/// <summary>Test AmIpFilter</summary>
/// <exception cref="System.Exception"/>
public virtual void TestFilter()
{
IDictionary <string, string> @params = new Dictionary <string, string>();
@params[AmIpFilter.ProxyHost] = proxyHost;
@params[AmIpFilter.ProxyUriBase] = proxyUri;
FilterConfig config = new TestAmFilter.DummyFilterConfig(@params);
// dummy filter
FilterChain chain = new _FilterChain_135(this);
AmIpFilter testFilter = new AmIpFilter();
testFilter.Init(config);
TestAmFilter.HttpServletResponseForTest response = new TestAmFilter.HttpServletResponseForTest
(this);
// Test request should implements HttpServletRequest
ServletRequest failRequest = Org.Mockito.Mockito.Mock <ServletRequest>();
try
{
testFilter.DoFilter(failRequest, response, chain);
NUnit.Framework.Assert.Fail();
}
catch (ServletException e)
{
NUnit.Framework.Assert.AreEqual(ProxyUtils.EHttpHttpsOnly, e.Message);
}
// request with HttpServletRequest
HttpServletRequest request = Org.Mockito.Mockito.Mock <HttpServletRequest>();
Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn("redirect");
Org.Mockito.Mockito.When(request.GetRequestURI()).ThenReturn("/redirect");
testFilter.DoFilter(request, response, chain);
// address "redirect" is not in host list
NUnit.Framework.Assert.AreEqual(302, response.status);
string redirect = response.GetHeader(ProxyUtils.Location);
NUnit.Framework.Assert.AreEqual("http://bogus/redirect", redirect);
// "127.0.0.1" contains in host list. Without cookie
Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn("127.0.0.1");
testFilter.DoFilter(request, response, chain);
NUnit.Framework.Assert.IsTrue(doFilterRequest.Contains("javax.servlet.http.HttpServletRequest"
));
// cookie added
Cookie[] cookies = new Cookie[1];
cookies[0] = new Cookie(WebAppProxyServlet.ProxyUserCookieName, "user");
Org.Mockito.Mockito.When(request.GetCookies()).ThenReturn(cookies);
testFilter.DoFilter(request, response, chain);
NUnit.Framework.Assert.AreEqual("org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpServletRequestWrapper"
, doFilterRequest);
// request contains principal from cookie
NUnit.Framework.Assert.AreEqual("user", servletWrapper.GetUserPrincipal().GetName
());
NUnit.Framework.Assert.AreEqual("user", servletWrapper.GetRemoteUser());
NUnit.Framework.Assert.IsFalse(servletWrapper.IsUserInRole(string.Empty));
}
public virtual Response Delete(string path, HttpFSParametersProvider.OperationParam
op, Parameters @params, HttpServletRequest request)
{
UserGroupInformation user = HttpUserGroupInformation.Get();
Response response;
path = MakeAbsolute(path);
MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString());
MDC.Put("hostname", request.GetRemoteAddr());
switch (op.Value())
{
case HttpFSFileSystem.Operation.Delete:
{
bool recursive = @params.Get <HttpFSParametersProvider.RecursiveParam>(HttpFSParametersProvider.RecursiveParam
.Name);
AuditLog.Info("[{}] recursive [{}]", path, recursive);
FSOperations.FSDelete command = new FSOperations.FSDelete(path, recursive);
JSONObject json = FsExecute(user, command);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
default:
{
throw new IOException(MessageFormat.Format("Invalid HTTP DELETE operation [{0}]",
op.Value()));
}
}
return(response);
}
//Empty
/// <exception cref="System.IO.IOException"/>
/// <exception cref="Javax.Servlet.ServletException"/>
public virtual void DoFilter(ServletRequest req, ServletResponse resp, FilterChain
chain)
{
ProxyUtils.RejectNonHttpRequests(req);
HttpServletRequest httpReq = (HttpServletRequest)req;
HttpServletResponse httpResp = (HttpServletResponse)resp;
if (Log.IsDebugEnabled())
{
Log.Debug("Remote address for request is: {}", httpReq.GetRemoteAddr());
}
if (!GetProxyAddresses().Contains(httpReq.GetRemoteAddr()))
{
string redirectUrl = FindRedirectUrl();
string target = redirectUrl + httpReq.GetRequestURI();
ProxyUtils.SendRedirect(httpReq, httpResp, target);
return;
}
string user = null;
if (httpReq.GetCookies() != null)
{
foreach (Cookie c in httpReq.GetCookies())
{
if (WebAppProxyServlet.ProxyUserCookieName.Equals(c.GetName()))
{
