You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@ozone.apache.org by GitBox <gi...@apache.org> on 2021/10/28 19:42:30 UTC
[GitHub] [ozone] bharatviswa504 commented on a change in pull request #2739: HDDS 5781. Enable ACLs and support for all s3 file operations.
bharatviswa504 commented on a change in pull request #2739:
URL: https://github.com/apache/ozone/pull/2739#discussion_r738701377
##########
File path: hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/OzoneManager.java
##########
@@ -4038,7 +4038,7 @@ public ResolvedBucket resolveBucketLink(Pair<String, String> requested)
if (isAclEnabled) {
InetAddress remoteIp = Server.getRemoteIp();
resolved = resolveBucketLink(requested, new HashSet<>(),
- Server.getRemoteUser(),
+ getRemoteUser(),
Review comment:
Not related to this PR, but i have a question which i want to understand.
In GrpcContext how the UserGroupInformation.getCurrentUser() is being populated here?
I see below code in OzoneManagerServiceGrpc, but not understood how getCurrentUser will be populated with S3 accesskey id?
```
try {
omResponse =
UserGroupInformation.getCurrentUser().doAs(
(PrivilegedExceptionAction<OMResponse>) () -> {
try {
return this.omTranslator.
submitRequest(NULL_RPC_CONTROLLER, request);
} catch (Throwable se) {
Throwable e = se.getCause();
if (e == null) {
throw new IOException(se);
} else {
throw e instanceof IOException ?
(IOException) e : new IOException(se);
}
}
});
}
```
##########
File path: hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java
##########
@@ -273,15 +278,16 @@ public UserGroupInformation createUGI() {
if (userGroupInformation != null) {
return userGroupInformation;
}
-
if (omRequest.hasUserInfo() &&
!StringUtils.isBlank(omRequest.getUserInfo().getUserName())) {
userGroupInformation = UserGroupInformation.createRemoteUser(
omRequest.getUserInfo().getUserName());
+ LOG.debug("creating UGI remote user for acl");
return userGroupInformation;
} else {
// This will never happen, as for every OM request preExecute, we
// should add userInfo.
+ LOG.debug("NO UGI for acl");
Review comment:
Minor NIT: No much useful from log. Same as above
##########
File path: hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/OMClientRequest.java
##########
@@ -273,15 +278,16 @@ public UserGroupInformation createUGI() {
if (userGroupInformation != null) {
return userGroupInformation;
}
-
if (omRequest.hasUserInfo() &&
!StringUtils.isBlank(omRequest.getUserInfo().getUserName())) {
userGroupInformation = UserGroupInformation.createRemoteUser(
omRequest.getUserInfo().getUserName());
+ LOG.debug("creating UGI remote user for acl");
Review comment:
Minor NIT: No much useful from log
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@ozone.apache.org
For additional commands, e-mail: issues-help@ozone.apache.org