Java 类org.apache.hadoop.yarn.api.records.QueueACL 实例源码

项目：hadoop 文件：ClientRMService.java

private String checkReservationACLs(String queueName, String auditConstant)
    throws YarnException {
  UserGroupInformation callerUGI;
  try {
    callerUGI = UserGroupInformation.getCurrentUser();
  } catch (IOException ie) {
    RMAuditLogger.logFailure("UNKNOWN", auditConstant, queueName,
        "ClientRMService", "Error getting UGI");
    throw RPCUtil.getRemoteException(ie);
  }
  // Check if user has access on the managed queue
  if (!queueACLsManager.checkAccess(callerUGI, QueueACL.SUBMIT_APPLICATIONS,
      queueName)) {
    RMAuditLogger.logFailure(
        callerUGI.getShortUserName(),
        auditConstant,
        "User doesn't have permissions to "
            + QueueACL.SUBMIT_APPLICATIONS.toString(), "ClientRMService",
        AuditConstants.UNAUTHORIZED_USER);
    throw RPCUtil.getRemoteException(new AccessControlException("User "
        + callerUGI.getShortUserName() + " cannot perform operation "
        + QueueACL.SUBMIT_APPLICATIONS.name() + " on queue" + queueName));
  }
  return callerUGI.getShortUserName();
}

项目：hadoop 文件：AllocationConfiguration.java

public AllocationConfiguration(Configuration conf) {
  minQueueResources = new HashMap<String, Resource>();
  maxQueueResources = new HashMap<String, Resource>();
  queueWeights = new HashMap<String, ResourceWeights>();
  queueMaxApps = new HashMap<String, Integer>();
  userMaxApps = new HashMap<String, Integer>();
  queueMaxAMShares = new HashMap<String, Float>();
  userMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxAMShareDefault = 0.5f;
  queueAcls = new HashMap<String, Map<QueueACL, AccessControlList>>();
  minSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionThresholds = new HashMap<String, Float>();
  schedulingPolicies = new HashMap<String, SchedulingPolicy>();
  defaultSchedulingPolicy = SchedulingPolicy.DEFAULT_POLICY;
  reservableQueues = new HashSet<>();
  configuredQueues = new HashMap<FSQueueType, Set<String>>();
  for (FSQueueType queueType : FSQueueType.values()) {
    configuredQueues.put(queueType, new HashSet<String>());
  }
  placementPolicy = QueuePlacementPolicy.fromConfiguration(conf,
      configuredQueues);
}

项目：hadoop 文件：LeafQueue.java

@Override
public synchronized List<QueueUserACLInfo> 
getQueueUserAclInfo(UserGroupInformation user) {
  QueueUserACLInfo userAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    }
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return Collections.singletonList(userAclInfo);
}

项目：hadoop 文件：TestLeafQueue.java

@Test
public void testInheritedQueueAcls() throws IOException {
  UserGroupInformation user = UserGroupInformation.getCurrentUser();

  LeafQueue a = stubLeafQueue((LeafQueue)queues.get(A));
  LeafQueue b = stubLeafQueue((LeafQueue)queues.get(B));
  ParentQueue c = (ParentQueue)queues.get(C);
  LeafQueue c1 = stubLeafQueue((LeafQueue)queues.get(C1));

  assertFalse(root.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(a.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(b.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c1.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));

  assertTrue(hasQueueACL(
        a.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertTrue(hasQueueACL(
        b.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c1.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));

}

项目：hadoop 文件：TestClientRMService.java

public ClientRMService createRMService() throws IOException {
  YarnScheduler yarnScheduler = mockYarnScheduler();
  RMContext rmContext = mock(RMContext.class);
  mockRMContext(yarnScheduler, rmContext);
  ConcurrentHashMap<ApplicationId, RMApp> apps = getRMApps(rmContext,
      yarnScheduler);
  when(rmContext.getRMApps()).thenReturn(apps);
  when(rmContext.getYarnConfiguration()).thenReturn(new Configuration());
  RMAppManager appManager = new RMAppManager(rmContext, yarnScheduler, null,
      mock(ApplicationACLsManager.class), new Configuration());
  when(rmContext.getDispatcher().getEventHandler()).thenReturn(
      new EventHandler<Event>() {
        public void handle(Event event) {
        }
      });

