org.apache.hadoop.fs.permission.AclEntryType Java Examples

The following examples show how to use org.apache.hadoop.fs.permission.AclEntryType. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: FSEditLogOp.java    From big-c with Apache License 2.0 6 votes vote down vote up
private static List<AclEntry> readAclEntriesFromXml(Stanza st) {
  List<AclEntry> aclEntries = Lists.newArrayList();
  if (!st.hasChildren("ENTRY"))
    return null;

  List<Stanza> stanzas = st.getChildren("ENTRY");
  for (Stanza s : stanzas) {
    AclEntry e = new AclEntry.Builder()
      .setScope(AclEntryScope.valueOf(s.getValue("SCOPE")))
      .setType(AclEntryType.valueOf(s.getValue("TYPE")))
      .setName(s.getValueOrNull("NAME"))
      .setPermission(fsActionFromXml(s)).build();
    aclEntries.add(e);
  }
  return aclEntries;
}
 
Example #2
Source File: TestHDFSIntegration.java    From incubator-sentry with Apache License 2.0 6 votes vote down vote up
private Map<String, FsAction> getAcls(Path path) throws Exception {
  AclStatus aclStatus = miniDFS.getFileSystem().getAclStatus(path);
  Map<String, FsAction> acls = new HashMap<String, FsAction>();
  for (AclEntry ent : aclStatus.getEntries()) {
    if (ent.getType().equals(AclEntryType.GROUP)) {

      // In case of duplicate acl exist, exception should be thrown.
      if (acls.containsKey(ent.getName())) {
        throw new SentryAlreadyExistsException("The acl " + ent.getName() + " already exists.\n");
      } else {
        acls.put(ent.getName(), ent.getPermission());
      }
    }
  }
  return acls;
}
 
Example #3
Source File: SentryPermissions.java    From incubator-sentry with Apache License 2.0 6 votes vote down vote up
@Override
public List<AclEntry> getAcls(String authzObj) {
  Map<String, FsAction> groupPerms = getGroupPerms(authzObj);
  List<AclEntry> retList = new LinkedList<AclEntry>();
  for (Map.Entry<String, FsAction> groupPerm : groupPerms.entrySet()) {
    AclEntry.Builder builder = new AclEntry.Builder();
    builder.setName(groupPerm.getKey());
    builder.setType(AclEntryType.GROUP);
    builder.setScope(AclEntryScope.ACCESS);
    FsAction action = groupPerm.getValue();
    if (action == FsAction.READ || action == FsAction.WRITE
        || action == FsAction.READ_WRITE) {
      action = action.or(FsAction.EXECUTE);
    }
    builder.setPermission(action);
    retList.add(builder.build());
  }
  return retList;
}
 
Example #4
Source File: SentryAuthorizationProvider.java    From incubator-sentry with Apache License 2.0 6 votes vote down vote up
private List<AclEntry> createAclEntries(String user, String group,
    FsPermission permission) {
  List<AclEntry> list = new ArrayList<AclEntry>();
  AclEntry.Builder builder = new AclEntry.Builder();
  FsPermission fsPerm = new FsPermission(permission);
  builder.setName(user);
  builder.setType(AclEntryType.USER);
  builder.setScope(AclEntryScope.ACCESS);
  builder.setPermission(fsPerm.getUserAction());
  list.add(builder.build());
  builder.setName(group);
  builder.setType(AclEntryType.GROUP);
  builder.setScope(AclEntryScope.ACCESS);
  builder.setPermission(fsPerm.getGroupAction());
  list.add(builder.build());
  builder.setName(null);
  return list;
}
 
Example #5
Source File: TestAclCommands.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Test
public void testMultipleAclSpecParsing() throws Exception {
  List<AclEntry> parsedList = AclEntry.parseAclSpec(
      "group::rwx,user:user1:rwx,user:user2:rw-,"
          + "group:group1:rw-,default:group:group1:rw-", true);

