HDDS-13999. Complete ignore the ACL sent by client during object crea…

[ChenSammi]

…tion

What changes were proposed in this pull request?

Provide a one-liner summary of the changes in the PR Title field above.
It should be in the form of HDDS-1234. Short summary of the change.

Please describe your PR in detail:

• What changes are proposed in the PR? and Why? It would be better if it is written from third person's
  perspective not just for the reviewer.
• Provide as much context and rationale for the pull request as possible. It could be copy-paste from
  the Jira's description if the jira is well defined.
• If it is complex code, describe the approach used to solve the issue. If possible attach design doc,
  issue investigation, github discussion, etc.

Examples of well-written pull requests:

• #3980
• #5265
• #4701
• #5283
• #5300

What is the link to the Apache JIRA

Please create an issue in ASF JIRA before opening a pull request, and you need to set the title of the pull
request which starts with the corresponding JIRA issue number. (e.g. HDDS-XXXX. Fix a typo in YYY.)

(Please replace this section with the link to the Apache JIRA)

How was this patch tested?

(Please explain how this patch was tested. Ex: unit tests, manual tests, workflow run on the fork git repo.)
(If this patch involves UI changes, please attach a screenshot; otherwise, remove this.)

[gemini-code-assist]

Summary of Changes

Hello @ChenSammi, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request introduces a new configuration option in Ozone Manager that allows administrators to control whether client-provided Access Control Lists (ACLs) are honored during the creation of storage objects like volumes, buckets, and keys. By default, client ACLs are considered, but with this new setting, they can be optionally ignored, ensuring that only server-side default ACLs are applied. This enhances security and policy enforcement by giving administrators more granular control over object access permissions. The changes involve updating core object creation request handlers and adding extensive test cases to verify the correct behavior of this new security control.

Highlights

• New Configuration for Client ACLs: Introduced a new boolean configuration object.creation.ignore.client.acls in OmConfig.java. When set to true, this configuration allows Ozone Manager to disregard ACLs provided by clients during object creation.
• ACL Enforcement Logic Update: Modified the ACL application logic across OMBucketCreateRequest, OMKeyRequest, and OMVolumeCreateRequest to check the new ignoreClientACLs configuration. If enabled, client-specified ACLs will not be added to the object.
• Comprehensive Test Coverage: Added new parameterized tests to TestOMBucketCreateRequest, TestOMDirectoryCreateRequest, TestOMDirectoryCreateRequestWithFSO, TestOMFileCreateRequest, TestOMKeyCreateRequest, and TestOMVolumeCreateRequest to validate the behavior of the ignoreClientACLs setting for various object creation scenarios.
• Test Helper Method Enhancements: Updated several test helper methods, such as createDirectoryRequest, createFileRequest, and createVolumeRequest, to include parameters for specifying ACLs, facilitating thorough testing of the new functionality.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces a new configuration, object.creation.ignore.client.acls, to allow Ozone Manager to ignore ACLs provided by clients during the creation of volumes, buckets, and keys. This is a valuable feature for environments where ACLs need to be managed centrally. The implementation is straightforward, adding the configuration to OmConfig and applying it in the respective request handlers. The changes are well-supported by a comprehensive set of parameterized tests that validate the behavior for both states of the new configuration. My review includes a couple of suggestions to improve the code's correctness when checking for the presence of ACLs in protobuf messages.

[gemini-code-assist]

The check keyArgs.getAclsList() != null is redundant. For a repeated field in a protobuf message, the corresponding getter method (getAclsList() in this case) never returns null; it returns an empty list if the field is not set. It is more idiomatic and correct to check if the list is not empty using !keyArgs.getAclsList().isEmpty().

Suggested change

	if (keyArgs.getAclsList() != null && !config.ignoreClientACLs()) {
	acls.addAll(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList()));
	}
	if (!keyArgs.getAclsList().isEmpty() && !config.ignoreClientACLs()) {
	acls.addAll(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList()));
	}

[gemini-code-assist]

Similar to the previous comment, the check keyArgs.getAclsList() != null is redundant because getAclsList() for a repeated protobuf field never returns null. Please check if the list is not empty instead for correctness and consistency.

Suggested change

	if (keyArgs.getAclsList() != null && !config.ignoreClientACLs()) {
	acls.addAll(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList()));
	}
	if (!keyArgs.getAclsList().isEmpty() && !config.ignoreClientACLs()) {
	acls.addAll(OzoneAclUtil.fromProtobuf(keyArgs.getAclsList()));
	}

[Copilot]

Pull request overview

This pull request implements functionality to ignore client-provided ACLs during object creation in Ozone Manager. The feature adds a new configuration option ozone.om.object.creation.ignore.client.acls that when enabled, ensures only default ACLs are applied to newly created volumes, buckets, keys, and directories, ignoring any ACLs sent by the client.

Key changes:

• Added a new boolean configuration property object.creation.ignore.client.acls (defaults to false for backward compatibility)
• Modified ACL handling logic in volume, bucket, key, and directory creation requests to conditionally exclude client ACLs based on the configuration
• Added comprehensive parameterized tests for all object types to verify the feature works correctly in both modes

Reviewed changes

Copilot reviewed 11 out of 11 changed files in this pull request and generated 1 comment.

Show a summary per file

File	Description
hadoop-ozone/common/src/main/java/org/apache/hadoop/ozone/om/OmConfig.java	Added new configuration property ignoreClientACLs with getter/setter methods
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/volume/OMVolumeCreateRequest.java	Modified volume creation to check configuration before adding client ACLs
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/bucket/OMBucketCreateRequest.java	Modified bucket creation to check configuration before adding client ACLs
hadoop-ozone/ozone-manager/src/main/java/org/apache/hadoop/ozone/om/request/key/OMKeyRequest.java	Modified key and directory ACL handling methods to check configuration before adding client ACLs
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/volume/TestOMVolumeRequest.java	Updated helper method signature to accept ACL parameter for more flexible testing
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/volume/TestOMVolumeCreateRequest.java	Added parameterized test for volume creation ACL ignoring and updated existing test calls
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/bucket/TestOMBucketCreateRequest.java	Added parameterized test for bucket creation ACL ignoring
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/key/TestOMKeyCreateRequest.java	Added parameterized test for key creation ACL ignoring
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/file/TestOMFileCreateRequest.java	Added parameterized test for file creation ACL ignoring and enhanced helper method to accept ACLs
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/file/TestOMDirectoryCreateRequest.java	Added parameterized test for directory creation ACL ignoring and enhanced helper method to accept ACLs
hadoop-ozone/ozone-manager/src/test/java/org/apache/hadoop/ozone/om/request/file/TestOMDirectoryCreateRequestWithFSO.java	Added parameterized test for directory creation ACL ignoring (FSO layout) and enhanced helper method to accept ACLs

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review for a chance to win a $100 gift card. Take the survey.

[Copilot]

[nitpick] The description should use "client-sent" or "client-provided" instead of "native" for clarity. The term "native ACLs" is ambiguous and could be confusing. Consider: "Ignore ACLs sent by client to OzoneManager during volume/bucket/key creation."

Suggested change

	description = "Ignore native ACLs sent by client to OzoneManager during volume/bucket/key creation."
	description = "Ignore ACLs sent by client to OzoneManager during volume/bucket/key creation."

[github-actions]

This PR has been marked as stale due to 21 days of inactivity. Please comment or remove the stale label to keep it open. Otherwise, it will be automatically closed in 7 days.

[github-actions]

Thank you for your contribution. This PR is being closed due to inactivity. If needed, feel free to reopen it.