@InterfaceAudience.Public @InterfaceStability.Evolving public class AccessControlList extends Object implements Writable
Modifier and Type | Field and Description |
---|---|
static String |
WILDCARD_ACL_VALUE |
Constructor and Description |
---|
AccessControlList()
This constructor exists primarily for AccessControlList to be Writable.
|
AccessControlList(String aclString)
Construct a new ACL from a String representation of the same.
|
AccessControlList(String users,
String groups)
Construct a new ACL from String representation of users and groups
The arguments are comma separated lists
|
Modifier and Type | Method and Description |
---|---|
void |
addGroup(String group)
Add group to the names of groups allowed for this service.
|
void |
addUser(String user)
Add user to the names of users allowed for this service.
|
String |
getAclString()
Returns the access control list as a String that can be used for building a
new instance by sending it to the constructor of
AccessControlList . |
Collection<String> |
getGroups()
Get the names of user groups allowed for this service.
|
Collection<String> |
getUsers()
Get the names of users allowed for this service.
|
boolean |
isAllAllowed() |
boolean |
isUserAllowed(org.apache.hadoop.security.UserGroupInformation ugi) |
boolean |
isUserInList(org.apache.hadoop.security.UserGroupInformation ugi)
Checks if a user represented by the provided
UserGroupInformation
is a member of the Access Control List |
void |
readFields(DataInput in)
Deserializes the AccessControlList object
|
void |
removeGroup(String group)
Remove group from the names of groups allowed for this service.
|
void |
removeUser(String user)
Remove user from the names of users allowed for this service.
|
String |
toString()
Returns descriptive way of users and groups that are part of this ACL.
|
void |
write(DataOutput out)
Serializes the AccessControlList object
|
public static final String WILDCARD_ACL_VALUE
public AccessControlList()
public AccessControlList(String aclString)
aclString
- String representation of the ACLpublic AccessControlList(String users, String groups)
users
- comma separated list of usersgroups
- comma separated list of groupspublic boolean isAllAllowed()
public void addUser(String user)
user
- The user namepublic void addGroup(String group)
group
- The group namepublic void removeUser(String user)
user
- The user namepublic void removeGroup(String group)
group
- The group namepublic Collection<String> getUsers()
public Collection<String> getGroups()
public final boolean isUserInList(org.apache.hadoop.security.UserGroupInformation ugi)
UserGroupInformation
is a member of the Access Control Listugi
- UserGroupInformation to check if contained in the ACLpublic boolean isUserAllowed(org.apache.hadoop.security.UserGroupInformation ugi)
public String toString()
getAclString()
to get the exact String that can be given to
the constructor of AccessControlList to create a new instance.public String getAclString()
AccessControlList
.public void write(DataOutput out) throws IOException
write
in interface Writable
out
- DataOuput
to serialize this object into.IOException
public void readFields(DataInput in) throws IOException
readFields
in interface Writable
in
- DataInput
to deseriablize this object from.IOException
Copyright © 2017 Apache Software Foundation. All rights reserved.