  ApplicationACLsManager mockAclsManager = mock(ApplicationACLsManager.class);
  QueueACLsManager mockQueueACLsManager = mock(QueueACLsManager.class);
  when(
      mockQueueACLsManager.checkAccess(any(UserGroupInformation.class),
          any(QueueACL.class), anyString())).thenReturn(true);
  return new ClientRMService(rmContext, yarnScheduler, appManager,
      mockAclsManager, mockQueueACLsManager, null);
}

项目：hadoop 文件：TypeConverter.java

public static QueueAclsInfo[] fromYarnQueueUserAclsInfo(
    List<QueueUserACLInfo> userAcls) {
  List<QueueAclsInfo> acls = new ArrayList<QueueAclsInfo>();
  for (QueueUserACLInfo aclInfo : userAcls) {
    List<String> operations = new ArrayList<String>();
    for (QueueACL qAcl : aclInfo.getUserAcls()) {
      operations.add(qAcl.toString());
    }

    QueueAclsInfo acl =
      new QueueAclsInfo(aclInfo.getQueueName(),
          operations.toArray(new String[operations.size()]));
    acls.add(acl);
  }
  return acls.toArray(new QueueAclsInfo[acls.size()]);
}

项目：aliyun-oss-hadoop-fs 文件：ClientRMService.java

private String checkReservationACLs(String queueName, String auditConstant)
    throws YarnException {
  UserGroupInformation callerUGI;
  try {
    callerUGI = UserGroupInformation.getCurrentUser();
  } catch (IOException ie) {
    RMAuditLogger.logFailure("UNKNOWN", auditConstant, queueName,
        "ClientRMService", "Error getting UGI");
    throw RPCUtil.getRemoteException(ie);
  }
  // Check if user has access on the managed queue
  if (!queueACLsManager.checkAccess(callerUGI, QueueACL.SUBMIT_APPLICATIONS,
      queueName)) {
    RMAuditLogger.logFailure(
        callerUGI.getShortUserName(),
        auditConstant,
        "User doesn't have permissions to "
            + QueueACL.SUBMIT_APPLICATIONS.toString(), "ClientRMService",
        AuditConstants.UNAUTHORIZED_USER);
    throw RPCUtil.getRemoteException(new AccessControlException("User "
        + callerUGI.getShortUserName() + " cannot perform operation "
        + QueueACL.SUBMIT_APPLICATIONS.name() + " on queue" + queueName));
  }
  return callerUGI.getShortUserName();
}

项目：aliyun-oss-hadoop-fs 文件：AllocationConfiguration.java

public AllocationConfiguration(Configuration conf) {
  minQueueResources = new HashMap<String, Resource>();
  maxQueueResources = new HashMap<String, Resource>();
  queueWeights = new HashMap<String, ResourceWeights>();
  queueMaxApps = new HashMap<String, Integer>();
  userMaxApps = new HashMap<String, Integer>();
  queueMaxAMShares = new HashMap<String, Float>();
  userMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxResourcesDefault = Resources.unbounded();
  queueMaxAMShareDefault = 0.5f;
  queueAcls = new HashMap<String, Map<QueueACL, AccessControlList>>();
  minSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionThresholds = new HashMap<String, Float>();
  schedulingPolicies = new HashMap<String, SchedulingPolicy>();
  defaultSchedulingPolicy = SchedulingPolicy.DEFAULT_POLICY;
  reservableQueues = new HashSet<>();
  configuredQueues = new HashMap<FSQueueType, Set<String>>();
  for (FSQueueType queueType : FSQueueType.values()) {
    configuredQueues.put(queueType, new HashSet<String>());
  }
  placementPolicy = QueuePlacementPolicy.fromConfiguration(conf,
      configuredQueues);
}

项目：big-c 文件：TypeConverter.java

public static QueueAclsInfo[] fromYarnQueueUserAclsInfo(
    List<QueueUserACLInfo> userAcls) {
  List<QueueAclsInfo> acls = new ArrayList<QueueAclsInfo>();
  for (QueueUserACLInfo aclInfo : userAcls) {
    List<String> operations = new ArrayList<String>();
    for (QueueACL qAcl : aclInfo.getUserAcls()) {
      operations.add(qAcl.toString());
    }

