adoroszlai commented on code in PR #6581:
URL: https://github.com/apache/ozone/pull/6581#discussion_r1577363794
##########
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/security/acl/IAccessAuthorizer.java:
##########
@@ -114,6 +121,14 @@ public static ACLType getACLRight(String type) {
}
+ public static BitSet getACLBitSet(byte[] acls) {
+ return BitSet.valueOf(acls);
+ }
+
+ public static String getACLString(byte[] acls) {
+ return getACLString(BitSet.valueOf(acls));
+ }
Review Comment:
I suggest moving these to `OzoneAcl` and making them private. This would
make it easier to completely get rid of `BitSet` in the future by reducing the
public interface.
##########
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/OzoneAcl.java:
##########
@@ -243,47 +262,60 @@ public String getName() {
@JsonIgnore
public boolean isEmpty() {
- return aclBitSet.isEmpty();
+ return aclBits == 0;
}
@VisibleForTesting
public boolean isSet(ACLType acl) {
- return aclBitSet.get(acl.ordinal());
+ return (aclBits & toInt(acl)) != 0;
}
public boolean checkAccess(ACLType acl) {
return (isSet(acl) || isSet(ALL)) && !isSet(NONE);
}
public OzoneAcl add(OzoneAcl other) {
- return apply(bits -> bits.or(other.aclBitSet));
+ return apply(bits -> bits | other.aclBits);
}
public OzoneAcl remove(OzoneAcl other) {
- return apply(bits -> bits.andNot(other.aclBitSet));
+ return apply(bits -> bits & ~other.aclBits);
}
- /** @return copy of this {@code OzoneAcl} after applying the given {@code
op},
- * or this instance if {@code op} makes no difference */
- private OzoneAcl apply(Consumer<BitSet> op) {
- final BitSet cloneBits = copyBitSet(aclBitSet);
- op.accept(cloneBits);
- return cloneBits.equals(aclBitSet)
+ private OzoneAcl apply(IntFunction<Integer> op) {
+ int applied = op.apply(aclBits);
+ return applied == aclBits
? this
- : new OzoneAcl(type, name, aclScope, cloneBits);
+ : new OzoneAcl(type, name, aclScope, applied);
}
@JsonIgnore
public byte[] getAclByteArray() {
- return aclBitSet.toByteArray();
+ // only first 9 bits are used currently
+ final byte first = (byte) aclBits;
+ final byte second = (byte) (aclBits >>> 8);
+ return second != 0 ? new byte[]{first, second} : new byte[]{first};
+ }
+
+ public List<String> getAclStringList() {
+ return getAclList(aclBits, ACLType::name);
Review Comment:
To fix [test
failure](https://github.com/apache/ozone/actions/runs/8808557708/job/24178180985?pr=6581#step:5:354):
```suggestion
@JsonIgnore
public List<String> getAclStringList() {
return getAclList(aclBits, ACLType::name);
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
