big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HADOOP-15872. ABFS: Update to target 2018-11-09 REST version for ADLS Gen 2.

Browse Source 
Contributed by Junhua Gu and Da Zhou.
This commit is contained in:
Da Zhou 2018-11-23 14:17:36 +00:00 committed by Steve Loughran
parent 753f421350
commit a8302e398c
No known key found for this signature in database
GPG Key ID: D22CF846DBB162A0
11 changed files with 208 additions and 151 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/AbfsConfiguration.java
View File

@ -166,6 +166,10 @@ public class AbfsConfiguration{
DefaultValue = DEFAULT_ENABLE_HTTPS)
private boolean alwaysUseHttps;
@BooleanConfigurationValidatorAnnotation(ConfigurationKey = FS_AZURE_USE_UPN,
DefaultValue = DEFAULT_USE_UPN)
private boolean useUpn;
private Map<String, String> storageAccountKeys;
public AbfsConfiguration(final Configuration rawConfig, String accountName)
@ -441,6 +445,10 @@ public boolean isHttpsAlwaysUsed() {
return this.alwaysUseHttps;
}
public boolean isUpnUsed() {
return this.useUpn;
}
public AccessTokenProvider getTokenProvider() throws TokenAccessProviderException {
AuthType authType = getEnum(FS_AZURE_ACCOUNT_AUTH_TYPE_PROPERTY_NAME, AuthType.SharedKey);
if (authType == AuthType.OAuth) {

64
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/AzureBlobFileSystemStore.java
View File

