当前位置: 首页>>代码示例>>Java>>正文

Java Perms.ALL属性代码示例

本文整理汇总了Java中org.apache.zookeeper.ZooDefs.Perms.ALL属性的典型用法代码示例。如果您正苦于以下问题:Java Perms.ALL属性的具体用法?Java Perms.ALL怎么用?Java Perms.ALL使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在org.apache.zookeeper.ZooDefs.Perms的用法示例。


在下文中一共展示了Perms.ALL属性的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Java代码示例。

示例1: checkACLForSuperUsers

private boolean checkACLForSuperUsers(String[] superUsers, List<ACL> acls) {
  for (String user : superUsers) {
    boolean hasAccess = false;
    // TODO: Validate super group members also when ZK supports setting node ACL for groups.
    if (!user.startsWith(AuthUtil.GROUP_PREFIX)) {
      for (ACL acl : acls) {
        if (user.equals(acl.getId().getId())) {
          if (acl.getPerms() == Perms.ALL) {
            hasAccess = true;
          } else {
            if (LOG.isDebugEnabled()) {
              LOG.debug(String.format(
                "superuser '%s' does not have correct permissions: have 0x%x, want 0x%x",
                acl.getId().getId(), acl.getPerms(), Perms.ALL));
            }
          }
          break;
        }
      }
      if (!hasAccess) {
        return false;
      }
    }
  }
  return true;
}
开发者ID:fengchen8086,项目名称:ditb,代码行数:26,代码来源:ZooKeeperWatcher.java

示例2: checkACLForSuperUsers

private boolean checkACLForSuperUsers(String[] superUsers, List<ACL> acls) {
  for (String user : superUsers) {
    boolean hasAccess = false;
    // TODO: Validate super group members also when ZK supports setting node ACL for groups.
    if (!AuthUtil.isGroupPrincipal(user)) {
      for (ACL acl : acls) {
        if (user.equals(acl.getId().getId())) {
          if (acl.getPerms() == Perms.ALL) {
            hasAccess = true;
          } else {
            if (LOG.isDebugEnabled()) {
              LOG.debug(String.format(
                "superuser '%s' does not have correct permissions: have 0x%x, want 0x%x",
                acl.getId().getId(), acl.getPerms(), Perms.ALL));
            }
          }
          break;
        }
      }
      if (!hasAccess) {
        return false;
      }
    }
  }
  return true;
}
开发者ID:apache,项目名称:hbase,代码行数:26,代码来源:ZKWatcher.java

示例3: testRemoveSpecificPerms

@Test
public void testRemoveSpecificPerms() {
  int perms = Perms.ALL;
  int remove = Perms.CREATE;
  int newPerms = ZKUtil.removeSpecificPerms(perms, remove);
  assertEquals("Removal failed", 0, newPerms & Perms.CREATE);
}
开发者ID:nucypher,项目名称:hadoop-oss,代码行数:7,代码来源:TestZKUtil.java

示例4: getAdminAcls

public List<ACL> getAdminAcls() {
    List<ACL> listAcls = new ArrayList<ACL>(3);
    try {
        Id id = new Id(PropertiesDynLoading.authScheme,
                DigestAuthenticationProvider.generateDigest(PropertiesDynLoading.accessKey));
        ACL acl = new ACL(Perms.ALL, id);
        listAcls.add(acl);

    } catch (NoSuchAlgorithmException e) {

        e.printStackTrace();
        return Ids.OPEN_ACL_UNSAFE;
    }
    return listAcls;
}
开发者ID:ggj2010,项目名称:javabase,代码行数:15,代码来源:ZookeeperUtil.java

示例5: isBaseZnodeAclSetup

/**
 * Checks whether the ACLs returned from the base znode (/hbase) is set for secure setup.
 * @param acls acls from zookeeper
 * @return whether ACLs are set for the base znode
 * @throws IOException
 */
private boolean isBaseZnodeAclSetup(List<ACL> acls) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Checking znode ACLs");
  }
  String[] superUsers = conf.getStrings(Superusers.SUPERUSER_CONF_KEY);
  // Check whether ACL set for all superusers
  if (superUsers != null && !checkACLForSuperUsers(superUsers, acls)) {
    return false;
  }