  AclEntry basicAcl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.ALL).build();
  AclEntry user1Acl = new AclEntry.Builder().setType(AclEntryType.USER)
      .setPermission(FsAction.ALL).setName("user1").build();
  AclEntry user2Acl = new AclEntry.Builder().setType(AclEntryType.USER)
      .setPermission(FsAction.READ_WRITE).setName("user2").build();
  AclEntry group1Acl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.READ_WRITE).setName("group1").build();
  AclEntry defaultAcl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.READ_WRITE).setName("group1")
      .setScope(AclEntryScope.DEFAULT).build();
  List<AclEntry> expectedList = new ArrayList<AclEntry>();
  expectedList.add(basicAcl);
  expectedList.add(user1Acl);
  expectedList.add(user2Acl);
  expectedList.add(group1Acl);
  expectedList.add(defaultAcl);
  assertEquals("Parsed Acl not correct", expectedList, parsedList);
}
 
Example #6
Source File: AclCommands.java    From big-c with Apache License 2.0 6 votes vote down vote up
/**
 * Prints a single extended ACL entry.  If the mask restricts the
 * permissions of the entry, then also prints the restricted version as the
 * effective permissions.  The mask applies to all named entries and also
 * the unnamed group entry.
 * @param aclStatus AclStatus for the path
 * @param fsPerm FsPermission for the path
 * @param entry AclEntry extended ACL entry to print
 */
private void printExtendedAclEntry(AclStatus aclStatus,
    FsPermission fsPerm, AclEntry entry) {
  if (entry.getName() != null || entry.getType() == AclEntryType.GROUP) {
    FsAction entryPerm = entry.getPermission();
    FsAction effectivePerm = aclStatus
        .getEffectivePermission(entry, fsPerm);
    if (entryPerm != effectivePerm) {
      out.println(String.format("%s\t#effective:%s", entry,
        effectivePerm.SYMBOL));
    } else {
      out.println(entry);
    }
  } else {
    out.println(entry);
  }
}
 
Example #7
Source File: TestPBHelper.java    From big-c with Apache License 2.0 6 votes vote down vote up
@Test
public void testAclEntryProto() {
  // All fields populated.
  AclEntry e1 = new AclEntry.Builder().setName("test")
      .setPermission(FsAction.READ_EXECUTE).setScope(AclEntryScope.DEFAULT)
      .setType(AclEntryType.OTHER).build();
  // No name.
  AclEntry e2 = new AclEntry.Builder().setScope(AclEntryScope.ACCESS)
      .setType(AclEntryType.USER).setPermission(FsAction.ALL).build();
  // No permission, which will default to the 0'th enum element.
  AclEntry e3 = new AclEntry.Builder().setScope(AclEntryScope.ACCESS)
      .setType(AclEntryType.USER).setName("test").build();
  AclEntry[] expected = new AclEntry[] { e1, e2,
      new AclEntry.Builder()
          .setScope(e3.getScope())
          .setType(e3.getType())
          .setName(e3.getName())
          .setPermission(FsAction.NONE)
          .build() };
  AclEntry[] actual = Lists.newArrayList(
      PBHelper.convertAclEntry(PBHelper.convertAclEntryProto(Lists
          .newArrayList(e1, e2, e3)))).toArray(new AclEntry[0]);
  Assert.assertArrayEquals(expected, actual);
}
 
Example #8
Source File: TestAclCommands.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Test
public void testMultipleAclSpecParsing() throws Exception {
  List<AclEntry> parsedList = AclEntry.parseAclSpec(
      "group::rwx,user:user1:rwx,user:user2:rw-,"
          + "group:group1:rw-,default:group:group1:rw-", true);

  AclEntry basicAcl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.ALL).build();
  AclEntry user1Acl = new AclEntry.Builder().setType(AclEntryType.USER)
      .setPermission(FsAction.ALL).setName("user1").build();
  AclEntry user2Acl = new AclEntry.Builder().setType(AclEntryType.USER)
      .setPermission(FsAction.READ_WRITE).setName("user2").build();
  AclEntry group1Acl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.READ_WRITE).setName("group1").build();
  AclEntry defaultAcl = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setPermission(FsAction.READ_WRITE).setName("group1")
      .setScope(AclEntryScope.DEFAULT).build();
  List<AclEntry> expectedList = new ArrayList<AclEntry>();
  expectedList.add(basicAcl);
  expectedList.add(user1Acl);
  expectedList.add(user2Acl);
  expectedList.add(group1Acl);
  expectedList.add(defaultAcl);
  assertEquals("Parsed Acl not correct", expectedList, parsedList);
}
 