    QueueAclsInfo acl =
      new QueueAclsInfo(aclInfo.getQueueName(),
          operations.toArray(new String[operations.size()]));
    acls.add(acl);
  }
  return acls.toArray(new QueueAclsInfo[acls.size()]);
}

项目：aliyun-oss-hadoop-fs 文件：LeafQueue.java

@Override
public synchronized List<QueueUserACLInfo> 
getQueueUserAclInfo(UserGroupInformation user) {
  QueueUserACLInfo userAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    }
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return Collections.singletonList(userAclInfo);
}

项目：aliyun-oss-hadoop-fs 文件：TestReservations.java

private void setupQueueConfiguration(CapacitySchedulerConfiguration conf,
    final String newRoot) {

  // Define top-level queues
  conf.setQueues(CapacitySchedulerConfiguration.ROOT,
      new String[] { newRoot });
  conf.setMaximumCapacity(CapacitySchedulerConfiguration.ROOT, 100);
  conf.setAcl(CapacitySchedulerConfiguration.ROOT,
      QueueACL.SUBMIT_APPLICATIONS, " ");

  final String Q_newRoot = CapacitySchedulerConfiguration.ROOT + "."
      + newRoot;
  conf.setQueues(Q_newRoot, new String[] { A });
  conf.setCapacity(Q_newRoot, 100);
  conf.setMaximumCapacity(Q_newRoot, 100);
  conf.setAcl(Q_newRoot, QueueACL.SUBMIT_APPLICATIONS, " ");

  final String Q_A = Q_newRoot + "." + A;
  conf.setCapacity(Q_A, 100f);
  conf.setMaximumCapacity(Q_A, 100);
  conf.setAcl(Q_A, QueueACL.SUBMIT_APPLICATIONS, "*");

}

项目：big-c 文件：TestLeafQueue.java

@Test
public void testInheritedQueueAcls() throws IOException {
  UserGroupInformation user = UserGroupInformation.getCurrentUser();

  LeafQueue a = stubLeafQueue((LeafQueue)queues.get(A));
  LeafQueue b = stubLeafQueue((LeafQueue)queues.get(B));
  ParentQueue c = (ParentQueue)queues.get(C);
  LeafQueue c1 = stubLeafQueue((LeafQueue)queues.get(C1));

  assertFalse(root.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(a.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(b.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c1.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));

  assertTrue(hasQueueACL(
        a.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertTrue(hasQueueACL(
        b.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c1.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));

}

项目：aliyun-oss-hadoop-fs 文件：TestLeafQueue.java

@Test
public void testInheritedQueueAcls() throws IOException {
  UserGroupInformation user = UserGroupInformation.getCurrentUser();

  LeafQueue a = stubLeafQueue((LeafQueue)queues.get(A));
  LeafQueue b = stubLeafQueue((LeafQueue)queues.get(B));
  ParentQueue c = (ParentQueue)queues.get(C);
  LeafQueue c1 = stubLeafQueue((LeafQueue)queues.get(C1));

  assertFalse(root.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(a.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertTrue(b.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));
  assertFalse(c1.hasAccess(QueueACL.SUBMIT_APPLICATIONS, user));

  assertTrue(hasQueueACL(
        a.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertTrue(hasQueueACL(
        b.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));
  assertFalse(hasQueueACL(
        c1.getQueueUserAclInfo(user), QueueACL.SUBMIT_APPLICATIONS));

}

项目：aliyun-oss-hadoop-fs 文件：TestClientRMService.java

public ClientRMService createRMService() throws IOException {
  YarnScheduler yarnScheduler = mockYarnScheduler();
  RMContext rmContext = mock(RMContext.class);
  mockRMContext(yarnScheduler, rmContext);
  ConcurrentHashMap<ApplicationId, RMApp> apps = getRMApps(rmContext,
      yarnScheduler);
  when(rmContext.getRMApps()).thenReturn(apps);
  when(rmContext.getYarnConfiguration()).thenReturn(new Configuration());
  RMAppManager appManager = new RMAppManager(rmContext, yarnScheduler, null,
      mock(ApplicationACLsManager.class), new Configuration());
  when(rmContext.getDispatcher().getEventHandler()).thenReturn(
      new EventHandler<Event>() {
        public void handle(Event event) {
        }
      });