user = c.GetValue();
break;
}
}
}
if (user == null)
{
if (Log.IsDebugEnabled())
{
Log.Debug("Could not find " + WebAppProxyServlet.ProxyUserCookieName + " cookie, so user will not be set"
);
}
chain.DoFilter(req, resp);
}
else
{
AmIpPrincipal principal = new AmIpPrincipal(user);
ServletRequest requestWrapper = new AmIpServletRequestWrapper(httpReq, principal);
chain.DoFilter(requestWrapper, resp);
}
}
/// <exception cref="Javax.Servlet.ServletException"/>
/// <exception cref="System.IO.IOException"/>
protected override void DoGet(HttpServletRequest req, HttpServletResponse resp)
{
UserGroupInformation ugi;
ServletContext context = GetServletContext();
Configuration conf = NameNodeHttpServer.GetConfFromContext(context);
try
{
ugi = GetUGI(req, conf);
}
catch (IOException ioe)
{
Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr
(), ioe);
resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user"
);
return;
}
Log.Info("Sending token: {" + ugi.GetUserName() + "," + req.GetRemoteAddr() + "}"
);
NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context);
string renewer = req.GetParameter(Renewer);
string renewerFinal = (renewer == null) ? req.GetUserPrincipal().GetName() : renewer;
DataOutputStream dos = null;
try
{
dos = new DataOutputStream(resp.GetOutputStream());
DataOutputStream dosFinal = dos;
// for doAs block
ugi.DoAs(new _PrivilegedExceptionAction_69(nn, ugi, renewerFinal, dosFinal));
}
catch (Exception e)
{
Log.Info("Exception while sending token. Re-throwing ", e);
resp.SendError(HttpServletResponse.ScInternalServerError);
}
finally
{
if (dos != null)
{
dos.Close();
}
}
}
private string GetRemoteAddr(string clientAddr, string proxyAddr, bool trusted)
{
HttpServletRequest req = Org.Mockito.Mockito.Mock <HttpServletRequest>();
Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn("1.2.3.4");
Configuration conf = new Configuration();
if (proxyAddr == null)
{
Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn(clientAddr);
}
else
{
Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn(proxyAddr);
Org.Mockito.Mockito.When(req.GetHeader("X-Forwarded-For")).ThenReturn(clientAddr);
if (trusted)
{
conf.Set(ProxyServers.ConfHadoopProxyservers, proxyAddr);
}
}
ProxyUsers.RefreshSuperUserGroupsConfiguration(conf);
return(JspHelper.GetRemoteAddr(req));
}
// honor the X-Forwarded-For header set by a configured set of trusted
// proxy servers. allows audit logging and proxy user checks to work
// via an http proxy
public static string GetRemoteAddr(HttpServletRequest request)
{
string remoteAddr = request.GetRemoteAddr();
string proxyHeader = request.GetHeader("X-Forwarded-For");
if (proxyHeader != null && ProxyServers.IsProxyServer(remoteAddr))
{
string clientAddr = proxyHeader.Split(",")[0].Trim();
if (!clientAddr.IsEmpty())
{
remoteAddr = clientAddr;
}
}
return(remoteAddr);
}
/// <exception cref="Javax.Servlet.ServletException"/>
/// <exception cref="System.IO.IOException"/>
protected override void DoGet(HttpServletRequest req, HttpServletResponse resp)
{
UserGroupInformation ugi;
ServletContext context = GetServletContext();
Configuration conf = NameNodeHttpServer.GetConfFromContext(context);
try
{
ugi = GetUGI(req, conf);
}
catch (IOException ioe)
{
Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr
(), ioe);
resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user"
);
return;
}
NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context);
string tokenString = req.GetParameter(Token);
if (tokenString == null)
{
resp.SendError(HttpServletResponse.ScMultipleChoices, "Token to renew not specified"
);
}
Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token
<DelegationTokenIdentifier>();
token.DecodeFromUrlString(tokenString);
try
{
long result = ugi.DoAs(new _PrivilegedExceptionAction_73(nn, token));
PrintWriter os = new PrintWriter(new OutputStreamWriter(resp.GetOutputStream(), Charsets
.Utf8));
os.WriteLine(result);
os.Close();
}
catch (Exception e)
{
// transfer exception over the http
string exceptionClass = e.GetType().FullName;
string exceptionMsg = e.GetLocalizedMessage();
