AclEntry>emptyList(); defaultEntries = aclEntries.subList(pivot, aclEntries.size()); } else { accessEntries = aclEntries; defaultEntries = Collections.emptyList(); } }
ScopedAclEntries scopedEntries = new ScopedAclEntries(aclBuilder); checkMaxEntries(scopedEntries); AclEntry accessEntryKey = new AclEntry.Builder().setScope(ACCESS) .setType(type).build(); if (Collections.binarySearch(scopedEntries.getAccessEntries(), accessEntryKey, ACL_ENTRY_COMPARATOR) < 0) { throw new AclException( "Invalid ACL: the user, group and other entries are required."); if (!scopedEntries.getDefaultEntries().isEmpty()) { AclEntry defaultEntryKey = new AclEntry.Builder().setScope(DEFAULT) .setType(type).build(); if (Collections.binarySearch(scopedEntries.getDefaultEntries(), defaultEntryKey, ACL_ENTRY_COMPARATOR) < 0) { throw new AclException(
/** * Creates a new ScopedAclEntries from the given list. It is assumed that the * list is already sorted such that all access entries precede all default * entries. * * @param aclEntries List<AclEntry> to separate */ public ScopedAclEntries(List<AclEntry> aclEntries) { int pivot = calculatePivotOnDefaultEntries(aclEntries); if (pivot != PIVOT_NOT_FOUND) { accessEntries = pivot != 0 ? aclEntries.subList(0, pivot) : Collections.<AclEntry>emptyList(); defaultEntries = aclEntries.subList(pivot, aclEntries.size()); } else { accessEntries = aclEntries; defaultEntries = Collections.emptyList(); } }
if (!AclUtil.isMinimalAcl(newAcl)) { ScopedAclEntries scoped = new ScopedAclEntries(newAcl); List<AclEntry> accessEntries = scoped.getAccessEntries(); List<AclEntry> defaultEntries = scoped.getDefaultEntries();
/** * Creates a new ScopedAclEntries from the given list. It is assumed that the * list is already sorted such that all access entries precede all default * entries. * * @param aclEntries List<AclEntry> to separate */ public ScopedAclEntries(List<AclEntry> aclEntries) { int pivot = calculatePivotOnDefaultEntries(aclEntries); if (pivot != PIVOT_NOT_FOUND) { accessEntries = pivot != 0 ? aclEntries.subList(0, pivot) : Collections.<AclEntry>emptyList(); defaultEntries = aclEntries.subList(pivot, aclEntries.size()); } else { accessEntries = aclEntries; defaultEntries = Collections.emptyList(); } }
ScopedAclEntries scoped = new ScopedAclEntries(featureEntries); List<AclEntry> accessEntries = scoped.getAccessEntries(); List<AclEntry> defaultEntries = scoped.getDefaultEntries();
/** * Creates a new ScopedAclEntries from the given list. It is assumed that the * list is already sorted such that all access entries precede all default * entries. * * @param aclEntries List<AclEntry> to separate */ public ScopedAclEntries(List<AclEntry> aclEntries) { int pivot = calculatePivotOnDefaultEntries(aclEntries); if (pivot != PIVOT_NOT_FOUND) { accessEntries = pivot != 0 ? aclEntries.subList(0, pivot) : Collections.<AclEntry>emptyList(); defaultEntries = aclEntries.subList(pivot, aclEntries.size()); } else { accessEntries = aclEntries; defaultEntries = Collections.emptyList(); } }
@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } AclStatus aclStatus = item.fs.getAclStatus(item.path); List<AclEntry> entries = perm.getAclBit() ? aclStatus.getEntries() : Collections.<AclEntry> emptyList(); ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }
@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } AclStatus aclStatus = item.fs.getAclStatus(item.path); List<AclEntry> entries = perm.getAclBit() ? aclStatus.getEntries() : Collections.<AclEntry> emptyList(); ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }
@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } AclStatus aclStatus = item.fs.getAclStatus(item.path); List<AclEntry> entries = perm.getAclBit() ? aclStatus.getEntries() : Collections.<AclEntry> emptyList(); ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }
ScopedAclEntries scopedEntries = new ScopedAclEntries(aclBuilder); if (!scopedEntries.getDefaultEntries().isEmpty()) { List<AclEntry> accessEntries = scopedEntries.getAccessEntries(); List<AclEntry> defaultEntries = scopedEntries.getDefaultEntries(); List<AclEntry> copiedEntries = Lists.newArrayListWithCapacity(3); for (AclEntryType type: EnumSet.of(USER, GROUP, OTHER)) {
@Override protected void processPath(PathData item) throws IOException { out.println("# file: " + item); out.println("# owner: " + item.stat.getOwner()); out.println("# group: " + item.stat.getGroup()); FsPermission perm = item.stat.getPermission(); if (perm.getStickyBit()) { out.println("# flags: --" + (perm.getOtherAction().implies(FsAction.EXECUTE) ? "t" : "T")); } AclStatus aclStatus = null; List<AclEntry> entries = null; // if (perm.getAclBit()) { aclStatus = item.fs.getAclStatus(item.path); entries = aclStatus.getEntries(); // } else { // aclStatus = null; // entries = Collections.<AclEntry> emptyList(); // } ScopedAclEntries scopedEntries = new ScopedAclEntries( AclUtil.getAclFromPermAndEntries(perm, entries)); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getAccessEntries()); printAclEntriesForSingleScope(aclStatus, perm, scopedEntries.getDefaultEntries()); out.println(); }