[
https://issues.apache.org/jira/browse/HDFS-12147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16091091#comment-16091091
]
Weiwei Yang edited comment on HDFS-12147 at 7/18/17 4:34 AM:
-------------------------------------------------------------
Hi [~nandakumar131], [~vagarychen]
I am a bit confused with this patch.
1. Why the checkBucketAccess is exposed as a RPC call in KSM? Is it something
that should be done internally in KSM while read/write/delete keys in a bucket?
I am not sure why this is necessary to be exposed via
{{KeySpaceManagerProtocol}}.
2. {{OzoneMetadataManager#checkBucketAccess}} loads the acls of a bucket from
KSM db and compare that to the value passing by argument {{OzoneAcl}}, why we
are comparing OzoneAcl ? I thought OzoneAcl was used to verify if a given
user/group have a particular permission, e.g we could have OzoneAcl like
following
{{user:bilbo:rw}}
which means user {{bilbo}} has read as well as write permission to the bucket.
So it's pretty nature to check against user and group name. I don't understand
the check in line 843 - 853, can you elaborate please ?
Thank you.
was (Author: cheersyang):
Hi [~nandakumar131], [~vagarychen]
I am a bit confused with this patch.
1. Why the checkBucketAccess is exposed as a RPC call in KSM? Is it something
that should be done internally in KSM while read/write/delete keys in a bucket?
I am not sure why this is necessary to be exposed via
{{KeySpaceManagerProtocol}}.
2. {{OzoneMetadataManager#checkBucketAccess}} loads the acls of a bucket from
KSM db and compare that to the value passing by argument {{OzoneAcl}}, why we
are comparing OzoneAcl ? I thought OzoneAcl was used to verify if a given
user/group have a particular permission, e.g we could have OzoneAcl like
following
user:bilbo:rw
which means user {{bilbo}} has read as well as write permission to the bucket.
So it's pretty nature to check against user and group name. I don't understand
the check in line 843 - 853, can you elaborate please ?
Thank you.
> Ozone: KSM: Add checkBucketAccess
> ---------------------------------
>
> Key: HDFS-12147
> URL: https://issues.apache.org/jira/browse/HDFS-12147
> Project: Hadoop HDFS
> Issue Type: Sub-task
> Components: ozone
> Reporter: Nandakumar
> Assignee: Nandakumar
> Attachments: HDFS-12147-HDFS-7240.000.patch,
> HDFS-12147-HDFS-7240.001.patch
>
>
> Checks if the caller has access to a given bucket.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org
