You are viewing a plain text version of this content. The canonical link for it is here.
Posted to common-commits@hadoop.apache.org by bh...@apache.org on 2019/08/01 02:00:47 UTC
[hadoop] branch trunk updated: HDDS-1885. Fix bug in checkAcls in
OzoneManager. (#1199)
This is an automated email from the ASF dual-hosted git repository.
bharat pushed a commit to branch trunk
in repository https://gitbox.apache.org/repos/asf/hadoop.git
The following commit(s) were added to refs/heads/trunk by this push:
new c1f7440 HDDS-1885. Fix bug in checkAcls in OzoneManager. (#1199)
c1f7440 is described below
commit c1f74405d79b4ea2dc3f6abf708074f29acabdc4
Author: Bharat Viswanadham <bh...@apache.org>
AuthorDate: Wed Jul 31 19:00:37 2019 -0700
HDDS-1885. Fix bug in checkAcls in OzoneManager. (#1199)
---
.../src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java | 9 ++++-----
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
index b1e2dd9..e771953 100644
--- a/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
+++ b/hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
@@ -1801,17 +1801,16 @@ public final class OzoneManager extends ServiceRuntimeInfoImpl
.setVolumeName(vol)
.setBucketName(bucket)
.setKeyName(key).build();
- UserGroupInformation user = ProtobufRpcEngine.Server.getRemoteUser();
RequestContext context = RequestContext.newBuilder()
- .setClientUgi(user)
- .setIp(ProtobufRpcEngine.Server.getRemoteIp())
+ .setClientUgi(ugi)
+ .setIp(remoteAddress)
.setAclType(ACLIdentityType.USER)
.setAclRights(aclType)
.build();
if (!accessAuthorizer.checkAccess(obj, context)) {
LOG.warn("User {} doesn't have {} permission to access {}",
- user.getUserName(), aclType, resType);
- throw new OMException("User " + user.getUserName() + " doesn't " +
+ ugi.getUserName(), aclType, resType);
+ throw new OMException("User " + ugi.getUserName() + " doesn't " +
"have " + aclType + " permission to access " + resType,
ResultCodes.PERMISSION_DENIED);
}
---------------------------------------------------------------------
To unsubscribe, e-mail: common-commits-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-commits-help@hadoop.apache.org