Package org.apache.storm.blobstore
Class BlobStoreAclHandler
java.lang.Object
org.apache.storm.blobstore.BlobStoreAclHandler
Provides common handling of acls for Blobstores. Also contains some static utility functions related to Blobstores.
-
Field Summary
FieldsModifier and TypeFieldDescriptionstatic final intstatic final List<AccessControl>static final org.slf4j.Loggerstatic final intstatic final List<AccessControl>static final int -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionstatic StringbooleancheckForValidUsers(Subject who, int mask) voidhasAnyPermissions(List<AccessControl> acl, int mask, Subject who, String key) Validates if the user has any of the permissions mentioned in the mask.voidhasPermissions(List<AccessControl> acl, int mask, Subject who, String key) Validates if the user has at least the set of permissions mentioned in the mask.voidnormalizeSettableBlobMeta(String key, SettableBlobMeta meta, Subject who, int opMask) static AccessControlparseAccessControl(String str) static voidvalidateSettableACLs(String key, List<AccessControl> acls) voidvalidateUserCanReadMeta(List<AccessControl> acl, Subject who, String key) The user should be able to see the metadata if and only if they have any of READ, WRITE, or ADMIN.
-
Field Details
-
LOG
public static final org.slf4j.Logger LOG -
READ
public static final int READ- See Also:
-
WRITE
public static final int WRITE- See Also:
-
ADMIN
public static final int ADMIN- See Also:
-
WORLD_EVERYTHING
-
DEFAULT
-
-
Constructor Details
-
BlobStoreAclHandler
-
-
Method Details
-
parseAccessControl
-
accessControlToString
-
validateSettableACLs
public static void validateSettableACLs(String key, List<AccessControl> acls) throws AuthorizationException - Throws:
AuthorizationException
-
checkForValidUsers
-
validateUserCanReadMeta
public void validateUserCanReadMeta(List<AccessControl> acl, Subject who, String key) throws AuthorizationException The user should be able to see the metadata if and only if they have any of READ, WRITE, or ADMIN.- Throws:
AuthorizationException
-
hasAnyPermissions
public void hasAnyPermissions(List<AccessControl> acl, int mask, Subject who, String key) throws AuthorizationException Validates if the user has any of the permissions mentioned in the mask.- Parameters:
acl- ACL for the key.mask- mask holds the cumulative value of READ = 1, WRITE = 2 or ADMIN = 4 permissions. mask = 1 implies READ privilege. mask = 5 implies READ and ADMIN privileges.who- Is the user against whom the permissions are validated for a key using the ACL and the mask.key- Key used to identify the blob.- Throws:
AuthorizationException
-
hasPermissions
public void hasPermissions(List<AccessControl> acl, int mask, Subject who, String key) throws AuthorizationException Validates if the user has at least the set of permissions mentioned in the mask.- Parameters:
acl- ACL for the key.mask- mask holds the cumulative value of READ = 1, WRITE = 2 or ADMIN = 4 permissions. mask = 1 implies READ privilege. mask = 5 implies READ and ADMIN privileges.who- Is the user against whom the permissions are validated for a key using the ACL and the mask.key- Key used to identify the blob.- Throws:
AuthorizationException
-
normalizeSettableBlobMeta
-