/// <exception cref="System.IO.IOException"/>
internal static BatchedRemoteIterator.BatchedListEntries <CachePoolEntry> ListCachePools
(FSNamesystem fsn, CacheManager cacheManager, string prevKey)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
return(cacheManager.ListCachePools(pc, prevKey));
}
/// <summary>Set the namespace, storagespace and typespace quota for a directory.</summary>
/// <remarks>
/// Set the namespace, storagespace and typespace quota for a directory.
/// Note: This does not support ".inodes" relative path.
/// </remarks>
/// <exception cref="System.IO.IOException"/>
internal static void SetQuota(FSDirectory fsd, string src, long nsQuota, long ssQuota
, StorageType type)
{
if (fsd.IsPermissionEnabled())
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
pc.CheckSuperuserPrivilege();
}
fsd.WriteLock();
try
{
INodeDirectory changed = UnprotectedSetQuota(fsd, src, nsQuota, ssQuota, type);
if (changed != null)
{
QuotaCounts q = changed.GetQuotaCounts();
if (type == null)
{
fsd.GetEditLog().LogSetQuota(src, q.GetNameSpace(), q.GetStorageSpace());
}
else
{
fsd.GetEditLog().LogSetQuotaByStorageType(src, q.GetTypeSpaces().Get(type), type);
}
}
}
finally
{
fsd.WriteUnlock();
}
}
/// <summary>Set xattr for a file or directory.</summary>
/// <param name="src">- path on which it sets the xattr</param>
/// <param name="xAttr">- xAttr details to set</param>
/// <param name="flag">- xAttrs flags</param>
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus SetXAttr(FSDirectory fsd, string src, XAttr xAttr,
EnumSet <XAttrSetFlag> flag, bool logRetryCache)
{
CheckXAttrsConfigFlag(fsd);
CheckXAttrSize(fsd, xAttr);
FSPermissionChecker pc = fsd.GetPermissionChecker();
XAttrPermissionFilter.CheckPermissionForApi(pc, xAttr, FSDirectory.IsReservedRawName
(src));
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
IList <XAttr> xAttrs = Lists.NewArrayListWithCapacity(1);
xAttrs.AddItem(xAttr);
INodesInPath iip;
fsd.WriteLock();
try
{
iip = fsd.GetINodesInPath4Write(src);
CheckXAttrChangeAccess(fsd, iip, xAttr, pc);
UnprotectedSetXAttrs(fsd, src, xAttrs, flag);
}
finally
{
fsd.WriteUnlock();
}
fsd.GetEditLog().LogSetXAttrs(src, xAttrs, logRetryCache);
return(fsd.GetAuditFileInfo(iip));
}
/// <exception cref="System.IO.IOException"/>
internal static bool SetReplication(FSDirectory fsd, BlockManager bm, string src,
short replication)
{
bm.VerifyReplication(src, replication, null);
bool isFile;
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
fsd.WriteLock();
try
{
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip = fsd.GetINodesInPath4Write(src);
if (fsd.IsPermissionEnabled())
{
fsd.CheckPathAccess(pc, iip, FsAction.Write);
}
short[] blockRepls = new short[2];
// 0: old, 1: new
Block[] blocks = UnprotectedSetReplication(fsd, src, replication, blockRepls);
isFile = blocks != null;
if (isFile)
{
fsd.GetEditLog().LogSetReplication(src, replication);
bm.SetReplication(blockRepls[0], blockRepls[1], src, blocks);
}
}
finally
{
fsd.WriteUnlock();
}
return(isFile);
}
/// <summary>The new rename which has the POSIX semantic.</summary>
/// <exception cref="System.IO.IOException"/>
internal static KeyValuePair <INode.BlocksMapUpdateInfo, HdfsFileStatus> RenameToInt
(FSDirectory fsd, string srcArg, string dstArg, bool logRetryCache, params Options.Rename
[] options)
{
string src = srcArg;
string dst = dstArg;
if (NameNode.stateChangeLog.IsDebugEnabled())
{
