List of usage examples for org.apache.hadoop.fs.permission FsAction EXECUTE
FsAction EXECUTE
To view the source code for org.apache.hadoop.fs.permission FsAction EXECUTE.
Click Source Link
From source file:alluxio.underfs.hdfs.acl.SupportedHdfsAclProvider.java
License:Apache License
@Override public Pair<AccessControlList, DefaultAccessControlList> getAcl(FileSystem hdfs, String path) throws IOException { AclStatus hdfsAcl;/*w ww.j a v a2 s. c o m*/ Path filePath = new Path(path); boolean isDir = hdfs.isDirectory(filePath); try { hdfsAcl = hdfs.getAclStatus(filePath); } catch (AclException e) { // When dfs.namenode.acls.enabled is false, getAclStatus throws AclException. return new Pair<>(null, null); } AccessControlList acl = new AccessControlList(); DefaultAccessControlList defaultAcl = new DefaultAccessControlList(); acl.setOwningUser(hdfsAcl.getOwner()); acl.setOwningGroup(hdfsAcl.getGroup()); defaultAcl.setOwningUser(hdfsAcl.getOwner()); defaultAcl.setOwningGroup(hdfsAcl.getGroup()); for (AclEntry entry : hdfsAcl.getEntries()) { alluxio.security.authorization.AclEntry.Builder builder = new alluxio.security.authorization.AclEntry.Builder(); builder.setType(getAclEntryType(entry)); builder.setSubject(entry.getName() == null ? "" : entry.getName()); FsAction permission = entry.getPermission(); if (permission.implies(FsAction.READ)) { builder.addAction(AclAction.READ); } else if (permission.implies(FsAction.WRITE)) { builder.addAction(AclAction.WRITE); } else if (permission.implies(FsAction.EXECUTE)) { builder.addAction(AclAction.EXECUTE); } if (entry.getScope().equals(AclEntryScope.ACCESS)) { acl.setEntry(builder.build()); } else { // default ACL, must be a directory defaultAcl.setEntry(builder.build()); } } if (isDir) { return new Pair<>(acl, defaultAcl); } else { // a null defaultACL indicates this is a file return new Pair<>(acl, null); } }
From source file:com.cloudera.hadoop.hdfs.nfs.nfs4.handlers.TestACCESSHandler.java
License:Apache License
@Test public void testPerms() throws Exception { List<PermTest> perms = Lists.newArrayList(); // read for owner when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.READ, FsAction.NONE, FsAction.NONE), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // read for group when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.READ, FsAction.NONE), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // read for other when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.READ), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // read for other when not owner perms.add(new PermTest("notroot", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.READ), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // read for other when not owner perms.add(new PermTest("root", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.READ), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // read for other when not owner or group perms.add(new PermTest("notroot", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.READ), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP)); // write for owner when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.WRITE, FsAction.NONE, FsAction.NONE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE)); // write for group when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.WRITE, FsAction.NONE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE)); // write for other when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.WRITE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE)); // write for other when not owner perms.add(new PermTest("notroot", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.WRITE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND)); // write for other when not owner perms.add(new PermTest("root", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.WRITE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE)); // write for other when not owner or group perms.add(/*from w w w. j a v a 2 s . c o m*/ new PermTest("notroot", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.WRITE), NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND)); // execute for owner when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.EXECUTE, FsAction.NONE, FsAction.NONE), NFS_ACCESS_EXECUTE)); // execute for group when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.EXECUTE, FsAction.NONE), NFS_ACCESS_EXECUTE)); // execute for other when owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.EXECUTE), NFS_ACCESS_EXECUTE)); // execute