/// <summary>Test AmIpFilter</summary> /// <exception cref="System.Exception"/> public virtual void TestFilter() { IDictionary <string, string> @params = new Dictionary <string, string>(); @params[AmIpFilter.ProxyHost] = proxyHost; @params[AmIpFilter.ProxyUriBase] = proxyUri; FilterConfig config = new TestAmFilter.DummyFilterConfig(@params); // dummy filter FilterChain chain = new _FilterChain_135(this); AmIpFilter testFilter = new AmIpFilter(); testFilter.Init(config); TestAmFilter.HttpServletResponseForTest response = new TestAmFilter.HttpServletResponseForTest (this); // Test request should implements HttpServletRequest ServletRequest failRequest = Org.Mockito.Mockito.Mock <ServletRequest>(); try { testFilter.DoFilter(failRequest, response, chain); NUnit.Framework.Assert.Fail(); } catch (ServletException e) { NUnit.Framework.Assert.AreEqual(ProxyUtils.EHttpHttpsOnly, e.Message); } // request with HttpServletRequest HttpServletRequest request = Org.Mockito.Mockito.Mock <HttpServletRequest>(); Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn("redirect"); Org.Mockito.Mockito.When(request.GetRequestURI()).ThenReturn("/redirect"); testFilter.DoFilter(request, response, chain); // address "redirect" is not in host list NUnit.Framework.Assert.AreEqual(302, response.status); string redirect = response.GetHeader(ProxyUtils.Location); NUnit.Framework.Assert.AreEqual("http://bogus/redirect", redirect); // "127.0.0.1" contains in host list. Without cookie Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn("127.0.0.1"); testFilter.DoFilter(request, response, chain); NUnit.Framework.Assert.IsTrue(doFilterRequest.Contains("javax.servlet.http.HttpServletRequest" )); // cookie added Cookie[] cookies = new Cookie[1]; cookies[0] = new Cookie(WebAppProxyServlet.ProxyUserCookieName, "user"); Org.Mockito.Mockito.When(request.GetCookies()).ThenReturn(cookies); testFilter.DoFilter(request, response, chain); NUnit.Framework.Assert.AreEqual("org.apache.hadoop.yarn.server.webproxy.amfilter.AmIpServletRequestWrapper" , doFilterRequest); // request contains principal from cookie NUnit.Framework.Assert.AreEqual("user", servletWrapper.GetUserPrincipal().GetName ()); NUnit.Framework.Assert.AreEqual("user", servletWrapper.GetRemoteUser()); NUnit.Framework.Assert.IsFalse(servletWrapper.IsUserInRole(string.Empty)); }
public virtual Response Delete(string path, HttpFSParametersProvider.OperationParam op, Parameters @params, HttpServletRequest request) { UserGroupInformation user = HttpUserGroupInformation.Get(); Response response; path = MakeAbsolute(path); MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString()); MDC.Put("hostname", request.GetRemoteAddr()); switch (op.Value()) { case HttpFSFileSystem.Operation.Delete: { bool recursive = @params.Get <HttpFSParametersProvider.RecursiveParam>(HttpFSParametersProvider.RecursiveParam .Name); AuditLog.Info("[{}] recursive [{}]", path, recursive); FSOperations.FSDelete command = new FSOperations.FSDelete(path, recursive); JSONObject json = FsExecute(user, command); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } default: { throw new IOException(MessageFormat.Format("Invalid HTTP DELETE operation [{0}]", op.Value())); } } return(response); }
//Empty /// <exception cref="System.IO.IOException"/> /// <exception cref="Javax.Servlet.ServletException"/> public virtual void DoFilter(ServletRequest req, ServletResponse resp, FilterChain chain) { ProxyUtils.RejectNonHttpRequests(req); HttpServletRequest httpReq = (HttpServletRequest)req; HttpServletResponse httpResp = (HttpServletResponse)resp; if (Log.IsDebugEnabled()) { Log.Debug("Remote address for request is: {}", httpReq.GetRemoteAddr()); } if (!GetProxyAddresses().Contains(httpReq.GetRemoteAddr())) { string redirectUrl = FindRedirectUrl(); string target = redirectUrl + httpReq.GetRequestURI(); ProxyUtils.SendRedirect(httpReq, httpResp, target); return; } string user = null; if (httpReq.GetCookies() != null) { foreach (Cookie c in httpReq.GetCookies()) { if (WebAppProxyServlet.ProxyUserCookieName.Equals(c.GetName())) { user = c.GetValue(); break; } } } if (user == null) { if (Log.IsDebugEnabled()) { Log.Debug("Could not find " + WebAppProxyServlet.ProxyUserCookieName + " cookie, so user will not be set" ); } chain.DoFilter(req, resp); } else { AmIpPrincipal principal = new AmIpPrincipal(user); ServletRequest requestWrapper = new AmIpServletRequestWrapper(httpReq, principal); chain.DoFilter(requestWrapper, resp); } }