NameNode.stateChangeLog.Debug("DIR* NameSystem.renameTo: with options -" + " " +
src + " to " + dst);
}
if (!DFSUtil.IsValidName(dst))
{
throw new InvalidPathException("Invalid name: " + dst);
}
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] srcComponents = FSDirectory.GetPathComponentsForReservedPath(src);
byte[][] dstComponents = FSDirectory.GetPathComponentsForReservedPath(dst);
INode.BlocksMapUpdateInfo collectedBlocks = new INode.BlocksMapUpdateInfo();
src = fsd.ResolvePath(pc, src, srcComponents);
dst = fsd.ResolvePath(pc, dst, dstComponents);
RenameTo(fsd, pc, src, dst, collectedBlocks, logRetryCache, options);
INodesInPath dstIIP = fsd.GetINodesInPath(dst, false);
HdfsFileStatus resultingStat = fsd.GetAuditFileInfo(dstIIP);
return(new AbstractMap.SimpleImmutableEntry <INode.BlocksMapUpdateInfo, HdfsFileStatus
>(collectedBlocks, resultingStat));
}
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus SetOwner(FSDirectory fsd, string src, string username
, string group)
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
INodesInPath iip;
fsd.WriteLock();
try
{
src = fsd.ResolvePath(pc, src, pathComponents);
iip = fsd.GetINodesInPath4Write(src);
fsd.CheckOwner(pc, iip);
if (!pc.IsSuperUser())
{
if (username != null && !pc.GetUser().Equals(username))
{
throw new AccessControlException("Non-super user cannot change owner");
}
if (group != null && !pc.ContainsGroup(group))
{
throw new AccessControlException("User does not belong to " + group);
}
}
UnprotectedSetOwner(fsd, src, username, group);
}
finally
{
fsd.WriteUnlock();
}
fsd.GetEditLog().LogSetOwner(src, username, group);
return(fsd.GetAuditFileInfo(iip));
}
/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
internal static void CheckPermissionForApi(FSPermissionChecker pc, XAttr xAttr, bool
isRawPath)
{
bool isSuperUser = pc.IsSuperUser();
if (xAttr.GetNameSpace() == XAttr.NameSpace.User || (xAttr.GetNameSpace() == XAttr.NameSpace
.Trusted && isSuperUser))
{
return;
}
if (xAttr.GetNameSpace() == XAttr.NameSpace.Raw && isRawPath && isSuperUser)
{
return;
}
if (XAttrHelper.GetPrefixName(xAttr).Equals(HdfsServerConstants.SecurityXattrUnreadableBySuperuser
))
{
if (xAttr.GetValue() != null)
{
throw new AccessControlException("Attempt to set a value for '" + HdfsServerConstants
.SecurityXattrUnreadableBySuperuser + "'. Values are not allowed for this xattr."
);
}
return;
}
throw new AccessControlException("User doesn't have permission for xattr: " + XAttrHelper
.GetPrefixName(xAttr));
}
internal static FSDirRenameOp.RenameOldResult RenameToInt(FSDirectory fsd, string
srcArg, string dstArg, bool logRetryCache)
{
string src = srcArg;
string dst = dstArg;
if (NameNode.stateChangeLog.IsDebugEnabled())
{
NameNode.stateChangeLog.Debug("DIR* NameSystem.renameTo: " + src + " to " + dst);
}
if (!DFSUtil.IsValidName(dst))
{
throw new IOException("Invalid name: " + dst);
}
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] srcComponents = FSDirectory.GetPathComponentsForReservedPath(src);
byte[][] dstComponents = FSDirectory.GetPathComponentsForReservedPath(dst);
HdfsFileStatus resultingStat = null;
src = fsd.ResolvePath(pc, src, srcComponents);
dst = fsd.ResolvePath(pc, dst, dstComponents);
bool status = RenameTo(fsd, pc, src, dst, logRetryCache);
if (status)
{
INodesInPath dstIIP = fsd.GetINodesInPath(dst, false);
resultingStat = fsd.GetAuditFileInfo(dstIIP);
}
return(new FSDirRenameOp.RenameOldResult(status, resultingStat));
