org.apache.zookeeper.data.ACL.getId()方法的使用及代码示例

x33g5p2x  于2022-01-15 转载在 其他  
字(8.2k)|赞(0)|评价(0)|浏览(130)

本文整理了Java中org.apache.zookeeper.data.ACL.getId()方法的一些代码示例,展示了ACL.getId()的具体用法。这些代码示例主要来源于Github/Stackoverflow/Maven等平台,是从一些精选项目中提取出来的代码,具有较强的参考意义,能在一定程度帮忙到你。ACL.getId()方法的具体详情如下:
包路径:org.apache.zookeeper.data.ACL
类名称:ACL
方法名:getId

ACL.getId介绍

暂无

代码示例

代码示例来源:origin: apache/hive

private static void checkAcls(CuratorFramework zkClient, Id user, String path) {
 List<ACL> acls = null;
 try {
  acls = zkClient.getACL().forPath(path);
 } catch (Exception ex) {
  throw new RuntimeException("Error during the ACL check. " + DISABLE_MESSAGE, ex);
 }
 if (acls == null || acls.isEmpty()) {
  // There's some access (to get ACLs), so assume it means free for all.
  throw new SecurityException("No ACLs on "  + path + ". " + DISABLE_MESSAGE);
 }
 for (ACL acl : acls) {
  if (!user.equals(acl.getId())) {
   throw new SecurityException("The ACL " + acl + " is unnacceptable for " + path
     + "; only " + user + " is allowed. " + DISABLE_MESSAGE);
  }
 }
}

代码示例来源:origin: apache/hbase

private boolean checkACLForSuperUsers(String[] superUsers, List<ACL> acls) {
 for (String user : superUsers) {
  boolean hasAccess = false;
  // TODO: Validate super group members also when ZK supports setting node ACL for groups.
  if (!AuthUtil.isGroupPrincipal(user)) {
   for (ACL acl : acls) {
    if (user.equals(acl.getId().getId())) {
     if (acl.getPerms() == Perms.ALL) {
      hasAccess = true;
     } else {
      if (LOG.isDebugEnabled()) {
       LOG.debug(String.format(
        "superuser '%s' does not have correct permissions: have 0x%x, want 0x%x",
        acl.getId().getId(), acl.getPerms(), Perms.ALL));
      }
     }
     break;
    }
   }
   if (!hasAccess) {
    return false;
   }
  }
 }
 return true;
}

代码示例来源:origin: apache/hbase

Id id = acl.getId();

代码示例来源:origin: apache/zookeeper

@Override
public boolean exec() throws CliException {
  String path = args[1];
  Stat stat = new Stat();
  List<ACL> acl;
  try {
    acl = zk.getACL(path, stat);
  } catch (IllegalArgumentException ex) {
    throw new MalformedPathException(ex.getMessage());
  } catch (KeeperException|InterruptedException ex) {
    throw new CliWrapperException(ex);
  }
  for (ACL a : acl) {
    out.println(a.getId() + ": "
          + getPermString(a.getPerms()));
  }
  if (cl.hasOption("s")) {
    new StatPrinter(out).print(stat);
  }
  return false;
}

代码示例来源:origin: apache/zookeeper

Id id = a.getId();
if ((a.getPerms() & perm) != 0) {
  if (id.getScheme().equals("world")

代码示例来源:origin: apache/hive

private void checkAndSetAcls() throws Exception {
 if (!UserGroupInformation.isSecurityEnabled()) return;
 // We are trying to check ACLs on the "workers" directory, which noone except us should be
 // able to write to. Higher-level directories shouldn't matter - we don't read them.
 String pathToCheck = workersPath;
 List<ACL> acls = zooKeeperClient.getACL().forPath(pathToCheck);
 if (acls == null || acls.isEmpty()) {
  // Can there be no ACLs? There's some access (to get ACLs), so assume it means free for all.
  LOG.warn("No ACLs on "  + pathToCheck + "; setting up ACLs. " + disableMessage);
  setUpAcls(pathToCheck);
  return;
 }
 // This could be brittle.
 assert userNameFromPrincipal != null;
 Id currentUser = new Id("sasl", userNameFromPrincipal);
 for (ACL acl : acls) {
  if ((acl.getPerms() & ~ZooDefs.Perms.READ) == 0 || currentUser.equals(acl.getId())) {
   continue; // Read permission/no permissions, or the expected user.
  }
  LOG.warn("The ACL " + acl + " is unnacceptable for " + pathToCheck
   + "; setting up ACLs. " + disableMessage);
  setUpAcls(pathToCheck);
  return;
 }
}

代码示例来源:origin: org.apache.zookeeper/zookeeper

while (it.hasNext()) {
  ACL a = it.next();
  Id id = a.getId();
  if (id.getScheme().equals("world") && id.getId().equals("anyone")) {

代码示例来源:origin: apache/zookeeper

throw new KeeperException.InvalidACLException(path);
Id id = a.getId();
if (id == null || id.getScheme() == null) {
  throw new KeeperException.InvalidACLException(path);

代码示例来源:origin: org.apache.zookeeper/zookeeper

acl = zk.getACL(path, stat);
for (ACL a : acl) {
  System.out.println(a.getId() + ": "
      + getPermString(a.getPerms()));

代码示例来源:origin: org.apache.zookeeper/zookeeper

Id id = a.getId();
if ((a.getPerms() & perm) != 0) {
  if (id.getScheme().equals("world")

代码示例来源:origin: apache/hbase

boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
 if (acls.get(i).getId().getScheme().equals("world") == true) {
  assertEquals("anyone", acls.get(0).getId().getId());
  assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
  foundWorldReadableAcl = true;
 } else {
  if (acls.get(i).getId().getScheme().equals("sasl") == true) {
   assertEquals("hbase", acls.get(1).getId().getId());
   assertEquals("sasl", acls.get(1).getId().getScheme());
   foundHBaseOwnerAcl = true;
  } else { // error: should not get here: test fails.

