big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HDDS-1545. Cli to add,remove,get and delete acls for Ozone objects. Contributed by Ajay Kumar. (#920)

Browse Source
This commit is contained in:
Ajay Yadav 2019-06-12 06:51:34 -07:00 committed by Xiaoyu Yao
parent 23c037906f
commit 3b31694c35
24 changed files with 1436 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OzoneAcl.java
View File

@ -134,6 +134,30 @@ public static OzoneAcl parseAcl(String acl) throws IllegalArgumentException {
return new OzoneAcl(aclType, parts[1], acls);
}
/**
* Parses an ACL string and returns the ACL object.
*
* @param acls - Acl String , Ex. user:anu:rw
*
* @return - Ozone ACLs
*/
public static List<OzoneAcl> parseAcls(String acls)
throws IllegalArgumentException {
if ((acls == null) || acls.isEmpty()) {
throw new IllegalArgumentException("ACLs cannot be null or empty");
}
String[] parts = acls.trim().split(",");
if (parts.length < 1) {
throw new IllegalArgumentException("ACLs are not in expected format");
}
List<OzoneAcl> ozAcls = new ArrayList<>();
for(String acl:parts) {
ozAcls.add(parseAcl(acl));
}
return ozAcls;
}
public static OzoneAclInfo toProtobuf(OzoneAcl acl) {
OzoneAclInfo.Builder builder = OzoneAclInfo.newBuilder()
.setName(acl.getName())

6
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneAclConfig.java
View File

@ -40,6 +40,9 @@ public class OzoneAclConfig {
"OzoneManager."
)
public void setUserDefaultRights(String userRights) {
if(userRights == null) {
userRights = "ALL";
}
this.userDefaultRights = ACLType.valueOf(userRights);
}
@ -51,6 +54,9 @@ public void setUserDefaultRights(String userRights) {
"OzoneManager."
)
public void setGroupDefaultRights(String groupRights) {
if(groupRights == null) {
groupRights = "ALL";
}
this.groupDefaultRights = ACLType.valueOf(groupRights);
}

6
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/OzoneObjInfo.java
View File

@ -75,8 +75,8 @@ public static OzoneObjInfo fromProtobuf(OzoneManagerProtocolProtos.OzoneObj
Builder builder = new Builder()
.setResType(ResourceType.valueOf(proto.getResType().name()))
.setStoreType(StoreType.valueOf(proto.getStoreType().name()));
String[] tokens = StringUtils.splitPreserveAllTokens(proto.getPath(),
OZONE_URI_DELIMITER);
String[] tokens = StringUtils.split(proto.getPath(),
OZONE_URI_DELIMITER, 3);
if(tokens == null) {
throw new IllegalArgumentException("Unexpected path:" + proto.getPath());
}
@ -94,7 +94,7 @@ public static OzoneObjInfo fromProtobuf(OzoneManagerProtocolProtos.OzoneObj
builder.setBucketName(tokens[1]);
break;
case KEY:
if (tokens.length != 3) {
if (tokens.length < 3) {
throw new IllegalArgumentException("Unexpected argument for " +
"Ozone key. Path:" + proto.getPath());
}

18
hadoop-ozone/common/src/main/proto/OzoneManagerProtocol.proto
View File

@ -507,15 +507,15 @@ message OzoneAclInfo {
}
enum OzoneAclRights {
CREATE = 1;
LIST = 2;
DELETE = 3;
READ = 4;
WRITE = 5;
READ_ACL = 6;
WRITE_ACL = 7;
ALL = 8;
NONE = 9;
READ = 1;
WRITE = 2;
CREATE = 3;
LIST = 4;
DELETE = 5;
READ_ACL = 6;
WRITE_ACL = 7;
ALL = 8;
NONE = 9;
}
required OzoneAclType type = 1;
required string name = 2;

42
hadoop-ozone/common/src/test/java/org/apache/hadoop/ozone/TestOzoneAcls.java
View File