}
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus SetAcl(FSDirectory fsd, string srcArg, IList <AclEntry
> aclSpec)
{
string src = srcArg;
CheckAclsConfigFlag(fsd);
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
FSPermissionChecker pc = fsd.GetPermissionChecker();
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip;
fsd.WriteLock();
try
{
iip = fsd.GetINodesInPath4Write(src);
fsd.CheckOwner(pc, iip);
IList <AclEntry> newAcl = UnprotectedSetAcl(fsd, src, aclSpec, false);
fsd.GetEditLog().LogSetAcl(src, newAcl);
}
finally
{
fsd.WriteUnlock();
}
return(fsd.GetAuditFileInfo(iip));
}
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus RemoveAcl(FSDirectory fsd, string srcArg)
{
string src = srcArg;
CheckAclsConfigFlag(fsd);
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip;
fsd.WriteLock();
try
{
iip = fsd.GetINodesInPath4Write(src);
fsd.CheckOwner(pc, iip);
UnprotectedRemoveAcl(fsd, iip);
}
finally
{
fsd.WriteUnlock();
}
fsd.GetEditLog().LogSetAcl(src, AclFeature.EmptyEntryList);
return(fsd.GetAuditFileInfo(iip));
}
/// <summary>Delete a snapshot of a snapshottable directory</summary>
/// <param name="snapshotRoot">The snapshottable directory</param>
/// <param name="snapshotName">The name of the to-be-deleted snapshot</param>
/// <exception cref="System.IO.IOException"/>
internal static INode.BlocksMapUpdateInfo DeleteSnapshot(FSDirectory fsd, SnapshotManager
snapshotManager, string snapshotRoot, string snapshotName, bool logRetryCache)
{
INodesInPath iip = fsd.GetINodesInPath4Write(snapshotRoot);
if (fsd.IsPermissionEnabled())
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
fsd.CheckOwner(pc, iip);
}
INode.BlocksMapUpdateInfo collectedBlocks = new INode.BlocksMapUpdateInfo();
ChunkedArrayList <INode> removedINodes = new ChunkedArrayList <INode>();
fsd.WriteLock();
try
{
snapshotManager.DeleteSnapshot(iip, snapshotName, collectedBlocks, removedINodes);
fsd.RemoveFromInodeMap(removedINodes);
}
finally
{
fsd.WriteUnlock();
}
removedINodes.Clear();
fsd.GetEditLog().LogDeleteSnapshot(snapshotRoot, snapshotName, logRetryCache);
return(collectedBlocks);
}
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus RemoveDefaultAcl(FSDirectory fsd, string srcArg)
{
string src = srcArg;
CheckAclsConfigFlag(fsd);
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip;
fsd.WriteLock();
try
{
iip = fsd.GetINodesInPath4Write(FSDirectory.NormalizePath(src), true);
fsd.CheckOwner(pc, iip);
INode inode = FSDirectory.ResolveLastINode(iip);
int snapshotId = iip.GetLatestSnapshotId();
IList <AclEntry> existingAcl = AclStorage.ReadINodeLogicalAcl(inode);
IList <AclEntry> newAcl = AclTransformation.FilterDefaultAclEntries(existingAcl);
AclStorage.UpdateINodeAcl(inode, newAcl, snapshotId);
fsd.GetEditLog().LogSetAcl(src, newAcl);
}
finally
{
fsd.WriteUnlock();
}
return(fsd.GetAuditFileInfo(iip));
}
/// <exception cref="System.IO.IOException"/>
internal static BatchedRemoteIterator.BatchedListEntries <CacheDirectiveEntry> ListCacheDirectives
(FSNamesystem fsn, CacheManager cacheManager, long startId, CacheDirectiveInfo filter
)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
return(cacheManager.ListCacheDirectives(startId, filter, pc));
}
/// <exception cref="System.IO.IOException"/>
internal static void RemoveCacheDirective(FSNamesystem fsn, CacheManager cacheManager
, long id, bool logRetryCache)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
