[ https://issues.apache.org/jira/browse/HDFS-12147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16091091#comment-16091091 ]
Weiwei Yang edited comment on HDFS-12147 at 7/18/17 4:34 AM: ------------------------------------------------------------- Hi [~nandakumar131], [~vagarychen] I am a bit confused with this patch. 1. Why the checkBucketAccess is exposed as a RPC call in KSM? Is it something that should be done internally in KSM while read/write/delete keys in a bucket? I am not sure why this is necessary to be exposed via {{KeySpaceManagerProtocol}}. 2. {{OzoneMetadataManager#checkBucketAccess}} loads the acls of a bucket from KSM db and compare that to the value passing by argument {{OzoneAcl}}, why we are comparing OzoneAcl ? I thought OzoneAcl was used to verify if a given user/group have a particular permission, e.g we could have OzoneAcl like following {{user:bilbo:rw}} which means user {{bilbo}} has read as well as write permission to the bucket. So it's pretty nature to check against user and group name. I don't understand the check in line 843 - 853, can you elaborate please ? Thank you. was (Author: cheersyang): Hi [~nandakumar131], [~vagarychen] I am a bit confused with this patch. 1. Why the checkBucketAccess is exposed as a RPC call in KSM? Is it something that should be done internally in KSM while read/write/delete keys in a bucket? I am not sure why this is necessary to be exposed via {{KeySpaceManagerProtocol}}. 2. {{OzoneMetadataManager#checkBucketAccess}} loads the acls of a bucket from KSM db and compare that to the value passing by argument {{OzoneAcl}}, why we are comparing OzoneAcl ? I thought OzoneAcl was used to verify if a given user/group have a particular permission, e.g we could have OzoneAcl like following user:bilbo:rw which means user {{bilbo}} has read as well as write permission to the bucket. So it's pretty nature to check against user and group name. I don't understand the check in line 843 - 853, can you elaborate please ? Thank you. > Ozone: KSM: Add checkBucketAccess > --------------------------------- > > Key: HDFS-12147 > URL: https://issues.apache.org/jira/browse/HDFS-12147 > Project: Hadoop HDFS > Issue Type: Sub-task > Components: ozone > Reporter: Nandakumar > Assignee: Nandakumar > Attachments: HDFS-12147-HDFS-7240.000.patch, > HDFS-12147-HDFS-7240.001.patch > > > Checks if the caller has access to a given bucket. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org