@ -20,10 +20,12 @@
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLIdentityType;
import org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType;
import org.apache.hadoop.test.LambdaTestUtils;
import org.junit.Test;
import java.util.HashMap;
import java.util.List;
import java.util.Set;
import static org.apache.hadoop.ozone.security.acl.IAccessAuthorizer.ACLType.*;
@ -202,4 +204,44 @@ public void testAclValues() throws Exception {
" is not", () -> OzoneAcl.parseAcl("world::rwdlncxncxdfsfgbny"));
}
@Test
public void testBitSetToListConversion() throws Exception {
OzoneAcl acl = OzoneAcl.parseAcl("user:bilbo:rw");
List<ACLType> rights = acl.getAclList();
assertTrue(rights.size() == 2);
assertTrue(rights.contains(READ));
assertTrue(rights.contains(WRITE));
assertFalse(rights.contains(CREATE));
acl = OzoneAcl.parseAcl("user:bilbo:a");
rights = acl.getAclList();
assertTrue(rights.size() == 1);
assertTrue(rights.contains(ALL));
assertFalse(rights.contains(WRITE));
assertFalse(rights.contains(CREATE));
acl = OzoneAcl.parseAcl("user:bilbo:cxy");
rights = acl.getAclList();
assertTrue(rights.size() == 3);
assertTrue(rights.contains(CREATE));
assertTrue(rights.contains(READ_ACL));
assertTrue(rights.contains(WRITE_ACL));
assertFalse(rights.contains(WRITE));
assertFalse(rights.contains(READ));
List<OzoneAcl> acls = OzoneAcl.parseAcls("user:bilbo:cxy,group:hadoop:a");
assertTrue(acls.size() == 2);
rights = acls.get(0).getAclList();
assertTrue(rights.size() == 3);
assertTrue(rights.contains(CREATE));
assertTrue(rights.contains(READ_ACL));
assertTrue(rights.contains(WRITE_ACL));
assertFalse(rights.contains(WRITE));
assertFalse(rights.contains(READ));
rights = acls.get(1).getAclList();
assertTrue(rights.contains(ALL));
}
}

69
hadoop-ozone/common/src/test/java/org/apache/hadoop/ozone/security/acl/TestOzoneObjInfo.java
View File

@ -16,8 +16,11 @@
*/
package org.apache.hadoop.ozone.security.acl;
import org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos;
import org.junit.Test;
import static org.apache.hadoop.ozone.OzoneConsts.OZONE_URI_DELIMITER;
import static org.apache.hadoop.ozone.protocol.proto.OzoneManagerProtocolProtos.OzoneObj.ObjectType.*;
import static org.junit.Assert.*;
import org.apache.hadoop.ozone.security.acl.OzoneObj.ResourceType;
@ -76,13 +79,73 @@ public void testGetKeyName() {
objInfo = getBuilder(volume, bucket, key).build();
assertEquals(objInfo.getKeyName(), key);
objInfo =getBuilder(volume, null, null).build();
objInfo = getBuilder(volume, null, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo =getBuilder(null, bucket, null).build();
objInfo = getBuilder(null, bucket, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo =getBuilder(null, null, key).build();
objInfo = getBuilder(null, null, key).build();
assertEquals(objInfo.getKeyName(), key);
}
@Test
public void testFromProtobufOp() {
// Key with long path.
key = "dir1/dir2/dir3/dir4/dir5/abc.txt";
OzoneManagerProtocolProtos.OzoneObj protoObj = OzoneManagerProtocolProtos.
OzoneObj.newBuilder()
.setResType(KEY)
.setStoreType(OzoneManagerProtocolProtos.OzoneObj.StoreType.OZONE)
.setPath(volume + OZONE_URI_DELIMITER +
bucket + OZONE_URI_DELIMITER + key)
.build();
objInfo = OzoneObjInfo.fromProtobuf(protoObj);
assertEquals(objInfo.getKeyName(), key);
objInfo = getBuilder(volume, null, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, bucket, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, null, key).build();
assertEquals(objInfo.getKeyName(), key);
// Key with long path.
key = "dir1/dir2/dir3/dir4/dir5/abc.txt";
protoObj = OzoneManagerProtocolProtos.
OzoneObj.newBuilder()
.setResType(KEY)
.setStoreType(OzoneManagerProtocolProtos.OzoneObj.StoreType.OZONE)
.setPath(OZONE_URI_DELIMITER + volume + OZONE_URI_DELIMITER +
bucket + OZONE_URI_DELIMITER + key)
.build();
objInfo = OzoneObjInfo.fromProtobuf(protoObj);
assertEquals(objInfo.getKeyName(), key);
objInfo = getBuilder(volume, null, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, bucket, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, null, key).build();
assertEquals(objInfo.getKeyName(), key);
// Key with long path.
key = "dir1/dir2/dir3/dir4/dir5/";
protoObj = OzoneManagerProtocolProtos.
OzoneObj.newBuilder()
.setResType(KEY)
.setStoreType(OzoneManagerProtocolProtos.OzoneObj.StoreType.OZONE)
.setPath(OZONE_URI_DELIMITER + volume + OZONE_URI_DELIMITER +
bucket + OZONE_URI_DELIMITER + key)
.build();
objInfo = OzoneObjInfo.fromProtobuf(protoObj);
assertEquals(objInfo.getKeyName(), key);
objInfo = getBuilder(volume, null, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, bucket, null).build();
assertEquals(objInfo.getKeyName(), null);
objInfo = getBuilder(null, null, key).build();
assertEquals(objInfo.getKeyName(), key);
}
}

