hadoop-hdfs-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Tanmoy (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (HDFS-14248) FileSystem object can take a parameter to expose all / selected methods
Date Mon, 04 Feb 2019 05:56:00 GMT

     [ https://issues.apache.org/jira/browse/HDFS-14248?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Tanmoy updated HDFS-14248:
--------------------------
    Description: 
Currently, the filesystem api in Hadoop exposes all actions (create, delete, append) to users.
There are situations where HDFS users (users of the FS api) should be allowed to only create/append
, but never delete. 

HDFS ACLS does not allow such feature at the filesystem layer. Idea is to block cli access
for developers. Improve the FileSystem class to take parameters while creating the object.
Modify the constructor for the FileSystem class , such that if userRole = "Dev" , all `delete`
and `mv` methods are disabled.

 

Link to the java file:

[https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java]

  was:
Currently, the filesystem api in Hadoop exposes all actions (create, delete, append) to users.
There are situations where HDFS users (users of the FS api) should be allowed to only create/append
, but never delete. 

HDFS ACLS does not allow such feature at the filesystem layer. Idea is to block cli access
for developers. Improve the FileSystem class to take parameters while creating the object.
If userRole = "Dev" , then don't expose delete methods for user.

 

Link to the java file:

https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java


> FileSystem object can take a parameter to expose all / selected methods
> -----------------------------------------------------------------------
>
>                 Key: HDFS-14248
>                 URL: https://issues.apache.org/jira/browse/HDFS-14248
>             Project: Hadoop HDFS
>          Issue Type: Improvement
>            Reporter: Tanmoy
>            Priority: Major
>
> Currently, the filesystem api in Hadoop exposes all actions (create, delete, append)
to users. There are situations where HDFS users (users of the FS api) should be allowed to
only create/append , but never delete. 
> HDFS ACLS does not allow such feature at the filesystem layer. Idea is to block cli access
for developers. Improve the FileSystem class to take parameters while creating the object.
Modify the constructor for the FileSystem class , such that if userRole = "Dev" , all `delete`
and `mv` methods are disabled.
>  
> Link to the java file:
> [https://github.com/apache/hadoop/blob/trunk/hadoop-common-project/hadoop-common/src/main/java/org/apache/hadoop/fs/FileSystem.java]



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: hdfs-issues-unsubscribe@hadoop.apache.org
For additional commands, e-mail: hdfs-issues-help@hadoop.apache.org


Mime
View raw message