Exemplo n.º 1
0
        /// <summary>Completely replaces the ACL with the entries of the ACL spec.</summary>
        /// <remarks>
        /// Completely replaces the ACL with the entries of the ACL spec.  If
        /// necessary, recalculates the mask entries.  If necessary, default entries
        /// are inferred by copying the permissions of the corresponding access
        /// entries.  Replacement occurs separately for each of the access ACL and the
        /// default ACL.  If the ACL spec contains only access entries, then the
        /// existing default entries are retained.  If the ACL spec contains only
        /// default entries, then the existing access entries are retained.  If the ACL
        /// spec contains both access and default entries, then both are replaced.
        /// </remarks>
        /// <param name="existingAcl">List<AclEntry> existing ACL</param>
        /// <param name="inAclSpec">List<AclEntry> ACL spec containing replacement entries</param>
        /// <returns>List<AclEntry> new ACL</returns>
        /// <exception cref="Org.Apache.Hadoop.Hdfs.Protocol.AclException">if validation fails
        ///     </exception>
        public static IList <AclEntry> ReplaceAclEntries(IList <AclEntry> existingAcl, IList
                                                         <AclEntry> inAclSpec)
        {
            AclTransformation.ValidatedAclSpec aclSpec = new AclTransformation.ValidatedAclSpec
                                                             (inAclSpec);
            AList <AclEntry> aclBuilder = Lists.NewArrayListWithCapacity(MaxEntries);
            // Replacement is done separately for each scope: access and default.
            EnumMap <AclEntryScope, AclEntry> providedMask = Maps.NewEnumMap <AclEntryScope>();
            EnumSet <AclEntryScope>           maskDirty    = EnumSet.NoneOf <AclEntryScope>();
            EnumSet <AclEntryScope>           scopeDirty   = EnumSet.NoneOf <AclEntryScope>();

            foreach (AclEntry aclSpecEntry in aclSpec)
            {
                scopeDirty.AddItem(aclSpecEntry.GetScope());
                if (aclSpecEntry.GetType() == AclEntryType.Mask)
                {
                    providedMask[aclSpecEntry.GetScope()] = aclSpecEntry;
                    maskDirty.AddItem(aclSpecEntry.GetScope());
                }
                else
                {
                    aclBuilder.AddItem(aclSpecEntry);
                }
            }
            // Copy existing entries if the scope was not replaced.
            foreach (AclEntry existingEntry in existingAcl)
            {
                if (!scopeDirty.Contains(existingEntry.GetScope()))
                {
                    if (existingEntry.GetType() == AclEntryType.Mask)
                    {
                        providedMask[existingEntry.GetScope()] = existingEntry;
                    }
                    else
                    {
                        aclBuilder.AddItem(existingEntry);
                    }
                }
            }
            CopyDefaultsIfNeeded(aclBuilder);
            CalculateMasks(aclBuilder, providedMask, maskDirty, scopeDirty);
            return(BuildAndValidateAcl(aclBuilder));
        }
Exemplo n.º 2
0
        /// <summary>
        /// Filters (discards) any existing ACL entries that have the same scope, type
        /// and name of any entry in the ACL spec.
        /// </summary>
        /// <remarks>
        /// Filters (discards) any existing ACL entries that have the same scope, type
        /// and name of any entry in the ACL spec.  If necessary, recalculates the mask
        /// entries.  If necessary, default entries may be inferred by copying the
        /// permissions of the corresponding access entries.  It is invalid to request
        /// removal of the mask entry from an ACL that would otherwise require a mask
        /// entry, due to existing named entries or an unnamed group entry.
        /// </remarks>
        /// <param name="existingAcl">List<AclEntry> existing ACL</param>
        /// <param name="inAclSpec">List<AclEntry> ACL spec describing entries to filter</param>
        /// <returns>List<AclEntry> new ACL</returns>
        /// <exception cref="Org.Apache.Hadoop.Hdfs.Protocol.AclException">if validation fails
        ///     </exception>
        public static IList <AclEntry> FilterAclEntriesByAclSpec(IList <AclEntry> existingAcl
                                                                 , IList <AclEntry> inAclSpec)
        {
            AclTransformation.ValidatedAclSpec aclSpec = new AclTransformation.ValidatedAclSpec
                                                             (inAclSpec);
            AList <AclEntry> aclBuilder = Lists.NewArrayListWithCapacity(MaxEntries);
            EnumMap <AclEntryScope, AclEntry> providedMask = Maps.NewEnumMap <AclEntryScope>();
            EnumSet <AclEntryScope>           maskDirty    = EnumSet.NoneOf <AclEntryScope>();
            EnumSet <AclEntryScope>           scopeDirty   = EnumSet.NoneOf <AclEntryScope>();

