[GitHub] [hadoop] hadoop-yetus commented on a change in pull request #973: HDDS-1611. Evaluate ACL on volume bucket key and prefix to authorize access. Contributed by Ajay Kumar.

Thu, 27 Jun 2019 14:56:48 -0700 

hadoop-yetus commented on a change in pull request #973: HDDS-1611. Evaluate 
ACL on volume bucket key and prefix to authorize access. Contributed by Ajay 
Kumar.
URL: https://github.com/apache/hadoop/pull/973#discussion_r298385855
 
 

 ##########
 File path: hadoop-ozone/dist/src/main/smoketest/security/ozone-secure-fs.robot
 ##########
 @@ -91,7 +91,41 @@ Test key Acls
     ${result} =     Execute             ozone sh key removeacl 
${volume3}/bk1/key1 -a user:superuser1:xy
     ${result} =     Execute             ozone sh key getacl ${volume3}/bk1/key1
     Should Match Regexp                 ${result}       \"type\" : 
\"USER\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"READ\", \"WRITE\"
-    ${result} =     Execute             ozone sh key setacl 
${volume3}/bk1/key1 -al user:superuser1:rwxy,group:superuser1:a
+    ${result} =     Execute             ozone sh key setacl 
${volume3}/bk1/key1 -al 
user:superuser1:rwxy,group:superuser1:a,user:testuser/[email protected]:rwxyc
     ${result} =     Execute             ozone sh key getacl ${volume3}/bk1/key1
     Should Match Regexp                 ${result}       \"type\" : 
\"USER\",\n.*\"name\" : \"superuser1*\",\n.*\"aclList\" : . \"READ\", 
\"WRITE\", \"READ_ACL\", \"WRITE_ACL\"
-    Should Match Regexp                 ${result}       \"type\" : 
\"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
\ No newline at end of file
+    Should Match Regexp                 ${result}       \"type\" : 
\"GROUP\",\n.*\"name\" : \"superuser1\",\n.*\"aclList\" : . \"ALL\"
+
+Test native authorizer
+    Execute         ozone sh volume removeacl ${volume3} -a group:root:a
+    Execute         kdestroy
+    Run Keyword     Kinit test user     testuser2    testuser2.keytab
+    ${result} =     Execute And Ignore Error         ozone sh bucket list 
/${volume3}/    
 
 Review comment:
   whitespace:end of line
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
[email protected]


With regards,
Apache Git Services

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to