Example #9
Source File: AclCommands.java    From hadoop with Apache License 2.0 6 votes vote down vote up
/**
 * Prints a single extended ACL entry.  If the mask restricts the
 * permissions of the entry, then also prints the restricted version as the
 * effective permissions.  The mask applies to all named entries and also
 * the unnamed group entry.
 * @param aclStatus AclStatus for the path
 * @param fsPerm FsPermission for the path
 * @param entry AclEntry extended ACL entry to print
 */
private void printExtendedAclEntry(AclStatus aclStatus,
    FsPermission fsPerm, AclEntry entry) {
  if (entry.getName() != null || entry.getType() == AclEntryType.GROUP) {
    FsAction entryPerm = entry.getPermission();
    FsAction effectivePerm = aclStatus
        .getEffectivePermission(entry, fsPerm);
    if (entryPerm != effectivePerm) {
      out.println(String.format("%s\t#effective:%s", entry,
        effectivePerm.SYMBOL));
    } else {
      out.println(entry);
    }
  } else {
    out.println(entry);
  }
}
 
Example #10
Source File: TestPBHelper.java    From hadoop with Apache License 2.0 6 votes vote down vote up
@Test
public void testAclEntryProto() {
  // All fields populated.
  AclEntry e1 = new AclEntry.Builder().setName("test")
      .setPermission(FsAction.READ_EXECUTE).setScope(AclEntryScope.DEFAULT)
      .setType(AclEntryType.OTHER).build();
  // No name.
  AclEntry e2 = new AclEntry.Builder().setScope(AclEntryScope.ACCESS)
      .setType(AclEntryType.USER).setPermission(FsAction.ALL).build();
  // No permission, which will default to the 0'th enum element.
  AclEntry e3 = new AclEntry.Builder().setScope(AclEntryScope.ACCESS)
      .setType(AclEntryType.USER).setName("test").build();
  AclEntry[] expected = new AclEntry[] { e1, e2,
      new AclEntry.Builder()
          .setScope(e3.getScope())
          .setType(e3.getType())
          .setName(e3.getName())
          .setPermission(FsAction.NONE)
          .build() };
  AclEntry[] actual = Lists.newArrayList(
      PBHelper.convertAclEntry(PBHelper.convertAclEntryProto(Lists
          .newArrayList(e1, e2, e3)))).toArray(new AclEntry[0]);
  Assert.assertArrayEquals(expected, actual);
}
 
Example #11
Source File: FSEditLogOp.java    From hadoop with Apache License 2.0 6 votes vote down vote up
private static List<AclEntry> readAclEntriesFromXml(Stanza st) {
  List<AclEntry> aclEntries = Lists.newArrayList();
  if (!st.hasChildren("ENTRY"))
    return null;

  List<Stanza> stanzas = st.getChildren("ENTRY");
  for (Stanza s : stanzas) {
    AclEntry e = new AclEntry.Builder()
      .setScope(AclEntryScope.valueOf(s.getValue("SCOPE")))
      .setType(AclEntryType.valueOf(s.getValue("TYPE")))
      .setName(s.getValueOrNull("NAME"))
      .setPermission(fsActionFromXml(s)).build();
    aclEntries.add(e);
  }
  return aclEntries;
}
 