  ApplicationACLsManager mockAclsManager = mock(ApplicationACLsManager.class);
  QueueACLsManager mockQueueACLsManager = mock(QueueACLsManager.class);
  when(
      mockQueueACLsManager.checkAccess(any(UserGroupInformation.class),
          any(QueueACL.class), anyString())).thenReturn(true);
  return new ClientRMService(rmContext, yarnScheduler, appManager,
      mockAclsManager, mockQueueACLsManager, null);
}

项目：aliyun-oss-hadoop-fs 文件：TypeConverter.java

public static QueueAclsInfo[] fromYarnQueueUserAclsInfo(
    List<QueueUserACLInfo> userAcls) {
  List<QueueAclsInfo> acls = new ArrayList<QueueAclsInfo>();
  for (QueueUserACLInfo aclInfo : userAcls) {
    List<String> operations = new ArrayList<String>();
    for (QueueACL qAcl : aclInfo.getUserAcls()) {
      operations.add(qAcl.toString());
    }

    QueueAclsInfo acl =
      new QueueAclsInfo(aclInfo.getQueueName(),
          operations.toArray(new String[operations.size()]));
    acls.add(acl);
  }
  return acls.toArray(new QueueAclsInfo[acls.size()]);
}

项目：big-c 文件：TestClientRMService.java

public ClientRMService createRMService() throws IOException {
  YarnScheduler yarnScheduler = mockYarnScheduler();
  RMContext rmContext = mock(RMContext.class);
  mockRMContext(yarnScheduler, rmContext);
  ConcurrentHashMap<ApplicationId, RMApp> apps = getRMApps(rmContext,
      yarnScheduler);
  when(rmContext.getRMApps()).thenReturn(apps);
  when(rmContext.getYarnConfiguration()).thenReturn(new Configuration());
  RMAppManager appManager = new RMAppManager(rmContext, yarnScheduler, null,
      mock(ApplicationACLsManager.class), new Configuration());
  when(rmContext.getDispatcher().getEventHandler()).thenReturn(
      new EventHandler<Event>() {
        public void handle(Event event) {
        }
      });

  ApplicationACLsManager mockAclsManager = mock(ApplicationACLsManager.class);
  QueueACLsManager mockQueueACLsManager = mock(QueueACLsManager.class);
  when(
      mockQueueACLsManager.checkAccess(any(UserGroupInformation.class),
          any(QueueACL.class), anyString())).thenReturn(true);
  return new ClientRMService(rmContext, yarnScheduler, appManager,
      mockAclsManager, mockQueueACLsManager, null);
}

项目：big-c 文件：AllocationConfiguration.java

public AllocationConfiguration(Configuration conf) {
  minQueueResources = new HashMap<String, Resource>();
  maxQueueResources = new HashMap<String, Resource>();
  queueWeights = new HashMap<String, ResourceWeights>();
  queueMaxApps = new HashMap<String, Integer>();
  userMaxApps = new HashMap<String, Integer>();
  queueMaxAMShares = new HashMap<String, Float>();
  userMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxAppsDefault = Integer.MAX_VALUE;
  queueMaxAMShareDefault = 0.5f;
  queueAcls = new HashMap<String, Map<QueueACL, AccessControlList>>();
  minSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionTimeouts = new HashMap<String, Long>();
  fairSharePreemptionThresholds = new HashMap<String, Float>();
  schedulingPolicies = new HashMap<String, SchedulingPolicy>();
  defaultSchedulingPolicy = SchedulingPolicy.DEFAULT_POLICY;
  reservableQueues = new HashSet<>();
  configuredQueues = new HashMap<FSQueueType, Set<String>>();
  for (FSQueueType queueType : FSQueueType.values()) {
    configuredQueues.put(queueType, new HashSet<String>());
  }
  placementPolicy = QueuePlacementPolicy.fromConfiguration(conf,
      configuredQueues);
}

项目：big-c 文件：LeafQueue.java

@Override
public synchronized List<QueueUserACLInfo> 
getQueueUserAclInfo(UserGroupInformation user) {
  QueueUserACLInfo userAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    }
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return Collections.singletonList(userAclInfo);
}

