This is an automated email from the ASF dual-hosted git repository. msingh pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ozone.git
commit 3d5ad1af3bdf5b90c11d1df1063c02e202c73ea8 Author: Sammi Chen <[email protected]> AuthorDate: Mon Mar 8 16:11:09 2021 +0800 HDDS-4898. ACL is not inherited on multiupload object (#1991) --- .../client/rpc/TestOzoneRpcClientAbstract.java | 27 +++++++++++++++++++++- .../hadoop/ozone/om/request/key/OMKeyRequest.java | 2 +- .../S3InitiateMultipartUploadRequest.java | 8 +++++-- .../S3MultipartUploadCompleteRequest.java | 3 +-- 4 files changed, 34 insertions(+), 6 deletions(-) diff --git a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneRpcClientAbstract.java b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneRpcClientAbstract.java index cd32f4f..21d4bf7 100644 --- a/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneRpcClientAbstract.java +++ b/hadoop-ozone/integration-test/src/test/java/org/apache/hadoop/ozone/client/rpc/TestOzoneRpcClientAbstract.java @@ -2253,10 +2253,35 @@ public abstract class TestOzoneRpcClientAbstract { volume.createBucket(bucketName); OzoneBucket bucket = volume.getBucket(bucketName); + // Add ACL on Bucket + OzoneAcl acl1 = new OzoneAcl(USER, "Monday", ACLType.ALL, DEFAULT); + OzoneAcl acl2 = new OzoneAcl(USER, "Friday", ACLType.ALL, DEFAULT); + OzoneAcl acl3 = new OzoneAcl(USER, "Jan", ACLType.ALL, ACCESS); + OzoneAcl acl4 = new OzoneAcl(USER, "Feb", ACLType.ALL, ACCESS); + bucket.addAcls(acl1); + bucket.addAcls(acl2); + bucket.addAcls(acl3); + bucket.addAcls(acl4); + doMultipartUpload(bucket, keyName, (byte)98); + OzoneObj keyObj = OzoneObjInfo.Builder.newBuilder().setBucketName(bucketName) + .setVolumeName(volumeName).setKeyName(keyName) + .setResType(OzoneObj.ResourceType.KEY) + .setStoreType(OzoneObj.StoreType.OZONE).build(); + List<OzoneAcl> aclList = store.getAcl(keyObj); + // key should inherit bucket's DEFAULT type acl + Assert.assertTrue(aclList.stream().anyMatch( + acl -> acl.getName().equals(acl1.getName()))); + Assert.assertTrue(aclList.stream().anyMatch( + acl -> acl.getName().equals(acl2.getName()))); + + // kye should not inherit bucket's ACCESS type acl + Assert.assertFalse(aclList.stream().anyMatch( + acl -> acl.getName().equals(acl3.getName()))); + Assert.assertFalse(aclList.stream().anyMatch( + acl -> acl.getName().equals(acl4.getName()))); } - @Test public void testMultipartUploadOverride() throws Exception { String volumeName = UUID.randomUUID().toString(); diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java index 814e065..14d8bac 100644 --- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java +++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java @@ -272,7 +272,7 @@ public abstract class OMKeyRequest extends OMClientRequest { .build(); } - private List< OzoneAcl > getAclsForKey(KeyArgs keyArgs, + protected List< OzoneAcl > getAclsForKey(KeyArgs keyArgs, OmBucketInfo bucketInfo, PrefixManager prefixManager) { List<OzoneAcl> acls = new ArrayList<>(); diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3InitiateMultipartUploadRequest.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3InitiateMultipartUploadRequest.java index b5c9fdf..f2df401 100644 --- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3InitiateMultipartUploadRequest.java +++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3InitiateMultipartUploadRequest.java @@ -23,10 +23,10 @@ import com.google.common.base.Preconditions; import org.apache.hadoop.ozone.audit.OMAction; import org.apache.hadoop.ozone.om.OMMetadataManager; import org.apache.hadoop.ozone.om.OzoneManager; +import org.apache.hadoop.ozone.om.helpers.OmBucketInfo; import org.apache.hadoop.ozone.om.helpers.OmKeyInfo; import org.apache.hadoop.ozone.om.helpers.OmKeyLocationInfoGroup; import org.apache.hadoop.ozone.om.helpers.OmMultipartKeyInfo; -import org.apache.hadoop.ozone.om.helpers.OzoneAclUtil; import org.apache.hadoop.ozone.om.ratis.utils.OzoneManagerDoubleBufferHelper; import org.apache.hadoop.ozone.om.request.key.OMKeyRequest; import org.apache.hadoop.ozone.om.request.util.OmResponseUtil; @@ -167,6 +167,9 @@ public class S3InitiateMultipartUploadRequest extends OMKeyRequest { .setUpdateID(transactionLogIndex) .build(); + OmBucketInfo bucketInfo = omMetadataManager.getBucketTable().get( + omMetadataManager.getBucketKey(volumeName, bucketName)); + omKeyInfo = new OmKeyInfo.Builder() .setVolumeName(volumeName) .setBucketName(bucketName) @@ -177,7 +180,8 @@ public class S3InitiateMultipartUploadRequest extends OMKeyRequest { .setReplicationFactor(keyArgs.getFactor()) .setOmKeyLocationInfos(Collections.singletonList( new OmKeyLocationInfoGroup(0, new ArrayList<>()))) - .setAcls(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList())) + .setAcls(getAclsForKey(keyArgs, bucketInfo, + ozoneManager.getPrefixManager())) .setObjectID(objectID) .setUpdateID(transactionLogIndex) .setFileEncryptionInfo(keyArgs.hasFileEncryptionInfo() ? diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3MultipartUploadCompleteRequest.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3MultipartUploadCompleteRequest.java index c4de2fb..62ba930 100644 --- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3MultipartUploadCompleteRequest.java +++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/multipart/S3MultipartUploadCompleteRequest.java @@ -35,7 +35,6 @@ import org.apache.hadoop.ozone.om.helpers.OmKeyInfo; import org.apache.hadoop.ozone.om.helpers.OmKeyLocationInfo; import org.apache.hadoop.ozone.om.helpers.OmKeyLocationInfoGroup; import org.apache.hadoop.ozone.om.helpers.OmMultipartKeyInfo; -import org.apache.hadoop.ozone.om.helpers.OzoneAclUtil; import org.apache.hadoop.ozone.om.ratis.utils.OzoneManagerDoubleBufferHelper; import org.apache.hadoop.ozone.om.request.key.OMKeyRequest; import org.apache.hadoop.ozone.om.request.util.OmResponseUtil; @@ -269,7 +268,7 @@ public class S3MultipartUploadCompleteRequest extends OMKeyRequest { .setFileEncryptionInfo(dbOpenKeyInfo.getFileEncryptionInfo()) .setOmKeyLocationInfos( Collections.singletonList(keyLocationInfoGroup)) - .setAcls(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList())); + .setAcls(dbOpenKeyInfo.getAcls()); // Check if db entry has ObjectID. This check is required because // it is possible that between multipart key uploads and complete, // we had an upgrade. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