@ -87,8 +87,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import static org.apache.hadoop.fs.azurebfs.constants.AbfsHttpConstants.SUPER_USER;
import static org.apache.hadoop.fs.azurebfs.constants.ConfigurationKeys.AZURE_ABFS_ENDPOINT;
import static org.apache.hadoop.fs.azurebfs.constants.ConfigurationKeys.FS_AZURE_ACCOUNT_AUTH_TYPE_PROPERTY_NAME;
import static org.apache.hadoop.util.Time.now;
/**
@ -114,6 +114,7 @@ public class AzureBlobFileSystemStore {
private final Set<String> azureAtomicRenameDirSet;
private boolean isNamespaceEnabledSet;
private boolean isNamespaceEnabled;
private final AuthType authType;
public AzureBlobFileSystemStore(URI uri, boolean isSecureScheme, Configuration configuration, UserGroupInformation userGroupInformation)
throws AzureBlobFileSystemException, IOException {
@ -142,11 +143,11 @@ public AzureBlobFileSystemStore(URI uri, boolean isSecureScheme, Configuration c
this.azureAtomicRenameDirSet = new HashSet<>(Arrays.asList(
abfsConfiguration.getAzureAtomicRenameDirs().split(AbfsHttpConstants.COMMA)));
boolean usingOauth = (AuthType.OAuth == abfsConfiguration.getEnum(
FS_AZURE_ACCOUNT_AUTH_TYPE_PROPERTY_NAME, AuthType.SharedKey));
this.authType = abfsConfiguration.getAuthType(accountName);
boolean usingOauth = (authType == AuthType.OAuth);
boolean useHttps = (usingOauth || abfsConfiguration.isHttpsAlwaysUsed()) ? true : isSecureScheme;
initializeClient(uri, fileSystemName, accountName, useHttps);
}
private String[] authorityParts(URI uri) throws InvalidUriAuthorityException, InvalidUriException {
@ -262,7 +263,7 @@ public Hashtable<String, String> getPathProperties(final Path path) throws Azure
path);
final Hashtable<String, String> parsedXmsProperties;
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path));
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path), isNamespaceEnabled);
final String xMsProperties = op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_PROPERTIES);
@ -344,7 +345,7 @@ public AbfsInputStream openFileForRead(final Path path, final FileSystem.Statist
client.getFileSystem(),
path);
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path));
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path), isNamespaceEnabled);
final String resourceType = op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_RESOURCE_TYPE);
final long contentLength = Long.parseLong(op.getResult().getResponseHeader(HttpHeaderConfigurations.CONTENT_LENGTH));
@ -371,7 +372,7 @@ public OutputStream openFileForWrite(final Path path, final boolean overwrite) t
path,
overwrite);
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path));
final AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path), isNamespaceEnabled);
final String resourceType = op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_RESOURCE_TYPE);
final Long contentLength = Long.valueOf(op.getResult().getResponseHeader(HttpHeaderConfigurations.CONTENT_LENGTH));
@ -471,8 +472,8 @@ public FileStatus getFileStatus(final Path path) throws IOException {
final boolean hasAcl = AbfsPermission.isExtendedAcl(permissions);
return new VersionedFileStatus(
owner == null ? userName : owner,
group == null ? primaryUserGroup : group,
isSuperUserOrEmpty(owner) ? userName : owner,
isSuperUserOrEmpty(group) ? primaryUserGroup : group,
permissions == null ? new AbfsPermission(FsAction.ALL, FsAction.ALL, FsAction.ALL)
: AbfsPermission.valueOf(permissions),
hasAcl,
@ -484,7 +485,7 @@ public FileStatus getFileStatus(final Path path) throws IOException {
path,
eTag);
} else {
AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path));
AbfsRestOperation op = client.getPathProperties(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path), isNamespaceEnabled);
final long blockSize = abfsConfiguration.getAzureBlockSize();
final AbfsHttpOperation result = op.getResult();
@ -498,8 +499,8 @@ public FileStatus getFileStatus(final Path path) throws IOException {
final boolean hasAcl = AbfsPermission.isExtendedAcl(permissions);
return new VersionedFileStatus(
owner == null ? userName : owner,
group == null ? primaryUserGroup : group,
isSuperUserOrEmpty(owner) ? userName : owner,
isSuperUserOrEmpty(group) ? primaryUserGroup : group,
permissions == null ? new AbfsPermission(FsAction.ALL, FsAction.ALL, FsAction.ALL)
: AbfsPermission.valueOf(permissions),
hasAcl,
@ -537,8 +538,8 @@ public FileStatus[] listStatus(final Path path) throws IOException {
long blockSize = abfsConfiguration.getAzureBlockSize();
for (ListResultEntrySchema entry : retrievedSchema.paths()) {
final String owner = entry.owner() == null ? userName : entry.owner();
final String group = entry.group() == null ? primaryUserGroup : entry.group();
final String owner = isSuperUserOrEmpty(entry.owner()) ? userName : entry.owner();
final String group = isSuperUserOrEmpty(entry.group()) ? primaryUserGroup : entry.group();
final FsPermission fsPermission = entry.permissions() == null
? new AbfsPermission(FsAction.ALL, FsAction.ALL, FsAction.ALL)
: AbfsPermission.valueOf(entry.permissions());
@ -581,13 +582,20 @@ public void setOwner(final Path path, final String owner, final String group) th
"This operation is only valid for storage accounts with the hierarchical namespace enabled.");
}
String effectiveOwner = owner;
String effectiveGroup = group;
if (authType == AuthType.SharedKey && owner.equals(userName)) {
effectiveOwner = SUPER_USER;
effectiveGroup = SUPER_USER;
}
LOG.debug(
"setOwner filesystem: {} path: {} owner: {} group: {}",
client.getFileSystem(),
path.toString(),
owner,
group);
client.setOwner(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true), owner, group);
effectiveOwner,
effectiveGroup);
client.setOwner(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true), effectiveOwner, effectiveGroup);
}
public void setPermission(final Path path, final FsPermission permission) throws
@ -618,10 +626,10 @@ public void modifyAclEntries(final Path path, final List<AclEntry> aclSpec) thro
client.getFileSystem(),
path.toString(),
AclEntry.aclSpecToString(aclSpec));
final Map<String, String> modifyAclEntries = AbfsAclHelper.deserializeAclSpec(AclEntry.aclSpecToString(aclSpec));
boolean useUpn = AbfsAclHelper.isUpnFormatAclEntries(modifyAclEntries);
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true));
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true), useUpn);
final String eTag = op.getResult().getResponseHeader(HttpHeaderConfigurations.ETAG);
final Map<String, String> aclEntries = AbfsAclHelper.deserializeAclSpec(op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_ACL));
@ -643,9 +651,10 @@ public void removeAclEntries(final Path path, final List<AclEntry> aclSpec) thro
client.getFileSystem(),
path.toString(),
AclEntry.aclSpecToString(aclSpec));
final Map<String, String> removeAclEntries = AbfsAclHelper.deserializeAclSpec(AclEntry.aclSpecToString(aclSpec));
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true));
boolean isUpnFormat = AbfsAclHelper.isUpnFormatAclEntries(removeAclEntries);
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true), isUpnFormat);
final String eTag = op.getResult().getResponseHeader(HttpHeaderConfigurations.ETAG);
final Map<String, String> aclEntries = AbfsAclHelper.deserializeAclSpec(op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_ACL));
@ -720,7 +729,9 @@ public void setAcl(final Path path, final List<AclEntry> aclSpec) throws AzureBl
path.toString(),
AclEntry.aclSpecToString(aclSpec));
final Map<String, String> aclEntries = AbfsAclHelper.deserializeAclSpec(AclEntry.aclSpecToString(aclSpec));
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true));
final boolean isUpnFormat = AbfsAclHelper.isUpnFormatAclEntries(aclEntries);
final AbfsRestOperation op = client.getAclStatus(AbfsHttpConstants.FORWARD_SLASH + getRelativePath(path, true), isUpnFormat);
final String eTag = op.getResult().getResponseHeader(HttpHeaderConfigurations.ETAG);
final Map<String, String> getAclEntries = AbfsAclHelper.deserializeAclSpec(op.getResult().getResponseHeader(HttpHeaderConfigurations.X_MS_ACL));
@ -754,8 +765,8 @@ public AclStatus getAclStatus(final Path path) throws IOException {
: AbfsPermission.valueOf(permissions);
final AclStatus.Builder aclStatusBuilder = new AclStatus.Builder();
aclStatusBuilder.owner(owner == null ? userName : owner);
aclStatusBuilder.group(group == null ? primaryUserGroup : group);
aclStatusBuilder.owner(isSuperUserOrEmpty(owner)? userName : owner);
aclStatusBuilder.group(isSuperUserOrEmpty(group) ? primaryUserGroup : group);
aclStatusBuilder.setPermission(fsPermission);
aclStatusBuilder.stickyBit(fsPermission.getStickyBit());
@ -939,6 +950,11 @@ private boolean isKeyForDirectorySet(String key, Set<String> dirSet) {
return false;
}
private boolean isSuperUserOrEmpty(final String name) {
return name == null || name.equals(SUPER_USER);
}
private static class VersionedFileStatus extends FileStatus {
private final String version;

