Package org.apache.hadoop.hdfs.server.federation.router

Class RouterPermissionChecker

java.lang.Object
org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker
org.apache.hadoop.hdfs.server.federation.router.RouterPermissionChecker
All Implemented Interfaces:
org.apache.hadoop.hdfs.server.namenode.INodeAttributeProvider.AccessControlEnforcer
public class RouterPermissionChecker extends org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker
Class that helps in checking permissions in Router-based federation.

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final short
    MOUNT_TABLE_PERMISSION_DEFAULT
    Mount table default permission.

  • Constructor Summary

    Constructors
    Constructor
    Description
    RouterPermissionChecker(String user, String group)
     
    RouterPermissionChecker(String user, String group, org.apache.hadoop.security.UserGroupInformation callerUgi)
     

  • Method Summary

    Modifier and Type
    Method
    Description
    void
    checkPermission(MountTable mountTable, org.apache.hadoop.fs.permission.FsAction access)
    Whether a mount table entry can be accessed by the current context.
    void
    checkSuperuserPrivilege()
    Check the superuser privileges of the current RPC caller.

    Methods inherited from class org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker

    checkPermission, checkPermission, checkPermissionWithContext, checkSuperuserPrivilege, denyUserAccess, getAttributesProvider, getUser, isMemberOfGroup, isSuperUser, setOperationType

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

    Methods inherited from interface org.apache.hadoop.hdfs.server.namenode.INodeAttributeProvider.AccessControlEnforcer

    checkSuperUserPermissionWithContext, denyUserAccess

  • Field Details

    • MOUNT_TABLE_PERMISSION_DEFAULT

      public static final short MOUNT_TABLE_PERMISSION_DEFAULT
      Mount table default permission.
      See Also:

  • Constructor Details

    • RouterPermissionChecker

      public RouterPermissionChecker(String user, String group, org.apache.hadoop.security.UserGroupInformation callerUgi)

    • RouterPermissionChecker

      public RouterPermissionChecker(String user, String group) throws IOException
      Throws:
      IOException

  • Method Details

    • checkPermission

      public void checkPermission(MountTable mountTable, org.apache.hadoop.fs.permission.FsAction access) throws org.apache.hadoop.security.AccessControlException
      Whether a mount table entry can be accessed by the current context.
      Parameters:
      mountTable - MountTable being accessed
      access - type of action being performed on the mount table entry
      Throws:
      org.apache.hadoop.security.AccessControlException - if mount table cannot be accessed

    • checkSuperuserPrivilege

      public void checkSuperuserPrivilege() throws org.apache.hadoop.security.AccessControlException
      Check the superuser privileges of the current RPC caller. This method is based on Datanode#checkSuperuserPrivilege().
      Overrides:
      checkSuperuserPrivilege in class org.apache.hadoop.hdfs.server.namenode.FSPermissionChecker
      Throws:
      org.apache.hadoop.security.AccessControlException - If the user is not authorized.