cacheManager.RemoveDirective(id, pc);
fsn.GetEditLog().LogRemoveCacheDirectiveInfo(id, logRetryCache);
}
/// <exception cref="System.IO.IOException"/>
internal static void ModifyCacheDirective(FSNamesystem fsn, CacheManager cacheManager
, CacheDirectiveInfo directive, EnumSet <CacheFlag> flags, bool logRetryCache)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
cacheManager.ModifyDirective(directive, pc, flags);
fsn.GetEditLog().LogModifyCacheDirectiveInfo(directive, logRetryCache);
}
/// <exception cref="System.IO.IOException"/>
private static void CheckSubtreeReadPermission(FSDirectory fsd, FSPermissionChecker
pc, string snapshottablePath, string snapshot)
{
string fromPath = snapshot == null ? snapshottablePath : Org.Apache.Hadoop.Hdfs.Server.Namenode.Snapshot.Snapshot
.GetSnapshotPath(snapshottablePath, snapshot);
INodesInPath iip = fsd.GetINodesInPath(fromPath, true);
fsd.CheckPermission(pc, iip, false, null, null, FsAction.Read, FsAction.Read);
}
/// <exception cref="System.IO.IOException"/>
internal static IList <XAttr> GetXAttrs(FSDirectory fsd, string srcArg, IList <XAttr
> xAttrs)
{
string src = srcArg;
CheckXAttrsConfigFlag(fsd);
FSPermissionChecker pc = fsd.GetPermissionChecker();
bool isRawPath = FSDirectory.IsReservedRawName(src);
bool getAll = xAttrs == null || xAttrs.IsEmpty();
if (!getAll)
{
XAttrPermissionFilter.CheckPermissionForApi(pc, xAttrs, isRawPath);
}
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip = fsd.GetINodesInPath(src, true);
if (fsd.IsPermissionEnabled())
{
fsd.CheckPathAccess(pc, iip, FsAction.Read);
}
IList <XAttr> all = FSDirXAttrOp.GetXAttrs(fsd, src);
IList <XAttr> filteredAll = XAttrPermissionFilter.FilterXAttrsForApi(pc, all, isRawPath
);
if (getAll)
{
return(filteredAll);
}
if (filteredAll == null || filteredAll.IsEmpty())
{
return(null);
}
IList <XAttr> toGet = Lists.NewArrayListWithCapacity(xAttrs.Count);
foreach (XAttr xAttr in xAttrs)
{
bool foundIt = false;
foreach (XAttr a in filteredAll)
{
if (xAttr.GetNameSpace() == a.GetNameSpace() && xAttr.GetName().Equals(a.GetName(
)))
{
toGet.AddItem(a);
foundIt = true;
break;
}
}
if (!foundIt)
{
throw new IOException("At least one of the attributes provided was not found.");
}
}
return(toGet);
}
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus CreateSymlinkInt(FSNamesystem fsn, string target,
string linkArg, PermissionStatus dirPerms, bool createParent, bool logRetryCache
)
{
FSDirectory fsd = fsn.GetFSDirectory();
string link = linkArg;
if (!DFSUtil.IsValidName(link))
{
throw new InvalidPathException("Invalid link name: " + link);
}
if (FSDirectory.IsReservedName(target) || target.IsEmpty())
{
throw new InvalidPathException("Invalid target name: " + target);
}
if (NameNode.stateChangeLog.IsDebugEnabled())
{
NameNode.stateChangeLog.Debug("DIR* NameSystem.createSymlink: target=" + target +
" link=" + link);
}
FSPermissionChecker pc = fsn.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(link);
INodesInPath iip;
fsd.WriteLock();
try
{
link = fsd.ResolvePath(pc, link, pathComponents);
iip = fsd.GetINodesInPath4Write(link, false);
if (!createParent)
{
fsd.VerifyParentDir(iip, link);
}
if (!fsd.IsValidToCreate(link, iip))
{
throw new IOException("failed to create link " + link + " either because the filename is invalid or the file exists"
);
}
if (fsd.IsPermissionEnabled())
{
fsd.CheckAncestorAccess(pc, iip, FsAction.Write);
}
// validate that we have enough inodes.
