Re: [PR] HDDS-7791. Support key ownership [ozone]

Tue, 09 Apr 2024 21:59:00 -0700 


xichen01 commented on code in PR #4188:
URL: https://github.com/apache/ozone/pull/4188#discussion_r1558842693


##########
hadoop-ozone/client/src/main/java/org/apache/hadoop/ozone/client/rpc/RpcClient.java:
##########
@@ -1195,7 +1196,8 @@ public OzoneOutputStream createKey(
         .setReplicationConfig(replicationConfig)
         .addAllMetadata(metadata)
         .setAcls(getAclList())
-        .setLatestVersionLocation(getLatestVersionLocation);
+        .setLatestVersionLocation(getLatestVersionLocation)
+        .setOwnerName(ownerName);

Review Comment:
   
   Hi @smengcl
   > When this key owner addition gets in, and admin chown a directory in a 
bucket...
   
   The current Ozone key does not have an `owner` field, so the current ACL 
implementation only checks the `Volume owner` and `Bucket owner`. Adding an 
`owner` field to the Key will not change this behavior.
   So, I don't think it will affect the current ACL, because the current ACL 
checking process doesn't involve the key owner.
   
   
https://github.com/apache/ozone/blob/06c0d81af229d66cbb0464e74dda67b73095d106/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneAclUtils.java#L97-L102
   
   ---
   
   > Another relevant questions is:  How are existing keys WITHOUT an owner 
field set going to behave after Ozone upgrade...
   
   The current `owner` only affects the read APIs such as `listKey`, 
`getKeyInfo`, etc.  before `owner` in the result of these API were a fake 
(showing the user who executed the command), now it can show the real `owner`. 
For old version keys, which didn't have an `owner` field before, it will 
backoff to the previous logic and populate the `owner` field with the current 
user executing the command.



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to