Example #12
Source File: EventTestUtils.java    From localization_nifi with Apache License 2.0 5 votes vote down vote up
public static Event.MetadataUpdateEvent createMetadataUpdateEvent() {
    return new Event.MetadataUpdateEvent.Builder()
            .replication(0)
            .perms(new FsPermission(FsAction.ALL, FsAction.NONE, FsAction.NONE))
            .path("/some/path/metadata")
            .ownerName("owner")
            .acls(Collections.singletonList(new AclEntry.Builder().setName("schema").setPermission(FsAction.ALL).setScope(AclEntryScope.ACCESS).setType(AclEntryType.GROUP).build()))
            .atime(new Date().getTime())
            .groupName("groupName")
            .metadataType(Event.MetadataUpdateEvent.MetadataType.ACLS)
            .mtime(1L)
            .xAttrs(Collections.singletonList(new XAttr.Builder().setName("name").setNameSpace(XAttr.NameSpace.USER).setValue(new byte[0]).build()))
            .xAttrsRemoved(false)
            .build();
}
 
Example #13
Source File: TestDistCpWithAcls.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and permission (no name).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
private static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setPermission(permission)
    .build();
}
 
Example #14
Source File: TestPBHelper.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Test
public void testAclStatusProto() {
  AclEntry e = new AclEntry.Builder().setName("test")
      .setPermission(FsAction.READ_EXECUTE).setScope(AclEntryScope.DEFAULT)
      .setType(AclEntryType.OTHER).build();
  AclStatus s = new AclStatus.Builder().owner("foo").group("bar").addEntry(e)
      .build();
  Assert.assertEquals(s, PBHelper.convert(PBHelper.convert(s)));
}
 
Example #15
Source File: TestDistCpWithAcls.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type, name and permission.
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
private static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name, FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .setPermission(permission)
    .build();
}
 
Example #16
Source File: AclTransformation.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Adds unspecified default entries by copying permissions from the
 * corresponding access entries.
 *
 * @param aclBuilder ArrayList<AclEntry> containing entries to build
 */
private static void copyDefaultsIfNeeded(List<AclEntry> aclBuilder) {
  Collections.sort(aclBuilder, ACL_ENTRY_COMPARATOR);
  ScopedAclEntries scopedEntries = new ScopedAclEntries(aclBuilder);
  if (!scopedEntries.getDefaultEntries().isEmpty()) {
    List<AclEntry> accessEntries = scopedEntries.getAccessEntries();
    List<AclEntry> defaultEntries = scopedEntries.getDefaultEntries();
    List<AclEntry> copiedEntries = Lists.newArrayListWithCapacity(3);
    for (AclEntryType type: EnumSet.of(USER, GROUP, OTHER)) {
      AclEntry defaultEntryKey = new AclEntry.Builder().setScope(DEFAULT)
        .setType(type).build();
      int defaultEntryIndex = Collections.binarySearch(defaultEntries,
        defaultEntryKey, ACL_ENTRY_COMPARATOR);
      if (defaultEntryIndex < 0) {
        AclEntry accessEntryKey = new AclEntry.Builder().setScope(ACCESS)
          .setType(type).build();
        int accessEntryIndex = Collections.binarySearch(accessEntries,
          accessEntryKey, ACL_ENTRY_COMPARATOR);
        if (accessEntryIndex >= 0) {
          copiedEntries.add(new AclEntry.Builder()
            .setScope(DEFAULT)
            .setType(type)
            .setPermission(accessEntries.get(accessEntryIndex).getPermission())
            .build());
        }
      }
    }
    // Add all copied entries when done to prevent potential issues with binary
    // search on a modified aclBulider during the main loop.
    aclBuilder.addAll(copiedEntries);
  }
}
 
Example #17
Source File: AclTestHelpers.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and name (no permission).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .build();
}
 
Example #18
Source File: AclTestHelpers.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type, name and permission.
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name, FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .setPermission(permission)
    .build();
}
 
Example #19
Source File: AclTestHelpers.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and permission (no name).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setPermission(permission)
    .build();
}
 
Example #20
Source File: TestAclCommands.java    From big-c with Apache License 2.0 5 votes vote down vote up
@Test
public void testMultipleAclSpecParsingWithoutPermissions() throws Exception {
  List<AclEntry> parsedList = AclEntry.parseAclSpec(
      "user::,user:user1:,group::,group:group1:,mask::,other::,"
          + "default:user:user1::,default:mask::", false);

