-
I found that some inherited ACLs are not as expected. see: https://issues.apache.org/jira/browse/HDDS-8653
There are two issues to discuss:
// org.apache.hadoop.ozone.om.helpers.OzoneAclUtil#inheritDefaultAcls
public static boolean inheritDefaultAcls(List<OzoneAcl> acls,
List<OzoneAcl> parentAcls) {
List<OzoneAcl> inheritedAcls = null;
if (parentAcls != null && !parentAcls.isEmpty()) {
inheritedAcls = parentAcls.stream()
.filter(a -> a.getAclScope() == DEFAULT)
.map(acl -> new OzoneAcl(acl.getType(), acl.getName(),
acl.getAclBitSet(), ACCESS))
.collect(Collectors.toList());
}
if (inheritedAcls != null && !inheritedAcls.isEmpty()) {
inheritedAcls.stream().forEach(acl -> addAcl(acls, acl));
return true;
}
return false;
} |
Beta Was this translation helpful? Give feedback.
Answered by
ChenSammi
Jun 1, 2023
Replies: 1 comment 2 replies
-
IMO, for different bucket type, it can be different,
|
Beta Was this translation helpful? Give feedback.
2 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
@whbing, there is no direct way to tell if a key is a directory or not in legacy bucket, so I'm not sure whether it is easy to implement it for legacy bucket with all cases covered. But if you believe it's not that complex, then it's good if we can support sub-dir DEFAULT in legacy bucket too.