[ https://issues.apache.org/jira/browse/HDFS-12147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16091335#comment-16091335 ]
Weiwei Yang commented on HDFS-12147: ------------------------------------ Hi [~nandakumar131] Thank you. But even we want to expose them to clients, the API arguments still look odd to me. How would a client to compose an OzoneAcl in the request when it wants to check a certain access? Semantically we often check against an {{User Identity}} and an {{operation}} (e.g read/write/delete). Use this patch, does it work like following? Suppose a bucket has following ACL {noformat} user:bilbo:rw user:john:r user:mike:w {noformat} and a client pass an OzoneAcl like following {{user:mike:w}} this means I want to check if user mike has the write permission to the bucket? And this case it has the access. What if the bucket ACL is like following {noformat} user:bilbo:rw user:john:r group:hadoop:w {noformat} and mike belongs to hadoop group, when I verify {{user:mike:w}}, will it give me an access control exception? > Ozone: KSM: Add checkBucketAccess > --------------------------------- > > Key: HDFS-12147 > URL: https://issues.apache.org/jira/browse/HDFS-12147 > Project: Hadoop HDFS > Issue Type: Sub-task > Components: ozone > Reporter: Nandakumar > Assignee: Nandakumar > Attachments: HDFS-12147-HDFS-7240.000.patch, > HDFS-12147-HDFS-7240.001.patch > > > Checks if the caller has access to a given bucket. -- This message was sent by Atlassian JIRA (v6.4.14#64029) --------------------------------------------------------------------- To unsubscribe, e-mail: hdfs-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: hdfs-issues-h...@hadoop.apache.org