62
hadoop-ozone/dist/src/main/smoketest/basic/ozone-shell.robot vendored
View File

@ -25,11 +25,20 @@ Test Timeout 2 minute
RpcClient with port
Test ozone shell o3:// om:9862 rpcwoport
RpcClient volume acls
Test Volume Acls o3:// om:9862 rpcwoport2
RpcClient bucket acls
Test Bucket Acls o3:// om:9862 rpcwoport2
RpcClient key acls
Test Key Acls o3:// om:9862 rpcwoport2
RpcClient without host
Test ozone shell o3:// ${EMPTY} rpcwport
Test ozone shell o3:// ${EMPTY} rpcwport
RpcClient without scheme
Test ozone shell ${EMPTY} ${EMPTY} rpcwoscheme
Test ozone shell ${EMPTY} ${EMPTY} rpcwoscheme
*** Keywords ***
@ -60,6 +69,39 @@ Test ozone shell
Execute ozone sh bucket delete ${protocol}${server}/${volume}/bb1
Execute ozone sh volume delete ${protocol}${server}/${volume} --user bilbo
Test Volume Acls
[arguments] ${protocol} ${server} ${volume}
Execute ozone sh volume create ${protocol}${server}/${volume}
${result} = Execute ozone sh volume getacl ${protocol}${server}/${volume}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh volume addacl ${protocol}${server}/${volume} -a user:superuser1:rwxy
${result} = Execute ozone sh volume getacl ${protocol}${server}/${volume}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh volume removeacl ${protocol}${server}/${volume} -a user:superuser1:xy
${result} = Execute ozone sh volume getacl ${protocol}${server}/${volume}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh volume setacl ${protocol}${server}/${volume} -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh volume getacl ${protocol}${server}/${volume}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
Test Bucket Acls
[arguments] ${protocol} ${server} ${volume}
Execute ozone sh bucket create ${protocol}${server}/${volume}/bb1
${result} = Execute ozone sh bucket getacl ${protocol}${server}/${volume}/bb1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh bucket addacl ${protocol}${server}/${volume}/bb1 -a user:superuser1:rwxy
${result} = Execute ozone sh bucket getacl ${protocol}${server}/${volume}/bb1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh bucket removeacl ${protocol}${server}/${volume}/bb1 -a user:superuser1:xy
${result} = Execute ozone sh bucket getacl ${protocol}${server}/${volume}/bb1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh bucket setacl ${protocol}${server}/${volume}/bb1 -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh bucket getacl ${protocol}${server}/${volume}/bb1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
Test key handling
[arguments] ${protocol} ${server} ${volume}
Execute ozone sh key put ${protocol}${server}/${volume}/bb1/key1 /opt/hadoop/NOTICE.txt
@ -74,3 +116,19 @@ Test key handling
${result} = Execute ozone sh key list ${protocol}${server}/${volume}/bb1 | grep -Ev 'Removed|WARN|DEBUG|ERROR|INFO|TRACE' | jq -r '.[].keyName'
Should Be Equal ${result} key2
Execute ozone sh key delete ${protocol}${server}/${volume}/bb1/key2
Test key Acls
[arguments] ${protocol} ${server} ${volume}
Execute ozone sh key put ${protocol}${server}/${volume}/bb1/key2 /opt/hadoop/NOTICE.txt
${result} = Execute ozone sh key getacl ${protocol}${server}/${volume}/bb1/key2
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh key addacl ${protocol}${server}/${volume}/bb1/key2 -a user:superuser1:rwxy
${result} = Execute ozone sh key getacl ${protocol}${server}/${volume}/bb1/key2
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh key removeacl ${protocol}${server}/${volume}/bb1/key2 -a user:superuser1:xy
${result} = Execute ozone sh key getacl ${protocol}${server}/${volume}/bb1/key2
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh key setacl ${protocol}${server}/${volume}/bb1/key2 -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh key getacl ${protocol}${server}/${volume}/bb1/key2
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"