3
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/AbfsHttpConstants.java
View File

@ -36,6 +36,7 @@ public final class AbfsHttpConstants {
public static final String SET_PROPERTIES_ACTION = "setProperties";
public static final String SET_ACCESS_CONTROL = "setAccessControl";
public static final String GET_ACCESS_CONTROL = "getAccessControl";
public static final String GET_STATUS = "getStatus";
public static final String DEFAULT_TIMEOUT = "90";
public static final String JAVA_VERSION = "java.version";
@ -65,6 +66,7 @@ public final class AbfsHttpConstants {
public static final String QUESTION_MARK = "?";
public static final String AND_MARK = "&";
public static final String SEMICOLON = ";";
public static final String AT = "@";
public static final String HTTP_HEADER_PREFIX = "x-ms-";
public static final String PLUS_ENCODE = "%20";
@ -86,6 +88,7 @@ public final class AbfsHttpConstants {
public static final String DEFAULT_OTHER = "default:other:";
public static final String DEFAULT_SCOPE = "default:";
public static final String PERMISSION_FORMAT = "%04d";
public static final String SUPER_USER = "$superuser";
private AbfsHttpConstants() {}
}

1
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/ConfigurationKeys.java
View File

@ -54,6 +54,7 @@ public final class ConfigurationKeys {
public static final String FS_AZURE_ENABLE_FLUSH = "fs.azure.enable.flush";
public static final String FS_AZURE_USER_AGENT_PREFIX_KEY = "fs.azure.user.agent.prefix";
public static final String FS_AZURE_SSL_CHANNEL_MODE_KEY = "fs.azure.ssl.channel.mode";
public static final String FS_AZURE_USE_UPN = "fs.azure.use.upn";
public static final String AZURE_KEY_ACCOUNT_KEYPROVIDER = "fs.azure.account.keyprovider";
public static final String AZURE_KEY_ACCOUNT_SHELLKEYPROVIDER_SCRIPT = "fs.azure.shellkeyprovider.script";

2
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/FileSystemConfigurations.java
View File

@ -65,5 +65,7 @@ public final class FileSystemConfigurations {
public static final boolean DEFAULT_ENABLE_DELEGATION_TOKEN = false;
public static final boolean DEFAULT_ENABLE_HTTPS = true;
public static final boolean DEFAULT_USE_UPN = false;
private FileSystemConfigurations() {}
}

1
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/constants/HttpQueryParams.java
View File

@ -35,6 +35,7 @@ public final class HttpQueryParams {
public static final String QUERY_PARAM_POSITION = "position";
public static final String QUERY_PARAM_TIMEOUT = "timeout";
public static final String QUERY_PARAM_RETAIN_UNCOMMITTED_DATA = "retainUncommittedData";
public static final String QUERY_PARAM_UPN = "upn";
private HttpQueryParams() {}
}

9
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/services/AbfsAclHelper.java
View File

@ -186,6 +186,15 @@ public static void setAclEntriesInternal(Map<String, String> aclEntries, Map<Str
}
}
public static boolean isUpnFormatAclEntries(Map<String, String> aclEntries) {
for (Map.Entry<String, String> entry : aclEntries.entrySet()) {
if (entry.getKey().contains(AbfsHttpConstants.AT)) {
return true;
}
}
return false;
}
private static boolean removeNamedAceAndUpdateSet(String entry, boolean isDefaultAcl, Set<String> removeIndicationSet,
Map<String, String> aclEntries)
throws AzureBlobFileSystemException {

13
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/services/AbfsClient.java
View File

