HDFS-6741. Improve permission denied message when FSPermissionChecker#checkOwner fails. Contributed by Stephen Chu and Harsh J. (harsh)
This commit is contained in:
parent
2e156f01a2
commit
9548bb360b
|
@ -60,6 +60,9 @@ Release 2.7.0 - UNRELEASED
|
|||
|
||||
BUG FIXES
|
||||
|
||||
HDFS-6741. Improve permission denied message when
|
||||
FSPermissionChecker#checkOwner fails (Stephen Chu and harsh).
|
||||
|
||||
HDFS-6538. Comment format error in ShortCircuitRegistry javadoc.
|
||||
(David Luo via harsh).
|
||||
|
||||
|
|
|
@ -198,7 +198,9 @@ class FSPermissionChecker {
|
|||
if (inode != null && user.equals(inode.getUserName(snapshotId))) {
|
||||
return;
|
||||
}
|
||||
throw new AccessControlException("Permission denied");
|
||||
throw new AccessControlException(
|
||||
"Permission denied. user="
|
||||
+ user + " is not the owner of inode=" + inode);
|
||||
}
|
||||
|
||||
/** Guarded by {@link FSNamesystem#readLock()} */
|
||||
|
|
|
@ -443,7 +443,11 @@ public class TestDFSPermission {
|
|||
fs.access(p1, FsAction.WRITE);
|
||||
fail("The access call should have failed.");
|
||||
} catch (AccessControlException e) {
|
||||
// expected
|
||||
assertTrue("Permission denied messages must carry the username",
|
||||
e.getMessage().contains(USER1_NAME));
|
||||
assertTrue("Permission denied messages must carry the path parent",
|
||||
e.getMessage().contains(
|
||||
p1.getParent().toUri().getPath()));
|
||||
}
|
||||
|
||||
Path badPath = new Path("/bad/bad");
|
||||
|
@ -473,7 +477,11 @@ public class TestDFSPermission {
|
|||
fs.access(p2, FsAction.EXECUTE);
|
||||
fail("The access call should have failed.");
|
||||
} catch (AccessControlException e) {
|
||||
// expected
|
||||
assertTrue("Permission denied messages must carry the username",
|
||||
e.getMessage().contains(USER1_NAME));
|
||||
assertTrue("Permission denied messages must carry the path parent",
|
||||
e.getMessage().contains(
|
||||
p2.getParent().toUri().getPath()));
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -494,7 +502,11 @@ public class TestDFSPermission {
|
|||
fs.access(p3, FsAction.READ_WRITE);
|
||||
fail("The access call should have failed.");
|
||||
} catch (AccessControlException e) {
|
||||
// expected
|
||||
assertTrue("Permission denied messages must carry the username",
|
||||
e.getMessage().contains(USER1_NAME));
|
||||
assertTrue("Permission denied messages must carry the path parent",
|
||||
e.getMessage().contains(
|
||||
p3.getParent().toUri().getPath()));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -33,6 +33,7 @@ import static org.apache.hadoop.fs.permission.FsAction.WRITE;
|
|||
import static org.apache.hadoop.fs.permission.FsAction.WRITE_EXECUTE;
|
||||
import static org.apache.hadoop.hdfs.server.namenode.AclTestHelpers.aclEntry;
|
||||
import static org.junit.Assert.fail;
|
||||
import static org.junit.Assert.assertTrue;
|
||||
import static org.mockito.Matchers.any;
|
||||
import static org.mockito.Mockito.doAnswer;
|
||||
import static org.mockito.Mockito.mock;
|
||||
|
@ -41,6 +42,7 @@ import java.io.IOException;
|
|||
import java.util.Arrays;
|
||||
|
||||
import org.apache.hadoop.conf.Configuration;
|
||||
import org.apache.hadoop.fs.Path;
|
||||
import org.apache.hadoop.fs.permission.AclEntry;
|
||||
import org.apache.hadoop.fs.permission.FsAction;
|
||||
import org.apache.hadoop.fs.permission.FsPermission;
|
||||
|
@ -412,7 +414,11 @@ public class TestFSPermissionChecker {
|
|||
fail("expected AccessControlException for user + " + user + ", path = " +
|
||||
path + ", access = " + access);
|
||||
} catch (AccessControlException e) {
|
||||
// expected
|
||||
assertTrue("Permission denied messages must carry the username",
|
||||
e.getMessage().contains(user.getUserName().toString()));
|
||||
assertTrue("Permission denied messages must carry the path parent",
|
||||
e.getMessage().contains(
|
||||
new Path(path).getParent().toUri().getPath()));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue