List of usage examples for org.apache.hadoop.yarn.api.records ApplicationAccessType MODIFY_APP
ApplicationAccessType MODIFY_APP
To view the source code for org.apache.hadoop.yarn.api.records ApplicationAccessType MODIFY_APP.
Click Source Link
From source file:org.apache.apex.engine.security.ACLManager.java
License:Apache License
public static void setupUserACLs(ContainerLaunchContext launchContext, String userName, Configuration conf) throws IOException { logger.debug("Setup login acls {}", userName); if (areACLsRequired(conf)) { logger.debug("Configuring ACLs for {}", userName); Map<ApplicationAccessType, String> acls = Maps.newHashMap(); acls.put(ApplicationAccessType.VIEW_APP, userName); acls.put(ApplicationAccessType.MODIFY_APP, userName); launchContext.setApplicationACLs(acls); }//from ww w . j av a2s. c om }
From source file:org.apache.oozie.action.hadoop.TestYarnACLHandler.java
License:Apache License
private void assertModifyACLset() { verifyACLset("Modify ACL", MODIFY_ACL_VALUE, ApplicationAccessType.MODIFY_APP); }
From source file:org.apache.oozie.action.hadoop.YarnACLHandler.java
License:Apache License
public void setACLs(ContainerLaunchContext containerLaunchContext) { Map<ApplicationAccessType, String> aclDefinition = new HashMap<>(); String viewAcl = launcherConf.get(JavaActionExecutor.LAUNCER_VIEW_ACL); if (viewAcl != null) { LOG.info("Setting view-acl: [{0}]", viewAcl); aclDefinition.put(ApplicationAccessType.VIEW_APP, viewAcl); }/* w ww . jav a2s. com*/ String modifyAcl = launcherConf.get(JavaActionExecutor.LAUNCER_MODIFY_ACL); if (modifyAcl != null) { LOG.info("Setting modify-acl: [{0}]", modifyAcl); aclDefinition.put(ApplicationAccessType.MODIFY_APP, modifyAcl); } if (!aclDefinition.isEmpty()) { containerLaunchContext.setApplicationACLs(aclDefinition); } }
From source file:org.apache.samza.config.YarnConfig.java
License:Apache License
/** * Helper function to get all application acls * @return a map of {@link ApplicationAccessType} to {@link String} for all the acls defined *//*from w ww. j a va2 s .c om*/ public Map<ApplicationAccessType, String> getYarnApplicationAcls() { Map<ApplicationAccessType, String> acls = new HashMap<>(); String viewAcl = getYarnApplicationViewAcl(); String modifyAcl = getYarnApplicationModifyAcl(); if (viewAcl != null) { acls.put(ApplicationAccessType.VIEW_APP, viewAcl); } if (modifyAcl != null) { acls.put(ApplicationAccessType.MODIFY_APP, modifyAcl); } return acls; }
From source file:org.apache.tez.common.security.ACLManager.java
License:Apache License
public Map<ApplicationAccessType, String> toYARNACls() { Map<ApplicationAccessType, String> acls = new HashMap<ApplicationAccessType, String>(2); if (!this.aclsEnabled) { acls.put(ApplicationAccessType.VIEW_APP, "*"); acls.put(ApplicationAccessType.MODIFY_APP, "*"); return acls; }//w w w .j ava 2s . c om acls.put(ApplicationAccessType.VIEW_APP, amUser); acls.put(ApplicationAccessType.MODIFY_APP, amUser); boolean viewAclsWildCard = false; boolean modifyAclsWildCard = false; if (users != null && !users.isEmpty()) { for (Entry<ACLType, Set<String>> entry : users.entrySet()) { if (entry.getKey().equals(ACLType.AM_VIEW_ACL)) { if (entry.getValue().contains(WILDCARD_ACL_VALUE)) { acls.put(ApplicationAccessType.VIEW_APP, "*"); viewAclsWildCard = true; continue; } else if (!entry.getValue().isEmpty()) { String aclsStr = acls.get(ApplicationAccessType.VIEW_APP); String commaSepList = toCommaSeparatedString(entry.getValue()); if (!commaSepList.isEmpty()) { aclsStr += "," + commaSepList; } acls.put(ApplicationAccessType.VIEW_APP, aclsStr); } } else if (entry.getKey().equals(ACLType.AM_MODIFY_ACL)) { if (entry.getValue().contains(WILDCARD_ACL_VALUE)) { acls.put(ApplicationAccessType.MODIFY_APP, "*"); modifyAclsWildCard = true; continue; } else if (!entry.getValue().isEmpty()) { String aclsStr = acls.get(ApplicationAccessType.MODIFY_APP); String commaSepList = toCommaSeparatedString(entry.getValue()); if (!commaSepList.isEmpty()) { aclsStr += "," + commaSepList; } acls.put(ApplicationAccessType.MODIFY_APP, aclsStr); } } } } if (groups != null && !groups.isEmpty()) { for (Entry<ACLType, Set<String>> entry : groups.entrySet()) { if (entry.getKey().equals(ACLType.AM_VIEW_ACL) && !viewAclsWildCard && !entry.getValue().isEmpty()) { // Append groups only if wild card not set String aclsStr = acls.containsKey(ApplicationAccessType.VIEW_APP) ? acls.get(ApplicationAccessType.VIEW_APP) : ""; aclsStr += " " + toCommaSeparatedString(entry.getValue()); acls.put(ApplicationAccessType.VIEW_APP, aclsStr); } else if (entry.getKey().equals(ACLType.AM_MODIFY_ACL) && !modifyAclsWildCard && !entry.getValue().isEmpty()) { // Append groups only if wild card not set String aclsStr = acls.containsKey(ApplicationAccessType.MODIFY_APP) ? acls.get(ApplicationAccessType.MODIFY_APP) : ""; aclsStr += " " + toCommaSeparatedString(entry.getValue()); acls.put(ApplicationAccessType.MODIFY_APP, aclsStr); } } } return acls; }
From source file:org.apache.tez.common.security.TestACLManager.java
License:Apache License
@Test(timeout = 5000) public void testConvertToYARNACLs() { String currentUser = "c1"; Configuration conf = new Configuration(false); String viewACLs = "user1,user4,, grp3,grp4 "; conf.set(TezConfiguration.TEZ_AM_VIEW_ACLS, viewACLs); conf.set(TezConfiguration.TEZ_AM_MODIFY_ACLS, " * "); ACLManager aclManager = new ACLManager(currentUser, conf); Map<ApplicationAccessType, String> yarnAcls = aclManager.toYARNACls(); Assert.assertTrue(yarnAcls.containsKey(ApplicationAccessType.VIEW_APP)); Assert.assertEquals("c1,user1,user4 grp3,grp4", yarnAcls.get(ApplicationAccessType.VIEW_APP)); Assert.assertTrue(yarnAcls.containsKey(ApplicationAccessType.MODIFY_APP)); Assert.assertEquals("*", yarnAcls.get(ApplicationAccessType.MODIFY_APP)); viewACLs = " grp3,grp4 "; conf.set(TezConfiguration.TEZ_AM_VIEW_ACLS, viewACLs); ACLManager aclManager1 = new ACLManager(currentUser, conf); yarnAcls = aclManager1.toYARNACls(); Assert.assertEquals("c1 grp3,grp4", yarnAcls.get(ApplicationAccessType.VIEW_APP)); }