for other when not owner perms.add(new PermTest("notroot", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.EXECUTE), NFS_ACCESS_EXECUTE)); // execute for other when not owner perms.add(new PermTest("root", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.EXECUTE), NFS_ACCESS_EXECUTE)); // execute for other when not owner or group perms.add(new PermTest("notroot", "notwheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.EXECUTE), NFS_ACCESS_EXECUTE)); // no perms but owner, this might be rethought? perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.NONE), 0)); // all for user/group but not user/groups perms.add(new PermTest("notroot", "notwheel", new FsPermission(FsAction.ALL, FsAction.ALL, FsAction.NONE), 0)); // all for user/group but not user/group perms.add( new PermTest("notroot", "wheel", new FsPermission(FsAction.ALL, FsAction.NONE, FsAction.NONE), 0)); // owner has all, is owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.ALL, FsAction.NONE, FsAction.NONE), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP | NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE | NFS_ACCESS_EXECUTE)); // group has all is owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.ALL, FsAction.NONE), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP | NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE | NFS_ACCESS_EXECUTE)); // other has all is owner perms.add(new PermTest("root", "wheel", new FsPermission(FsAction.NONE, FsAction.NONE, FsAction.ALL), NFS_ACCESS_READ | NFS_ACCESS_LOOKUP | NFS_ACCESS_MODIFY | NFS_ACCESS_EXTEND | NFS_ACCESS_DELETE | NFS_ACCESS_EXECUTE)); for (PermTest permTest : perms) { when(filePermissions.toShort()).thenReturn(permTest.perm.toShort()); int result = ACCESSHandler.getPermsForUserGroup(permTest.user, new String[] { permTest.group }, fileStatus); assertEquals(permTest.toString(), Integer.toBinaryString(permTest.result), Integer.toBinaryString(result)); } }
From source file:com.ning.hfind.FileStatusAttributes.java
License:Apache License
@Override public boolean isExecutableBy(String user, Collection<String> groups) { return allows(FsAction.EXECUTE, user, groups); }
From source file:com.thinkbiganalytics.datalake.authorization.hdfs.HDFSUtil.java
License:Apache License
/** * @param hdfsPermission : Permission assgined by user. * @return : Final Permission to be set for creating ACL *//*from w ww . ja v a2 s . c o m*/ private FsAction getFinalPermission(String hdfsPermission) { HashMap<String, Integer> standardPermissionMap = new HashMap<>(); String[] permissions = hdfsPermission.split(","); standardPermissionMap.put(READ, 0); standardPermissionMap.put(WRITE, 0); standardPermissionMap.put(EXECUTE, 0); standardPermissionMap.put(NONE, 0); standardPermissionMap.put(ALL, 0); for (String permission : permissions) { permission = permission.toLowerCase(); switch (permission) { case READ: standardPermissionMap.put(READ, 1); break; case WRITE: standardPermissionMap.put(WRITE, 1); break; case EXECUTE: standardPermissionMap.put(EXECUTE, 1); break; case ALL: return FsAction.ALL; case NONE: return FsAction.NONE; default: standardPermissionMap.put(NONE, 1); } } if (standardPermissionMap.get(READ) == 1 && standardPermissionMap.get(WRITE) == 1 && standardPermissionMap.get(EXECUTE) == 1) { return FsAction.ALL; } if (standardPermissionMap.get(READ) == 1 && standardPermissionMap.get(WRITE) == 1) { return FsAction.READ_WRITE; } if (standardPermissionMap.get(READ) == 1 && standardPermissionMap.get(EXECUTE) == 1) { return FsAction.READ_EXECUTE; } if (standardPermissionMap.get(WRITE) == 1 && standardPermissionMap.get(EXECUTE) == 1) { return FsAction.WRITE_EXECUTE; } if (standardPermissionMap.get(WRITE) == 1) { return FsAction.WRITE; } if (standardPermissionMap.get(READ) == 1) { return FsAction.READ; } if (standardPermissionMap.get(EXECUTE) == 1) { return FsAction.EXECUTE; } // Default Permission - None return FsAction.NONE; }
From source file:com.yahoo.storm.yarn.Util.java
License:Open Source License
/** * Returns true if all ancestors of the specified path have the 'execute' * permission set for all users (i.e. that other users can traverse * the directory hierarchy to the given path) *//*from w w w . j a v a 2 s . c o m*/ static boolean ancestorsHaveExecutePermissions(FileSystem fs, Path path) throws IOException { Path current = path; while (current != null) { //the subdirs in the path should have execute permissions for others if (!checkPermissionOfOther(fs, current, FsAction.EXECUTE)) { return false; } current = current.getParent(); } return true; }
