HDFS-6785. Should not be able to create encryption zone using path to a non-directory file. (clamb)

git-svn-id: https://svn.apache.org/repos/asf/hadoop/common/branches/fs-encryption@1614755 13f79535-47bb-0310-9956-ffa450edef68

hadoop-hdfs-project/hadoop-hdfs/CHANGES-fs-encryption.txt

@@ -78,3 +78,6 @@ fs-encryption (Unreleased)
 
     HDFS-6733. Creating encryption zone results in NPE when
     KeyProvider is null. (clamb)
+
+    HDFS-6785. Should not be able to create encryption zone using path
+    to a non-directory file. (clamb)

hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/EncryptionZoneManager.java

@@ -213,6 +213,11 @@ public class EncryptionZoneManager {
     }
 
     final INodesInPath srcIIP = dir.getINodesInPath4Write(src, false);
+    if (srcIIP != null &&
+        srcIIP.getLastINode() != null &&
+        !srcIIP.getLastINode().isDirectory()) {
+      throw new IOException("Attempt to create an encryption zone for a file.");
+    }
     EncryptionZoneInt ezi = getEncryptionZoneForPath(srcIIP);
     if (ezi != null) {
       throw new IOException("Directory " + src + " is already in an " +

hadoop-hdfs-project/hadoop-hdfs/src/test/java/org/apache/hadoop/hdfs/TestEncryptionZones.java

@@ -227,6 +227,14 @@ public class TestEncryptionZones {
       assertExceptionContains("create an encryption zone", e);
     }
 
+    /* Test failure of create EZ on a file. */
+    try {
+      dfsAdmin.createEncryptionZone(notEmptyChild, TEST_KEY);
+      fail("Created EZ on a file");
+    } catch (IOException e) {
+      assertExceptionContains("create an encryption zone for a file.", e);
+    }
+
     /* Test failure of creating an EZ passing a key that doesn't exist. */
     final Path zone2 = new Path("/zone2");
     fsWrapper.mkdir(zone2, FsPermission.getDirDefault(), false);