fsn.CheckFsObjectLimit();
// add symbolic link to namespace
AddSymlink(fsd, link, iip, target, dirPerms, createParent, logRetryCache);
}
finally
{
fsd.WriteUnlock();
}
NameNode.GetNameNodeMetrics().IncrCreateSymlinkOps();
return(fsd.GetAuditFileInfo(iip));
}
/// <exception cref="System.IO.IOException"/>
internal static void ModifyCachePool(FSNamesystem fsn, CacheManager cacheManager,
CachePoolInfo req, bool logRetryCache)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
if (pc != null)
{
pc.CheckSuperuserPrivilege();
}
cacheManager.ModifyCachePool(req);
fsn.GetEditLog().LogModifyCachePool(req, logRetryCache);
}
/// <exception cref="System.IO.IOException"/>
internal static void RemoveCachePool(FSNamesystem fsn, CacheManager cacheManager,
string cachePoolName, bool logRetryCache)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
if (pc != null)
{
pc.CheckSuperuserPrivilege();
}
cacheManager.RemoveCachePool(cachePoolName);
fsn.GetEditLog().LogRemoveCachePool(cachePoolName, logRetryCache);
}
/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException"/>
internal static void CheckPermissionForApi(FSPermissionChecker pc, IList <XAttr> xAttrs
, bool isRawPath)
{
Preconditions.CheckArgument(xAttrs != null);
if (xAttrs.IsEmpty())
{
return;
}
foreach (XAttr xAttr in xAttrs)
{
CheckPermissionForApi(pc, xAttr, isRawPath);
}
}
/// <exception cref="System.IO.IOException"/>
internal static CachePoolInfo AddCachePool(FSNamesystem fsn, CacheManager cacheManager
, CachePoolInfo req, bool logRetryCache)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
if (pc != null)
{
pc.CheckSuperuserPrivilege();
}
CachePoolInfo info = cacheManager.AddCachePool(req);
fsn.GetEditLog().LogAddCachePool(info, logRetryCache);
return(info);
}
/// <summary>Returns true if the file is closed</summary>
/// <exception cref="System.IO.IOException"/>
internal static bool IsFileClosed(FSDirectory fsd, string src)
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip = fsd.GetINodesInPath(src, true);
if (fsd.IsPermissionEnabled())
{
fsd.CheckTraverse(pc, iip);
}
return(!INodeFile.ValueOf(iip.GetLastINode(), src).IsUnderConstruction());
}
/// <exception cref="System.IO.IOException"/>
internal static ContentSummary GetContentSummary(FSDirectory fsd, string src)
{
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
FSPermissionChecker pc = fsd.GetPermissionChecker();
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip = fsd.GetINodesInPath(src, false);
if (fsd.IsPermissionEnabled())
{
fsd.CheckPermission(pc, iip, false, null, null, null, FsAction.ReadExecute);
}
return(GetContentSummaryInt(fsd, iip));
}
/// <exception cref="System.IO.IOException"/>
internal static SnapshottableDirectoryStatus[] GetSnapshottableDirListing(FSDirectory
fsd, SnapshotManager snapshotManager)
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
fsd.ReadLock();
try
{
string user = pc.IsSuperUser() ? null : pc.GetUser();
return(snapshotManager.GetSnapshottableDirListing(user));
}
finally
{
fsd.ReadUnlock();
}
}
/// <exception cref="System.IO.IOException"/>
internal static CacheDirectiveInfo AddCacheDirective(FSNamesystem fsn, CacheManager
cacheManager, CacheDirectiveInfo directive, EnumSet <CacheFlag> flags, bool logRetryCache
)
{
FSPermissionChecker pc = GetFsPermissionChecker(fsn);
if (directive.GetId() != null)
{
throw new IOException("addDirective: you cannot specify an ID " + "for this operation."
);
}
CacheDirectiveInfo effectiveDirective = cacheManager.AddDirective(directive, pc,
flags);
fsn.GetEditLog().LogAddCacheDirectiveInfo(effectiveDirective, logRetryCache);
return(effectiveDirective);
}
/// <summary>
/// Returns a CachePoolInfo describing this CachePool based on the permissions
/// of the calling user.
