/** Guarded by {@link FSNamesystem#readLock()} */ private void checkTraverse(INodeAttributes[] inodeAttrs, int last) throws AccessControlException { for (int i=0; i <= last; i++) { INodeAttributes inode = inodeAttrs[i]; if (!inode.isDirectory()) { throw new AccessControlException( constructPath(inodeAttrs, i) + " (is not a directory)"); } if (!hasPermission(inode, FsAction.EXECUTE)) { throw new AccessControlException(toAccessControlString( inode, constructPath(inodeAttrs, i), FsAction.EXECUTE)); } } }
/** Guarded by {@link FSNamesystem#readLock()} */ private void check(INodeAttributes[] inodes, int i, FsAction access) throws AccessControlException { INodeAttributes inode = (i >= 0) ? inodes[i] : null; if (inode != null && !hasPermission(inode, access)) { throw new AccessControlException( toAccessControlString(inode, constructPath(inodes, i), access)); } }
/** Guarded by {@link FSNamesystem#readLock()} */ private void check(INodeAttributes[] inodes, int i, FsAction access) throws AccessControlException { INodeAttributes inode = (i >= 0) ? inodes[i] : null; if (inode != null && !hasPermission(inode, access)) { throw new AccessControlException( toAccessControlString(inode, constructPath(inodes, i), access)); } }
/** Guarded by {@link FSNamesystem#readLock()} */ private void checkOwner(INodeAttributes[] inodes, int i) throws AccessControlException { if (getUser().equals(inodes[i].getUserName())) { return; } throw new AccessControlException( "Permission denied. user=" + getUser() + " is not the owner of inode=" + constructPath(inodes, i)); }
/** Guarded by {@link FSNamesystem#readLock()} */ private void checkOwner(INodeAttributes[] inodes, int i) throws AccessControlException { if (getUser().equals(inodes[i].getUserName())) { return; } throw new AccessControlException( "Permission denied. user=" + getUser() + " is not the owner of inode=" + constructPath(inodes, i)); }
/** Guarded by {@link FSNamesystem#readLock()} */ private void checkTraverse(INodeAttributes[] inodeAttrs, int last) throws AccessControlException { for (int i=0; i <= last; i++) { INodeAttributes inode = inodeAttrs[i]; if (!inode.isDirectory()) { throw new AccessControlException( constructPath(inodeAttrs, i) + " (is not a directory)"); } if (!hasPermission(inode, FsAction.EXECUTE)) { throw new AccessControlException(toAccessControlString( inode, constructPath(inodeAttrs, i), FsAction.EXECUTE)); } } }
/** Guarded by {@link FSNamesystem#readLock()} */ private void checkStickyBit(INodeAttributes[] inodes, int index) throws AccessControlException { INodeAttributes parent = inodes[index]; if (!parent.getFsPermission().getStickyBit()) { return; } // If this user is the directory owner, return if (parent.getUserName().equals(getUser())) { return; } INodeAttributes inode = inodes[index + 1]; // if this user is the file owner, return if (inode.getUserName().equals(getUser())) { return; } throw new AccessControlException(String.format( "Permission denied by sticky bit: user=%s, path=\"%s\":%s:%s:%s%s, " + "parent=\"%s\":%s:%s:%s%s", user, constructPath(inodes, index + 1), inode.getUserName(), inode.getGroupName(), inode.isDirectory() ? "d" : "-", inode.getFsPermission().toString(), constructPath(inodes, index), parent.getUserName(), parent.getGroupName(), parent.isDirectory() ? "d" : "-", parent.getFsPermission().toString())); }
/** Guarded by {@link FSNamesystem#readLock()} */ private void checkStickyBit(INodeAttributes[] inodes, int index) throws AccessControlException { INodeAttributes parent = inodes[index]; if (!parent.getFsPermission().getStickyBit()) { return; } // If this user is the directory owner, return if (parent.getUserName().equals(getUser())) { return; } INodeAttributes inode = inodes[index + 1]; // if this user is the file owner, return if (inode.getUserName().equals(getUser())) { return; } throw new AccessControlException(String.format( "Permission denied by sticky bit: user=%s, path=\"%s\":%s:%s:%s%s, " + "parent=\"%s\":%s:%s:%s%s", user, constructPath(inodes, index + 1), inode.getUserName(), inode.getGroupName(), inode.isDirectory() ? "d" : "-", inode.getFsPermission().toString(), constructPath(inodes, index), parent.getUserName(), parent.getGroupName(), parent.isDirectory() ? "d" : "-", parent.getFsPermission().toString())); }