You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2021/05/21 10:23:25 UTC
[GitHub] [ozone] smengcl commented on a change in pull request #2270: HDDS-5206. Addendum: Support revoking S3 secret
smengcl commented on a change in pull request #2270:
URL: https://github.com/apache/ozone/pull/2270#discussion_r636809160
##########
File path: hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/s3/security/S3GetSecretRequest.java
##########
@@ -72,12 +72,13 @@ public OMRequest preExecute(OzoneManager ozoneManager) throws IOException {
// Generate S3 Secret to be used by OM quorum.
String kerberosID = s3GetSecretRequest.getKerberosID();
- UserGroupInformation user = ProtobufRpcEngine.Server.getRemoteUser();
+ final UserGroupInformation user = ProtobufRpcEngine.Server.getRemoteUser();
+ final String username = user.getUserName();
// Permission check. Users need to be themselves or have admin privilege
- if (!user.getUserName().equals(kerberosID) &&
- !ozoneManager.isAdmin(kerberosID)) {
+ if (!username.equals(kerberosID) &&
+ !ozoneManager.isAdmin(username)) {
Review comment:
thx. I added new omClient for non-admin test case in UT. Should be good now.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org