/// <exception cref="Javax.Servlet.ServletException"/> /// <exception cref="System.IO.IOException"/> protected override void DoGet(HttpServletRequest req, HttpServletResponse resp) { UserGroupInformation ugi; ServletContext context = GetServletContext(); Configuration conf = NameNodeHttpServer.GetConfFromContext(context); try { ugi = GetUGI(req, conf); } catch (IOException ioe) { Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr (), ioe); resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user" ); return; } Log.Info("Sending token: {" + ugi.GetUserName() + "," + req.GetRemoteAddr() + "}" ); NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context); string renewer = req.GetParameter(Renewer); string renewerFinal = (renewer == null) ? req.GetUserPrincipal().GetName() : renewer; DataOutputStream dos = null; try { dos = new DataOutputStream(resp.GetOutputStream()); DataOutputStream dosFinal = dos; // for doAs block ugi.DoAs(new _PrivilegedExceptionAction_69(nn, ugi, renewerFinal, dosFinal)); } catch (Exception e) { Log.Info("Exception while sending token. Re-throwing ", e); resp.SendError(HttpServletResponse.ScInternalServerError); } finally { if (dos != null) { dos.Close(); } } }
private string GetRemoteAddr(string clientAddr, string proxyAddr, bool trusted) { HttpServletRequest req = Org.Mockito.Mockito.Mock <HttpServletRequest>(); Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn("1.2.3.4"); Configuration conf = new Configuration(); if (proxyAddr == null) { Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn(clientAddr); } else { Org.Mockito.Mockito.When(req.GetRemoteAddr()).ThenReturn(proxyAddr); Org.Mockito.Mockito.When(req.GetHeader("X-Forwarded-For")).ThenReturn(clientAddr); if (trusted) { conf.Set(ProxyServers.ConfHadoopProxyservers, proxyAddr); } } ProxyUsers.RefreshSuperUserGroupsConfiguration(conf); return(JspHelper.GetRemoteAddr(req)); }
// honor the X-Forwarded-For header set by a configured set of trusted // proxy servers. allows audit logging and proxy user checks to work // via an http proxy public static string GetRemoteAddr(HttpServletRequest request) { string remoteAddr = request.GetRemoteAddr(); string proxyHeader = request.GetHeader("X-Forwarded-For"); if (proxyHeader != null && ProxyServers.IsProxyServer(remoteAddr)) { string clientAddr = proxyHeader.Split(",")[0].Trim(); if (!clientAddr.IsEmpty()) { remoteAddr = clientAddr; } } return(remoteAddr); }
/// <exception cref="Javax.Servlet.ServletException"/> /// <exception cref="System.IO.IOException"/> protected override void DoGet(HttpServletRequest req, HttpServletResponse resp) { UserGroupInformation ugi; ServletContext context = GetServletContext(); Configuration conf = NameNodeHttpServer.GetConfFromContext(context); try { ugi = GetUGI(req, conf); } catch (IOException ioe) { Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr (), ioe); resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user" ); return; } NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context); string tokenString = req.GetParameter(Token); if (tokenString == null) { resp.SendError(HttpServletResponse.ScMultipleChoices, "Token to renew not specified" ); } Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>(); token.DecodeFromUrlString(tokenString); try { long result = ugi.DoAs(new _PrivilegedExceptionAction_73(nn, token)); PrintWriter os = new PrintWriter(new OutputStreamWriter(resp.GetOutputStream(), Charsets .Utf8)); os.WriteLine(result); os.Close(); } catch (Exception e) { // transfer exception over the http string exceptionClass = e.GetType().FullName; string exceptionMsg = e.GetLocalizedMessage(); string strException = exceptionClass + ";" + exceptionMsg; Log.Info("Exception while renewing token. Re-throwing. s=" + strException, e); resp.SendError(HttpServletResponse.ScInternalServerError, strException); } }