            foreach (AclEntry existingEntry in existingAcl)
            {
                if (aclSpec.ContainsKey(existingEntry))
                {
                    scopeDirty.AddItem(existingEntry.GetScope());
                    if (existingEntry.GetType() == AclEntryType.Mask)
                    {
                        maskDirty.AddItem(existingEntry.GetScope());
                    }
                }
                else
                {
                    if (existingEntry.GetType() == AclEntryType.Mask)
                    {
                        providedMask[existingEntry.GetScope()] = existingEntry;
                    }
                    else
                    {
                        aclBuilder.AddItem(existingEntry);
                    }
                }
            }
            CopyDefaultsIfNeeded(aclBuilder);
            CalculateMasks(aclBuilder, providedMask, maskDirty, scopeDirty);
            return(BuildAndValidateAcl(aclBuilder));
        }
Exemplo n.º 3
0
        /// <summary>Merges the entries of the ACL spec into the existing ACL.</summary>
        /// <remarks>
        /// Merges the entries of the ACL spec into the existing ACL.  If necessary,
        /// recalculates the mask entries.  If necessary, default entries may be
        /// inferred by copying the permissions of the corresponding access entries.
        /// </remarks>
        /// <param name="existingAcl">List<AclEntry> existing ACL</param>
        /// <param name="inAclSpec">List<AclEntry> ACL spec containing entries to merge</param>
        /// <returns>List<AclEntry> new ACL</returns>
        /// <exception cref="Org.Apache.Hadoop.Hdfs.Protocol.AclException">if validation fails
        ///     </exception>
        public static IList <AclEntry> MergeAclEntries(IList <AclEntry> existingAcl, IList <
                                                           AclEntry> inAclSpec)
        {
            AclTransformation.ValidatedAclSpec aclSpec = new AclTransformation.ValidatedAclSpec
                                                             (inAclSpec);
            AList <AclEntry> aclBuilder                    = Lists.NewArrayListWithCapacity(MaxEntries);
            IList <AclEntry> foundAclSpecEntries           = Lists.NewArrayListWithCapacity(MaxEntries);
            EnumMap <AclEntryScope, AclEntry> providedMask = Maps.NewEnumMap <AclEntryScope>();
            EnumSet <AclEntryScope>           maskDirty    = EnumSet.NoneOf <AclEntryScope>();
            EnumSet <AclEntryScope>           scopeDirty   = EnumSet.NoneOf <AclEntryScope>();

            foreach (AclEntry existingEntry in existingAcl)
            {
                AclEntry aclSpecEntry = aclSpec.FindByKey(existingEntry);
                if (aclSpecEntry != null)
                {
                    foundAclSpecEntries.AddItem(aclSpecEntry);
                    scopeDirty.AddItem(aclSpecEntry.GetScope());
                    if (aclSpecEntry.GetType() == AclEntryType.Mask)
                    {
                        providedMask[aclSpecEntry.GetScope()] = aclSpecEntry;
                        maskDirty.AddItem(aclSpecEntry.GetScope());
                    }
                    else
                    {
                        aclBuilder.AddItem(aclSpecEntry);
                    }
                }
                else
                {
                    if (existingEntry.GetType() == AclEntryType.Mask)
                    {
                        providedMask[existingEntry.GetScope()] = existingEntry;
                    }
                    else
                    {
                        aclBuilder.AddItem(existingEntry);
                    }
                }
            }
            // ACL spec entries that were not replacements are new additions.
            foreach (AclEntry newEntry in aclSpec)
            {
                if (Sharpen.Collections.BinarySearch(foundAclSpecEntries, newEntry, AclEntryComparator
                                                     ) < 0)
                {
                    scopeDirty.AddItem(newEntry.GetScope());
                    if (newEntry.GetType() == AclEntryType.Mask)
                    {
                        providedMask[newEntry.GetScope()] = newEntry;
                        maskDirty.AddItem(newEntry.GetScope());
                    }
                    else
                    {
                        aclBuilder.AddItem(newEntry);
                    }
                }
            }
            CopyDefaultsIfNeeded(aclBuilder);
            CalculateMasks(aclBuilder, providedMask, maskDirty, scopeDirty);
            return(BuildAndValidateAcl(aclBuilder));
        }