/// <summary>Check whether current user have permissions to access the path.</summary>
/// <remarks>
/// Check whether current user have permissions to access the path.
/// Traverse is always checked.
/// Parent path means the parent directory for the path.
/// Ancestor path means the last (the closest) existing ancestor directory
/// of the path.
/// Note that if the parent path exists,
/// then the parent path and the ancestor path are the same.
/// For example, suppose the path is "/foo/bar/baz".
/// No matter baz is a file or a directory,
/// the parent path is "/foo/bar".
/// If bar exists, then the ancestor path is also "/foo/bar".
/// If bar does not exist and foo exists,
/// then the ancestor path is "/foo".
/// Further, if both foo and bar do not exist,
/// then the ancestor path is "/".
/// </remarks>
/// <param name="doCheckOwner">Require user to be the owner of the path?</param>
/// <param name="ancestorAccess">The access required by the ancestor of the path.</param>
/// <param name="parentAccess">The access required by the parent of the path.</param>
/// <param name="access">The access required by the path.</param>
/// <param name="subAccess">
/// If path is a directory,
/// it is the access required of the path and all the sub-directories.
/// If path is not a directory, there is no effect.
/// </param>
/// <param name="ignoreEmptyDir">Ignore permission checking for empty directory?</param>
/// <exception cref="Org.Apache.Hadoop.Security.AccessControlException">
/// Guarded by
/// <see cref="FSNamesystem.ReadLock()"/>
/// Caller of this method must hold that lock.
/// </exception>
internal virtual void CheckPermission(INodesInPath inodesInPath, bool doCheckOwner
, FsAction ancestorAccess, FsAction parentAccess, FsAction access, FsAction subAccess
, bool ignoreEmptyDir)
{
if (Log.IsDebugEnabled())
{
Log.Debug("ACCESS CHECK: " + this + ", doCheckOwner=" + doCheckOwner + ", ancestorAccess="
+ ancestorAccess + ", parentAccess=" + parentAccess + ", access=" + access + ", subAccess="
+ subAccess + ", ignoreEmptyDir=" + ignoreEmptyDir);
}
// check if (parentAccess != null) && file exists, then check sb
// If resolveLink, the check is performed on the link target.
int snapshotId = inodesInPath.GetPathSnapshotId();
INode[] inodes = inodesInPath.GetINodesArray();
INodeAttributes[] inodeAttrs = new INodeAttributes[inodes.Length];
byte[][] pathByNameArr = new byte[inodes.Length][];
for (int i = 0; i < inodes.Length && inodes[i] != null; i++)
{
if (inodes[i] != null)
{
pathByNameArr[i] = inodes[i].GetLocalNameBytes();
inodeAttrs[i] = GetINodeAttrs(pathByNameArr, i, inodes[i], snapshotId);
}
}
string path = inodesInPath.GetPath();
int ancestorIndex = inodes.Length - 2;
INodeAttributeProvider.AccessControlEnforcer enforcer = GetAttributesProvider().GetExternalAccessControlEnforcer
(this);
enforcer.CheckPermission(fsOwner, supergroup, callerUgi, inodeAttrs, inodes, pathByNameArr
, snapshotId, path, ancestorIndex, doCheckOwner, ancestorAccess, parentAccess, access
, subAccess, ignoreEmptyDir);
}
/// <summary>Get the file info for a specific file.</summary>
/// <param name="fsd">FSDirectory</param>
/// <param name="src">The string representation of the path to the file</param>
/// <param name="isRawPath">true if a /.reserved/raw pathname was passed by the user</param>
/// <param name="includeStoragePolicy">whether to include storage policy</param>
/// <returns>
/// object containing information regarding the file
/// or null if file not found
/// </returns>
/// <exception cref="System.IO.IOException"/>
internal static HdfsFileStatus GetFileInfo(FSDirectory fsd, string path, INodesInPath
src, bool isRawPath, bool includeStoragePolicy)
{
fsd.ReadLock();
try
{
INode i = src.GetLastINode();
byte policyId = includeStoragePolicy && i != null && !i.IsSymlink() ? i.GetStoragePolicyID
() : BlockStoragePolicySuite.IdUnspecified;
return(i == null ? null : CreateFileStatus(fsd, path, HdfsFileStatus.EmptyName, i
, policyId, src.GetPathSnapshotId(), isRawPath, src));
}
finally
{
fsd.ReadUnlock();
}
}
/// <exception cref="System.IO.IOException"/>
private static IList <XAttr> GetXAttrs(FSDirectory fsd, string src)
{
string srcs = FSDirectory.NormalizePath(src);
fsd.ReadLock();
try
{
INodesInPath iip = fsd.GetINodesInPath(srcs, true);
INode inode = FSDirectory.ResolveLastINode(iip);
int snapshotId = iip.GetPathSnapshotId();
return(XAttrStorage.ReadINodeXAttrs(fsd.GetAttributes(src, inode.GetLocalNameBytes
(), inode, snapshotId)));
}
finally
{
fsd.ReadUnlock();
}
}
/// <exception cref="System.IO.IOException"/>
internal static AclStatus GetAclStatus(FSDirectory fsd, string src)
{
CheckAclsConfigFlag(fsd);
FSPermissionChecker pc = fsd.GetPermissionChecker();
byte[][] pathComponents = FSDirectory.GetPathComponentsForReservedPath(src);
src = fsd.ResolvePath(pc, src, pathComponents);
string srcs = FSDirectory.NormalizePath(src);
fsd.ReadLock();
try
{
// There is no real inode for the path ending in ".snapshot", so return a
// non-null, unpopulated AclStatus. This is similar to getFileInfo.
