/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
internal static void CheckPermissionForApi(FSPermissionChecker pc, XAttr xAttr, bool
isRawPath)
{
bool isSuperUser = pc.IsSuperUser();
if (xAttr.GetNameSpace() == XAttr.NameSpace.User || (xAttr.GetNameSpace() == XAttr.NameSpace
.Trusted && isSuperUser))
{
return;
}
if (xAttr.GetNameSpace() == XAttr.NameSpace.Raw && isRawPath && isSuperUser)
{
return;
}
if (XAttrHelper.GetPrefixName(xAttr).Equals(HdfsServerConstants.SecurityXattrUnreadableBySuperuser
))
{
if (xAttr.GetValue() != null)
{
throw new AccessControlException("Attempt to set a value for '" + HdfsServerConstants
.SecurityXattrUnreadableBySuperuser + "'. Values are not allowed for this xattr."
);
}
return;
}
throw new AccessControlException("User doesn't have permission for xattr: " + XAttrHelper
.GetPrefixName(xAttr));
}
/// <summary>Get name with prefix from <code>XAttr</code></summary>
public static string GetPrefixName(XAttr xAttr)
{
if (xAttr == null)
{
return(null);
}
string @namespace = xAttr.GetNameSpace().ToString();
return(StringUtils.ToLowerCase(@namespace) + "." + xAttr.GetName());
}
/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
private static void CheckXAttrChangeAccess(FSDirectory fsd, INodesInPath iip, XAttr
xAttr, FSPermissionChecker pc)
{
if (fsd.IsPermissionEnabled() && xAttr.GetNameSpace() == XAttr.NameSpace.User)
{
INode inode = iip.GetLastINode();
if (inode != null && inode.IsDirectory() && inode.GetFsPermission().GetStickyBit(
))
{
if (!pc.IsSuperUser())
{
fsd.CheckOwner(pc, iip);
}
}
else
{
fsd.CheckPathAccess(pc, iip, FsAction.Write);
}
}
}
private static bool IsUserVisible(XAttr xAttr)
{
XAttr.NameSpace ns = xAttr.GetNameSpace();
return(ns == XAttr.NameSpace.User || ns == XAttr.NameSpace.Trusted);
}
public static bool IsStoragePolicyXAttr(XAttr xattr)
{
return(xattr != null && xattr.GetNameSpace() == XAttrNS && xattr.GetName().Equals
(StoragePolicyXattrName));
}