[
https://issues.apache.org/jira/browse/HDFS-14248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tanmoy updated HDFS-14248:
--------------------------
Description:
Currently, the filesystem api in Hadoop exposes all actions (create, delete,
append) to users. There are situations where HDFS users (users of the FS api)
should be allowed to only create/append , but never delete.
HDFS ACLS does not allow such feature at the filesystem layer. Idea is to block
cli access for developers. Improve the FileSystem class to take parameters
while creating the object. Modify the constructor for the FileSystem class ,
such that if userRole = "Dev" , all `delete` and `mv` methods are disabled.
Link to the java file:
[https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java]
was:
Currently, the filesystem api in Hadoop exposes all actions (create, delete,
append) to users. There are situations where HDFS users (users of the FS api)
should be allowed to only create/append , but never delete.
HDFS ACLS does not allow such feature at the filesystem layer. Idea is to block
cli access for developers. Improve the FileSystem class to take parameters
while creating the object. If userRole = "Dev" , then don't expose delete
methods for user.
Link to the java file:
https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java
> FileSystem object can take a parameter to expose all / selected methods
> -----------------------------------------------------------------------
>
> Key: HDFS-14248
> URL: https://issues.apache.org/jira/browse/HDFS-14248
> Project: Hadoop HDFS
> Issue Type: Improvement
> Reporter: Tanmoy
> Priority: Major
>
> Currently, the filesystem api in Hadoop exposes all actions (create, delete,
> append) to users. There are situations where HDFS users (users of the FS api)
> should be allowed to only create/append , but never delete.
> HDFS ACLS does not allow such feature at the filesystem layer. Idea is to
> block cli access for developers. Improve the FileSystem class to take
> parameters while creating the object. Modify the constructor for the
> FileSystem class , such that if userRole = "Dev" , all `delete` and `mv`
> methods are disabled.
>
> Link to the java file:
> [https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java]
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
