Package org.apache.storm.blobstore
Class BlobStoreAclHandler
java.lang.Object
org.apache.storm.blobstore.BlobStoreAclHandler
Provides common handling of acls for Blobstores. Also contains some static utility functions related to Blobstores.
- 
Field SummaryFieldsModifier and TypeFieldDescriptionstatic final intstatic final List<AccessControl>static final org.slf4j.Loggerstatic final intstatic final List<AccessControl>static final int
- 
Constructor SummaryConstructors
- 
Method SummaryModifier and TypeMethodDescriptionstatic StringbooleancheckForValidUsers(Subject who, int mask) voidhasAnyPermissions(List<AccessControl> acl, int mask, Subject who, String key) Validates if the user has any of the permissions mentioned in the mask.voidhasPermissions(List<AccessControl> acl, int mask, Subject who, String key) Validates if the user has at least the set of permissions mentioned in the mask.voidnormalizeSettableBlobMeta(String key, SettableBlobMeta meta, Subject who, int opMask) static AccessControlparseAccessControl(String str) static voidvalidateSettableACLs(String key, List<AccessControl> acls) voidvalidateUserCanReadMeta(List<AccessControl> acl, Subject who, String key) The user should be able to see the metadata if and only if they have any of READ, WRITE, or ADMIN.
- 
Field Details- 
LOGpublic static final org.slf4j.Logger LOG
- 
READpublic static final int READ- See Also:
 
- 
WRITEpublic static final int WRITE- See Also:
 
- 
ADMINpublic static final int ADMIN- See Also:
 
- 
WORLD_EVERYTHING
- 
DEFAULT
 
- 
- 
Constructor Details- 
BlobStoreAclHandler
 
- 
- 
Method Details- 
parseAccessControl
- 
accessControlToString
- 
validateSettableACLspublic static void validateSettableACLs(String key, List<AccessControl> acls) throws AuthorizationException - Throws:
- AuthorizationException
 
- 
checkForValidUsers
- 
validateUserCanReadMetapublic void validateUserCanReadMeta(List<AccessControl> acl, Subject who, String key) throws AuthorizationException The user should be able to see the metadata if and only if they have any of READ, WRITE, or ADMIN.- Throws:
- AuthorizationException
 
- 
hasAnyPermissionspublic void hasAnyPermissions(List<AccessControl> acl, int mask, Subject who, String key) throws AuthorizationException Validates if the user has any of the permissions mentioned in the mask.- Parameters:
- acl- ACL for the key.
- mask- mask holds the cumulative value of READ = 1, WRITE = 2 or ADMIN = 4 permissions. mask = 1 implies READ privilege. mask = 5 implies READ and ADMIN privileges.
- who- Is the user against whom the permissions are validated for a key using the ACL and the mask.
- key- Key used to identify the blob.
- Throws:
- AuthorizationException
 
- 
hasPermissionspublic void hasPermissions(List<AccessControl> acl, int mask, Subject who, String key) throws AuthorizationException Validates if the user has at least the set of permissions mentioned in the mask.- Parameters:
- acl- ACL for the key.
- mask- mask holds the cumulative value of READ = 1, WRITE = 2 or ADMIN = 4 permissions. mask = 1 implies READ privilege. mask = 5 implies READ and ADMIN privileges.
- who- Is the user against whom the permissions are validated for a key using the ACL and the mask.
- key- Key used to identify the blob.
- Throws:
- AuthorizationException
 
- 
normalizeSettableBlobMeta
 
-