50
hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-fs.robot vendored
View File

@ -28,6 +28,7 @@ Setup volume names
${random} Generate Random String 2 [NUMBERS]
Set Suite Variable ${volume1} fstest${random}
Set Suite Variable ${volume2} fstest2${random}
Set Suite Variable ${volume3} fstest3${random}
*** Test Cases ***
Create volume bucket with wrong credentials
@ -46,4 +47,51 @@ Create volume bucket with credentials
Execute ozone sh bucket create o3://om/${volume2}/bucket3
Check volume from ozonefs
${result} = Execute ozone fs -ls o3fs://bucket1.${volume1}/
${result} = Execute ozone fs -ls o3fs://bucket1.${volume1}/
Test Volume Acls
${result} = Execute ozone sh volume create ${volume3}
Should not contain ${result} Failed
${result} = Execute ozone sh volume getacl ${volume3}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh volume addacl ${volume3} -a user:superuser1:rwxy
${result} = Execute ozone sh volume getacl ${volume3}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh volume removeacl ${volume3} -a user:superuser1:xy
${result} = Execute ozone sh volume getacl ${volume3}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh volume setacl ${volume3} -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh volume getacl ${volume3}
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
Test Bucket Acls
${result} = Execute ozone sh bucket create ${volume3}/bk1
Should not contain ${result} Failed
${result} = Execute ozone sh bucket getacl ${volume3}/bk1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh bucket addacl ${volume3}/bk1 -a user:superuser1:rwxy
${result} = Execute ozone sh bucket getacl ${volume3}/bk1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh bucket removeacl ${volume3}/bk1 -a user:superuser1:xy
${result} = Execute ozone sh bucket getacl ${volume3}/bk1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh bucket setacl ${volume3}/bk1 -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh bucket getacl ${volume3}/bk1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
Test key Acls
Execute ozone sh key put ${volume3}/bk1/key1 /opt/hadoop/NOTICE.txt
${result} = Execute ozone sh key getacl ${volume3}/bk1/key1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \".*\",\n.*\"aclList\" : . \"ALL\" .
${result} = Execute ozone sh key addacl ${volume3}/bk1/key1 -a user:superuser1:rwxy
${result} = Execute ozone sh key getacl ${volume3}/bk1/key1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
${result} = Execute ozone sh key removeacl ${volume3}/bk1/key1 -a user:superuser1:xy
${result} = Execute ozone sh key getacl ${volume3}/bk1/key1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
${result} = Execute ozone sh key setacl ${volume3}/bk1/key1 -al user:superuser1:rwxy,group:superuser1:a
${result} = Execute ozone sh key getacl ${volume3}/bk1/key1
Should Match Regexp ${result} \"type\" : \"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", \"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
Should Match Regexp ${result} \"type\" : \"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"

3
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/protocolPB/OzoneManagerRequestHandler.java
View File

@ -411,7 +411,8 @@ private RemoveAclResponse removeAcl(RemoveAclRequest req)
private SetAclResponse setAcl(SetAclRequest req) throws IOException {
List<OzoneAcl> ozoneAcl = new ArrayList<>();
req.getAclList().forEach(a -> ozoneAcl.add(OzoneAcl.fromProtobuf(a)));
req.getAclList().forEach(a ->
ozoneAcl.add(OzoneAcl.fromProtobuf(a)));
boolean response = impl.setAcl(OzoneObjInfo.fromProtobuf(req.getObj()),
ozoneAcl);
return SetAclResponse.newBuilder().setResponse(response).build();

101
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/bucket/AddAclBucketHandler.java Normal file
View File

@ -0,0 +1,101 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.bucket;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Add acl handler for bucket.
*/
@Command(name = "addacl",
description = "Add a new Acl.")
public class AddAclBucketHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "new acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureBucketAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.BUCKET)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().addAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

6
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/bucket/BucketCommands.java
View File

@ -39,7 +39,11 @@
ListBucketHandler.class,
CreateBucketHandler.class,
UpdateBucketHandler.class,
DeleteBucketHandler.class
DeleteBucketHandler.class,
AddAclBucketHandler.class,
RemoveAclBucketHandler.class,
GetAclBucketHandler.class,
SetAclBucketHandler.class
},
mixinStandardHelpOptions = true,
versionProvider = HddsVersionProvider.class)

84
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/bucket/GetAclBucketHandler.java Normal file
View File

