首頁 探索 說明
註冊 登入
liuzhangxing
/
hadoop
派生自 apache/hadoop
1
0
複刻 0
檔案
瀏覽代碼

HDFS-14915. Move Superuser Check Before Taking Lock For Encryption API. Contributed by Ayush Saxena.

Ayush Saxena 5 年之前
父節點
19f35cfd57
當前提交
6020505943
共有 1 個文件被更改,包括 3 次插入4 次删除
分割檢視 顯示文件統計
  1. 3 4
      hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java

+ 3 - 4
hadoop-hdfs-project/hadoop-hdfs/src/main/java/org/apache/hadoop/hdfs/server/namenode/FSNamesystem.java
查看文件 

@@ -7437,10 +7437,10 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
 
       Metadata metadata = FSDirEncryptionZoneOp.ensureKeyIsInitialized(dir,
 
           keyName, src);
 
       final FSPermissionChecker pc = getPermissionChecker();
 
+      checkSuperuserPrivilege(pc);
 
       checkOperation(OperationCategory.WRITE);
 
       writeLock();
 
       try {
 
-        checkSuperuserPrivilege(pc);
 
         checkOperation(OperationCategory.WRITE);
 
         checkNameNodeSafeMode("Cannot create encryption zone on " + src);
 
         resultingStat = FSDirEncryptionZoneOp.createEncryptionZone(dir, src,
 
@@ -7496,10 +7496,10 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
 
     boolean success = false;
 
     checkOperation(OperationCategory.READ);
 
     final FSPermissionChecker pc = getPermissionChecker();
 
+    checkSuperuserPrivilege(pc);
 
     readLock();
 
     try {
 
       checkOperation(OperationCategory.READ);
 
-      checkSuperuserPrivilege(pc);
 
       final BatchedListEntries<EncryptionZone> ret =
 
           FSDirEncryptionZoneOp.listEncryptionZones(dir, prevId);
 
       success = true;
 
@@ -7533,10 +7533,10 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
 
     boolean success = false;
 
     checkOperation(OperationCategory.READ);
 
     final FSPermissionChecker pc = getPermissionChecker();
 
+    checkSuperuserPrivilege(pc);
 
     readLock();
 
     try {
 
       checkOperation(OperationCategory.READ);
 
-      checkSuperuserPrivilege(pc);
 
       final BatchedListEntries<ZoneReencryptionStatus> ret =
 
           FSDirEncryptionZoneOp.listReencryptionStatus(dir, prevId);
 
       success = true;
 
@@ -7567,7 +7567,6 @@ public class FSNamesystem implements Namesystem, FSNamesystemMBean,
 
     }
 
     writeLock();
 
     try {
 
-      checkSuperuserPrivilege(pc);
 
       checkOperation(OperationCategory.WRITE);
 
       checkNameNodeSafeMode("NameNode in safemode, cannot " + action
 
           + " re-encryption on zone " + zone);