/// <summary>Handle fsck request</summary> /// <exception cref="System.IO.IOException"/> protected override void DoGet(HttpServletRequest request, HttpServletResponse response ) { IDictionary <string, string[]> pmap = request.GetParameterMap(); PrintWriter @out = response.GetWriter(); IPAddress remoteAddress = Sharpen.Extensions.GetAddressByName(request.GetRemoteAddr ()); ServletContext context = GetServletContext(); Configuration conf = NameNodeHttpServer.GetConfFromContext(context); UserGroupInformation ugi = GetUGI(request, conf); try { ugi.DoAs(new _PrivilegedExceptionAction_58(context, conf, pmap, @out, remoteAddress )); } catch (Exception e) { response.SendError(400, e.Message); } }
/// <exception cref="System.Exception"/> public virtual void FilterNullCookies() { HttpServletRequest request = Org.Mockito.Mockito.Mock <HttpServletRequest>(); Org.Mockito.Mockito.When(request.GetCookies()).ThenReturn(null); Org.Mockito.Mockito.When(request.GetRemoteAddr()).ThenReturn(proxyHost); HttpServletResponse response = Org.Mockito.Mockito.Mock <HttpServletResponse>(); AtomicBoolean invoked = new AtomicBoolean(); FilterChain chain = new _FilterChain_104(invoked); IDictionary <string, string> @params = new Dictionary <string, string>(); @params[AmIpFilter.ProxyHost] = proxyHost; @params[AmIpFilter.ProxyUriBase] = proxyUri; FilterConfig conf = new TestAmFilter.DummyFilterConfig(@params); Filter filter = new TestAmFilter.TestAmIpFilter(this); filter.Init(conf); filter.DoFilter(request, response, chain); NUnit.Framework.Assert.IsTrue(invoked.Get()); filter.Destroy(); }
/// <exception cref="Javax.Servlet.ServletException"/> /// <exception cref="System.IO.IOException"/> protected override void DoGet(HttpServletRequest req, HttpServletResponse resp) { UserGroupInformation ugi; ServletContext context = GetServletContext(); Configuration conf = NameNodeHttpServer.GetConfFromContext(context); try { ugi = GetUGI(req, conf); } catch (IOException ioe) { Log.Info("Request for token received with no authentication from " + req.GetRemoteAddr (), ioe); resp.SendError(HttpServletResponse.ScForbidden, "Unable to identify or authenticate user" ); return; } NameNode nn = NameNodeHttpServer.GetNameNodeFromContext(context); string tokenString = req.GetParameter(Token); if (tokenString == null) { resp.SendError(HttpServletResponse.ScMultipleChoices, "Token to renew not specified" ); } Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier> token = new Org.Apache.Hadoop.Security.Token.Token <DelegationTokenIdentifier>(); token.DecodeFromUrlString(tokenString); try { ugi.DoAs(new _PrivilegedExceptionAction_70(nn, token)); } catch (Exception e) { Log.Info("Exception while cancelling token. Re-throwing. ", e); resp.SendError(HttpServletResponse.ScInternalServerError, e.Message); } }
/// <exception cref="System.IO.IOException"/> private bool CheckStorageInfoOrSendError(JNStorage storage, HttpServletRequest request , HttpServletResponse response) { int myNsId = storage.GetNamespaceID(); string myClusterId = storage.GetClusterID(); string theirStorageInfoString = StringEscapeUtils.EscapeHtml(request.GetParameter (StorageinfoParam)); if (theirStorageInfoString != null) { int theirNsId = StorageInfo.GetNsIdFromColonSeparatedString(theirStorageInfoString ); string theirClusterId = StorageInfo.GetClusterIdFromColonSeparatedString(theirStorageInfoString ); if (myNsId != theirNsId || !myClusterId.Equals(theirClusterId)) { string msg = "This node has namespaceId '" + myNsId + " and clusterId '" + myClusterId + "' but the requesting node expected '" + theirNsId + "' and '" + theirClusterId + "'"; response.SendError(HttpServletResponse.ScForbidden, msg); Log.Warn("Received an invalid request file transfer request from " + request.GetRemoteAddr () + ": " + msg); return(false); } } return(true); }
