[ https://issues.apache.org/jira/browse/HDFS-6570?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jitendra Nath Pandey updated HDFS-6570: --------------------------------------- Attachment: HDFS-6570.5.patch Thanks for catching that Chris. I have made the two changes, and have verified that the test fails without the 'resolvePath' fix and passes with the fix added. > add api that enables checking if a user has certain permissions on a file > ------------------------------------------------------------------------- > > Key: HDFS-6570 > URL: https://issues.apache.org/jira/browse/HDFS-6570 > Project: Hadoop HDFS > Issue Type: Bug > Components: hdfs-client, namenode, webhdfs > Reporter: Thejas M Nair > Assignee: Jitendra Nath Pandey > Attachments: HDFS-6570-prototype.1.patch, HDFS-6570.2.patch, > HDFS-6570.3.patch, HDFS-6570.4.patch, HDFS-6570.5.patch > > > For some of the authorization modes in Hive, the servers in Hive check if a > given user has permissions on a certain file or directory. For example, the > storage based authorization mode allows hive table metadata to be modified > only when the user has access to the corresponding table directory on hdfs. > There are likely to be such use cases outside of Hive as well. > HDFS does not provide an api for such checks. As a result, the logic to check > if a user has permissions on a directory gets replicated in Hive. This > results in duplicate logic and there introduces possibilities for > inconsistencies in the interpretation of the permission model. This becomes a > bigger problem with the complexity of ACL logic. > HDFS should provide an api that provides functionality that is similar to > access function in unistd.h - http://linux.die.net/man/2/access . -- This message was sent by Atlassian JIRA (v6.2#6252)