@ -52,7 +52,7 @@ public class AbfsClient {
public static final Logger LOG = LoggerFactory.getLogger(AbfsClient.class);
private final URL baseUrl;
private final SharedKeyCredentials sharedKeyCredentials;
private final String xMsVersion = "2018-06-17";
private final String xMsVersion = "2018-11-09";
private final ExponentialRetryPolicy retryPolicy;
private final String filesystem;
private final AbfsConfiguration abfsConfiguration;
@ -169,6 +169,7 @@ public AbfsRestOperation listPath(final String relativePath, final boolean recur
abfsUriQueryBuilder.addQuery(QUERY_PARAM_RECURSIVE, String.valueOf(recursive));
abfsUriQueryBuilder.addQuery(QUERY_PARAM_CONTINUATION, continuation);
abfsUriQueryBuilder.addQuery(QUERY_PARAM_MAXRESULTS, String.valueOf(listMaxResults));
abfsUriQueryBuilder.addQuery(HttpQueryParams.QUERY_PARAM_UPN, String.valueOf(abfsConfiguration.isUpnUsed()));
final URL url = createRequestUrl(abfsUriQueryBuilder.toString());
final AbfsRestOperation op = new AbfsRestOperation(
@ -337,14 +338,15 @@ public AbfsRestOperation setPathProperties(final String path, final String prope
return op;
}
public AbfsRestOperation getPathProperties(final String path) throws AzureBlobFileSystemException {
public AbfsRestOperation getPathProperties(final String path, boolean isNameSpaceEnabled) throws AzureBlobFileSystemException {
final List<AbfsHttpHeader> requestHeaders = createDefaultHeaders();
final AbfsUriQueryBuilder abfsUriQueryBuilder = createDefaultUriQueryBuilder();
abfsUriQueryBuilder.addQuery(HttpQueryParams.QUERY_PARAM_UPN, String.valueOf(abfsConfiguration.isUpnUsed()));
final URL url = createRequestUrl(path, abfsUriQueryBuilder.toString());
final AbfsRestOperation op = new AbfsRestOperation(
AbfsRestOperationType.GetPathProperties,
isNameSpaceEnabled ? AbfsRestOperationType.GetPathProperties : AbfsRestOperationType.GetPathStatus,
this,
HTTP_METHOD_HEAD,
url,
@ -483,10 +485,15 @@ public AbfsRestOperation setAcl(final String path, final String aclSpecString, f
}
public AbfsRestOperation getAclStatus(final String path) throws AzureBlobFileSystemException {
return getAclStatus(path, abfsConfiguration.isUpnUsed());
}
public AbfsRestOperation getAclStatus(final String path, final boolean useUPN) throws AzureBlobFileSystemException {
final List<AbfsHttpHeader> requestHeaders = createDefaultHeaders();
final AbfsUriQueryBuilder abfsUriQueryBuilder = createDefaultUriQueryBuilder();
abfsUriQueryBuilder.addQuery(HttpQueryParams.QUERY_PARAM_ACTION, AbfsHttpConstants.GET_ACCESS_CONTROL);
abfsUriQueryBuilder.addQuery(HttpQueryParams.QUERY_PARAM_UPN, String.valueOf(useUPN));
final URL url = createRequestUrl(path, abfsUriQueryBuilder.toString());
final AbfsRestOperation op = new AbfsRestOperation(

1
hadoop-tools/hadoop-azure/src/main/java/org/apache/hadoop/fs/azurebfs/services/AbfsRestOperationType.java
View File

@ -31,6 +31,7 @@ public enum AbfsRestOperationType {
RenamePath,
GetAcl,
GetPathProperties,
GetPathStatus,
SetAcl,
SetOwner,
SetPathProperties,

24
hadoop-tools/hadoop-azure/src/test/java/org/apache/hadoop/fs/azurebfs/ITestAzureBlobFileSystemAuthorization.java
View File