  // this assumes that current authenticated user is the same as zookeeper client user
  // configured via JAAS
  String hbaseUser = UserGroupInformation.getCurrentUser().getShortUserName();

  if (acls.isEmpty()) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("ACL is empty");
    }
    return false;
  }

  for (ACL acl : acls) {
    int perms = acl.getPerms();
    Id id = acl.getId();
    // We should only set at most 3 possible ACLs for 3 Ids. One for everyone, one for superuser
    // and one for the hbase user
    if (Ids.ANYONE_ID_UNSAFE.equals(id)) {
      if (perms != Perms.READ) {
        if (LOG.isDebugEnabled()) {
          LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
            id, perms, Perms.READ));
        }
        return false;
      }
    } else if (superUsers != null && isSuperUserId(superUsers, id)) {
      if (perms != Perms.ALL) {
        if (LOG.isDebugEnabled()) {
          LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
            id, perms, Perms.ALL));
        }
        return false;
      }
    } else if ("sasl".equals(id.getScheme())) {
      String name = id.getId();
      // If ZooKeeper recorded the Kerberos full name in the ACL, use only the shortname
      Matcher match = NAME_PATTERN.matcher(name);
      if (match.matches()) {
        name = match.group(1);
      }
      if (name.equals(hbaseUser)) {
        if (perms != Perms.ALL) {
          if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
              id, perms, Perms.ALL));
          }
          return false;
        }
      } else {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Unexpected shortname in SASL ACL: " + id);
        }
        return false;
      }
    } else {
      if (LOG.isDebugEnabled()) {
        LOG.debug("unexpected ACL id '" + id + "'");
      }
      return false;
    }
  }
  return true;
}
开发者ID:fengchen8086,项目名称:ditb,代码行数:78,代码来源:ZooKeeperWatcher.java

示例6: isBaseZnodeAclSetup

/**
 * Checks whether the ACLs returned from the base znode (/hbase) is set for secure setup.
 * @param acls acls from zookeeper
 * @return whether ACLs are set for the base znode
 * @throws IOException if getting the current user fails
 */
private boolean isBaseZnodeAclSetup(List<ACL> acls) throws IOException {
  if (LOG.isDebugEnabled()) {
    LOG.debug("Checking znode ACLs");
  }
  String[] superUsers = conf.getStrings(Superusers.SUPERUSER_CONF_KEY);
  // Check whether ACL set for all superusers
  if (superUsers != null && !checkACLForSuperUsers(superUsers, acls)) {
    return false;
  }

  // this assumes that current authenticated user is the same as zookeeper client user
  // configured via JAAS
  String hbaseUser = UserGroupInformation.getCurrentUser().getShortUserName();

  if (acls.isEmpty()) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("ACL is empty");
    }
    return false;
  }

  for (ACL acl : acls) {
    int perms = acl.getPerms();
    Id id = acl.getId();
    // We should only set at most 3 possible ACLs for 3 Ids. One for everyone, one for superuser
    // and one for the hbase user
    if (Ids.ANYONE_ID_UNSAFE.equals(id)) {
      if (perms != Perms.READ) {
        if (LOG.isDebugEnabled()) {
          LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
            id, perms, Perms.READ));
        }
        return false;
      }
    } else if (superUsers != null && isSuperUserId(superUsers, id)) {
      if (perms != Perms.ALL) {
        if (LOG.isDebugEnabled()) {
          LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
            id, perms, Perms.ALL));
        }
        return false;
      }
    } else if ("sasl".equals(id.getScheme())) {
      String name = id.getId();
      // If ZooKeeper recorded the Kerberos full name in the ACL, use only the shortname
      Matcher match = NAME_PATTERN.matcher(name);
      if (match.matches()) {
        name = match.group(1);
      }
      if (name.equals(hbaseUser)) {
        if (perms != Perms.ALL) {
          if (LOG.isDebugEnabled()) {
            LOG.debug(String.format("permissions for '%s' are not correct: have 0x%x, want 0x%x",
              id, perms, Perms.ALL));
          }
          return false;
        }
      } else {
        if (LOG.isDebugEnabled()) {
          LOG.debug("Unexpected shortname in SASL ACL: " + id);
        }
        return false;
      }
    } else {
      if (LOG.isDebugEnabled()) {
        LOG.debug("unexpected ACL id '" + id + "'");
      }
      return false;
    }
  }
  return true;
}
开发者ID:apache,项目名称:hbase,代码行数:78,代码来源:ZKWatcher.java


注:本文中的org.apache.zookeeper.ZooDefs.Perms.ALL属性示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。