项目：hadoop 文件：QueueUserACLInfoPBImpl.java

@Override
public void setUserAcls(List<QueueACL> userAclsList) {
  if (userAclsList == null) {
    builder.clearUserAcls();
  }
  this.userAclsList = userAclsList;
}

项目：hadoop 文件：QueueUserACLInfoPBImpl.java

private void initLocalQueueUserAclsList() {
  if (this.userAclsList != null) {
    return;
  }
  QueueUserACLInfoProtoOrBuilder p = viaProto ? proto : builder;
  List<QueueACLProto> list = p.getUserAclsList();
  userAclsList = new ArrayList<QueueACL>();

  for (QueueACLProto a : list) {
    userAclsList.add(convertFromProtoFormat(a));
  }
}

项目：hadoop 文件：QueueUserACLInfoPBImpl.java

private void addQueueACLsToProto() {
  maybeInitBuilder();
  builder.clearUserAcls();
  if (userAclsList == null)
    return;
  Iterable<QueueACLProto> iterable = new Iterable<QueueACLProto>() {
    @Override
    public Iterator<QueueACLProto> iterator() {
      return new Iterator<QueueACLProto>() {

        Iterator<QueueACL> iter = userAclsList.iterator();

        @Override
        public boolean hasNext() {
          return iter.hasNext();
        }

        @Override
        public QueueACLProto next() {
          return convertToProtoFormat(iter.next());
        }

        @Override
        public void remove() {
          throw new UnsupportedOperationException();

        }
      };

    }
  };
  builder.addAllUserAcls(iterable);
}

项目：hadoop 文件：QueueACLsManager.java

public boolean checkAccess(UserGroupInformation callerUGI,
    QueueACL acl, String queueName) {
  if (!isACLsEnable) {
    return true;
  }
  return scheduler.checkAccess(callerUGI, acl, queueName);
}

项目：hadoop 文件：RMWebServices.java

protected Boolean hasAccess(RMApp app, HttpServletRequest hsr) {
  // Check for the authorization.
  UserGroupInformation callerUGI = getCallerUserGroupInformation(hsr, true);
  if (callerUGI != null
      && !(this.rm.getApplicationACLsManager().checkAccess(callerUGI,
            ApplicationAccessType.VIEW_APP, app.getUser(),
            app.getApplicationId()) ||
          this.rm.getQueueACLsManager().checkAccess(callerUGI,
            QueueACL.ADMINISTER_QUEUE, app.getQueue()))) {
    return false;
  }
  return true;
}

项目：hadoop 文件：ClientRMService.java

/**
 * check if the calling user has the access to application information.
 * @param callerUGI
 * @param owner
 * @param operationPerformed
 * @param application
 * @return
 */
private boolean checkAccess(UserGroupInformation callerUGI, String owner,
    ApplicationAccessType operationPerformed,
    RMApp application) {
  return applicationsACLsManager.checkAccess(callerUGI, operationPerformed,
      owner, application.getApplicationId())
      || queueACLsManager.checkAccess(callerUGI, QueueACL.ADMINISTER_QUEUE,
          application.getQueue());
}

项目：hadoop 文件：FifoScheduler.java

public Map<QueueACL, AccessControlList> getQueueAcls() {
  Map<QueueACL, AccessControlList> acls =
    new HashMap<QueueACL, AccessControlList>();
  for (QueueACL acl : QueueACL.values()) {
    acls.put(acl, new AccessControlList("*"));
  }
  return acls;
}

项目：hadoop 文件：FifoScheduler.java

@Override
public List<QueueUserACLInfo> getQueueUserAclInfo(
    UserGroupInformation unused) {
  QueueUserACLInfo queueUserAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  queueUserAclInfo.setQueueName(DEFAULT_QUEUE_NAME);
  queueUserAclInfo.setUserAcls(Arrays.asList(QueueACL.values()));
  return Collections.singletonList(queueUserAclInfo);
}

项目：hadoop 文件：FSLeafQueue.java

@Override
public List<QueueUserACLInfo> getQueueUserAclInfo(UserGroupInformation user) {
  QueueUserACLInfo userAclInfo =
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    }
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return Collections.singletonList(userAclInfo);
}

