sadanand48 commented on a change in pull request #2011:
URL: https://github.com/apache/ozone/pull/2011#discussion_r591418641
##########
File path:
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRenameRequestV1.java
##########
@@ -108,6 +115,36 @@ public OMClientResponse
validateAndUpdateCache(OzoneManager ozoneManager,
checkKeyAcls(ozoneManager, volumeName, bucketName, toKeyName,
IAccessAuthorizer.ACLType.CREATE, OzoneObj.ResourceType.KEY);
+ if (isNativeAuthorizerEnabled) {
Review comment:
Thanks @xiaoyuyao for the comment. This is the current code
`boolean keyAccess = isACLTypeCreate || keyManager.checkAccess(objInfo,
context);`
`return (keyAccess
&& prefixManager.checkAccess(objInfo, parentContext)
&& bucketManager.checkAccess(objInfo, parentContext)
&& volumeManager.checkAccess(objInfo, parentContext));`
The recursion logic could be added inside the KeyManager checkAccess
implementation . My question is whether the prefixManager implementation of
checkAccess also be modified?
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
