Java Code Examples for org.apache.hadoop.fs.permission.AclEntryType#OTHER

The following examples show how to use org.apache.hadoop.fs.permission.AclEntryType#OTHER . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: AclStorage.java    From hadoop with Apache License 2.0 4 votes vote down vote up 
/**
 * If a default ACL is defined on a parent directory, then copies that default
 * ACL to a newly created child file or directory.
 *
 * @param child INode newly created child
 */
public static void copyINodeDefaultAcl(INode child) {
  INodeDirectory parent = child.getParent();
  AclFeature parentAclFeature = parent.getAclFeature();
  if (parentAclFeature == null || !(child.isFile() || child.isDirectory())) {
    return;
  }

  // Split parent's entries into access vs. default.
  List<AclEntry> featureEntries = getEntriesFromAclFeature(parent
      .getAclFeature());
  ScopedAclEntries scopedEntries = new ScopedAclEntries(featureEntries);
  List<AclEntry> parentDefaultEntries = scopedEntries.getDefaultEntries();

  // The parent may have an access ACL but no default ACL.  If so, exit.
  if (parentDefaultEntries.isEmpty()) {
    return;
  }

  // Pre-allocate list size for access entries to copy from parent.
  List<AclEntry> accessEntries = Lists.newArrayListWithCapacity(
    parentDefaultEntries.size());

  FsPermission childPerm = child.getFsPermission();

  // Copy each default ACL entry from parent to new child's access ACL.
  boolean parentDefaultIsMinimal = AclUtil.isMinimalAcl(parentDefaultEntries);
  for (AclEntry entry: parentDefaultEntries) {
    AclEntryType type = entry.getType();
    String name = entry.getName();
    AclEntry.Builder builder = new AclEntry.Builder()
      .setScope(AclEntryScope.ACCESS)
      .setType(type)
      .setName(name);

    // The child's initial permission bits are treated as the mode parameter,
    // which can filter copied permission values for owner, mask and other.
    final FsAction permission;
    if (type == AclEntryType.USER && name == null) {
      permission = entry.getPermission().and(childPerm.getUserAction());
    } else if (type == AclEntryType.GROUP && parentDefaultIsMinimal) {
      // This only happens if the default ACL is a minimal ACL: exactly 3
      // entries corresponding to owner, group and other.  In this case,
      // filter the group permissions.
      permission = entry.getPermission().and(childPerm.getGroupAction());
    } else if (type == AclEntryType.MASK) {
      // Group bits from mode parameter filter permission of mask entry.
      permission = entry.getPermission().and(childPerm.getGroupAction());
    } else if (type == AclEntryType.OTHER) {
      permission = entry.getPermission().and(childPerm.getOtherAction());
    } else {
      permission = entry.getPermission();
    }

    builder.setPermission(permission);
    accessEntries.add(builder.build());
  }

  // A new directory also receives a copy of the parent's default ACL.
  List<AclEntry> defaultEntries = child.isDirectory() ? parentDefaultEntries :
    Collections.<AclEntry>emptyList();

  final FsPermission newPerm;
  if (!AclUtil.isMinimalAcl(accessEntries) || !defaultEntries.isEmpty()) {
    // Save the new ACL to the child.
    child.addAclFeature(createAclFeature(accessEntries, defaultEntries));
    newPerm = createFsPermissionForExtendedAcl(accessEntries, childPerm);
  } else {
    // The child is receiving a minimal ACL.
    newPerm = createFsPermissionForMinimalAcl(accessEntries, childPerm);
  }

  child.setPermission(newPerm);
}
Example 2
Source File: AclStorage.java    From big-c with Apache License 2.0 4 votes vote down vote up 
/**
 * If a default ACL is defined on a parent directory, then copies that default
 * ACL to a newly created child file or directory.
 *
 * @param child INode newly created child
 */
public static void copyINodeDefaultAcl(INode child) {
  INodeDirectory parent = child.getParent();
  AclFeature parentAclFeature = parent.getAclFeature();
  if (parentAclFeature == null || !(child.isFile() || child.isDirectory())) {
    return;
  }

  // Split parent's entries into access vs. default.
  List<AclEntry> featureEntries = getEntriesFromAclFeature(parent
      .getAclFeature());
  ScopedAclEntries scopedEntries = new ScopedAclEntries(featureEntries);
  List<AclEntry> parentDefaultEntries = scopedEntries.getDefaultEntries();

  // The parent may have an access ACL but no default ACL.  If so, exit.
  if (parentDefaultEntries.isEmpty()) {
    return;
  }

  // Pre-allocate list size for access entries to copy from parent.
  List<AclEntry> accessEntries = Lists.newArrayListWithCapacity(
    parentDefaultEntries.size());

  FsPermission childPerm = child.getFsPermission();

  // Copy each default ACL entry from parent to new child's access ACL.
  boolean parentDefaultIsMinimal = AclUtil.isMinimalAcl(parentDefaultEntries);
  for (AclEntry entry: parentDefaultEntries) {
    AclEntryType type = entry.getType();
    String name = entry.getName();
    AclEntry.Builder builder = new AclEntry.Builder()
      .setScope(AclEntryScope.ACCESS)
      .setType(type)
      .setName(name);

    // The child's initial permission bits are treated as the mode parameter,
    // which can filter copied permission values for owner, mask and other.
    final FsAction permission;
    if (type == AclEntryType.USER && name == null) {
      permission = entry.getPermission().and(childPerm.getUserAction());
    } else if (type == AclEntryType.GROUP && parentDefaultIsMinimal) {
      // This only happens if the default ACL is a minimal ACL: exactly 3
      // entries corresponding to owner, group and other.  In this case,
      // filter the group permissions.
      permission = entry.getPermission().and(childPerm.getGroupAction());
    } else if (type == AclEntryType.MASK) {
      // Group bits from mode parameter filter permission of mask entry.
      permission = entry.getPermission().and(childPerm.getGroupAction());
    } else if (type == AclEntryType.OTHER) {
      permission = entry.getPermission().and(childPerm.getOtherAction());
    } else {
      permission = entry.getPermission();
    }

    builder.setPermission(permission);
    accessEntries.add(builder.build());
  }

  // A new directory also receives a copy of the parent's default ACL.
  List<AclEntry> defaultEntries = child.isDirectory() ? parentDefaultEntries :
    Collections.<AclEntry>emptyList();

  final FsPermission newPerm;
  if (!AclUtil.isMinimalAcl(accessEntries) || !defaultEntries.isEmpty()) {
    // Save the new ACL to the child.
    child.addAclFeature(createAclFeature(accessEntries, defaultEntries));
    newPerm = createFsPermissionForExtendedAcl(accessEntries, childPerm);
  } else {
    // The child is receiving a minimal ACL.
    newPerm = createFsPermissionForMinimalAcl(accessEntries, childPerm);
  }

  child.setPermission(newPerm);
}