string strException = exceptionClass + ";" + exceptionMsg;
Log.Info("Exception while renewing token. Re-throwing. s=" + strException, e);
resp.SendError(HttpServletResponse.ScInternalServerError, strException);
}
}
/// <summary>Handle fsck request</summary>
/// <exception cref="System.IO.IOException"/>
protected override void DoGet(HttpServletRequest request, HttpServletResponse response
)
{
IDictionary <string, string[]> pmap = request.GetParameterMap();
PrintWriter @out = response.GetWriter();
IPAddress remoteAddress = Sharpen.Extensions.GetAddressByName(request.GetRemoteAddr
());
ServletContext context = GetServletContext();
Configuration conf = NameNodeHttpServer.GetConfFromContext(context);
UserGroupInformation ugi = GetUGI(request, conf);
try
{
ugi.DoAs(new _PrivilegedExceptionAction_58(context, conf, pmap, @out, remoteAddress
));
}
catch (Exception e)
{
response.SendError(400, e.Message);
}
}
/// <exception cref="System.Exception"/>
public virtual void FilterNullCookies()
{
HttpServletRequest request = Org.Mockito.Mockito.Mock <HttpServletRequest>();
Org.Mockito.Mockito.When(request.GetCookies()).ThenReturn(null);
Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn(proxyHost);
HttpServletResponse response = Org.Mockito.Mockito.Mock <HttpServletResponse>();
AtomicBoolean invoked = new AtomicBoolean();
FilterChain chain = new _FilterChain_104(invoked);
IDictionary <string, string> @params = new Dictionary <string, string>();
@params[AmIpFilter.ProxyHost] = proxyHost;
@params[AmIpFilter.ProxyUriBase] = proxyUri;
FilterConfig conf = new TestAmFilter.DummyFilterConfig(@params);
Filter filter = new TestAmFilter.TestAmIpFilter(this);
filter.Init(conf);
filter.DoFilter(request, response, chain);
NUnit.Framework.Assert.IsTrue(invoked.Get());
filter.Destroy();
}
/// <exception cref="Javax.Servlet.ServletException"/>
/// <exception cref="System.IO.IOException"/>
protected override void DoGet(HttpServletRequest req, HttpServletResponse resp)
{
UserGroupInformation ugi;
ServletContext context = GetServletContext();
Configuration conf = NameNodeHttpServer.GetConfFromContext(context);
try
{
ugi = GetUGI(req, conf);
}
catch (IOException ioe)
{
Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr
(), ioe);
resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user"
);
return;
}
NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context);
string tokenString = req.GetParameter(Token);
if (tokenString == null)
{
resp.SendError(HttpServletResponse.ScMultipleChoices, "Token to renew not specified"
);
}
Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token
<DelegationTokenIdentifier>();
token.DecodeFromUrlString(tokenString);
try
{
ugi.DoAs(new _PrivilegedExceptionAction_70(nn, token));
}
catch (Exception e)
{
Log.Info("Exception while cancelling token. Re-throwing. ", e);
resp.SendError(HttpServletResponse.ScInternalServerError, e.Message);
}
}
/// <exception cref="System.IO.IOException"/>
private bool CheckStorageInfoOrSendError(JNStorage storage, HttpServletRequest request
, HttpServletResponse response)
{
int myNsId = storage.GetNamespaceID();
string myClusterId = storage.GetClusterID();
string theirStorageInfoString = StringEscapeUtils.EscapeHtml(request.GetParameter
(StorageinfoParam));
if (theirStorageInfoString != null)
{
int theirNsId = StorageInfo.GetNsIdFromColonSeparatedString(theirStorageInfoString
);
string theirClusterId = StorageInfo.GetClusterIdFromColonSeparatedString(theirStorageInfoString
);
if (myNsId != theirNsId || !myClusterId.Equals(theirClusterId))
{
string msg = "This node has namespaceId '" + myNsId + " and clusterId '" + myClusterId
+ "' but the requesting node expected '" + theirNsId + "' and '" + theirClusterId
+ "'";
response.SendError(HttpServletResponse.ScForbidden, msg);
Log.Warn("Received an invalid request file transfer request from " + request.GetRemoteAddr
() + ": " + msg);
return(false);
}
}
return(true);
}
public virtual Response Put(InputStream @is, UriInfo uriInfo, string path, HttpFSParametersProvider.OperationParam
op, Parameters @params, HttpServletRequest request)
{