public virtual Response Put(InputStream @is, UriInfo uriInfo, string path, HttpFSParametersProvider.OperationParam op, Parameters @params, HttpServletRequest request) { UserGroupInformation user = HttpUserGroupInformation.Get(); Response response; path = MakeAbsolute(path); MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString()); MDC.Put("hostname", request.GetRemoteAddr()); switch (op.Value()) { case HttpFSFileSystem.Operation.Create: { bool hasData = @params.Get <HttpFSParametersProvider.DataParam>(HttpFSParametersProvider.DataParam .Name); if (!hasData) { response = Response.TemporaryRedirect(CreateUploadRedirectionURL(uriInfo, HttpFSFileSystem.Operation .Create)).Build(); } else { short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam .Name); bool @override = @params.Get <HttpFSParametersProvider.OverwriteParam>(HttpFSParametersProvider.OverwriteParam .Name); short replication = @params.Get <HttpFSParametersProvider.ReplicationParam>(HttpFSParametersProvider.ReplicationParam .Name); long blockSize = @params.Get <HttpFSParametersProvider.BlockSizeParam>(HttpFSParametersProvider.BlockSizeParam .Name); FSOperations.FSCreate command = new FSOperations.FSCreate(@is, path, permission, @override, replication, blockSize); FsExecute(user, command); AuditLog.Info("[{}] permission [{}] override [{}] replication [{}] blockSize [{}]" , new object[] { path, permission, @override, replication, blockSize }); response = Response.Status(Response.Status.Created).Build(); } break; } case HttpFSFileSystem.Operation.Setxattr: { string xattrName = @params.Get <HttpFSParametersProvider.XAttrNameParam>(HttpFSParametersProvider.XAttrNameParam .Name); string xattrValue = @params.Get <HttpFSParametersProvider.XAttrValueParam>(HttpFSParametersProvider.XAttrValueParam .Name); EnumSet <XAttrSetFlag> flag = @params.Get <HttpFSParametersProvider.XAttrSetFlagParam >(HttpFSParametersProvider.XAttrSetFlagParam.Name); FSOperations.FSSetXAttr command = new FSOperations.FSSetXAttr(path, xattrName, xattrValue , flag); FsExecute(user, command); AuditLog.Info("[{}] to xAttr [{}]", path, xattrName); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Removexattr: { string xattrName = @params.Get <HttpFSParametersProvider.XAttrNameParam>(HttpFSParametersProvider.XAttrNameParam .Name); FSOperations.FSRemoveXAttr command = new FSOperations.FSRemoveXAttr(path, xattrName ); FsExecute(user, command); AuditLog.Info("[{}] removed xAttr [{}]", path, xattrName); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Mkdirs: { short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam .Name); FSOperations.FSMkdirs command = new FSOperations.FSMkdirs(path, permission); JSONObject json = FsExecute(user, command); AuditLog.Info("[{}] permission [{}]", path, permission); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Rename: { string toPath = @params.Get <HttpFSParametersProvider.DestinationParam>(HttpFSParametersProvider.DestinationParam .Name); FSOperations.FSRename command = new FSOperations.FSRename(path, toPath); JSONObject json = FsExecute(user, command); AuditLog.Info("[{}] to [{}]", path, toPath); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Setowner: { string owner = @params.Get <HttpFSParametersProvider.OwnerParam>(HttpFSParametersProvider.OwnerParam .Name); string group = @params.Get <HttpFSParametersProvider.GroupParam>(HttpFSParametersProvider.GroupParam .Name); FSOperations.FSSetOwner command = new FSOperations.FSSetOwner(path, owner, group); FsExecute(user, command); AuditLog.Info("[{}] to (O/G)[{}]", path, owner + ":" + group); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Setpermission: { short permission = @params.Get <HttpFSParametersProvider.PermissionParam>(HttpFSParametersProvider.PermissionParam .Name); FSOperations.FSSetPermission command = new FSOperations.FSSetPermission(path, permission ); FsExecute(user, command); AuditLog.Info("[{}] to [{}]", path, permission); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Setreplication: { short replication = @params.Get <HttpFSParametersProvider.ReplicationParam>(HttpFSParametersProvider.ReplicationParam .Name); FSOperations.FSSetReplication command = new FSOperations.FSSetReplication(path, replication ); JSONObject json = FsExecute(user, command); AuditLog.Info("[{}] to [{}]", path, replication); response = Response.Ok(json).Build(); break; } case HttpFSFileSystem.Operation.Settimes: { long modifiedTime = @params.Get <HttpFSParametersProvider.ModifiedTimeParam>(HttpFSParametersProvider.ModifiedTimeParam .Name); long accessTime = @params.Get <HttpFSParametersProvider.AccessTimeParam>(HttpFSParametersProvider.AccessTimeParam .Name); FSOperations.FSSetTimes command = new FSOperations.FSSetTimes(path, modifiedTime, accessTime); FsExecute(user, command); AuditLog.Info("[{}] to (M/A)[{}]", path, modifiedTime + ":" + accessTime); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Setacl: { string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam .Name); FSOperations.FSSetAcl command = new FSOperations.FSSetAcl(path, aclSpec); FsExecute(user, command); AuditLog.Info("[{}] to acl [{}]", path, aclSpec); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Removeacl: { FSOperations.FSRemoveAcl command = new FSOperations.FSRemoveAcl(path); FsExecute(user, command); AuditLog.Info("[{}] removed acl", path); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Modifyaclentries: { string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam .Name); FSOperations.FSModifyAclEntries command = new FSOperations.FSModifyAclEntries(path , aclSpec); FsExecute(user, command); AuditLog.Info("[{}] modify acl entry with [{}]", path, aclSpec); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Removeaclentries: { string aclSpec = @params.Get <HttpFSParametersProvider.AclPermissionParam>(HttpFSParametersProvider.AclPermissionParam .Name); FSOperations.FSRemoveAclEntries command = new FSOperations.FSRemoveAclEntries(path , aclSpec); FsExecute(user, command); AuditLog.Info("[{}] remove acl entry [{}]", path, aclSpec); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Removedefaultacl: { FSOperations.FSRemoveDefaultAcl command = new FSOperations.FSRemoveDefaultAcl(path ); FsExecute(user, command); AuditLog.Info("[{}] remove default acl", path); response = Response.Ok().Build(); break; } default: { throw new IOException(MessageFormat.Format("Invalid HTTP PUT operation [{0}]", op .Value())); } } return(response); }
public virtual Response Post(InputStream @is, UriInfo uriInfo, string path, HttpFSParametersProvider.OperationParam op, Parameters @params, HttpServletRequest request) { UserGroupInformation user = HttpUserGroupInformation.Get(); Response response; path = MakeAbsolute(path); MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString()); MDC.Put("hostname", request.GetRemoteAddr()); switch (op.Value()) { case HttpFSFileSystem.Operation.Append: { bool hasData = @params.Get <HttpFSParametersProvider.DataParam>(HttpFSParametersProvider.DataParam .Name); if (!hasData) { response = Response.TemporaryRedirect(CreateUploadRedirectionURL(uriInfo, HttpFSFileSystem.Operation .Append)).Build(); } else { FSOperations.FSAppend command = new FSOperations.FSAppend(@is, path); FsExecute(user, command); AuditLog.Info("[{}]", path); response = Response.Ok().Type(MediaType.ApplicationJson).Build(); } break; } case HttpFSFileSystem.Operation.Concat: { System.Console.Out.WriteLine("HTTPFS SERVER CONCAT"); string sources = @params.Get <HttpFSParametersProvider.SourcesParam>(HttpFSParametersProvider.SourcesParam .Name); FSOperations.FSConcat command = new FSOperations.FSConcat(path, sources.Split("," )); FsExecute(user, command); AuditLog.Info("[{}]", path); System.Console.Out.WriteLine("SENT RESPONSE"); response = Response.Ok().Build(); break; } case HttpFSFileSystem.Operation.Truncate: { long newLength = @params.Get <HttpFSParametersProvider.NewLengthParam>(HttpFSParametersProvider.NewLengthParam .Name); FSOperations.FSTruncate command = new FSOperations.FSTruncate(path, newLength); JSONObject json = FsExecute(user, command); AuditLog.Info("Truncate [{}] to length [{}]", path, newLength); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } default: { throw new IOException(MessageFormat.Format("Invalid HTTP POST operation [{0}]", op .Value())); } } return(response); }