项目：hadoop 文件：FairScheduler.java

@Override
public synchronized boolean checkAccess(UserGroupInformation callerUGI,
    QueueACL acl, String queueName) {
  FSQueue queue = getQueueManager().getQueue(queueName);
  if (queue == null) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("ACL not found for queue access-type " + acl
          + " for queue " + queueName);
    }
    return false;
  }
  return queue.hasAccess(acl, callerUGI);
}

项目：hadoop 文件：AllocationConfiguration.java

public AllocationConfiguration(Map<String, Resource> minQueueResources,
    Map<String, Resource> maxQueueResources,
    Map<String, Integer> queueMaxApps, Map<String, Integer> userMaxApps,
    Map<String, ResourceWeights> queueWeights,
    Map<String, Float> queueMaxAMShares, int userMaxAppsDefault,
    int queueMaxAppsDefault, float queueMaxAMShareDefault,
    Map<String, SchedulingPolicy> schedulingPolicies,
    SchedulingPolicy defaultSchedulingPolicy,
    Map<String, Long> minSharePreemptionTimeouts,
    Map<String, Long> fairSharePreemptionTimeouts,
    Map<String, Float> fairSharePreemptionThresholds,
    Map<String, Map<QueueACL, AccessControlList>> queueAcls,
    QueuePlacementPolicy placementPolicy,
    Map<FSQueueType, Set<String>> configuredQueues,
    ReservationQueueConfiguration globalReservationQueueConfig,
    Set<String> reservableQueues) {
  this.minQueueResources = minQueueResources;
  this.maxQueueResources = maxQueueResources;
  this.queueMaxApps = queueMaxApps;
  this.userMaxApps = userMaxApps;
  this.queueMaxAMShares = queueMaxAMShares;
  this.queueWeights = queueWeights;
  this.userMaxAppsDefault = userMaxAppsDefault;
  this.queueMaxAppsDefault = queueMaxAppsDefault;
  this.queueMaxAMShareDefault = queueMaxAMShareDefault;
  this.defaultSchedulingPolicy = defaultSchedulingPolicy;
  this.schedulingPolicies = schedulingPolicies;
  this.minSharePreemptionTimeouts = minSharePreemptionTimeouts;
  this.fairSharePreemptionTimeouts = fairSharePreemptionTimeouts;
  this.fairSharePreemptionThresholds = fairSharePreemptionThresholds;
  this.queueAcls = queueAcls;
  this.reservableQueues = reservableQueues;
  this.globalReservationQueueConfig = globalReservationQueueConfig;
  this.placementPolicy = placementPolicy;
  this.configuredQueues = configuredQueues;
}

项目：hadoop 文件：AllocationConfiguration.java

/**
 * Get the ACLs associated with this queue. If a given ACL is not explicitly
 * configured, include the default value for that ACL.  The default for the
 * root queue is everybody ("*") and the default for all other queues is
 * nobody ("")
 */
public AccessControlList getQueueAcl(String queue, QueueACL operation) {
  Map<QueueACL, AccessControlList> queueAcls = this.queueAcls.get(queue);
  if (queueAcls != null) {
    AccessControlList operationAcl = queueAcls.get(operation);
    if (operationAcl != null) {
      return operationAcl;
    }
  }
  return (queue.equals("root")) ? EVERYBODY_ACL : NOBODY_ACL;
}

项目：hadoop 文件：AllocationConfiguration.java

public boolean hasAccess(String queueName, QueueACL acl,
    UserGroupInformation user) {
  int lastPeriodIndex = queueName.length();
  while (lastPeriodIndex != -1) {
    String queue = queueName.substring(0, lastPeriodIndex);
    if (getQueueAcl(queue, acl).isUserAllowed(user)) {
      return true;
    }

    lastPeriodIndex = queueName.lastIndexOf('.', lastPeriodIndex - 1);
  }

  return false;
}

项目：hadoop 文件：FSParentQueue.java

private synchronized QueueUserACLInfo getUserAclInfo(
    UserGroupInformation user) {
  QueueUserACLInfo userAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    } 
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return userAclInfo;
}

项目：hadoop 文件：SchedulerUtils.java

public static AccessType toAccessType(QueueACL acl) {
  switch (acl) {
  case ADMINISTER_QUEUE:
    return AccessType.ADMINISTER_QUEUE;
  case SUBMIT_APPLICATIONS:
    return AccessType.SUBMIT_APP;
  }
  return null;
}

