[jira] [Updated] (HDFS-5673) Implement logic for modification of ACLs.

Chris Nauroth (JIRA) Tue, 17 Dec 2013 16:28:12 -0800

     [ 
https://issues.apache.org/jira/browse/HDFS-5673?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Chris Nauroth updated HDFS-5673:
--------------------------------

    Attachment: HDFS-5673.1.patch

I'm attaching the patch that implements the core ACL modification logic.  This 
turned out to be some fairly tricky logic.  It's probably the most complex 
logic in the HDFS ACLs project (certainly a lot more complex than the 
permission enforcement is going to be).

{{Acl}} - This class is back.  This time, it's private to HDFS, intended for 
use inside the namenode.  It's mostly the same as the old version that we used 
to have in Common before the API changes, but with the addition of a few more 
helper methods.

{{AclTransformation}} - This class defines the 5 different operations that can 
change an ACL.  There are quite a few edge cases to consider related to 
validation rules, mask calculation and inferring default entries if not 
specified.  I needed multiple readings of the POSIX ACL docs to fully 
understand all of the edge cases.

http://users.suse.com/~agruen/acl/linux-acls/online/

{{TestAclTransformation}} - Approximately 2/3 of this patch is tests.  For 
every test in this suite, I've run the same scenario against Linux 
setfacl/getfacl to confirm that the {{AclTransformation}} code yields the same 
result.  I ran a coverage report, and I saw 100% coverage of the new code in 
this patch.


> Implement logic for modification of ACLs.
> -----------------------------------------
>
>                 Key: HDFS-5673
>                 URL: https://issues.apache.org/jira/browse/HDFS-5673
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-5673.1.patch
>
>
> This patch will include the core logic for modification of ACLs.  This 
> includes support for all user-facing APIs that modify ACLs.  This will cover 
> access ACLs, default ACLs, automatic mask calculations, automatic inference 
> of unprovided default ACL entries, and validation to prevent creation of an 
> invalid ACL.



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

[jira] [Updated] (HDFS-5673) Implement logic for modification of ACLs.

Reply via email to