/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
internal static void CheckPermissionForApi(FSPermissionChecker pc, XAttr xAttr, bool
isRawPath)
{
bool isSuperUser = pc.IsSuperUser();
if (xAttr.GetNameSpace() == XAttr.NameSpace.User || (xAttr.GetNameSpace() == XAttr.NameSpace
.Trusted && isSuperUser))
{
return;
}
if (xAttr.GetNameSpace() == XAttr.NameSpace.Raw && isRawPath && isSuperUser)
{
return;
}
if (XAttrHelper.GetPrefixName(xAttr).Equals(HdfsServerConstants.SecurityXattrUnreadableBySuperuser
))
{
if (xAttr.GetValue() != null)
{
throw new AccessControlException("Attempt to set a value for '" + HdfsServerConstants
.SecurityXattrUnreadableBySuperuser + "'. Values are not allowed for this xattr."
);
}
return;
}
throw new AccessControlException("User doesn't have permission for xattr: " + XAttrHelper
.GetPrefixName(xAttr));
}
/// <exception cref="System.IO.IOException"/>
public static string ToJsonString(IList <XAttr> xAttrs)
{
IList <string> names = Lists.NewArrayListWithCapacity(xAttrs.Count);
foreach (XAttr xAttr in xAttrs)
{
names.AddItem(XAttrHelper.GetPrefixName(xAttr));
}
ObjectMapper mapper = new ObjectMapper();
string ret = mapper.WriteValueAsString(names);
IDictionary <string, object> finalMap = new SortedDictionary <string, object>();
finalMap["XAttrNames"] = ret;
return(mapper.WriteValueAsString(finalMap));
}
/// <exception cref="System.IO.IOException"/>
private static IDictionary <string, object> ToJsonMap(XAttr xAttr, XAttrCodec encoding
)
{
if (xAttr == null)
{
return(null);
}
IDictionary <string, object> m = new SortedDictionary <string, object>();
m["name"] = XAttrHelper.GetPrefixName(xAttr);
m["value"] = xAttr.GetValue() != null?XAttrCodec.EncodeValue(xAttr.GetValue(),
encoding) : null;
return(m);
}
/// <exception cref="System.IO.IOException"/>
internal static XAttr UnprotectedGetXAttrByName(INode inode, int snapshotId, string
xAttrName)
{
IList <XAttr> xAttrs = XAttrStorage.ReadINodeXAttrs(inode, snapshotId);
if (xAttrs == null)
{
return(null);
}
foreach (XAttr x in xAttrs)
{
if (XAttrHelper.GetPrefixName(x).Equals(xAttrName))
{
return(x);
}
}
return(null);
}
internal static IList <XAttr> FilterXAttrsForApi(FSPermissionChecker pc, IList <XAttr
> xAttrs, bool isRawPath)
{
System.Diagnostics.Debug.Assert(xAttrs != null, "xAttrs can not be null");
if (xAttrs.IsEmpty())
{
return(xAttrs);
}
IList <XAttr> filteredXAttrs = Lists.NewArrayListWithCapacity(xAttrs.Count);
bool isSuperUser = pc.IsSuperUser();
foreach (XAttr xAttr in xAttrs)
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.User)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.Trusted && isSuperUser)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.Raw && isSuperUser && isRawPath)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (XAttrHelper.GetPrefixName(xAttr).Equals(HdfsServerConstants.SecurityXattrUnreadableBySuperuser
))
{
filteredXAttrs.AddItem(xAttr);
}
}
}
}
}
return(filteredXAttrs);
}
/// <exception cref="System.IO.IOException"/>
internal static INode UnprotectedSetXAttrs(FSDirectory fsd, string src, IList <XAttr
> xAttrs, EnumSet <XAttrSetFlag> flag)
{
System.Diagnostics.Debug.Assert(fsd.HasWriteLock());
INodesInPath iip = fsd.GetINodesInPath4Write(FSDirectory.NormalizePath(src), true
);
INode inode = FSDirectory.ResolveLastINode(iip);
int snapshotId = iip.GetLatestSnapshotId();
IList <XAttr> existingXAttrs = XAttrStorage.ReadINodeXAttrs(inode);
IList <XAttr> newXAttrs = SetINodeXAttrs(fsd, existingXAttrs, xAttrs, flag);
bool isFile = inode.IsFile();
foreach (XAttr xattr in newXAttrs)
{
string xaName = XAttrHelper.GetPrefixName(xattr);
/*
* If we're adding the encryption zone xattr, then add src to the list
* of encryption zones.
*/
if (HdfsServerConstants.CryptoXattrEncryptionZone.Equals(xaName))
{
HdfsProtos.ZoneEncryptionInfoProto ezProto = HdfsProtos.ZoneEncryptionInfoProto.ParseFrom
(xattr.GetValue());
fsd.ezManager.AddEncryptionZone(inode.GetId(), PBHelper.Convert(ezProto.GetSuite(
)), PBHelper.Convert(ezProto.GetCryptoProtocolVersion()), ezProto.GetKeyName());
}
if (!isFile && HdfsServerConstants.SecurityXattrUnreadableBySuperuser.Equals(xaName
))
{
throw new IOException("Can only set '" + HdfsServerConstants.SecurityXattrUnreadableBySuperuser
+ "' on a file.");
}
}
XAttrStorage.UpdateINodeXAttrs(inode, newXAttrs, snapshotId);
return(inode);
}