项目：hadoop 文件：ParentQueue.java

private synchronized QueueUserACLInfo getUserAclInfo(
    UserGroupInformation user) {
  QueueUserACLInfo userAclInfo = 
    recordFactory.newRecordInstance(QueueUserACLInfo.class);
  List<QueueACL> operations = new ArrayList<QueueACL>();
  for (QueueACL operation : QueueACL.values()) {
    if (hasAccess(operation, user)) {
      operations.add(operation);
    } 
  }

  userAclInfo.setQueueName(getQueueName());
  userAclInfo.setUserAcls(operations);
  return userAclInfo;
}

项目：hadoop 文件：CapacitySchedulerConfiguration.java

public AccessControlList getAcl(String queue, QueueACL acl) {
  String queuePrefix = getQueuePrefix(queue);
  // The root queue defaults to all access if not defined
  // Sub queues inherit access if not defined
  String defaultAcl = queue.equals(ROOT) ? ALL_ACL : NONE_ACL;
  String aclString = get(queuePrefix + getAclKey(acl), defaultAcl);
  return new AccessControlList(aclString);
}

项目：hadoop 文件：CapacitySchedulerConfiguration.java

public Map<AccessType, AccessControlList> getAcls(String queue) {
  Map<AccessType, AccessControlList> acls =
    new HashMap<AccessType, AccessControlList>();
  for (QueueACL acl : QueueACL.values()) {
    acls.put(SchedulerUtils.toAccessType(acl), getAcl(queue, acl));
  }
  return acls;
}

项目：hadoop 文件：CapacityScheduler.java

@Override
public synchronized boolean checkAccess(UserGroupInformation callerUGI,
    QueueACL acl, String queueName) {
  CSQueue queue = getQueue(queueName);
  if (queue == null) {
    if (LOG.isDebugEnabled()) {
      LOG.debug("ACL not found for queue access-type " + acl
          + " for queue " + queueName);
    }
    return false;
  }
  return queue.hasAccess(acl, callerUGI);
}

项目：hadoop 文件：TestReservations.java

private void setupQueueConfiguration(CapacitySchedulerConfiguration conf,
    final String newRoot, boolean addUserLimits) {

  // Define top-level queues
  conf.setQueues(CapacitySchedulerConfiguration.ROOT,
      new String[] { newRoot });
  conf.setMaximumCapacity(CapacitySchedulerConfiguration.ROOT, 100);
  conf.setAcl(CapacitySchedulerConfiguration.ROOT,
      QueueACL.SUBMIT_APPLICATIONS, " ");

  final String Q_newRoot = CapacitySchedulerConfiguration.ROOT + "."
      + newRoot;
  conf.setQueues(Q_newRoot, new String[] { A });
  conf.setCapacity(Q_newRoot, 100);
  conf.setMaximumCapacity(Q_newRoot, 100);
  conf.setAcl(Q_newRoot, QueueACL.SUBMIT_APPLICATIONS, " ");

  final String Q_A = Q_newRoot + "." + A;
  conf.setCapacity(Q_A, 100f);
  conf.setMaximumCapacity(Q_A, 100);
  conf.setAcl(Q_A, QueueACL.SUBMIT_APPLICATIONS, "*");

  if (addUserLimits) {
    conf.setUserLimit(Q_A, 25);
    conf.setUserLimitFactor(Q_A, 0.25f);
  }
}

项目：hadoop 文件：TestParentQueue.java

public boolean hasQueueACL(List<QueueUserACLInfo> aclInfos, QueueACL acl, String qName) {
  for (QueueUserACLInfo aclInfo : aclInfos) {
    if (aclInfo.getQueueName().equals(qName)) {
      if (aclInfo.getUserAcls().contains(acl)) {
        return true;
      }
    }
  }    
  return false;
}

项目：hadoop 文件：TestLeafQueue.java

public boolean hasQueueACL(List<QueueUserACLInfo> aclInfos, QueueACL acl) {
  for (QueueUserACLInfo aclInfo : aclInfos) {
    if (aclInfo.getUserAcls().contains(acl)) {
      return true;
    }
  }    
  return false;
}