UserGroupInformation user = HttpUserGroupInformation.Get();
Response response;
path = MakeAbsolute(path);
MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString());
MDC.Put("hostname", request.GetRemoteAddr());
switch (op.Value())
{
case HttpFSFileSystem.Operation.Create:
{
bool hasData = @params.Get <HttpFSParametersProvider.DataParam>(HttpFSParametersProvider.DataParam
.Name);
if (!hasData)
{
response = Response.TemporaryRedirect(CreateUploadRedirectionURL(uriInfo, HttpFSFileSystem.Operation
.Create)).Build();
}
else
{
short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam
.Name);
bool @override = @params.Get <HttpFSParametersProvider.OverwriteParam>(HttpFSParametersProvider.OverwriteParam
.Name);
short replication = @params.Get <HttpFSParametersProvider.ReplicationParam>(HttpFSParametersProvider.ReplicationParam
.Name);
long blockSize = @params.Get <HttpFSParametersProvider.BlockSizeParam>(HttpFSParametersProvider.BlockSizeParam
.Name);
FSOperations.FSCreate command = new FSOperations.FSCreate(@is, path, permission,
@override, replication, blockSize);
FsExecute(user, command);
AuditLog.Info("[{}] permission [{}] override [{}] replication [{}] blockSize [{}]"
, new object[] { path, permission, @override, replication, blockSize });
response = Response.Status(Response.Status.Created).Build();
}
break;
}
case HttpFSFileSystem.Operation.Setxattr:
{
string xattrName = @params.Get <HttpFSParametersProvider.XAttrNameParam>(HttpFSParametersProvider.XAttrNameParam
.Name);
string xattrValue = @params.Get <HttpFSParametersProvider.XAttrValueParam>(HttpFSParametersProvider.XAttrValueParam
.Name);
EnumSet <XAttrSetFlag> flag = @params.Get <HttpFSParametersProvider.XAttrSetFlagParam
>(HttpFSParametersProvider.XAttrSetFlagParam.Name);
FSOperations.FSSetXAttr command = new FSOperations.FSSetXAttr(path, xattrName, xattrValue
, flag);
FsExecute(user, command);
AuditLog.Info("[{}] to xAttr [{}]", path, xattrName);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Removexattr:
{
string xattrName = @params.Get <HttpFSParametersProvider.XAttrNameParam>(HttpFSParametersProvider.XAttrNameParam
.Name);
FSOperations.FSRemoveXAttr command = new FSOperations.FSRemoveXAttr(path, xattrName
);
FsExecute(user, command);
AuditLog.Info("[{}] removed xAttr [{}]", path, xattrName);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Mkdirs:
{
short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam
.Name);
FSOperations.FSMkdirs command = new FSOperations.FSMkdirs(path, permission);
JSONObject json = FsExecute(user, command);
AuditLog.Info("[{}] permission [{}]", path, permission);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Rename:
{
string toPath = @params.Get <HttpFSParametersProvider.DestinationParam>(HttpFSParametersProvider.DestinationParam
.Name);
FSOperations.FSRename command = new FSOperations.FSRename(path, toPath);
JSONObject json = FsExecute(user, command);
AuditLog.Info("[{}] to [{}]", path, toPath);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Setowner:
{
string owner = @params.Get <HttpFSParametersProvider.OwnerParam>(HttpFSParametersProvider.OwnerParam
.Name);
string group = @params.Get <HttpFSParametersProvider.GroupParam>(HttpFSParametersProvider.GroupParam
.Name);
FSOperations.FSSetOwner command = new FSOperations.FSSetOwner(path, owner, group);
FsExecute(user, command);
AuditLog.Info("[{}] to (O/G)[{}]", path, owner + ":" + group);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Setpermission:
{
short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam
.Name);
FSOperations.FSSetPermission command = new FSOperations.FSSetPermission(path, permission
);
FsExecute(user, command);
AuditLog.Info("[{}] to [{}]", path, permission);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Setreplication:
{
short replication = @params.Get <HttpFSParametersProvider.ReplicationParam>(HttpFSParametersProvider.ReplicationParam
.Name);
FSOperations.FSSetReplication command = new FSOperations.FSSetReplication(path, replication
);
JSONObject json = FsExecute(user, command);
AuditLog.Info("[{}] to [{}]", path, replication);