@ -0,0 +1,84 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.bucket;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.List;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Get acl handler for bucket.
*/
@Command(name = "getacl",
description = "List all acls.")
public class GetAclBucketHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
OzoneAddress address = new OzoneAddress(uri);
address.ensureBucketAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.BUCKET)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
List<OzoneAcl> result = client.getObjectStore().getAcl(obj);
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString(result)));
client.close();
return null;
}
}

101
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/bucket/RemoveAclBucketHandler.java Normal file
View File

@ -0,0 +1,101 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.bucket;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Executes Info bucket.
*/
@Command(name = "removeacl",
description = "Remove an acl.")
public class RemoveAclBucketHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "Remove acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Remove acl handler for bucket.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureBucketAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.BUCKET)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().removeAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl removed successfully: " + result)));
client.close();
return null;
}
}

101
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/bucket/SetAclBucketHandler.java Normal file
View File

@ -0,0 +1,101 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.bucket;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Set acl handler for bucket.
*/
@Command(name = "setacl",
description = "Set acls.")
public class SetAclBucketHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acls", "-al"},
required = true,
description = "Comma seperated acls." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw,user:user2:a,group:hadoop:a")
private String acls;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acls, "Acls to be set not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureBucketAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.BUCKET)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().setAcl(obj,
OzoneAcl.parseAcls(acls));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

104
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/keys/AddAclKeyHandler.java Normal file
View File

@ -0,0 +1,104 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.keys;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Add acl handler for key.
*/
@Command(name = "addacl",
description = "Add a new Acl.")
public class AddAclKeyHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "Add acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureKeyAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
String keyName = address.getKeyName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
System.out.printf("Key Name : %s%n", keyName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setKeyName(address.getKeyName())
.setResType(OzoneObj.ResourceType.KEY)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().addAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

87
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/keys/GetAclKeyHandler.java Normal file
View File

@ -0,0 +1,87 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.keys;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.List;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Get acl handler for Key.
*/
@Command(name = "getacl",
description = "List all acls.")
public class GetAclKeyHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
OzoneAddress address = new OzoneAddress(uri);
address.ensureKeyAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
String keyName = address.getKeyName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
System.out.printf("Key Name : %s%n", keyName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setKeyName(keyName)
.setResType(OzoneObj.ResourceType.KEY)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
List<OzoneAcl> result = client.getObjectStore().getAcl(obj);
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString(result)));
client.close();
return null;
}
}

6
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/keys/KeyCommands.java
View File

@ -40,7 +40,11 @@
GetKeyHandler.class,
PutKeyHandler.class,
RenameKeyHandler.class,
DeleteKeyHandler.class
DeleteKeyHandler.class,
AddAclKeyHandler.class,
RemoveAclKeyHandler.class,
SetAclKeyHandler.class,
GetAclKeyHandler.class
},
mixinStandardHelpOptions = true,
versionProvider = HddsVersionProvider.class)

104
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/keys/RemoveAclKeyHandler.java Normal file
View File

@ -0,0 +1,104 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.keys;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Remove acl handler for key.
*/
@Command(name = "removeacl",
description = "Remove an acl.")
public class RemoveAclKeyHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "Remove acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureKeyAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
String keyName = address.getKeyName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
System.out.printf("Key Name : %s%n", keyName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setKeyName(keyName)
.setResType(OzoneObj.ResourceType.KEY)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().removeAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

103
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/keys/SetAclKeyHandler.java Normal file
View File

@ -0,0 +1,103 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.keys;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Set acl handler for Key.
*/
@Command(name = "setacl",
description = "Set acls.")
public class SetAclKeyHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acls", "-al"},
required = true,
description = "Comma separated acls." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw,user:user2:a,group:hadoop:a")
private String acls;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acls, "New acls to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureKeyAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
String keyName = address.getKeyName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setKeyName(keyName)
.setResType(OzoneObj.ResourceType.KEY)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().setAcl(obj,
OzoneAcl.parseAcls(acls));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

98
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/volume/AddAclVolumeHandler.java Normal file
View File

@ -0,0 +1,98 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.volume;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Add acl handler for volume.
*/
@Command(name = "addacl",
description = "Add a new Acl.")
public class AddAclVolumeHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "Add acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureVolumeAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.VOLUME)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().addAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

78
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/volume/GetAclVolumeHandler.java Normal file
View File