@ -20,6 +20,7 @@
import java.util.Arrays;
import java.util.List;
import java.util.UUID;
import org.junit.Test;
@ -51,6 +52,9 @@ public class ITestAzureBlobFileSystemAuthorization extends AbstractAbfsIntegrati
private static final Path TEST_WRITE_ONLY_FOLDER_PATH = new Path(TEST_WRITE_ONLY_FOLDER);
private static final Path TEST_WRITE_THEN_READ_ONLY_PATH = new Path(TEST_WRITE_THEN_READ_ONLY);
private static final String TEST_AUTHZ_CLASS = "org.apache.hadoop.fs.azurebfs.extensions.MockAbfsAuthorizer";
private static final String TEST_USER = UUID.randomUUID().toString();
private static final String TEST_GROUP = UUID.randomUUID().toString();
private static final String BAR = UUID.randomUUID().toString();
public ITestAzureBlobFileSystemAuthorization() throws Exception {
}
@ -205,7 +209,7 @@ public void testSetOwnerAuthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_ONLY_FILE_PATH_0).close();
fs.setOwner(TEST_WRITE_ONLY_FILE_PATH_0, "testUser", "testGroup");
fs.setOwner(TEST_WRITE_ONLY_FILE_PATH_0, TEST_USER, TEST_GROUP);
}
@Test
@ -215,7 +219,7 @@ public void testSetOwnerUnauthorized() throws Exception {
fs.create(TEST_WRITE_THEN_READ_ONLY_PATH).close();
intercept(AbfsAuthorizationException.class,
()-> {
fs.setOwner(TEST_WRITE_THEN_READ_ONLY_PATH, "testUser", "testGroup");
fs.setOwner(TEST_WRITE_THEN_READ_ONLY_PATH, TEST_USER, TEST_GROUP);
});
}
@ -243,7 +247,7 @@ public void testModifyAclEntriesAuthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_ONLY_FILE_PATH_0).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
fs.modifyAclEntries(TEST_WRITE_ONLY_FILE_PATH_0, aclSpec);
}
@ -252,7 +256,7 @@ public void testModifyAclEntriesUnauthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_THEN_READ_ONLY_PATH).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
intercept(AbfsAuthorizationException.class,
()-> {
fs.modifyAclEntries(TEST_WRITE_THEN_READ_ONLY_PATH, aclSpec);
@ -264,7 +268,7 @@ public void testRemoveAclEntriesAuthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_ONLY_FILE_PATH_0).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
fs.removeAclEntries(TEST_WRITE_ONLY_FILE_PATH_0, aclSpec);
}
@ -273,7 +277,7 @@ public void testRemoveAclEntriesUnauthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_THEN_READ_ONLY_PATH).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
intercept(AbfsAuthorizationException.class,
()-> {
fs.removeAclEntries(TEST_WRITE_THEN_READ_ONLY_PATH, aclSpec);
@ -323,7 +327,7 @@ public void testSetAclAuthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_ONLY_FILE_PATH_0).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
fs.setAcl(TEST_WRITE_ONLY_FILE_PATH_0, aclSpec);
}
@ -332,7 +336,7 @@ public void testSetAclUnauthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_THEN_READ_ONLY_PATH).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
intercept(AbfsAuthorizationException.class,
()-> {
fs.setAcl(TEST_WRITE_THEN_READ_ONLY_PATH, aclSpec);
@ -344,7 +348,7 @@ public void testGetAclStatusAuthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_THEN_READ_ONLY_PATH).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
fs.getAclStatus(TEST_WRITE_THEN_READ_ONLY_PATH);
}
@ -353,7 +357,7 @@ public void testGetAclStatusUnauthorized() throws Exception {
final AzureBlobFileSystem fs = getFileSystem();
assumeTrue("This test case only runs when namespace is enabled", fs.getIsNamespaceEnabled());
fs.create(TEST_WRITE_ONLY_FILE_PATH_0).close();
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, "bar", FsAction.ALL));
List<AclEntry> aclSpec = Arrays.asList(aclEntry(ACCESS, GROUP, BAR, FsAction.ALL));
intercept(AbfsAuthorizationException.class,
()-> {
fs.getAclStatus(TEST_WRITE_ONLY_FILE_PATH_0);

233
hadoop-tools/hadoop-azure/src/test/java/org/apache/hadoop/fs/azurebfs/ITestAzureBlobFilesystemAcl.java
View File

@ -73,6 +73,11 @@ public class ITestAzureBlobFilesystemAcl extends AbstractAbfsIntegrationTest {
private static final short RW_R_R = 0644;
private static final short STICKY_RWX_RWX = 01770;
private static final String FOO = UUID.randomUUID().toString();
private static final String BAR = UUID.randomUUID().toString();
private static final String TEST_OWNER = UUID.randomUUID().toString();
private static final String TEST_GROUP = UUID.randomUUID().toString();
private static Path testRoot = new Path("/test");
private Path path;
@ -89,24 +94,24 @@ public void testModifyAclEntries() throws Exception {
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", READ_EXECUTE),
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE));
aclEntry(ACCESS, USER, FOO, READ_EXECUTE),
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ_EXECUTE),
aclEntry(ACCESS, USER, FOO, READ_EXECUTE),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE),
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, READ_EXECUTE),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -122,17 +127,17 @@ public void testModifyAclEntriesOnlyAccess() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", READ_EXECUTE));
aclEntry(ACCESS, USER, FOO, READ_EXECUTE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ_EXECUTE),
aclEntry(ACCESS, USER, FOO, READ_EXECUTE),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, (short) RWX_RX);
}
@ -144,16 +149,16 @@ public void testModifyAclEntriesOnlyDefault() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE));
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE),
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, READ_EXECUTE),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -168,12 +173,12 @@ public void testModifyAclEntriesMinimal() throws Exception {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", READ_WRITE));
aclEntry(ACCESS, USER, FOO, READ_WRITE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ_WRITE),
aclEntry(ACCESS, USER, FOO, READ_WRITE),
aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission(fs, (short) RW_RW);
}
@ -206,13 +211,13 @@ public void testModifyAclEntriesCustomMask() throws Exception {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, MASK, NONE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission(fs, (short) RW);
}
@ -225,22 +230,22 @@ public void testModifyAclEntriesStickyBit() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", READ_EXECUTE),
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE));
aclEntry(ACCESS, USER, FOO, READ_EXECUTE),
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE));
fs.modifyAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ_EXECUTE),
aclEntry(ACCESS, USER, FOO, READ_EXECUTE),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", READ_EXECUTE),
aclEntry(DEFAULT, USER, FOO, READ_EXECUTE),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, READ_EXECUTE),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -255,7 +260,7 @@ public void testModifyAclEntriesPathNotFound() throws Exception {
// Path has not been created.
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE));
fs.modifyAclEntries(path, aclSpec);
@ -269,7 +274,7 @@ public void testModifyAclEntriesDefaultOnFile() throws Exception {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.modifyAclEntries(path, aclSpec);
}
@ -342,14 +347,14 @@ public void testRemoveAclEntries() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"),
aclEntry(DEFAULT, USER, "foo"));
aclEntry(ACCESS, USER, FOO),
aclEntry(DEFAULT, USER, FOO));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
@ -371,18 +376,18 @@ public void testRemoveAclEntriesOnlyAccess() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, "bar", READ_WRITE),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, USER, BAR, READ_WRITE),
aclEntry(ACCESS, GROUP, READ_WRITE),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"));
aclEntry(ACCESS, USER, FOO));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "bar", READ_WRITE),
aclEntry(ACCESS, USER, BAR, READ_WRITE),
aclEntry(ACCESS, GROUP, READ_WRITE) }, returned);
assertPermission(fs, (short) RWX_RW);
}
@ -397,17 +402,17 @@ public void testRemoveAclEntriesOnlyDefault() throws Exception {
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, "bar", READ_EXECUTE));
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, USER, BAR, READ_EXECUTE));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo"));
aclEntry(DEFAULT, USER, FOO));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "bar", READ_EXECUTE),
aclEntry(DEFAULT, USER, BAR, READ_EXECUTE),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, READ_EXECUTE),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -423,12 +428,12 @@ public void testRemoveAclEntriesMinimal() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RWX_RW));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_WRITE),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"),
aclEntry(ACCESS, USER, FOO),
aclEntry(ACCESS, MASK));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
@ -445,15 +450,15 @@ public void testRemoveAclEntriesMinimalDefault() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"),
aclEntry(ACCESS, USER, FOO),
aclEntry(ACCESS, MASK),
aclEntry(DEFAULT, USER, "foo"),
aclEntry(DEFAULT, USER, FOO),
aclEntry(DEFAULT, MASK));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
@ -473,14 +478,14 @@ public void testRemoveAclEntriesStickyBit() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"),