response = Response.Ok(json).Build();
break;
}
case HttpFSFileSystem.Operation.Settimes:
{
long modifiedTime = @params.Get <HttpFSParametersProvider.ModifiedTimeParam>(HttpFSParametersProvider.ModifiedTimeParam
.Name);
long accessTime = @params.Get <HttpFSParametersProvider.AccessTimeParam>(HttpFSParametersProvider.AccessTimeParam
.Name);
FSOperations.FSSetTimes command = new FSOperations.FSSetTimes(path, modifiedTime,
accessTime);
FsExecute(user, command);
AuditLog.Info("[{}] to (M/A)[{}]", path, modifiedTime + ":" + accessTime);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Setacl:
{
string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam
.Name);
FSOperations.FSSetAcl command = new FSOperations.FSSetAcl(path, aclSpec);
FsExecute(user, command);
AuditLog.Info("[{}] to acl [{}]", path, aclSpec);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Removeacl:
{
FSOperations.FSRemoveAcl command = new FSOperations.FSRemoveAcl(path);
FsExecute(user, command);
AuditLog.Info("[{}] removed acl", path);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Modifyaclentries:
{
string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam
.Name);
FSOperations.FSModifyAclEntries command = new FSOperations.FSModifyAclEntries(path
, aclSpec);
FsExecute(user, command);
AuditLog.Info("[{}] modify acl entry with [{}]", path, aclSpec);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Removeaclentries:
{
string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam
.Name);
FSOperations.FSRemoveAclEntries command = new FSOperations.FSRemoveAclEntries(path
, aclSpec);
FsExecute(user, command);
AuditLog.Info("[{}] remove acl entry [{}]", path, aclSpec);
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Removedefaultacl:
{
FSOperations.FSRemoveDefaultAcl command = new FSOperations.FSRemoveDefaultAcl(path
);
FsExecute(user, command);
AuditLog.Info("[{}] remove default acl", path);
response = Response.Ok().Build();
break;
}
default:
{
throw new IOException(MessageFormat.Format("Invalid HTTP PUT operation [{0}]", op
.Value()));
}
}
return(response);
}
public virtual Response Post(InputStream @is, UriInfo uriInfo, string path, HttpFSParametersProvider.OperationParam
op, Parameters @params, HttpServletRequest request)
{
UserGroupInformation user = HttpUserGroupInformation.Get();
Response response;
path = MakeAbsolute(path);
MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString());
MDC.Put("hostname", request.GetRemoteAddr());
switch (op.Value())
{
case HttpFSFileSystem.Operation.Append:
{
bool hasData = @params.Get <HttpFSParametersProvider.DataParam>(HttpFSParametersProvider.DataParam
.Name);
if (!hasData)
{
response = Response.TemporaryRedirect(CreateUploadRedirectionURL(uriInfo, HttpFSFileSystem.Operation
.Append)).Build();
}
else
{
FSOperations.FSAppend command = new FSOperations.FSAppend(@is, path);
FsExecute(user, command);
AuditLog.Info("[{}]", path);
response = Response.Ok().Type(MediaType.ApplicationJson).Build();
}
break;
}
case HttpFSFileSystem.Operation.Concat:
{
System.Console.Out.WriteLine("HTTPFS SERVER CONCAT");
string sources = @params.Get <HttpFSParametersProvider.SourcesParam>(HttpFSParametersProvider.SourcesParam
.Name);
FSOperations.FSConcat command = new FSOperations.FSConcat(path, sources.Split(","
));
FsExecute(user, command);
AuditLog.Info("[{}]", path);
System.Console.Out.WriteLine("SENT RESPONSE");
response = Response.Ok().Build();
break;
}
case HttpFSFileSystem.Operation.Truncate:
{
long newLength = @params.Get <HttpFSParametersProvider.NewLengthParam>(HttpFSParametersProvider.NewLengthParam
.Name);
FSOperations.FSTruncate command = new FSOperations.FSTruncate(path, newLength);
JSONObject json = FsExecute(user, command);
AuditLog.Info("Truncate [{}] to length [{}]", path, newLength);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
default:
{
throw new IOException(MessageFormat.Format("Invalid HTTP POST operation [{0}]", op
.Value()));
}
}
return(response);
}
public virtual Response Get(string path, HttpFSParametersProvider.OperationParam
op, Parameters @params, HttpServletRequest request)
