private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
static void renameSnapshot(FSDirectory fsd, FSPermissionChecker pc, SnapshotManager snapshotManager, String path, String snapshotOldName, String snapshotNewName, boolean logRetryCache) throws IOException { final INodesInPath iip = fsd.resolvePath(pc, path, DirOp.WRITE); if (fsd.isPermissionEnabled()) { fsd.checkOwner(pc, iip); } verifySnapshotName(fsd, snapshotNewName, path); fsd.writeLock(); try { snapshotManager.renameSnapshot(iip, path, snapshotOldName, snapshotNewName); } finally { fsd.writeUnlock(); } fsd.getEditLog().logRenameSnapshot(path, snapshotOldName, snapshotNewName, logRetryCache); }
static FileStatus setPermission( FSDirectory fsd, FSPermissionChecker pc, final String src, FsPermission permission) throws IOException { if (FSDirectory.isExactReservedName(src)) { throw new InvalidPathException(src); } INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); fsd.checkOwner(pc, iip); unprotectedSetPermission(fsd, iip, permission); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetPermissions(iip.getPath(), permission); return fsd.getAuditFileInfo(iip); }
static FileStatus setAcl( FSDirectory fsd, FSPermissionChecker pc, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); fsd.checkOwner(pc, iip); List<AclEntry> newAcl = unprotectedSetAcl(fsd, iip, aclSpec, false); fsd.getEditLog().logSetAcl(iip.getPath(), newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static FileStatus removeAcl(FSDirectory fsd, FSPermissionChecker pc, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedRemoveAcl(fsd, iip); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetAcl(src, AclFeature.EMPTY_ENTRY_LIST); return fsd.getAuditFileInfo(iip); }
final INodesInPath iip = fsd.resolvePath(pc, snapshotRoot, DirOp.WRITE); if (fsd.isPermissionEnabled()) { fsd.checkOwner(pc, iip);
static FileStatus setOwner( FSDirectory fsd, FSPermissionChecker pc, String src, String username, String group) throws IOException { if (FSDirectory.isExactReservedName(src)) { throw new InvalidPathException(src); } INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); fsd.checkOwner(pc, iip); if (!pc.isSuperUser()) { if (username != null && !pc.getUser().equals(username)) { throw new AccessControlException("User " + pc.getUser() + " is not a super user (non-super user cannot change owner)."); } if (group != null && !pc.isMemberOfGroup(group)) { throw new AccessControlException( "User " + pc.getUser() + " does not belong to " + group); } } unprotectedSetOwner(fsd, iip, username, group); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetOwner(iip.getPath(), username, group); return fsd.getAuditFileInfo(iip); }
static FileStatus removeAclEntries( FSDirectory fsd, FSPermissionChecker pc, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); List<AclEntry> newAcl = AclTransformation.filterAclEntriesByAclSpec( existingAcl, aclSpec); AclStorage.updateINodeAcl(inode, newAcl, snapshotId); fsd.getEditLog().logSetAcl(src, newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static FileStatus removeDefaultAcl(FSDirectory fsd, FSPermissionChecker pc, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); List<AclEntry> newAcl = AclTransformation.filterDefaultAclEntries( existingAcl); AclStorage.updateINodeAcl(inode, newAcl, snapshotId); fsd.getEditLog().logSetAcl(src, newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static FileStatus modifyAclEntries( FSDirectory fsd, FSPermissionChecker pc, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePath(pc, src, DirOp.WRITE); src = iip.getPath(); fsd.checkOwner(pc, iip); INode inode = FSDirectory.resolveLastINode(iip); int snapshotId = iip.getLatestSnapshotId(); List<AclEntry> existingAcl = AclStorage.readINodeLogicalAcl(inode); List<AclEntry> newAcl = AclTransformation.mergeAclEntries( existingAcl, aclSpec); AclStorage.updateINodeAcl(inode, newAcl, snapshotId); fsd.getEditLog().logSetAcl(src, newAcl); } catch (AclException e){ throw new AclException(e.getMessage() + " Path: " + src, e); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
final INodesInPath iip = fsd.resolvePath(pc, snapshotRoot, DirOp.WRITE); if (fsd.isPermissionEnabled()) { fsd.checkOwner(pc, iip);
private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
private static void checkXAttrChangeAccess( FSDirectory fsd, INodesInPath iip, XAttr xAttr, FSPermissionChecker pc) throws AccessControlException, FileNotFoundException { if (fsd.isPermissionEnabled() && xAttr.getNameSpace() == XAttr.NameSpace .USER) { final INode inode = iip.getLastINode(); if (inode != null && inode.isDirectory() && inode.getFsPermission().getStickyBit()) { if (!pc.isSuperUser()) { fsd.checkOwner(pc, iip); } } else { fsd.checkPathAccess(pc, iip, FsAction.WRITE); } } }
static HdfsFileStatus setPermission( FSDirectory fsd, final String srcArg, FsPermission permission) throws IOException { String src = srcArg; FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedSetPermission(fsd, src, permission); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetPermissions(src, permission); return fsd.getAuditFileInfo(iip); }
static HdfsFileStatus setPermission( FSDirectory fsd, final String srcArg, FsPermission permission) throws IOException { String src = srcArg; FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedSetPermission(fsd, src, permission); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetPermissions(src, permission); return fsd.getAuditFileInfo(iip); }
static void renameSnapshot(FSDirectory fsd, SnapshotManager snapshotManager, String path, String snapshotOldName, String snapshotNewName, boolean logRetryCache) throws IOException { final INodesInPath iip = fsd.getINodesInPath4Write(path); if (fsd.isPermissionEnabled()) { FSPermissionChecker pc = fsd.getPermissionChecker(); fsd.checkOwner(pc, iip); } verifySnapshotName(fsd, snapshotNewName, path); fsd.writeLock(); try { snapshotManager.renameSnapshot(iip, path, snapshotOldName, snapshotNewName); } finally { fsd.writeUnlock(); } fsd.getEditLog().logRenameSnapshot(path, snapshotOldName, snapshotNewName, logRetryCache); }
static HdfsFileStatus removeAcl(FSDirectory fsd, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedRemoveAcl(fsd, iip); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetAcl(src, AclFeature.EMPTY_ENTRY_LIST); return fsd.getAuditFileInfo(iip); }
static HdfsFileStatus setAcl( FSDirectory fsd, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); List<AclEntry> newAcl = unprotectedSetAcl(fsd, src, aclSpec, false); fsd.getEditLog().logSetAcl(src, newAcl); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }
static HdfsFileStatus removeAcl(FSDirectory fsd, final String srcArg) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); unprotectedRemoveAcl(fsd, iip); } finally { fsd.writeUnlock(); } fsd.getEditLog().logSetAcl(src, AclFeature.EMPTY_ENTRY_LIST); return fsd.getAuditFileInfo(iip); }
static HdfsFileStatus setAcl( FSDirectory fsd, final String srcArg, List<AclEntry> aclSpec) throws IOException { String src = srcArg; checkAclsConfigFlag(fsd); FSPermissionChecker pc = fsd.getPermissionChecker(); INodesInPath iip; fsd.writeLock(); try { iip = fsd.resolvePathForWrite(pc, src); src = iip.getPath(); fsd.checkOwner(pc, iip); List<AclEntry> newAcl = unprotectedSetAcl(fsd, src, aclSpec, false); fsd.getEditLog().logSetAcl(src, newAcl); } finally { fsd.writeUnlock(); } return fsd.getAuditFileInfo(iip); }