/** Check whether the current user is in the superuser group. */ private void checkSuperuserPrivilege() throws IOException, AccessControlException { if (!isPermissionEnabled) { return; } // Try to get the ugi in the RPC call. UserGroupInformation callerUgi = ipcServer.getRemoteUser(); if (callerUgi == null) { // This is not from RPC. callerUgi = UserGroupInformation.getCurrentUser(); } // Is this by the DN user itself? assert dnUserName != null; if (callerUgi.getUserName().equals(dnUserName)) { return; } // Is the user a member of the super group? List<String> groups = Arrays.asList(callerUgi.getGroupNames()); if (groups.contains(supergroup)) { return; } // Not a superuser. throw new AccessControlException(); }
/** Check whether the current user is in the superuser group. */ private void checkSuperuserPrivilege() throws IOException, AccessControlException { if (!isPermissionEnabled) { return; } // Try to get the ugi in the RPC call. UserGroupInformation callerUgi = ipcServer.getRemoteUser(); if (callerUgi == null) { // This is not from RPC. callerUgi = UserGroupInformation.getCurrentUser(); } // Is this by the DN user itself? assert dnUserName != null; if (callerUgi.getUserName().equals(dnUserName)) { return; } // Is the user a member of the super group? List<String> groups = Arrays.asList(callerUgi.getGroupNames()); if (groups.contains(supergroup)) { return; } // Not a superuser. throw new AccessControlException(); }
/** Check whether the current user is in the superuser group. */ private void checkSuperuserPrivilege() throws IOException, AccessControlException { if (!isPermissionEnabled) { return; } // Try to get the ugi in the RPC call. UserGroupInformation callerUgi = ipcServer.getRemoteUser(); if (callerUgi == null) { // This is not from RPC. callerUgi = UserGroupInformation.getCurrentUser(); } // Is this by the DN user itself? assert dnUserName != null; if (callerUgi.getUserName().equals(dnUserName)) { return; } // Is the user a member of the super group? List<String> groups = Arrays.asList(callerUgi.getGroupNames()); if (groups.contains(supergroup)) { return; } // Not a superuser. throw new AccessControlException(); }