{
UserGroupInformation user = HttpUserGroupInformation.Get();
Response response;
path = MakeAbsolute(path);
MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString());
MDC.Put("hostname", request.GetRemoteAddr());
switch (op.Value())
{
case HttpFSFileSystem.Operation.Open:
{
//Invoking the command directly using an unmanaged FileSystem that is
// released by the FileSystemReleaseFilter
FSOperations.FSOpen command = new FSOperations.FSOpen(path);
FileSystem fs = CreateFileSystem(user);
InputStream @is = command.Execute(fs);
long offset = @params.Get <HttpFSParametersProvider.OffsetParam>(HttpFSParametersProvider.OffsetParam
.Name);
long len = @params.Get <HttpFSParametersProvider.LenParam>(HttpFSParametersProvider.LenParam
.Name);
AuditLog.Info("[{}] offset [{}] len [{}]", new object[] { path, offset, len });
InputStreamEntity entity = new InputStreamEntity(@is, offset, len);
response = Response.Ok(entity).Type(MediaType.ApplicationOctetStream).Build();
break;
}
case HttpFSFileSystem.Operation.Getfilestatus:
{
FSOperations.FSFileStatus command = new FSOperations.FSFileStatus(path);
IDictionary json = FsExecute(user, command);
AuditLog.Info("[{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Liststatus:
{
string filter = @params.Get <HttpFSParametersProvider.FilterParam>(HttpFSParametersProvider.FilterParam
.Name);
FSOperations.FSListStatus command = new FSOperations.FSListStatus(path, filter);
IDictionary json = FsExecute(user, command);
AuditLog.Info("[{}] filter [{}]", path, (filter != null) ? filter : "-");
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Gethomedirectory:
{
EnforceRootPath(op.Value(), path);
FSOperations.FSHomeDir command = new FSOperations.FSHomeDir();
JSONObject json = FsExecute(user, command);
AuditLog.Info(string.Empty);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Instrumentation:
{
EnforceRootPath(op.Value(), path);
Groups groups = HttpFSServerWebApp.Get().Get <Groups>();
IList <string> userGroups = groups.GetGroups(user.GetShortUserName());
if (!userGroups.Contains(HttpFSServerWebApp.Get().GetAdminGroup()))
{
throw new AccessControlException("User not in HttpFSServer admin group");
}
Instrumentation instrumentation = HttpFSServerWebApp.Get().Get <Instrumentation>();
IDictionary snapshot = instrumentation.GetSnapshot();
response = Response.Ok(snapshot).Build();
break;
}
case HttpFSFileSystem.Operation.Getcontentsummary:
{
FSOperations.FSContentSummary command = new FSOperations.FSContentSummary(path);
IDictionary json = FsExecute(user, command);
AuditLog.Info("[{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Getfilechecksum:
{
FSOperations.FSFileChecksum command = new FSOperations.FSFileChecksum(path);
IDictionary json = FsExecute(user, command);
AuditLog.Info("[{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Getfileblocklocations:
{
response = Response.Status(Response.Status.BadRequest).Build();
break;
}
case HttpFSFileSystem.Operation.Getaclstatus:
{
FSOperations.FSAclStatus command = new FSOperations.FSAclStatus(path);
IDictionary json = FsExecute(user, command);
AuditLog.Info("ACL status for [{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Getxattrs:
{
IList <string> xattrNames = @params.GetValues <HttpFSParametersProvider.XAttrNameParam
>(HttpFSParametersProvider.XAttrNameParam.Name);
XAttrCodec encoding = @params.Get <HttpFSParametersProvider.XAttrEncodingParam>(HttpFSParametersProvider.XAttrEncodingParam
.Name);
FSOperations.FSGetXAttrs command = new FSOperations.FSGetXAttrs(path, xattrNames,
encoding);
IDictionary json = FsExecute(user, command);
AuditLog.Info("XAttrs for [{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
case HttpFSFileSystem.Operation.Listxattrs:
{
FSOperations.FSListXAttrs command = new FSOperations.FSListXAttrs(path);
IDictionary json = FsExecute(user, command);
AuditLog.Info("XAttr names for [{}]", path);
response = Response.Ok(json).Type(MediaType.ApplicationJson).Build();
break;
}
default:
{
throw new IOException(MessageFormat.Format("Invalid HTTP GET operation [{0}]", op
.Value()));
}
}
return(response);
}