  AclEntry owner = new AclEntry.Builder().setType(AclEntryType.USER).build();
  AclEntry namedUser = new AclEntry.Builder().setType(AclEntryType.USER)
      .setName("user1").build();
  AclEntry group = new AclEntry.Builder().setType(AclEntryType.GROUP).build();
  AclEntry namedGroup = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setName("group1").build();
  AclEntry mask = new AclEntry.Builder().setType(AclEntryType.MASK).build();
  AclEntry other = new AclEntry.Builder().setType(AclEntryType.OTHER).build();
  AclEntry defaultUser = new AclEntry.Builder()
      .setScope(AclEntryScope.DEFAULT).setType(AclEntryType.USER)
      .setName("user1").build();
  AclEntry defaultMask = new AclEntry.Builder()
      .setScope(AclEntryScope.DEFAULT).setType(AclEntryType.MASK).build();
  List<AclEntry> expectedList = new ArrayList<AclEntry>();
  expectedList.add(owner);
  expectedList.add(namedUser);
  expectedList.add(group);
  expectedList.add(namedGroup);
  expectedList.add(mask);
  expectedList.add(other);
  expectedList.add(defaultUser);
  expectedList.add(defaultMask);
  assertEquals("Parsed Acl not correct", expectedList, parsedList);
}
 
Example #21
Source File: AclTransformation.java    From big-c with Apache License 2.0 5 votes vote down vote up
/**
 * Adds unspecified default entries by copying permissions from the
 * corresponding access entries.
 *
 * @param aclBuilder ArrayList<AclEntry> containing entries to build
 */
private static void copyDefaultsIfNeeded(List<AclEntry> aclBuilder) {
  Collections.sort(aclBuilder, ACL_ENTRY_COMPARATOR);
  ScopedAclEntries scopedEntries = new ScopedAclEntries(aclBuilder);
  if (!scopedEntries.getDefaultEntries().isEmpty()) {
    List<AclEntry> accessEntries = scopedEntries.getAccessEntries();
    List<AclEntry> defaultEntries = scopedEntries.getDefaultEntries();
    List<AclEntry> copiedEntries = Lists.newArrayListWithCapacity(3);
    for (AclEntryType type: EnumSet.of(USER, GROUP, OTHER)) {
      AclEntry defaultEntryKey = new AclEntry.Builder().setScope(DEFAULT)
        .setType(type).build();
      int defaultEntryIndex = Collections.binarySearch(defaultEntries,
        defaultEntryKey, ACL_ENTRY_COMPARATOR);
      if (defaultEntryIndex < 0) {
        AclEntry accessEntryKey = new AclEntry.Builder().setScope(ACCESS)
          .setType(type).build();
        int accessEntryIndex = Collections.binarySearch(accessEntries,
          accessEntryKey, ACL_ENTRY_COMPARATOR);
        if (accessEntryIndex >= 0) {
          copiedEntries.add(new AclEntry.Builder()
            .setScope(DEFAULT)
            .setType(type)
            .setPermission(accessEntries.get(accessEntryIndex).getPermission())
            .build());
        }
      }
    }
    // Add all copied entries when done to prevent potential issues with binary
    // search on a modified aclBulider during the main loop.
    aclBuilder.addAll(copiedEntries);
  }
}
 
Example #22
Source File: EventTestUtils.java    From nifi with Apache License 2.0 5 votes vote down vote up
public static Event.MetadataUpdateEvent createMetadataUpdateEvent() {
    return new Event.MetadataUpdateEvent.Builder()
            .replication(0)
            .perms(new FsPermission(FsAction.ALL, FsAction.NONE, FsAction.NONE))
            .path("/some/path/metadata")
            .ownerName("owner")
            .acls(Collections.singletonList(new AclEntry.Builder().setName("schema").setPermission(FsAction.ALL).setScope(AclEntryScope.ACCESS).setType(AclEntryType.GROUP).build()))
            .atime(new Date().getTime())
            .groupName("groupName")
            .metadataType(Event.MetadataUpdateEvent.MetadataType.ACLS)
            .mtime(1L)
            .xAttrs(Collections.singletonList(new XAttr.Builder().setName("name").setNameSpace(XAttr.NameSpace.USER).setValue(new byte[0]).build()))
            .xAttrsRemoved(false)
            .build();
}
 