/// </summary>
/// <remarks>
/// Returns a CachePoolInfo describing this CachePool based on the permissions
/// of the calling user. Unprivileged users will see only minimal descriptive
/// information about the pool.
/// </remarks>
/// <param name="pc">
/// Permission checker to be used to validate the user's permissions,
/// or null
/// </param>
/// <returns>CachePoolEntry describing this CachePool</returns>
public CachePoolEntry GetEntry(FSPermissionChecker pc)
{
bool hasPermission = true;
if (pc != null)
{
try
{
pc.CheckPermission(this, FsAction.Read);
}
catch (AccessControlException)
{
hasPermission = false;
}
}
return(new CachePoolEntry(GetInfo(hasPermission), hasPermission ? GetStats() : new
CachePoolStats.Builder().Build()));
}
/// <exception cref="System.IO.IOException"/>
internal static DirectoryListing GetListingInt(FSDirectory fsd, string srcArg, byte
[] startAfter, bool needLocation)
{
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(srcArg);
string startAfterString = new string(startAfter, Charsets.Utf8);
string src = fsd.ResolvePath(pc, srcArg, pathComponents);
INodesInPath iip = fsd.GetINodesInPath(src, true);
// Get file name when startAfter is an INodePath
if (FSDirectory.IsReservedName(startAfterString))
{
byte[][] startAfterComponents = FSDirectory.GetPathComponentsForReservedPath(startAfterString
);
try
{
string tmp = FSDirectory.ResolvePath(src, startAfterComponents, fsd);
byte[][] regularPath = INode.GetPathComponents(tmp);
startAfter = regularPath[regularPath.Length - 1];
}
catch (IOException)
{
// Possibly the inode is deleted
throw new DirectoryListingStartAfterNotFoundException("Can't find startAfter " +
startAfterString);
}
}
bool isSuperUser = true;
if (fsd.IsPermissionEnabled())
{
if (iip.GetLastINode() != null && iip.GetLastINode().IsDirectory())
{
fsd.CheckPathAccess(pc, iip, FsAction.ReadExecute);
}
else
{
fsd.CheckTraverse(pc, iip);
}
isSuperUser = pc.IsSuperUser();
}
return(GetListing(fsd, iip, src, startAfter, needLocation, isSuperUser));
}
/// <exception cref="System.IO.IOException"/>
internal static IList <XAttr> ListXAttrs(FSDirectory fsd, string src)
{
FSDirXAttrOp.CheckXAttrsConfigFlag(fsd);
FSPermissionChecker pc = fsd.GetPermissionChecker();
bool isRawPath = FSDirectory.IsReservedRawName(src);
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
INodesInPath iip = fsd.GetINodesInPath(src, true);
if (fsd.IsPermissionEnabled())
{
/* To access xattr names, you need EXECUTE in the owning directory. */
fsd.CheckParentAccess(pc, iip, FsAction.Execute);
}
IList <XAttr> all = FSDirXAttrOp.GetXAttrs(fsd, src);
return(XAttrPermissionFilter.FilterXAttrsForApi(pc, all, isRawPath));
}
internal static IList <XAttr> FilterXAttrsForApi(FSPermissionChecker pc, IList <XAttr
> xAttrs, bool isRawPath)
{
System.Diagnostics.Debug.Assert(xAttrs != null, "xAttrs can not be null");
if (xAttrs.IsEmpty())
{
return(xAttrs);
}
IList <XAttr> filteredXAttrs = Lists.NewArrayListWithCapacity(xAttrs.Count);
bool isSuperUser = pc.IsSuperUser();
foreach (XAttr xAttr in xAttrs)
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.User)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.Trusted && isSuperUser)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (xAttr.GetNameSpace() == XAttr.NameSpace.Raw && isSuperUser && isRawPath)
{
filteredXAttrs.AddItem(xAttr);
}
else
{
if (XAttrHelper.GetPrefixName(xAttr).Equals(HdfsServerConstants.SecurityXattrUnreadableBySuperuser
))
{
filteredXAttrs.AddItem(xAttr);
}
}
}
}
}
return(filteredXAttrs);
}
