hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/permission/AclUtil.java - hadoop - Git at Google

 /**
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.hadoop.fs.permission;

 import java.util.Iterator;
 import java.util.List;

 import org.apache.hadoop.classification.InterfaceAudience;
 import org.apache.hadoop.classification.InterfaceStability;

 import org.apache.hadoop.thirdparty.com.google.common.collect.Lists;

 /**
  * AclUtil contains utility methods for manipulating ACLs.
  */
 @InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
 @InterfaceStability.Unstable
 public final class AclUtil {

   /**
    * Given permissions and extended ACL entries, returns the full logical ACL.
    *
    * @param perm FsPermission containing permissions
    * @param entries List&lt;AclEntry&gt; containing extended ACL entries
    * @return List&lt;AclEntry&gt; containing full logical ACL
    */
   public static List<AclEntry> getAclFromPermAndEntries(FsPermission perm,
       List<AclEntry> entries) {
     List<AclEntry> acl = Lists.newArrayListWithCapacity(entries.size() + 3);

     // Owner entry implied by owner permission bits.
     acl.add(new AclEntry.Builder()
       .setScope(AclEntryScope.ACCESS)
       .setType(AclEntryType.USER)
       .setPermission(perm.getUserAction())
       .build());

     // All extended access ACL entries.
     boolean hasAccessAcl = false;
     Iterator<AclEntry> entryIter = entries.iterator();
     AclEntry curEntry = null;
     while (entryIter.hasNext()) {
       curEntry = entryIter.next();
       if (curEntry.getScope() == AclEntryScope.DEFAULT) {
         break;
       }
       hasAccessAcl = true;
       acl.add(curEntry);
     }

     // Mask entry implied by group permission bits, or group entry if there is
     // no access ACL (only default ACL).
     acl.add(new AclEntry.Builder()
       .setScope(AclEntryScope.ACCESS)
       .setType(hasAccessAcl ? AclEntryType.MASK : AclEntryType.GROUP)
       .setPermission(perm.getGroupAction())
       .build());

     // Other entry implied by other bits.
     acl.add(new AclEntry.Builder()
       .setScope(AclEntryScope.ACCESS)
       .setType(AclEntryType.OTHER)
       .setPermission(perm.getOtherAction())
       .build());

     // Default ACL entries.
     if (curEntry != null && curEntry.getScope() == AclEntryScope.DEFAULT) {
       acl.add(curEntry);
       while (entryIter.hasNext()) {
         acl.add(entryIter.next());
       }
     }

     return acl;
   }

   /**
    * Translates the given permission bits to the equivalent minimal ACL.
    *
    * @param perm FsPermission to translate
    * @return List&lt;AclEntry&gt; containing exactly 3 entries representing the
    *         owner, group and other permissions
    */
   public static List<AclEntry> getMinimalAcl(FsPermission perm) {
     return Lists.newArrayList(
       new AclEntry.Builder()
         .setScope(AclEntryScope.ACCESS)
         .setType(AclEntryType.USER)
         .setPermission(perm.getUserAction())
         .build(),
       new AclEntry.Builder()
         .setScope(AclEntryScope.ACCESS)
         .setType(AclEntryType.GROUP)
         .setPermission(perm.getGroupAction())
         .build(),
       new AclEntry.Builder()
         .setScope(AclEntryScope.ACCESS)
         .setType(AclEntryType.OTHER)
         .setPermission(perm.getOtherAction())
         .build());
   }

   /**
    * Checks if the given entries represent a minimal ACL (contains exactly 3
    * entries).
    *
    * @param entries List&lt;AclEntry&gt; entries to check
    * @return boolean true if the entries represent a minimal ACL
    */
   public static boolean isMinimalAcl(List<AclEntry> entries) {
     return entries.size() == 3;
   }

   /**
    * There is no reason to instantiate this class.
    */
   private AclUtil() {
   }
 }
	/**
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.hadoop.fs.permission;

	import java.util.Iterator;
	import java.util.List;

	import org.apache.hadoop.classification.InterfaceAudience;
	import org.apache.hadoop.classification.InterfaceStability;

	import org.apache.hadoop.thirdparty.com.google.common.collect.Lists;

	/**
	* AclUtil contains utility methods for manipulating ACLs.
	*/
	@InterfaceAudience.LimitedPrivate({"HDFS", "MapReduce"})
	@InterfaceStability.Unstable
	public final class AclUtil {

	/**
	* Given permissions and extended ACL entries, returns the full logical ACL.
	*
	* @param perm FsPermission containing permissions
	* @param entries List<AclEntry> containing extended ACL entries
	* @return List<AclEntry> containing full logical ACL
	*/
	public static List<AclEntry> getAclFromPermAndEntries(FsPermission perm,
	List<AclEntry> entries) {
	List<AclEntry> acl = Lists.newArrayListWithCapacity(entries.size() + 3);

	// Owner entry implied by owner permission bits.
	acl.add(new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(AclEntryType.USER)
	.setPermission(perm.getUserAction())
	.build());

	// All extended access ACL entries.
	boolean hasAccessAcl = false;
	Iterator<AclEntry> entryIter = entries.iterator();
	AclEntry curEntry = null;
	while (entryIter.hasNext()) {
	curEntry = entryIter.next();
	if (curEntry.getScope() == AclEntryScope.DEFAULT) {
	break;
	}
	hasAccessAcl = true;
	acl.add(curEntry);
	}

	// Mask entry implied by group permission bits, or group entry if there is
	// no access ACL (only default ACL).
	acl.add(new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(hasAccessAcl ? AclEntryType.MASK : AclEntryType.GROUP)
	.setPermission(perm.getGroupAction())
	.build());

	// Other entry implied by other bits.
	acl.add(new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(AclEntryType.OTHER)
	.setPermission(perm.getOtherAction())
	.build());

	// Default ACL entries.
	if (curEntry != null && curEntry.getScope() == AclEntryScope.DEFAULT) {
	acl.add(curEntry);
	while (entryIter.hasNext()) {
	acl.add(entryIter.next());
	}
	}

	return acl;
	}

	/**
	* Translates the given permission bits to the equivalent minimal ACL.
	*
	* @param perm FsPermission to translate
	* @return List<AclEntry> containing exactly 3 entries representing the
	* owner, group and other permissions
	*/
	public static List<AclEntry> getMinimalAcl(FsPermission perm) {
	return Lists.newArrayList(
	new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(AclEntryType.USER)
	.setPermission(perm.getUserAction())
	.build(),
	new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(AclEntryType.GROUP)
	.setPermission(perm.getGroupAction())
	.build(),
	new AclEntry.Builder()
	.setScope(AclEntryScope.ACCESS)
	.setType(AclEntryType.OTHER)
	.setPermission(perm.getOtherAction())
	.build());
	}

	/**
	* Checks if the given entries represent a minimal ACL (contains exactly 3
	* entries).
	*
	* @param entries List<AclEntry> entries to check
	* @return boolean true if the entries represent a minimal ACL
	*/
	public static boolean isMinimalAcl(List<AclEntry> entries) {
	return entries.size() == 3;
	}

	/**
	* There is no reason to instantiate this class.
	*/
	private AclUtil() {
	}
	}