aclEntry(DEFAULT, USER, "foo"));
aclEntry(ACCESS, USER, FOO),
aclEntry(DEFAULT, USER, FOO));
fs.removeAclEntries(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
@ -500,7 +505,7 @@ public void testRemoveAclEntriesPathNotFound() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
// Path has not been created.
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo"));
aclEntry(ACCESS, USER, FOO));
fs.removeAclEntries(path, aclSpec);
}
@ -512,7 +517,7 @@ public void testRemoveAclEntriesAccessMask() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, MASK, EXECUTE),
aclEntry(ACCESS, USER, "foo", ALL));
aclEntry(ACCESS, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeAclEntries(path, Lists.newArrayList(aclEntry(ACCESS, MASK, NONE)));
@ -526,7 +531,7 @@ public void testRemoveAclEntriesDefaultMask() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, MASK, EXECUTE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeAclEntries(path, Lists.newArrayList(aclEntry(DEFAULT, MASK, NONE)));
@ -556,16 +561,16 @@ public void testRemoveDefaultAcl() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeDefaultAcl(path);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, (short) RWX_RWX);
}
@ -579,7 +584,7 @@ public void testRemoveDefaultAclOnlyAccess() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
@ -587,7 +592,7 @@ public void testRemoveDefaultAclOnlyAccess() throws Exception {
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, (short) RWX_RWX);
}
@ -599,7 +604,7 @@ public void testRemoveDefaultAclOnlyDefault() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeDefaultAcl(path);
AclStatus s = fs.getAclStatus(path);
@ -629,16 +634,16 @@ public void testRemoveDefaultAclStickyBit() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeDefaultAcl(path);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, (short) STICKY_RWX_RWX);
}
@ -660,10 +665,10 @@ public void testRemoveAcl() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeAcl(path);
@ -696,10 +701,10 @@ public void testRemoveAclStickyBit() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeAcl(path);
AclStatus s = fs.getAclStatus(path);
@ -718,7 +723,7 @@ public void testRemoveAclOnlyDefault() throws Exception {
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.removeAcl(path);
AclStatus s = fs.getAclStatus(path);
@ -744,18 +749,18 @@ public void testSetAcl() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -771,14 +776,14 @@ public void testSetAclOnlyAccess() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, READ_WRITE),
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission(fs, (short) RW_R);
}
@ -790,13 +795,13 @@ public void testSetAclOnlyDefault() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -812,7 +817,7 @@ public void testSetAclMinimal() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, READ_WRITE),
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
@ -856,7 +861,7 @@ public void testSetAclCustomMask() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, READ_WRITE),
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ),
aclEntry(ACCESS, MASK, ALL),
aclEntry(ACCESS, OTHER, NONE));
@ -864,7 +869,7 @@ public void testSetAclCustomMask() throws Exception {
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission(fs, (short) RW_RWX);
}
@ -877,18 +882,18 @@ public void testSetAclStickyBit() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) 01750));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -903,7 +908,7 @@ public void testSetAclPathNotFound() throws Exception {
// Path has not been created.
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, READ_WRITE),
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
@ -917,7 +922,7 @@ public void testSetAclDefaultOnFile() throws Exception {
fs.create(path).close();
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
}
@ -965,19 +970,19 @@ public void testSetPermission() throws Exception {
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.setPermission(path, FsPermission.createImmutable((short) RWX));
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -993,7 +998,7 @@ public void testSetPermissionOnlyAccess() throws Exception {
fs.setPermission(path, FsPermission.createImmutable((short) RW_R));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, READ_WRITE),
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ),
aclEntry(ACCESS, OTHER, NONE));
fs.setAcl(path, aclSpec);
@ -1001,7 +1006,7 @@ public void testSetPermissionOnlyAccess() throws Exception {
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", READ),
aclEntry(ACCESS, USER, FOO, READ),
aclEntry(ACCESS, GROUP, READ) }, returned);
assertPermission(fs, (short) RW);
}
@ -1016,14 +1021,14 @@ public void testSetPermissionOnlyDefault() throws Exception {
aclEntry(ACCESS, USER, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(ACCESS, OTHER, NONE),
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
fs.setPermission(path, FsPermission.createImmutable((short) RWX));
AclStatus s = fs.getAclStatus(path);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -1037,14 +1042,14 @@ public void testDefaultAclNewFile() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
Path filePath = new Path(path, "file1");
fs.create(filePath).close();
AclStatus s = fs.getAclStatus(filePath);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, filePath, (short) RW_R);
}
