[
https://issues.apache.org/jira/browse/HDDS-8717?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Hongbing Wang updated HDDS-8717:
--------------------------------
Description:
CheckAcl logic is different when accessing an FSO bucket through different way.
For example,
it passed in:
{noformat}
ozone sh key put vol1/buk-fso/a1/b1/f1 localfile
{noformat}
but permission denied in:
{noformat}
ozone fs -put localfile ofs://hadoop1/vol1/buk-fso/a1/b1/f1
2023-05-29 14:23:44,680 ERROR ozone.BasicRootedOzoneFileSystem: rename key
failed: User whb doesn't have WRITE permission to access volume Volume:vol1
Bucket:buk-fso Key:a1/b1/f1._COPYING_. source:vol1/buk-fso/a1/b1/f1._COPYING_,
destin:vol1/buk-fso/a1/b1/f1
put: User whb doesn't have WRITE permission to access volume Volume:vol1
Bucket:buk-fso Key:vol1/buk-fso/a1/b1/f1._COPYING_
{noformat}
In addition, the error above is unfriendly. In fact, user does not have WRITE
permission for the volume.
> Optimize checkACLsWithFSO to reduce redundant checks
> ----------------------------------------------------
>
> Key: HDDS-8717
> URL: https://issues.apache.org/jira/browse/HDDS-8717
> Project: Apache Ozone
> Issue Type: Bug
> Components: OM
> Affects Versions: 1.3.0
> Reporter: Hongbing Wang
> Assignee: Hongbing Wang
> Priority: Major
>
> CheckAcl logic is different when accessing an FSO bucket through different
> way. For example,
> it passed in:
> {noformat}
> ozone sh key put vol1/buk-fso/a1/b1/f1 localfile
> {noformat}
> but permission denied in:
> {noformat}
> ozone fs -put localfile ofs://hadoop1/vol1/buk-fso/a1/b1/f1
> 2023-05-29 14:23:44,680 ERROR ozone.BasicRootedOzoneFileSystem: rename key
> failed: User whb doesn't have WRITE permission to access volume Volume:vol1
> Bucket:buk-fso Key:a1/b1/f1._COPYING_.
> source:vol1/buk-fso/a1/b1/f1._COPYING_, destin:vol1/buk-fso/a1/b1/f1
> put: User whb doesn't have WRITE permission to access volume Volume:vol1
> Bucket:buk-fso Key:vol1/buk-fso/a1/b1/f1._COPYING_
> {noformat}
> In addition, the error above is unfriendly. In fact, user does not have WRITE
> permission for the volume.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
