HDFS-14389. getAclStatus returns incorrect permissions and owner when an iNodeAttributeProvider is configured. Contributed by Stephen O'Donnell.

Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>
(cherry picked from commit c528e427aa6745434672b1c1850738795ad1d6d2)
This commit is contained in:
Stephen O'Donnell 2019-04-04 04:04:08 -07:00 committed by Wei-Chiu Chuang
parent 06cf8ce30f
commit 388f445dde
2 changed files with 37 additions and 5 deletions

View File

@ -163,12 +163,11 @@ class FSDirAclOp {
if (iip.isDotSnapshotDir() && fsd.getINode4DotSnapshot(iip) != null) {
return new AclStatus.Builder().owner("").group("").build();
}
INode inode = FSDirectory.resolveLastINode(iip);
int snapshotId = iip.getPathSnapshotId();
List<AclEntry> acl = AclStorage.readINodeAcl(fsd.getAttributes(iip));
FsPermission fsPermission = inode.getFsPermission(snapshotId);
INodeAttributes inodeAttrs = fsd.getAttributes(iip);
List<AclEntry> acl = AclStorage.readINodeAcl(inodeAttrs);
FsPermission fsPermission = inodeAttrs.getFsPermission();
return new AclStatus.Builder()
.owner(inode.getUserName()).group(inode.getGroupName())
.owner(inodeAttrs.getUserName()).group(inodeAttrs.getGroupName())
.stickyBit(fsPermission.getStickyBit())
.setPermission(fsPermission)
.addEntries(acl).build();

View File

@ -405,4 +405,37 @@ public class TestINodeAttributeProvider {
return null;
});
}
@Test
// HDFS-14389 - Ensure getAclStatus returns the owner, group and permissions
// from the Attribute Provider, and not from HDFS.
public void testGetAclStatusReturnsProviderOwnerPerms() throws Exception {
FileSystem fs = FileSystem.get(miniDFS.getConfiguration(0));
final Path userPath = new Path("/user");
final Path authz = new Path("/user/authz");
final Path authzChild = new Path("/user/authz/child2");
fs.mkdirs(userPath);
fs.setPermission(userPath, new FsPermission(HDFS_PERMISSION));
fs.mkdirs(authz);
fs.setPermission(authz, new FsPermission(HDFS_PERMISSION));
fs.mkdirs(authzChild);
fs.setPermission(authzChild, new FsPermission(HDFS_PERMISSION));
UserGroupInformation ugi = UserGroupInformation.createUserForTesting("u1",
new String[]{"g1"});
ugi.doAs(new PrivilegedExceptionAction<Void>() {
@Override
public Void run() throws Exception {
FileSystem fs = FileSystem.get(miniDFS.getConfiguration(0));
Assert.assertEquals(PROVIDER_PERMISSION,
fs.getFileStatus(authzChild).getPermission().toShort());
Assert.assertEquals("foo", fs.getAclStatus(authzChild).getOwner());
Assert.assertEquals("bar", fs.getAclStatus(authzChild).getGroup());
Assert.assertEquals(PROVIDER_PERMISSION,
fs.getAclStatus(authzChild).getPermission().toShort());
return null;
}
});
}
}