if (srcs.EndsWith(HdfsConstants.SeparatorDotSnapshotDir) && fsd.GetINode4DotSnapshot
(srcs) != null)
{
return(new AclStatus.Builder().Owner(string.Empty).Group(string.Empty).Build());
}
INodesInPath iip = fsd.GetINodesInPath(srcs, true);
if (fsd.IsPermissionEnabled())
{
fsd.CheckTraverse(pc, iip);
}
INode inode = FSDirectory.ResolveLastINode(iip);
int snapshotId = iip.GetPathSnapshotId();
IList <AclEntry> acl = AclStorage.ReadINodeAcl(fsd.GetAttributes(src, inode.GetLocalNameBytes
(), inode, snapshotId));
FsPermission fsPermission = inode.GetFsPermission(snapshotId);
return(new AclStatus.Builder().Owner(inode.GetUserName()).Group(inode.GetGroupName
()).StickyBit(fsPermission.GetStickyBit()).SetPermission(fsPermission).AddEntries
(acl).Build());
}
finally
{
fsd.ReadUnlock();
}
}
/// <summary>for snapshot file while modifying file after snapshot.</summary>
/// <exception cref="System.Exception"/>
public virtual void TestSnapshotPathINodesAfterModification()
{
// First check the INode for /TestSnapshot/sub1/file1
string[] names = INode.GetPathNames(file1.ToString());
byte[][] components = INode.GetPathComponents(names);
INodesInPath nodesInPath = INodesInPath.Resolve(fsdir.rootDir, components, false);
// The number of inodes should be equal to components.length
NUnit.Framework.Assert.AreEqual(nodesInPath.Length(), components.Length);
// The last INode should be associated with file1
NUnit.Framework.Assert.AreEqual(nodesInPath.GetINode(components.Length - 1).GetFullPathName
(), file1.ToString());
// record the modification time of the inode
long modTime = nodesInPath.GetINode(nodesInPath.Length() - 1).GetModificationTime
();
// Create a snapshot for the dir, and check the inodes for the path
// pointing to a snapshot file
hdfs.AllowSnapshot(sub1);
hdfs.CreateSnapshot(sub1, "s3");
// Modify file1
DFSTestUtil.AppendFile(hdfs, file1, "the content for appending");
// Check the INodes for snapshot of file1
string snapshotPath = sub1.ToString() + "/.snapshot/s3/file1";
names = INode.GetPathNames(snapshotPath);
components = INode.GetPathComponents(names);
INodesInPath ssNodesInPath = INodesInPath.Resolve(fsdir.rootDir, components, false
);
// Length of ssInodes should be (components.length - 1), since we will
// ignore ".snapshot"
NUnit.Framework.Assert.AreEqual(ssNodesInPath.Length(), components.Length - 1);
Org.Apache.Hadoop.Hdfs.Server.Namenode.Snapshot.Snapshot s3 = GetSnapshot(ssNodesInPath
, "s3", 3);
AssertSnapshot(ssNodesInPath, true, s3, 3);
// Check the INode for snapshot of file1
INode snapshotFileNode = ssNodesInPath.GetLastINode();
NUnit.Framework.Assert.AreEqual(snapshotFileNode.GetLocalName(), file1.GetName());
NUnit.Framework.Assert.IsTrue(snapshotFileNode.AsFile().IsWithSnapshot());
// The modification time of the snapshot INode should be the same with the
// original INode before modification
NUnit.Framework.Assert.AreEqual(modTime, snapshotFileNode.GetModificationTime(ssNodesInPath
.GetPathSnapshotId()));
// Check the INode for /TestSnapshot/sub1/file1 again
names = INode.GetPathNames(file1.ToString());
components = INode.GetPathComponents(names);
INodesInPath newNodesInPath = INodesInPath.Resolve(fsdir.rootDir, components, false
);
AssertSnapshot(newNodesInPath, false, s3, -1);
// The number of inodes should be equal to components.length
NUnit.Framework.Assert.AreEqual(newNodesInPath.Length(), components.Length);
// The last INode should be associated with file1
int last = components.Length - 1;
NUnit.Framework.Assert.AreEqual(newNodesInPath.GetINode(last).GetFullPathName(),
file1.ToString());
// The modification time of the INode for file3 should have been changed
NUnit.Framework.Assert.IsFalse(modTime == newNodesInPath.GetINode(last).GetModificationTime
());
hdfs.DeleteSnapshot(sub1, "s3");