Example #23
Source File: TestAclCommands.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Test
public void testMultipleAclSpecParsingWithoutPermissions() throws Exception {
  List<AclEntry> parsedList = AclEntry.parseAclSpec(
      "user::,user:user1:,group::,group:group1:,mask::,other::,"
          + "default:user:user1::,default:mask::", false);

  AclEntry owner = new AclEntry.Builder().setType(AclEntryType.USER).build();
  AclEntry namedUser = new AclEntry.Builder().setType(AclEntryType.USER)
      .setName("user1").build();
  AclEntry group = new AclEntry.Builder().setType(AclEntryType.GROUP).build();
  AclEntry namedGroup = new AclEntry.Builder().setType(AclEntryType.GROUP)
      .setName("group1").build();
  AclEntry mask = new AclEntry.Builder().setType(AclEntryType.MASK).build();
  AclEntry other = new AclEntry.Builder().setType(AclEntryType.OTHER).build();
  AclEntry defaultUser = new AclEntry.Builder()
      .setScope(AclEntryScope.DEFAULT).setType(AclEntryType.USER)
      .setName("user1").build();
  AclEntry defaultMask = new AclEntry.Builder()
      .setScope(AclEntryScope.DEFAULT).setType(AclEntryType.MASK).build();
  List<AclEntry> expectedList = new ArrayList<AclEntry>();
  expectedList.add(owner);
  expectedList.add(namedUser);
  expectedList.add(group);
  expectedList.add(namedGroup);
  expectedList.add(mask);
  expectedList.add(other);
  expectedList.add(defaultUser);
  expectedList.add(defaultMask);
  assertEquals("Parsed Acl not correct", expectedList, parsedList);
}
 
Example #24
Source File: SentryAuthorizationInfoX.java    From incubator-sentry with Apache License 2.0 5 votes vote down vote up
@Override
public List<AclEntry> getAclEntries(String[] pathElements) {
  AclEntry acl = new AclEntry.Builder().setType(AclEntryType.USER).
      setPermission(FsAction.ALL).setName("user-authz").
      setScope(AclEntryScope.ACCESS).build();
  return Arrays.asList(acl);
}
 
Example #25
Source File: AclTestHelpers.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and permission (no name).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setPermission(permission)
    .build();
}
 
Example #26
Source File: TestDistCpWithAcls.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type, name and permission.
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
private static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name, FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .setPermission(permission)
    .build();
}
 
Example #27
Source File: TestDistCpWithAcls.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and permission (no name).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
private static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setPermission(permission)
    .build();
}
 
Example #28
Source File: TestPBHelper.java    From hadoop with Apache License 2.0 5 votes vote down vote up
@Test
public void testAclStatusProto() {
  AclEntry e = new AclEntry.Builder().setName("test")
      .setPermission(FsAction.READ_EXECUTE).setScope(AclEntryScope.DEFAULT)
      .setType(AclEntryType.OTHER).build();
  AclStatus s = new AclStatus.Builder().owner("foo").group("bar").addEntry(e)
      .build();
  Assert.assertEquals(s, PBHelper.convert(PBHelper.convert(s)));
}
 
Example #29
Source File: AclTestHelpers.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type, name and permission.
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @param permission FsAction set of permissions in the ACL entry
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name, FsAction permission) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .setPermission(permission)
    .build();
}
 
Example #30
Source File: AclTestHelpers.java    From hadoop with Apache License 2.0 5 votes vote down vote up
/**
 * Create a new AclEntry with scope, type and name (no permission).
 *
 * @param scope AclEntryScope scope of the ACL entry
 * @param type AclEntryType ACL entry type
 * @param name String optional ACL entry name
 * @return AclEntry new AclEntry
 */
public static AclEntry aclEntry(AclEntryScope scope, AclEntryType type,
    String name) {
  return new AclEntry.Builder()
    .setScope(scope)
    .setType(type)
    .setName(name)
    .build();
}