本文整理了Java中org.apache.zookeeper.data.ACL.getId()
方法的一些代码示例,展示了ACL.getId()
的具体用法。这些代码示例主要来源于Github
/Stackoverflow
/Maven
等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACL.getId()
方法的具体详情如下:
包路径:org.apache.zookeeper.data.ACL
类名称:ACL
方法名:getId
暂无
代码示例来源:origin: apache/hive
private static void checkAcls(CuratorFramework zkClient, Id user, String path) {
List<ACL> acls = null;
try {
acls = zkClient.getACL().forPath(path);
} catch (Exception ex) {
throw new RuntimeException("Error during the ACL check. " + DISABLE_MESSAGE, ex);
}
if (acls == null || acls.isEmpty()) {
// There's some access (to get ACLs), so assume it means free for all.
throw new SecurityException("No ACLs on " + path + ". " + DISABLE_MESSAGE);
}
for (ACL acl : acls) {
if (!user.equals(acl.getId())) {
throw new SecurityException("The ACL " + acl + " is unnacceptable for " + path
+ "; only " + user + " is allowed. " + DISABLE_MESSAGE);
}
}
}
代码示例来源:origin: apache/hbase
private boolean checkACLForSuperUsers(String[] superUsers, List<ACL> acls) {
for (String user : superUsers) {
boolean hasAccess = false;
// TODO: Validate super group members also when ZK supports setting node ACL for groups.
if (!AuthUtil.isGroupPrincipal(user)) {
for (ACL acl : acls) {
if (user.equals(acl.getId().getId())) {
if (acl.getPerms() == Perms.ALL) {
hasAccess = true;
} else {
if (LOG.isDebugEnabled()) {
LOG.debug(String.format(
"superuser '%s' does not have correct permissions: have 0x%x, want 0x%x",
acl.getId().getId(), acl.getPerms(), Perms.ALL));
}
}
break;
}
}
if (!hasAccess) {
return false;
}
}
}
return true;
}
代码示例来源:origin: apache/hbase
Id id = acl.getId();
代码示例来源:origin: apache/zookeeper
@Override
public boolean exec() throws CliException {
String path = args[1];
Stat stat = new Stat();
List<ACL> acl;
try {
acl = zk.getACL(path, stat);
} catch (IllegalArgumentException ex) {
throw new MalformedPathException(ex.getMessage());
} catch (KeeperException|InterruptedException ex) {
throw new CliWrapperException(ex);
}
for (ACL a : acl) {
out.println(a.getId() + ": "
+ getPermString(a.getPerms()));
}
if (cl.hasOption("s")) {
new StatPrinter(out).print(stat);
}
return false;
}
代码示例来源:origin: apache/zookeeper
Id id = a.getId();
if ((a.getPerms() & perm) != 0) {
if (id.getScheme().equals("world")
代码示例来源:origin: apache/hive
private void checkAndSetAcls() throws Exception {
if (!UserGroupInformation.isSecurityEnabled()) return;
// We are trying to check ACLs on the "workers" directory, which noone except us should be
// able to write to. Higher-level directories shouldn't matter - we don't read them.
String pathToCheck = workersPath;
List<ACL> acls = zooKeeperClient.getACL().forPath(pathToCheck);
if (acls == null || acls.isEmpty()) {
// Can there be no ACLs? There's some access (to get ACLs), so assume it means free for all.
LOG.warn("No ACLs on " + pathToCheck + "; setting up ACLs. " + disableMessage);
setUpAcls(pathToCheck);
return;
}
// This could be brittle.
assert userNameFromPrincipal != null;
Id currentUser = new Id("sasl", userNameFromPrincipal);
for (ACL acl : acls) {
if ((acl.getPerms() & ~ZooDefs.Perms.READ) == 0 || currentUser.equals(acl.getId())) {
continue; // Read permission/no permissions, or the expected user.
}
LOG.warn("The ACL " + acl + " is unnacceptable for " + pathToCheck
+ "; setting up ACLs. " + disableMessage);
setUpAcls(pathToCheck);
return;
}
}
代码示例来源:origin: org.apache.zookeeper/zookeeper
while (it.hasNext()) {
ACL a = it.next();
Id id = a.getId();
if (id.getScheme().equals("world") && id.getId().equals("anyone")) {
代码示例来源:origin: apache/zookeeper
throw new KeeperException.InvalidACLException(path);
Id id = a.getId();
if (id == null || id.getScheme() == null) {
throw new KeeperException.InvalidACLException(path);
代码示例来源:origin: org.apache.zookeeper/zookeeper
acl = zk.getACL(path, stat);
for (ACL a : acl) {
System.out.println(a.getId() + ": "
+ getPermString(a.getPerms()));
代码示例来源:origin: org.apache.zookeeper/zookeeper
Id id = a.getId();
if ((a.getPerms() & perm) != 0) {
if (id.getScheme().equals("world")
代码示例来源:origin: apache/hbase
boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
if (acls.get(i).getId().getScheme().equals("world") == true) {
assertEquals("anyone", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
foundWorldReadableAcl = true;
} else {
if (acls.get(i).getId().getScheme().equals("sasl") == true) {
assertEquals("hbase", acls.get(1).getId().getId());
assertEquals("sasl", acls.get(1).getId().getScheme());
foundHBaseOwnerAcl = true;
} else { // error: should not get here: test fails.
