/** * @return the list of string entries */ public List<String> toStringEntries() { List<String> entries = new ArrayList<>(); for (AclEntry entry : getEntries()) { entries.add(entry.toCliString()); } return entries; }
/** * Returns a list of {@link AclEntry} which represent this ACL instance. The mask will only be * included if extended ACL entries exist. * * @return an immutable list of ACL entries */ @Override public List<AclEntry> getEntries() { if (isEmpty()) { return new ArrayList<>(); } List<AclEntry> aclEntryList = super.getEntries(); for (AclEntry entry : aclEntryList) { entry.setDefault(true); } return aclEntryList; }
@Override public OutputStream createDirect(String path, CreateOptions options) throws IOException { IOException te = null; FileSystem hdfs = getFs(); RetryPolicy retryPolicy = new CountingRetry(MAX_TRY); while (retryPolicy.attempt()) { try { // TODO(chaomin): support creating HDFS files with specified block size and replication. OutputStream outputStream = new HdfsUnderFileOutputStream( FileSystem.create(hdfs, new Path(path), new FsPermission(options.getMode().toShort()))); if (options.getAcl() != null) { setAclEntries(path, options.getAcl().getEntries()); } return outputStream; } catch (IOException e) { LOG.warn("Attempt count {} : {} ", retryPolicy.getAttemptCount(), e.getMessage()); te = e; } } throw te; }
private void setUfsAcl(LockedInodePath inodePath) throws InvalidPathException, AccessControlException { Inode inode = inodePath.getInodeOrNull(); checkUfsMode(inodePath.getUri(), OperationType.WRITE); MountTable.Resolution resolution = mMountTable.resolve(inodePath.getUri()); String ufsUri = resolution.getUri().toString(); try (CloseableResource<UnderFileSystem> ufsResource = resolution.acquireUfsResource()) { UnderFileSystem ufs = ufsResource.get(); if (ufs.isObjectStorage()) { LOG.warn("SetACL is not supported to object storage UFS via Alluxio. " + "UFS: " + ufsUri + ". This has no effect on the underlying object."); } else { try { List<AclEntry> entries = new ArrayList<>(inode.getACL().getEntries()); if (inode.isDirectory()) { entries.addAll(inode.asDirectory().getDefaultACL().getEntries()); } ufs.setAclEntries(ufsUri, entries); } catch (IOException e) { throw new AccessControlException("Could not setAcl for UFS file: " + ufsUri); } } } }
@Test public void removeExtendedAclMask() throws Exception { mFileSystemMaster.createDirectory(NESTED_URI, CreateDirectoryContext .defaults(CreateDirectoryPOptions.newBuilder().setRecursive(true))); AclEntry newAcl = AclEntry.fromCliString("user:newuser:rwx"); // Add an ACL addAcl(NESTED_URI, newAcl); assertThat(getInfo(NESTED_URI).getAcl().getEntries(), hasItem(newAcl)); // Attempt to remove the ACL mask AclEntry maskEntry = AclEntry.fromCliString("mask::rwx"); assertThat(getInfo(NESTED_URI).getAcl().getEntries(), hasItem(maskEntry)); try { removeAcl(NESTED_URI, maskEntry); fail("Expected removing the mask from an extended ACL to fail"); } catch (IOException e) { assertThat(e.getMessage(), containsString("mask")); } // Remove the extended ACL removeAcl(NESTED_URI, newAcl); // Now we can add and remove a mask addAcl(NESTED_URI, maskEntry); removeAcl(NESTED_URI, maskEntry); }
createFileContext.setAcl(acl.getEntries());
.setUfsStatus(context.getUfsStatus()); if (acl != null) { createDirectoryContext.setAcl(acl.getEntries());