hdfs.DisallowSnapshot(sub1);
}
internal static void AssertSnapshot(INodesInPath inodesInPath, bool isSnapshot, Org.Apache.Hadoop.Hdfs.Server.Namenode.Snapshot.Snapshot
snapshot, int index)
{
NUnit.Framework.Assert.AreEqual(isSnapshot, inodesInPath.IsSnapshot());
NUnit.Framework.Assert.AreEqual(Org.Apache.Hadoop.Hdfs.Server.Namenode.Snapshot.Snapshot
.GetSnapshotId(isSnapshot ? snapshot : null), inodesInPath.GetPathSnapshotId());
if (!isSnapshot)
{
NUnit.Framework.Assert.AreEqual(Org.Apache.Hadoop.Hdfs.Server.Namenode.Snapshot.Snapshot
.GetSnapshotId(snapshot), inodesInPath.GetLatestSnapshotId());
}
if (isSnapshot && index >= 0)
{
NUnit.Framework.Assert.AreEqual(typeof(Snapshot.Root), inodesInPath.GetINode(index
).GetType());
}
}
/// <summary>
/// Get a partial listing of the indicated directory
/// We will stop when any of the following conditions is met:
/// 1) this.lsLimit files have been added
/// 2) needLocation is true AND enough files have been added such
/// that at least this.lsLimit block locations are in the response
/// </summary>
/// <param name="fsd">FSDirectory</param>
/// <param name="iip">
/// the INodesInPath instance containing all the INodes along the
/// path
/// </param>
/// <param name="src">the directory name</param>
/// <param name="startAfter">the name to start listing after</param>
/// <param name="needLocation">if block locations are returned</param>
/// <returns>a partial listing starting after startAfter</returns>
/// <exception cref="System.IO.IOException"/>
private static DirectoryListing GetListing(FSDirectory fsd, INodesInPath iip, string
src, byte[] startAfter, bool needLocation, bool isSuperUser)
{
string srcs = FSDirectory.NormalizePath(src);
bool isRawPath = FSDirectory.IsReservedRawName(src);
fsd.ReadLock();
try
{
if (srcs.EndsWith(HdfsConstants.SeparatorDotSnapshotDir))
{
return(GetSnapshotsListing(fsd, srcs, startAfter));
}
int snapshot = iip.GetPathSnapshotId();
INode targetNode = iip.GetLastINode();
if (targetNode == null)
{
return(null);
}
byte parentStoragePolicy = isSuperUser ? targetNode.GetStoragePolicyID() : BlockStoragePolicySuite
.IdUnspecified;
if (!targetNode.IsDirectory())
{
return(new DirectoryListing(new HdfsFileStatus[] { CreateFileStatus(fsd, src, HdfsFileStatus
.EmptyName, targetNode, needLocation, parentStoragePolicy, snapshot, isRawPath,
iip) }, 0));
}
INodeDirectory dirInode = targetNode.AsDirectory();
ReadOnlyList <INode> contents = dirInode.GetChildrenList(snapshot);
int startChild = INodeDirectory.NextChild(contents, startAfter);
int totalNumChildren = contents.Size();
int numOfListing = Math.Min(totalNumChildren - startChild, fsd.GetLsLimit());
int locationBudget = fsd.GetLsLimit();
int listingCnt = 0;
HdfsFileStatus[] listing = new HdfsFileStatus[numOfListing];
for (int i = 0; i < numOfListing && locationBudget > 0; i++)
{
INode cur = contents.Get(startChild + i);
byte curPolicy = isSuperUser && !cur.IsSymlink() ? cur.GetLocalStoragePolicyID() :
BlockStoragePolicySuite.IdUnspecified;
listing[i] = CreateFileStatus(fsd, src, cur.GetLocalNameBytes(), cur, needLocation
, GetStoragePolicyID(curPolicy, parentStoragePolicy), snapshot, isRawPath, iip);
listingCnt++;
if (needLocation)
{
// Once we hit lsLimit locations, stop.
// This helps to prevent excessively large response payloads.
// Approximate #locations with locatedBlockCount() * repl_factor
LocatedBlocks blks = ((HdfsLocatedFileStatus)listing[i]).GetBlockLocations();
locationBudget -= (blks == null) ? 0 : blks.LocatedBlockCount() * listing[i].GetReplication
();
}
}
// truncate return array if necessary
if (listingCnt < numOfListing)
{
listing = Arrays.CopyOf(listing, listingCnt);
}
return(new DirectoryListing(listing, totalNumChildren - startChild - listingCnt));
}
finally
{
fsd.ReadUnlock();
}
}