代码示例来源:origin: apache/hbase

/**
 * Finally, we check the ACLs of a node outside of the /hbase hierarchy and
 * verify that its ACL is simply 'hbase:Perms.ALL'.
 */
@Test
public void testOutsideHBaseNodeACL() throws Exception {
 if (!secureZKAvailable) {
  return;
 }
 ZKUtil.createWithParents(zkw, "/testACLNode");
 List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper()
   .getACL("/testACLNode", new Stat());
 assertEquals(1, acls.size());
 assertEquals("sasl", acls.get(0).getId().getScheme());
 assertEquals("hbase", acls.get(0).getId().getId());
 assertEquals(ZooDefs.Perms.ALL, acls.get(0).getPerms());
}

代码示例来源:origin: apache/hbase

boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
 if (acls.get(i).getId().getScheme().equals("world") == true) {
  assertEquals("anyone", acls.get(0).getId().getId());
  assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
  foundWorldReadableAcl = true;
 } else {
  if (acls.get(i).getId().getScheme().equals("sasl") == true) {
   assertEquals("hbase", acls.get(1).getId().getId());
   assertEquals("sasl", acls.get(1).getId().getScheme());
   foundHBaseOwnerAcl = true;
  } else { // error: should not get here: test fails.

代码示例来源:origin: apache/hbase

boolean foundHBaseOwnerAcl = false;
for(int i = 0; i < 2; i++) {
 if (acls.get(i).getId().getScheme().equals("world") == true) {
  assertEquals("anyone", acls.get(0).getId().getId());
  assertEquals(ZooDefs.Perms.READ, acls.get(0).getPerms());
  foundWorldReadableAcl = true;
  if (acls.get(i).getId().getScheme().equals("sasl") == true) {
   assertEquals("hbase", acls.get(1).getId().getId());
   assertEquals("sasl", acls.get(1).getId().getScheme());
   foundHBaseOwnerAcl = true;
  } else { // error: should not get here: test fails.

代码示例来源:origin: apache/hbase

/**
 * Create a node and check its ACL. When authentication is enabled on
 * ZooKeeper, all nodes (except /hbase/root-region-server, /hbase/master
 * and /hbase/hbaseid) should be created so that only the hbase server user
 * (master or region server user) that created them can access them, and
 * this user should have all permissions on this node. For
 * /hbase/root-region-server, /hbase/master, and /hbase/hbaseid the
 * permissions should be as above, but should also be world-readable. First
 * we check the general case of /hbase nodes in the following test, and
 * then check the subset of world-readable nodes in the three tests after
 * that.
 */
@Test
public void testHBaseRootZNodeACL() throws Exception {
 if (!secureZKAvailable) {
  return;
 }
 List<ACL> acls = zkw.getRecoverableZooKeeper().getZooKeeper()
   .getACL("/hbase", new Stat());
 assertEquals(1, acls.size());
 assertEquals("sasl", acls.get(0).getId().getScheme());
 assertEquals("hbase", acls.get(0).getId().getId());
 assertEquals(ZooDefs.Perms.ALL, acls.get(0).getPerms());
}

代码示例来源:origin: apache/hbase

Id id = acl.getId();

代码示例来源:origin: apache/accumulo

if (acls.size() == 1) {
 ACL actualAcl = acls.get(0), expectedAcl = ZooUtil.PRIVATE.get(0);
 Id actualId = actualAcl.getId();

代码示例来源:origin: org.apache.hadoop/hadoop-yarn-server-resourcemanager

private static boolean verifyZKACL(String id, String scheme, int perm,
  List<ACL> acls) {
 for (ACL acl : acls) {
  if (acl.getId().getScheme().equals(scheme) &&
    acl.getId().getId().startsWith(id) &&
    acl.getPerms() == perm) {
   return true;
  }
 }
 return false;
}

代码示例来源:origin: ch.cern.hadoop/hadoop-yarn-server-resourcemanager

private static boolean verifyZKACL(String id, String scheme, int perm,
  List<ACL> acls) {
 for (ACL acl : acls) {
  if (acl.getId().getScheme().equals(scheme) &&
    acl.getId().getId().startsWith(id) &&
    acl.getPerms() == perm) {
   return true;
  }
 }
 return false;
}

代码示例来源:origin: org.apache.hadoop/hadoop-yarn-registry

@Test
public void testBuildAclsRealmed() throws Throwable {
 List<ACL> acls = registrySecurity.buildACLs(
   SASL_YARN_EXAMPLE_COM +
   ", " +
   SASL_MAPRED_EXAMPLE_COM,
   "",
   ZooDefs.Perms.ALL);
 assertEquals(YARN_EXAMPLE_COM, acls.get(0).getId().getId());
 assertEquals(MAPRED_EXAMPLE_COM, acls.get(1).getId().getId());
}

相关文章