代码示例来源:origin: apache/hbase
/**
* Finally, we check the ACLs of a node outside of the /hbase hierarchy and
* verify that its ACL is simply 'hbase:Perms.ALL'.
*/
@Test
public void testOutsideHBaseNodeACL() throws Exception {
if (!secureZKAvailable) {
return;
}
ZKUtil.createWithParents(zkw, "/testACLNode");
List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper()
.getACL("/testACLNode", new Stat());
assertEquals(1, acls.size());
assertEquals("sasl", acls.get(0).getId().getScheme());
assertEquals("hbase", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.ALL, acls.get(0).getPerms());
}
代码示例来源:origin: apache/hbase
boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
if (acls.get(i).getId().getScheme().equals("world") == true) {
assertEquals("anyone", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
foundWorldReadableAcl = true;
} else {
if (acls.get(i).getId().getScheme().equals("sasl") == true) {
assertEquals("hbase", acls.get(1).getId().getId());
assertEquals("sasl", acls.get(1).getId().getScheme());
foundHBaseOwnerAcl = true;
} else { // error: should not get here: test fails.
代码示例来源:origin: apache/hbase
boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
if (acls.get(i).getId().getScheme().equals("world") == true) {
assertEquals("anyone", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
foundWorldReadableAcl = true;
if (acls.get(i).getId().getScheme().equals("sasl") == true) {
assertEquals("hbase", acls.get(1).getId().getId());
assertEquals("sasl", acls.get(1).getId().getScheme());
foundHBaseOwnerAcl = true;
} else { // error: should not get here: test fails.
代码示例来源:origin: apache/hbase
/**
* Create a node and check its ACL. When authentication is enabled on
* ZooKeeper, all nodes (except /hbase/root-region-server, /hbase/master
* and /hbase/hbaseid) should be created so that only the hbase server user
* (master or region server user) that created them can access them, and
* this user should have all permissions on this node. For
* /hbase/root-region-server, /hbase/master, and /hbase/hbaseid the
* permissions should be as above, but should also be world-readable. First
* we check the general case of /hbase nodes in the following test, and
* then check the subset of world-readable nodes in the three tests after
* that.
*/
@Test
public void testHBaseRootZNodeACL() throws Exception {
if (!secureZKAvailable) {
return;
}
List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper()
.getACL("/hbase", new Stat());
assertEquals(1, acls.size());
assertEquals("sasl", acls.get(0).getId().getScheme());
assertEquals("hbase", acls.get(0).getId().getId());
assertEquals(ZooDefs.Perms.ALL, acls.get(0).getPerms());
}
代码示例来源:origin: apache/hbase
Id id = acl.getId();
代码示例来源:origin: apache/accumulo
if (acls.size() == 1) {
ACL actualAcl = acls.get(0), expectedAcl = ZooUtil.PRIVATE.get(0);
Id actualId = actualAcl.getId();
代码示例来源:origin: org.apache.hadoop/hadoop-yarn-server-resourcemanager
private static boolean verifyZKACL(String id, String scheme, int perm,
List<ACL> acls) {
for (ACL acl : acls) {
if (acl.getId().getScheme().equals(scheme) &&
acl.getId().getId().startsWith(id) &&
acl.getPerms() == perm) {
return true;
}
}
return false;
}
代码示例来源:origin: ch.cern.hadoop/hadoop-yarn-server-resourcemanager
private static boolean verifyZKACL(String id, String scheme, int perm,
List<ACL> acls) {
for (ACL acl : acls) {
if (acl.getId().getScheme().equals(scheme) &&
acl.getId().getId().startsWith(id) &&
acl.getPerms() == perm) {
return true;
}
}
return false;
}
代码示例来源:origin: org.apache.hadoop/hadoop-yarn-registry
@Test
public void testBuildAclsRealmed() throws Throwable {
List<ACL> acls = registrySecurity.buildACLs(
SASL_YARN_EXAMPLE_COM +
", " +
SASL_MAPRED_EXAMPLE_COM,
"",
ZooDefs.Perms.ALL);
assertEquals(YARN_EXAMPLE_COM, acls.get(0).getId().getId());
assertEquals(MAPRED_EXAMPLE_COM, acls.get(1).getId().getId());
}
内容来源于网络,如有侵权,请联系作者删除!