@ -1057,7 +1062,7 @@ public void testOnlyAccessAclNewFile() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", ALL));
aclEntry(ACCESS, USER, FOO, ALL));
fs.modifyAclEntries(path, aclSpec);
Path filePath = new Path(path, "file1");
fs.create(filePath).close();
@ -1093,7 +1098,7 @@ public void testDefaultAclNewDir() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
Path dirPath = new Path(path, "dir1");
@ -1102,10 +1107,10 @@ public void testDefaultAclNewDir() throws Exception {
AclStatus s = fs.getAclStatus(dirPath);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, NONE) }, returned);
@ -1119,7 +1124,7 @@ public void testOnlyAccessAclNewDir() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(ACCESS, USER, "foo", ALL));
aclEntry(ACCESS, USER, FOO, ALL));
fs.modifyAclEntries(path, aclSpec);
Path dirPath = new Path(path, "dir1");
fs.mkdirs(dirPath);
@ -1158,7 +1163,7 @@ public void testDefaultAclNewFileWithMode() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
Path filePath = new Path(path, "file1");
int bufferSize = 4 * 1024 * 1024;
@ -1168,7 +1173,7 @@ public void testDefaultAclNewFileWithMode() throws Exception {
AclStatus s = fs.getAclStatus(filePath);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE) }, returned);
assertPermission(fs, filePath, (short) RWX_R);
}
@ -1180,17 +1185,17 @@ public void testDefaultAclNewDirWithMode() throws Exception {
path = new Path(testRoot, UUID.randomUUID().toString());
FileSystem.mkdirs(fs, path, FsPermission.createImmutable((short) RWX_RX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(path, aclSpec);
Path dirPath = new Path(path, "dir1");
fs.mkdirs(dirPath, new FsPermission((short) RWX_R));
AclStatus s = fs.getAclStatus(dirPath);
AclEntry[] returned = s.getEntries().toArray(new AclEntry[0]);
assertArrayEquals(new AclEntry[] {
aclEntry(ACCESS, USER, "foo", ALL),
aclEntry(ACCESS, USER, FOO, ALL),
aclEntry(ACCESS, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, USER, ALL),
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(DEFAULT, GROUP, READ_EXECUTE),
aclEntry(DEFAULT, MASK, ALL),
aclEntry(DEFAULT, OTHER, READ_EXECUTE) }, returned);
@ -1205,7 +1210,7 @@ public void testDefaultAclRenamedFile() throws Exception {
Path dirPath = new Path(path, "dir");
FileSystem.mkdirs(fs, dirPath, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(dirPath, aclSpec);
Path filePath = new Path(path, "file1");
fs.create(filePath).close();
@ -1227,7 +1232,7 @@ public void testDefaultAclRenamedDir() throws Exception {
Path dirPath = new Path(path, "dir");
FileSystem.mkdirs(fs, dirPath, FsPermission.createImmutable((short) RWX_RX));
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL));
aclEntry(DEFAULT, USER, FOO, ALL));
fs.setAcl(dirPath, aclSpec);
Path subdirPath = new Path(path, "subdir");
FileSystem.mkdirs(fs, subdirPath, FsPermission.createImmutable((short) RWX_RX));
@ -1248,17 +1253,17 @@ public void testEnsureAclOperationWorksForRoot() throws Exception {
Path rootPath = new Path("/");
List<AclEntry> aclSpec1 = Lists.newArrayList(
aclEntry(DEFAULT, GROUP, "foo", ALL),
aclEntry(ACCESS, GROUP, "bar", ALL));
aclEntry(DEFAULT, GROUP, FOO, ALL),
aclEntry(ACCESS, GROUP, BAR, ALL));
fs.setAcl(rootPath, aclSpec1);
fs.getAclStatus(rootPath);
fs.setOwner(rootPath, "", "testgroup");
fs.setOwner(rootPath, TEST_OWNER, TEST_GROUP);
fs.setPermission(rootPath, new FsPermission("777"));
List<AclEntry> aclSpec2 = Lists.newArrayList(
aclEntry(DEFAULT, USER, "foo", ALL),
aclEntry(ACCESS, USER, "bar", ALL));
aclEntry(DEFAULT, USER, FOO, ALL),
aclEntry(ACCESS, USER, BAR, ALL));
fs.modifyAclEntries(rootPath, aclSpec2);
fs.removeAclEntries(rootPath, aclSpec2);
fs.removeDefaultAcl(rootPath);
@ -1275,7 +1280,7 @@ public void testSetOwnerForNonNamespaceEnabledAccount() throws Exception {
assertTrue(fs.exists(filePath));
FileStatus oldFileStatus = fs.getFileStatus(filePath);
fs.setOwner(filePath, "Alice", "testGroup");
fs.setOwner(filePath, TEST_OWNER, TEST_GROUP);
FileStatus newFileStatus = fs.getFileStatus(filePath);
assertEquals(oldFileStatus.getOwner(), newFileStatus.getOwner());
@ -1309,8 +1314,8 @@ public void testModifyAclEntriesForNonNamespaceEnabledAccount() throws Exception
fs.create(filePath);
try {
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, GROUP, "foo", ALL),
aclEntry(ACCESS, GROUP, "bar", ALL));
aclEntry(DEFAULT, GROUP, FOO, ALL),
aclEntry(ACCESS, GROUP, BAR, ALL));
fs.modifyAclEntries(filePath, aclSpec);
assertFalse("UnsupportedOperationException is expected", false);
} catch (UnsupportedOperationException ex) {
@ -1326,8 +1331,8 @@ public void testRemoveAclEntriesEntriesForNonNamespaceEnabledAccount() throws Ex
fs.create(filePath);
try {
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, GROUP, "foo", ALL),
aclEntry(ACCESS, GROUP, "bar", ALL));
aclEntry(DEFAULT, GROUP, FOO, ALL),
aclEntry(ACCESS, GROUP, BAR, ALL));
fs.removeAclEntries(filePath, aclSpec);
assertFalse("UnsupportedOperationException is expected", false);
} catch (UnsupportedOperationException ex) {
@ -1371,8 +1376,8 @@ public void testSetAclForNonNamespaceEnabledAccount() throws Exception {
fs.create(filePath);
try {
List<AclEntry> aclSpec = Lists.newArrayList(
aclEntry(DEFAULT, GROUP, "foo", ALL),
aclEntry(ACCESS, GROUP, "bar", ALL));
aclEntry(DEFAULT, GROUP, FOO, ALL),
aclEntry(ACCESS, GROUP, BAR, ALL));
fs.setAcl(filePath, aclSpec);
assertFalse("UnsupportedOperationException is expected", false);
} catch (UnsupportedOperationException ex) {