[
https://issues.apache.org/jira/browse/YARN-6727?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16076804#comment-16076804
]
Sunil G commented on YARN-6727:
-------------------------------
bq.+ queue level readlock
{code:title=AbstractCSQueue#hasAccess}
public boolean hasAccess(QueueACL acl, UserGroupInformation user) {
return authorizer.checkPermission(
new AccessRequest(queueEntity, user, SchedulerUtils.toAccessType(acl),
null, null, Server.getRemoteAddress(), null));
}
{code}
We are currently invoking authorizer.checkPermission directly. So do we need
queue readLock here?
bq.Submission time QUEUE_SUBMIT right we could cache but we need all
Sorry. I could not get you. could you please help to elaborate.
bq.IIUC the refresh interval is about 5/10 min.We dont have direct update or
notifier as of now.
cache invalidate is needed in cases where user's acls are changed in system.
Hence it makes sense.
> Improve getQueueUserAcls API to query for specific queue and user
> ------------------------------------------------------------------
>
> Key: YARN-6727
> URL: https://issues.apache.org/jira/browse/YARN-6727
> Project: Hadoop YARN
> Issue Type: Improvement
> Reporter: Bibin A Chundatt
> Assignee: Bibin A Chundatt
> Attachments: YARN-6727.WIP.patch
>
>
> Currently {{ApplicationClientProtocol#getQueueUserAcls}} return data for all
> the queues available in scheduler for user.
> User wants to know whether he has rights of a particular queue only. For
> systems with 5K queues returning all queues list is not efficient.
> Suggested change: support additional parameters *userName and queueName* as
> optional. Admin user should be able to query other users ACL for a particular
> queueName.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
