[jira] [Updated] (HDFS-5758) NameNode: complete implementation of inode modifications for ACLs.

Fri, 17 Jan 2014 12:43:44 -0800 

     [ 
https://issues.apache.org/jira/browse/HDFS-5758?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Chris Nauroth updated HDFS-5758:
--------------------------------

    Attachment: HDFS-5758.5.patch

Here is patch version 5.

bq. I'm not sure why includeBaseEntries is needed. It seems the parameter is 
contradicted with the description of the function (which is returning the 
logical ACLs).

Good catch on the JavaDoc contradiction.  All of the ACL modification logic 
(the public static methods in {{AclTransformation}}) need to see the full 
existing logical ACL in order to work correctly.  For {{getAclStatus}}, we're 
now saying that the result filters out the base ACL entries.  To make this 
distinction clearer, I've split out separate methods in {{AclStorage}}: 
{{readINodeLogicalAcl}} and {{readINodeAcl}}.  I think this helps clarify 
intent in the calling code better than passing an extra flag to manipulate the 
behavior.

bq. It seems that there might be out of bound access here.

This won't go out of bounds as long as the ACL has at least 3 entries.  A valid 
logical ACL must have at least 3 entries (the 3 entries inferred from 
permission bits).  This invariant is enforced by {{FSDirectory}} always 
retrieving the existing logical ACL and {{AclTransformation}} always producing 
a valid logical ACL after modification.  Note that there is also an assert at 
the top of {{updateINodeAcl}} to check that these invariants have been enforced 
on the inputs.

> NameNode: complete implementation of inode modifications for ACLs.
> ------------------------------------------------------------------
>
>                 Key: HDFS-5758
>                 URL: https://issues.apache.org/jira/browse/HDFS-5758
>             Project: Hadoop HDFS
>          Issue Type: Sub-task
>          Components: namenode
>    Affects Versions: HDFS ACLs (HDFS-4685)
>            Reporter: Chris Nauroth
>            Assignee: Chris Nauroth
>         Attachments: HDFS-5758.1.patch, HDFS-5758.2.patch, HDFS-5758.3.patch, 
> HDFS-5758.4.patch, HDFS-5758.5.patch
>
>
> This patch will complete the remaining logic for the ACL get and set APIs, 
> including remaining work in {{FSNamesystem}}, {{FSDirectory}} and storage in 
> the inodes.



--
This message was sent by Atlassian JIRA
(v6.1.5#6160)

Reply via email to