whbing commented on code in PR #4559: URL: https://github.com/apache/ozone/pull/4559#discussion_r1168723788
########## hadoop-hdds/docs/content/design/volume-management.md: ########## @@ -125,10 +125,11 @@ Note: Sanjay is added to the authors as the original proposal of this approach. * `bucket link` operation creates a link bucket. Links are like regular buckets, stored in DB the same way, but with two new, optional pieces of information: source volume and bucket. (The bucket being referenced by the link is called "source", not "target", to follow symlink terminology.) * Link buckets share the namespace with regular buckets. If a bucket or link with the same name already exists, a `BUCKET_ALREADY_EXISTS` result is returned. * Link buckets are not inherently specific to a user, access is restricted only by ACL. + * Link buckets themselves do not store ACLs. All ACLs operations (eg. addacl/getacl/setacl/removeacl) and checks on the link bucket will be applied to the source bucket. * Links are persistent, ie. they can be used until they are deleted. * Existing bucket operations (info, delete, ACL) work on the link object in the same way as they do on regular buckets. No new link-specific RPC is required. * Links are followed for key operations (list, get, put, etc.). Read permission on the link is required for this. - * Checks for existence of the source bucket, as well as ACL, are performed only when following the link (similar to symlinks). Source bucket is not checked when operating on the link bucket itself (eg. deleting it). This avoids the need for reverse checks for each bucket delete or ACL change. + * Checks for existence of the source bucket are performed only when following the link (similar to symlinks). Source bucket ACL is checked when deleting operating on the link bucket itself (Source bucket is not deleted). Review Comment: > If I remember correctly, currently deleting a normal bucket, it requires the read permission of volume and delete permission of bucket, and bucket should be empty. I think we can follow this permission check rule. As for the bucket should be empty condition, I think this is not required for a link bucket. If `delete ACL` of a link bucket needs to be checked, an option must be added to allow separately setting (eg. `addacl/setacl/removeacl`) `delete ACL` for the link bucket. It may be too complicated, because other ACLs are actually invalid in the link bucket. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
