Package org.apache.hadoop.hdfs.server.namenode

Interface INodeAttributeProvider.AccessControlEnforcer

All Known Implementing Classes:

FSPermissionChecker

Enclosing class:

INodeAttributeProvider

public static interface INodeAttributeProvider.AccessControlEnforcer

The AccessControlEnforcer allows implementations to override the default File System permission checking logic enforced on a file system object

Method Summary

Modifier and Type	Method	Description
void	checkPermission(java.lang.String fsOwner, java.lang.String supergroup, org.apache.hadoop.security.UserGroupInformation callerUgi, INodeAttributes[] inodeAttrs, INode[] inodes, byte[][] pathByNameArr, int snapshotId, java.lang.String path, int ancestorIndex, boolean doCheckOwner, org.apache.hadoop.fs.permission.FsAction ancestorAccess, org.apache.hadoop.fs.permission.FsAction parentAccess, org.apache.hadoop.fs.permission.FsAction access, org.apache.hadoop.fs.permission.FsAction subAccess, boolean ignoreEmptyDir)	Deprecated. usecheckPermissionWithContext(AuthorizationContext)} instead
default void	checkPermissionWithContext(INodeAttributeProvider.AuthorizationContext authzContext)	Checks permission on a file system object.
default void	checkSuperUserPermissionWithContext(INodeAttributeProvider.AuthorizationContext authzContext)	Checks if the user is a superuser or belongs to superuser group.
default void	denyUserAccess(INodeAttributeProvider.AuthorizationContext authzContext, java.lang.String errorMessage)	This method must be called when denying access to users to notify the external enforcers.

Method Detail

checkPermission

void checkPermission(java.lang.String fsOwner,
                     java.lang.String supergroup,
                     org.apache.hadoop.security.UserGroupInformation callerUgi,
                     INodeAttributes[] inodeAttrs,
                     INode[] inodes,
                     byte[][] pathByNameArr,
                     int snapshotId,
                     java.lang.String path,
                     int ancestorIndex,
                     boolean doCheckOwner,
                     org.apache.hadoop.fs.permission.FsAction ancestorAccess,
                     org.apache.hadoop.fs.permission.FsAction parentAccess,
                     org.apache.hadoop.fs.permission.FsAction access,
                     org.apache.hadoop.fs.permission.FsAction subAccess,
                     boolean ignoreEmptyDir)
              throws org.apache.hadoop.security.AccessControlException

Deprecated.

usecheckPermissionWithContext(AuthorizationContext)} instead

Checks permission on a file system object. Has to throw an Exception if the filesystem object is not accessible by the calling Ugi.

Parameters:

fsOwner - Filesystem owner (The Namenode user)

supergroup - super user group

callerUgi - UserGroupInformation of the caller

inodeAttrs - Array of INode attributes for each path element in the the path

inodes - Array of INodes for each path element in the path

pathByNameArr - Array of byte arrays of the LocalName

snapshotId - the snapshotId of the requested path

path - Path String

ancestorIndex - Index of ancestor

doCheckOwner - perform ownership check

ancestorAccess - The access required by the ancestor of the path.

parentAccess - The access required by the parent of the path.

access - The access required by the path.

subAccess - If path is a directory, It is the access required of the path and all the sub-directories. If path is not a directory, there should ideally be no effect.

ignoreEmptyDir - Ignore permission checking for empty directory?

Throws:

org.apache.hadoop.security.AccessControlException

checkPermissionWithContext

default void checkPermissionWithContext(INodeAttributeProvider.AuthorizationContext authzContext)
                                 throws org.apache.hadoop.security.AccessControlException

Checks permission on a file system object. Has to throw an Exception if the filesystem object is not accessible by the calling Ugi.

Parameters:

authzContext - an INodeAttributeProvider.AuthorizationContext object encapsulating the various parameters required to authorize an operation.

Throws:

org.apache.hadoop.security.AccessControlException

checkSuperUserPermissionWithContext

default void checkSuperUserPermissionWithContext(INodeAttributeProvider.AuthorizationContext authzContext)
                                          throws org.apache.hadoop.security.AccessControlException

Checks if the user is a superuser or belongs to superuser group. It throws an AccessControlException if user is not a superuser.

Parameters:

authzContext - an INodeAttributeProvider.AuthorizationContext object encapsulating the various parameters required to authorize an operation.

Throws:

org.apache.hadoop.security.AccessControlException - - if user is not a super user or part of the super user group.

denyUserAccess

default void denyUserAccess(INodeAttributeProvider.AuthorizationContext authzContext,
                            java.lang.String errorMessage)
                     throws org.apache.hadoop.security.AccessControlException

This method must be called when denying access to users to notify the external enforcers. This will help the external enforcers to audit the requests by users that were denied access.

Parameters:

authzContext - an INodeAttributeProvider.AuthorizationContext object encapsulating the various parameters required to authorize an operation.

Throws:

org.apache.hadoop.security.AccessControlException