From source file:de.tiqsolutions.hdfs.HadoopFileSystem.java
License:Apache License
static FsPermission fromPosixPermissions(Set<PosixFilePermission> permissions) { FsAction u = FsAction.NONE, g = FsAction.NONE, o = FsAction.NONE; for (PosixFilePermission permission : permissions) { switch (permission) { case GROUP_EXECUTE: g = g.or(FsAction.EXECUTE); break; case GROUP_READ: g = g.or(FsAction.READ);/*from w ww .j av a 2 s . c om*/ break; case GROUP_WRITE: g = g.or(FsAction.WRITE); break; case OWNER_EXECUTE: u = u.or(FsAction.EXECUTE); break; case OWNER_READ: u = u.or(FsAction.READ); break; case OWNER_WRITE: u = u.or(FsAction.WRITE); break; case OTHERS_EXECUTE: o = o.or(FsAction.EXECUTE); break; case OTHERS_READ: o = o.or(FsAction.READ); break; case OTHERS_WRITE: o = o.or(FsAction.WRITE); break; default: break; } } return new FsPermission(u, g, o); }
From source file:de.tiqsolutions.hdfs.PosixAttributesImpl.java
License:Apache License
@Override public Set<PosixFilePermission> permissions() { Set<PosixFilePermission> permissions = new HashSet<>(); FsPermission permission = fileStatus.getPermission(); FsAction action = permission.getUserAction(); if (action != null) { int bits = action.ordinal(); if ((bits & FsAction.EXECUTE.ordinal()) > 0) permissions.add(PosixFilePermission.OWNER_EXECUTE); if ((bits & FsAction.WRITE.ordinal()) > 0) permissions.add(PosixFilePermission.OWNER_WRITE); if ((bits & FsAction.READ.ordinal()) > 0) permissions.add(PosixFilePermission.OWNER_READ); }//ww w. j ava 2 s. c om action = permission.getGroupAction(); if (action != null) { int bits = action.ordinal(); if ((bits & FsAction.EXECUTE.ordinal()) > 0) permissions.add(PosixFilePermission.GROUP_EXECUTE); if ((bits & FsAction.WRITE.ordinal()) > 0) permissions.add(PosixFilePermission.GROUP_WRITE); if ((bits & FsAction.READ.ordinal()) > 0) permissions.add(PosixFilePermission.GROUP_READ); } action = permission.getOtherAction(); if (action != null) { int bits = action.ordinal(); if ((bits & FsAction.EXECUTE.ordinal()) > 0) permissions.add(PosixFilePermission.OTHERS_EXECUTE); if ((bits & FsAction.WRITE.ordinal()) > 0) permissions.add(PosixFilePermission.OTHERS_WRITE); if ((bits & FsAction.READ.ordinal()) > 0) permissions.add(PosixFilePermission.OTHERS_READ); } return permissions; }
From source file:es.tid.cosmos.platform.injection.server.HadoopSshFile.java
License:Open Source License
@Override public boolean isExecutable() { return isAllowed(FsAction.EXECUTE); }
From source file:gobblin.data.management.copy.writer.FileAwareInputStreamDataWriter.java
License:Apache License
static FsPermission addExecutePermissionToOwner(FsPermission fsPermission) { FsAction newOwnerAction = fsPermission.getUserAction().or(FsAction.EXECUTE); return new FsPermission(newOwnerAction, fsPermission.getGroupAction(), fsPermission.getOtherAction()); }
From source file:hdfs.FileUtil.java
License:Apache License
/** * Set permissions to the required value. Uses the java primitives instead * of forking if group == other./*from w ww.j a v a 2 s .c o m*/ * @param f the file to change * @param permission the new permissions * @throws IOException */ public static void setPermission(File f, FsPermission permission) throws IOException { FsAction user = permission.getUserAction(); FsAction group = permission.getGroupAction(); FsAction other = permission.getOtherAction(); // use the native/fork if the group/other permissions are different // or if the native is available if (group != other || NativeIO.isAvailable()) { execSetPermission(f, permission); return; } boolean rv = true; // read perms rv = f.setReadable(group.implies(FsAction.READ), false); checkReturnValue(rv, f, permission); if (group.implies(FsAction.READ) != user.implies(FsAction.READ)) { f.setReadable(user.implies(FsAction.READ), true); checkReturnValue(rv, f, permission); } // write perms rv = f.setWritable(group.implies(FsAction.WRITE), false); checkReturnValue(rv, f, permission); if (group.implies(FsAction.WRITE) != user.implies(FsAction.WRITE)) { f.setWritable(user.implies(FsAction.WRITE), true); checkReturnValue(rv, f, permission); } // exec perms rv = f.setExecutable(group.implies(FsAction.EXECUTE), false); checkReturnValue(rv, f, permission); if (group.implies(FsAction.EXECUTE) != user.implies(FsAction.EXECUTE)) { f.setExecutable(user.implies(FsAction.EXECUTE), true); checkReturnValue(rv, f, permission); } }