HDFS-7481. Add ACL indicator to the 'Permission Denied' exception. (Contributed by Vinayakumar B )

(cherry picked from commit d93f3b9815f90d24c838574a56013e6dc60dc5ad)

hadoop-hdfs-project/hadoop-hdfs/CHANGES.txt

@@ -301,6 +301,9 @@ Release 2.7.0 - UNRELEASED
     HDFS-7473. Document setting dfs.namenode.fs-limits.max-directory-items to 0
     is invalid. (Akira AJISAKA via cnauroth)
 
+    HDFS-7481. Add ACL indicator to the "Permission Denied" exception.
+    (vinayakumarb)
+
 Release 2.6.1 - UNRELEASED
 
   INCOMPATIBLE CHANGES

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSPermissionChecker.java

@@ -47,6 +47,12 @@ class FSPermissionChecker {
   /** @return a string for throwing {@link AccessControlException} */
   private String toAccessControlString(INode inode, int snapshotId,
       FsAction access, FsPermission mode) {
+    return toAccessControlString(inode, snapshotId, access, mode, false);
+  }
+
+  /** @return a string for throwing {@link AccessControlException} */
+  private String toAccessControlString(INode inode, int snapshotId, FsAction access,
+      FsPermission mode, boolean deniedFromAcl) {
     StringBuilder sb = new StringBuilder("Permission denied: ")
       .append("user=").append(user).append(", ")
       .append("access=").append(access).append(", ")
@@ -55,6 +61,9 @@ class FSPermissionChecker {
       .append(inode.getGroupName(snapshotId)).append(':')
       .append(inode.isDirectory() ? 'd' : '-')
       .append(mode);
+    if (deniedFromAcl) {
+      sb.append("+");
+    }
     return sb.toString();
   }
 
@@ -338,7 +347,7 @@ class FSPermissionChecker {
     }
 
     throw new AccessControlException(
-      toAccessControlString(inode, snapshotId, access, mode));
+      toAccessControlString(inode, snapshotId, access, mode, true));
   }
 
   /** Guarded by {@link FSNamesystem#readLock()} */