big-data/hadoop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

HDFS-17500: Add missing operation name while authorizing some operations (#6776). Contributed by kulkabhay.

Browse Source 
Signed-off-by: He Xiaoqiao <hexiaoqiao@apache.org>
This commit is contained in:
kulkabhay 2024-05-05 21:44:30 -07:00 committed by GitHub
parent 2645898450
commit edf985e269
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 16 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
View File

@ -2618,9 +2618,10 @@ void unsetStoragePolicy(String src) throws IOException {
* @throws IOException * @throws IOException
*/ */
BlockStoragePolicy getStoragePolicy(String src) throws IOException { BlockStoragePolicy getStoragePolicy(String src) throws IOException {
final String operationName = "getStoragePolicy";
checkOperation(OperationCategory.READ); checkOperation(OperationCategory.READ);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
readLock(); readLock();
try { try {
checkOperation(OperationCategory.READ); checkOperation(OperationCategory.READ);
@ -2646,9 +2647,10 @@ BlockStoragePolicy[] getStoragePolicies() throws IOException {
} }
long getPreferredBlockSize(String src) throws IOException { long getPreferredBlockSize(String src) throws IOException {
final String operationName = "getPreferredBlockSize";
checkOperation(OperationCategory.READ); checkOperation(OperationCategory.READ);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
readLock(); readLock();
try { try {
checkOperation(OperationCategory.READ); checkOperation(OperationCategory.READ);
@ -2709,6 +2711,8 @@ HdfsFileStatus startFile(String src, PermissionStatus permissions,
String storagePolicy, boolean logRetryCache) throws IOException { String storagePolicy, boolean logRetryCache) throws IOException {
HdfsFileStatus status; HdfsFileStatus status;
final String operationName = "create";
FSPermissionChecker.setOperationType(operationName);
try { try {
status = startFileInt(src, permissions, holder, clientMachine, flag, status = startFileInt(src, permissions, holder, clientMachine, flag,
createParent, replication, blockSize, supportedVersions, ecPolicyName, createParent, replication, blockSize, supportedVersions, ecPolicyName,
@ -2764,7 +2768,6 @@ private HdfsFileStatus startFileInt(String src,
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -2857,9 +2860,10 @@ private HdfsFileStatus startFileInt(String src,
boolean recoverLease(String src, String holder, String clientMachine) boolean recoverLease(String src, String holder, String clientMachine)
throws IOException { throws IOException {
boolean skipSync = false; boolean skipSync = false;
final String operationName = "recoverLease";
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -3105,9 +3109,10 @@ LocatedBlock getAdditionalDatanode(String src, long fileId,
final byte storagePolicyID; final byte storagePolicyID;
final List<DatanodeStorageInfo> chosen; final List<DatanodeStorageInfo> chosen;
final BlockType blockType; final BlockType blockType;
final String operationName = "getAdditionalDatanode";
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
readLock(); readLock();
try { try {
// Changing this operation category to WRITE instead of making getAdditionalDatanode as a // Changing this operation category to WRITE instead of making getAdditionalDatanode as a
@ -3155,10 +3160,11 @@ LocatedBlock getAdditionalDatanode(String src, long fileId,
*/ */
void abandonBlock(ExtendedBlock b, long fileId, String src, String holder) void abandonBlock(ExtendedBlock b, long fileId, String src, String holder)
throws IOException { throws IOException {
final String operationName = "abandonBlock";
NameNode.stateChangeLog.debug("BLOCK* NameSystem.abandonBlock: {} of file {}", b, src); NameNode.stateChangeLog.debug("BLOCK* NameSystem.abandonBlock: {} of file {}", b, src);
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -3222,9 +3228,10 @@ boolean completeFile(final String src, String holder,
ExtendedBlock last, long fileId) ExtendedBlock last, long fileId)
throws IOException { throws IOException {
boolean success = false; boolean success = false;
final String operationName = "completeFile";
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
@ -3666,10 +3673,11 @@ void setQuota(String src, long nsQuota, long ssQuota, StorageType type)
*/ */
void fsync(String src, long fileId, String clientName, long lastBlockLength) void fsync(String src, long fileId, String clientName, long lastBlockLength)
throws IOException { throws IOException {
final String operationName = "fsync";
NameNode.stateChangeLog.info("BLOCK* fsync: " + src + " for " + clientName); NameNode.stateChangeLog.info("BLOCK* fsync: " + src + " for " + clientName);
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);
final FSPermissionChecker pc = getPermissionChecker(); final FSPermissionChecker pc = getPermissionChecker();
FSPermissionChecker.setOperationType(null); FSPermissionChecker.setOperationType(operationName);
writeLock(); writeLock();
try { try {
checkOperation(OperationCategory.WRITE); checkOperation(OperationCategory.WRITE);