You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@ozone.apache.org by "Siyao Meng (Jira)" <ji...@apache.org> on 2020/06/17 18:45:00 UTC

[jira] [Created] (HDDS-3819) OzoneManager#listVolumeByUser ignores userName parameter when ACL is enabled

Siyao Meng created HDDS-3819:
--------------------------------

             Summary: OzoneManager#listVolumeByUser ignores userName parameter when ACL is enabled
                 Key: HDDS-3819
                 URL: https://issues.apache.org/jira/browse/HDDS-3819
             Project: Hadoop Distributed Data Store
          Issue Type: Bug
            Reporter: Siyao Meng
            Assignee: Siyao Meng


When {{ozone.acl.enabled}} is set to {{true}}, the [ACL check logic in OzoneManager#listVolumeByUser|https://github.com/apache/hadoop-ozone/blob/aa04ac0a894e15c98b05b1acef110c6e26bb01dc/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java#L1845-L1857] ignored the provided {{userName}}.

This bug is introduced by my commit HDDS-3056, unfortunately.

h3. Impact
e.g. {{userA}} won't be able to use {{ozone sh volume list --user userB}} to list {{userB}}'s volumes when ACL is enabled.

h3. Solution
Use {{userName}} rather than {{ProtobufRpcEngine.Server.getRemoteUser()}} for ACL check.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org