[
https://issues.apache.org/jira/browse/HADOOP-14899?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Loughran updated HADOOP-14899:
------------------------------------
Attachment: HADOOP-14899-005.patch
+1
I've been reviewing related patches I now understand what the code is trying to
do, and how to run the tests. I'm happy with it, with some final tweaks to go
past yetus before I commit, mostly in the test code.
HADOOP-14899 patch 005
* use Preconditions. to do the argument checking in isAllowedUser
* factor out assertOwnerEquals, assertPermissionEquals in tests; include
file status in assertion text
* marked variables used in runnables as final, so Java 7 compilation should
be straightforward.
* some minor IDE-suggested tweaks
Testing: All the auth tests, Azure ireland; auth enabled
{code}
-------------------------------------------------------
T E S T S
-------------------------------------------------------
Running org.apache.hadoop.fs.azure.ITestNativeAzureFSAuthorizationCaching
Tests run: 46, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 110.543 sec -
in org.apache.hadoop.fs.azure.ITestNativeAzureFSAuthorizationCaching
Running org.apache.hadoop.fs.azure.ITestNativeAzureFSAuthWithBlobSpecificKeys
Tests run: 45, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 98.376 sec -
in org.apache.hadoop.fs.azure.ITestNativeAzureFSAuthWithBlobSpecificKeys
Running org.apache.hadoop.fs.azure.TestNativeAzureFileSystemAuthorization
Tests run: 45, Failures: 0, Errors: 0, Skipped: 0, Time elapsed: 98.405 sec -
in org.apache.hadoop.fs.azure.TestNativeAzureFileSystemAuthorization
Results :
Tests run: 136, Failures: 0, Errors: 0, Skipped: 0
{code}
> Restrict Access to setPermission operation when authorization is enabled in
> WASB
> --------------------------------------------------------------------------------
>
> Key: HADOOP-14899
> URL: https://issues.apache.org/jira/browse/HADOOP-14899
> Project: Hadoop Common
> Issue Type: Sub-task
> Components: fs/azure
> Reporter: Kannapiran Srinivasan
> Assignee: Kannapiran Srinivasan
> Labels: fs, secure, wasb
> Attachments: HADOOP-14899-001.patch, HADOOP-14899-002.patch,
> HADOOP-14899-003.patch, HADOOP-14899-004.patch, HADOOP-14899-005.patch
>
>
> In case of authorization enabled Wasb clusters, we need to restrict setting
> permissions on files or folders to owner or list of privileged users.
> Currently in the WASB implementation even when authorization is enabled there
> is no check happens while doing setPermission call. In this JIRA we would
> like to add the check on the setPermission call in NativeAzureFileSystem
> implementation so that only owner or the privileged list of users or daemon
> users can change the permissions of files/folders
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
