You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by "Siyao Meng (Jira)" <ji...@apache.org> on 2020/06/17 18:45:00 UTC
[jira] [Created] (HDDS-3819) OzoneManager#listVolumeByUser ignores
userName parameter when ACL is enabled
Siyao Meng created HDDS-3819:
--------------------------------
Summary: OzoneManager#listVolumeByUser ignores userName parameter when ACL is enabled
Key: HDDS-3819
URL: https://issues.apache.org/jira/browse/HDDS-3819
Project: Hadoop Distributed Data Store
Issue Type: Bug
Reporter: Siyao Meng
Assignee: Siyao Meng
When {{ozone.acl.enabled}} is set to {{true}}, the [ACL check logic in OzoneManager#listVolumeByUser|https://github.com/apache/hadoop-ozone/blob/aa04ac0a894e15c98b05b1acef110c6e26bb01dc/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java#L1845-L1857] ignored the provided {{userName}}.
This bug is introduced by my commit HDDS-3056, unfortunately.
h3. Impact
e.g. {{userA}} won't be able to use {{ozone sh volume list --user userB}} to list {{userB}}'s volumes when ACL is enabled.
h3. Solution
Use {{userName}} rather than {{ProtobufRpcEngine.Server.getRemoteUser()}} for ACL check.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: ozone-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: ozone-issues-help@hadoop.apache.org