@ -0,0 +1,78 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.volume;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.List;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Get acl handler for volume.
*/
@Command(name = "getacl",
description = "List all acls.")
public class GetAclVolumeHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
OzoneAddress address = new OzoneAddress(uri);
address.ensureVolumeAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.VOLUME)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
List<OzoneAcl> result = client.getObjectStore().getAcl(obj);
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString(result)));
client.close();
return null;
}
}

98
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/volume/RemoveAclVolumeHandler.java Normal file
View File

@ -0,0 +1,98 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.volume;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Remove acl handler for volume.
*/
@Command(name = "removeacl",
description = "Remove an acl.")
public class RemoveAclVolumeHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acl", "-a"},
required = true,
description = "Remove acl." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw or group:hadoop:rw")
private String acl;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acl, "New acl to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureVolumeAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.VOLUME)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
boolean result = client.getObjectStore().removeAcl(obj,
OzoneAcl.parseAcl(acl));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl removed successfully: " + result)));
client.close();
return null;
}
}

101
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/volume/SetAclVolumeHandler.java Normal file
View File

@ -0,0 +1,101 @@
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.apache.hadoop.ozone.web.ozShell.volume;
import org.apache.hadoop.ozone.OzoneAcl;
import org.apache.hadoop.ozone.client.OzoneClient;
import org.apache.hadoop.ozone.security.acl.OzoneObj;
import org.apache.hadoop.ozone.security.acl.OzoneObjInfo;
import org.apache.hadoop.ozone.web.ozShell.Handler;
import org.apache.hadoop.ozone.web.ozShell.OzoneAddress;
import org.apache.hadoop.ozone.web.ozShell.Shell;
import org.apache.hadoop.ozone.web.utils.JsonUtils;
import picocli.CommandLine;
import picocli.CommandLine.Command;
import picocli.CommandLine.Parameters;
import java.util.Objects;
import static org.apache.hadoop.ozone.security.acl.OzoneObj.StoreType.OZONE;
/**
* Set acl handler for volume.
*/
@Command(name = "setacl",
description = "Set acls.")
public class SetAclVolumeHandler extends Handler {
@Parameters(arity = "1..1", description = Shell.OZONE_BUCKET_URI_DESCRIPTION)
private String uri;
@CommandLine.Option(names = {"--acls", "-al"},
required = true,
description = "Comma separated acls." +
"r = READ," +
"w = WRITE," +
"c = CREATE," +
"d = DELETE," +
"l = LIST," +
"a = ALL," +
"n = NONE," +
"x = READ_AC," +
"y = WRITE_AC" +
"Ex user:user1:rw,user:user2:a,group:hadoop:a")
private String acls;
@CommandLine.Option(names = {"--store", "-s"},
required = false,
description = "store type. i.e OZONE or S3")
private String storeType;
/**
* Executes the Client Calls.
*/
@Override
public Void call() throws Exception {
Objects.requireNonNull(acls, "New acls to be added not specified.");
OzoneAddress address = new OzoneAddress(uri);
address.ensureVolumeAddress();
OzoneClient client = address.createClient(createOzoneConfiguration());
String volumeName = address.getVolumeName();
String bucketName = address.getBucketName();
if (isVerbose()) {
System.out.printf("Volume Name : %s%n", volumeName);
System.out.printf("Bucket Name : %s%n", bucketName);
}
OzoneObj obj = OzoneObjInfo.Builder.newBuilder()
.setBucketName(bucketName)
.setVolumeName(volumeName)
.setResType(OzoneObj.ResourceType.VOLUME)
.setStoreType(storeType == null ? OZONE :
OzoneObj.StoreType.valueOf(storeType))
.build();
System.out.printf(" acls" +acls.length() + " " + acls);
boolean result = client.getObjectStore().setAcl(obj,
OzoneAcl.parseAcls(acls));
System.out.printf("%s%n", JsonUtils.toJsonStringWithDefaultPrettyPrinter(
JsonUtils.toJsonString("Acl set successfully: " + result)));
client.close();
return null;
}
}

6
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/web/ozShell/volume/VolumeCommands.java
View File

@ -40,7 +40,11 @@
ListVolumeHandler.class,
CreateVolumeHandler.class,
UpdateVolumeHandler.class,
DeleteVolumeHandler.class
DeleteVolumeHandler.class,
AddAclVolumeHandler.class,
RemoveAclVolumeHandler.class,
SetAclVolumeHandler.class,
GetAclVolumeHandler.class
},
mixinStandardHelpOptions = true,
versionProvider = HddsVersionProvider.class)