@Override public void refresh() { // Get the system property 'hadoop.policy.file' String policyFile = System.getProperty("hadoop.policy.file", HADOOP_POLICY_FILE); // Make a copy of the original config, and load the policy file Configuration policyConf = new Configuration(conf); policyConf.addResource(policyFile); Map<Principal, Set<Permission>> newPermissions = new HashMap<Principal, Set<Permission>>(); Set<Permission> newAllowPermissions = new HashSet<Permission>(); // Parse the config file Service[] services = policyProvider.getServices(); if (services != null) { for (Service service : services) { AccessControlList acl = new AccessControlList( policyConf.get(service.getServiceKey(), AccessControlList.WILDCARD_ACL_VALUE) ); if (acl.allAllowed()) { newAllowPermissions.add(service.getPermission()); if (LOG.isDebugEnabled()) { LOG.debug("Policy - " + service.getPermission() + " * "); } } else { for (String user : acl.getUsers()) { addPermission(newPermissions, new User(user), service.getPermission()); } for (String group : acl.getGroups()) { addPermission(newPermissions, new Group(group), service.getPermission()); } } } } // Flip to the newly parsed permissions allowedPermissions = newAllowPermissions; permissions = newPermissions; }