public virtual Response Get(string path, HttpFSParametersProvider.OperationParam op, Parameters @params, HttpServletRequest request) { UserGroupInformation user = HttpUserGroupInformation.Get(); Response response; path = MakeAbsolute(path); MDC.Put(HttpFSFileSystem.OpParam, op.Value().ToString()); MDC.Put("hostname", request.GetRemoteAddr()); switch (op.Value()) { case HttpFSFileSystem.Operation.Open: { //Invoking the command directly using an unmanaged FileSystem that is // released by the FileSystemReleaseFilter FSOperations.FSOpen command = new FSOperations.FSOpen(path); FileSystem fs = CreateFileSystem(user); InputStream @is = command.Execute(fs); long offset = @params.Get <HttpFSParametersProvider.OffsetParam>(HttpFSParametersProvider.OffsetParam .Name); long len = @params.Get <HttpFSParametersProvider.LenParam>(HttpFSParametersProvider.LenParam .Name); AuditLog.Info("[{}] offset [{}] len [{}]", new object[] { path, offset, len }); InputStreamEntity entity = new InputStreamEntity(@is, offset, len); response = Response.Ok(entity).Type(MediaType.ApplicationOctetStream).Build(); break; } case HttpFSFileSystem.Operation.Getfilestatus: { FSOperations.FSFileStatus command = new FSOperations.FSFileStatus(path); IDictionary json = FsExecute(user, command); AuditLog.Info("[{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Liststatus: { string filter = @params.Get <HttpFSParametersProvider.FilterParam>(HttpFSParametersProvider.FilterParam .Name); FSOperations.FSListStatus command = new FSOperations.FSListStatus(path, filter); IDictionary json = FsExecute(user, command); AuditLog.Info("[{}] filter [{}]", path, (filter != null) ? filter : "-"); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Gethomedirectory: { EnforceRootPath(op.Value(), path); FSOperations.FSHomeDir command = new FSOperations.FSHomeDir(); JSONObject json = FsExecute(user, command); AuditLog.Info(string.Empty); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Instrumentation: { EnforceRootPath(op.Value(), path); Groups groups = HttpFSServerWebApp.Get().Get <Groups>(); IList <string> userGroups = groups.GetGroups(user.GetShortUserName()); if (!userGroups.Contains(HttpFSServerWebApp.Get().GetAdminGroup())) { throw new AccessControlException("User not in HttpFSServer admin group"); } Instrumentation instrumentation = HttpFSServerWebApp.Get().Get <Instrumentation>(); IDictionary snapshot = instrumentation.GetSnapshot(); response = Response.Ok(snapshot).Build(); break; } case HttpFSFileSystem.Operation.Getcontentsummary: { FSOperations.FSContentSummary command = new FSOperations.FSContentSummary(path); IDictionary json = FsExecute(user, command); AuditLog.Info("[{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Getfilechecksum: { FSOperations.FSFileChecksum command = new FSOperations.FSFileChecksum(path); IDictionary json = FsExecute(user, command); AuditLog.Info("[{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Getfileblocklocations: { response = Response.Status(Response.Status.BadRequest).Build(); break; } case HttpFSFileSystem.Operation.Getaclstatus: { FSOperations.FSAclStatus command = new FSOperations.FSAclStatus(path); IDictionary json = FsExecute(user, command); AuditLog.Info("ACL status for [{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Getxattrs: { IList <string> xattrNames = @params.GetValues <HttpFSParametersProvider.XAttrNameParam >(HttpFSParametersProvider.XAttrNameParam.Name); XAttrCodec encoding = @params.Get <HttpFSParametersProvider.XAttrEncodingParam>(HttpFSParametersProvider.XAttrEncodingParam .Name); FSOperations.FSGetXAttrs command = new FSOperations.FSGetXAttrs(path, xattrNames, encoding); IDictionary json = FsExecute(user, command); AuditLog.Info("XAttrs for [{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } case HttpFSFileSystem.Operation.Listxattrs: { FSOperations.FSListXAttrs command = new FSOperations.FSListXAttrs(path); IDictionary json = FsExecute(user, command); AuditLog.Info("XAttr names for [{}]", path); response = Response.Ok(json).Type(MediaType.ApplicationJson).Build(); break; } default: { throw new IOException(MessageFormat.Format("Invalid HTTP GET operation [{0}]", op .Value())); } } return(response); }