fmorg-git commented on code in PR #9484:
URL: https://github.com/apache/ozone/pull/9484#discussion_r2632026319
##########
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OmMetadataReader.java:
##########
@@ -613,6 +617,34 @@ public boolean checkAcls(OzoneObj obj, RequestContext
context,
}
}
+ /**
+ * Attaches session policy to RequestContext if an STSTokenIdentifier is
found in the Ozone Manager thread local
+ * (meaning this is an STS request), and the STSTokenIdentifier has a
session policy. Otherwise, returns the
+ * RequestContext as it was before.
+ * @param context the original RequestContext
+ * @return RequestContext as before or with sessionPolicy embedded
+ */
+ private RequestContext
maybeAttachSessionPolicyFromThreadLocal(RequestContext context) {
+ final STSTokenIdentifier stsTokenIdentifier =
OzoneManager.getStsTokenIdentifier();
+ if (stsTokenIdentifier == null) {
+ return context;
+ }
+
+ final String sessionPolicy = stsTokenIdentifier.getSessionPolicy();
+
+ return RequestContext.newBuilder()
Review Comment:
updated
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
