AclSelector (Drill : 1.20.3 API)

java.lang.Object
- org.apache.drill.exec.resourcemgr.config.selectors.AbstractResourcePoolSelector
- - org.apache.drill.exec.resourcemgr.config.selectors.AclSelector

All Implemented Interfaces:

ResourcePoolSelector
```
public class AclSelector
extends AbstractResourcePoolSelector
```
Evaluates if a query can be admitted to a ResourcePool or not by comparing query user/groups with the configured users/groups policies for this selector. AclSelector can be configured using both long-form syntax or short-form syntax as defined below:
- Long-Form Syntax: Allows to use identifiers to specify allowed and disallowed users/groups. For example: users: [alice:+, bob:-] means alice is allowed whereas bob is denied access to the pool
- Short-Form Syntax: Allows to specify lists of allowed users/groups only. For example: users: [alice, bob] means only alice and bob are allowed access to this pool
The selector also supports * as a wildcard for both long and short form syntax to allow/deny all users/groups. Example configuration is of form: selector: { acl: { users: [alice:+, bob:-], groups: [sales, marketing] } }

Nested Class Summary
- Nested classes/interfaces inherited from interface org.apache.drill.exec.resourcemgr.config.selectors.ResourcePoolSelector
  ResourcePoolSelector.SelectorType

Field Summary
- Fields inherited from class org.apache.drill.exec.resourcemgr.config.selectors.AbstractResourcePoolSelector
  SELECTOR_TYPE

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`checkQueryUserGroups(String queryUser, Set<String> queryGroups)`
`Set<String>`	`getAllowedGroups()`
`Set<String>`	`getAllowedUsers()`
`Set<String>`	`getDeniedGroups()`
`Set<String>`	`getDeniedUsers()`
`boolean`	`isQuerySelected(QueryContext queryContext)` Determines if a given query is selected by this ACL selector of a Resource Pool or not.
`String`	`toString()`

Methods inherited from class org.apache.drill.exec.resourcemgr.config.selectors.AbstractResourcePoolSelector
getSelectorType

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

- Method Detail
  - isQuerySelected
```
public boolean isQuerySelected(QueryContext queryContext)
```
    Determines if a given query is selected by this ACL selector of a Resource Pool or not. Following rules are followed to evaluate the selection. Assumption: There is an assumption made that if a user or group is configured in both +ve/-ve respective lists then it will be treated to be present in -ve list. Rules: 1) Check if query user is present in -ve users list, If yes then query is not selected else go to 2 2) Check if query user is present in +ve users list, If yes then query is selected else go to 3 3) Check if * is present in -ve users list, if yes then query is not selected else go to 4 4) Check if * is present in +ve users list, if yes then query is selected else go to 5 5) If here that means query user or * is absent in both +ve and -ve users list so check for groups of query user in step 6 6) Check if any of groups of query user is present in -ve groups list, If yes then query is not selected else go to 7 7) Check if any of groups of query user is present in +ve groups list, If yes then query selected else go to 8 8) Check if * is present in -ve groups list, If yes then query is not selected else go to 9 9) Check if * is present in +ve groups list, If yes then query is selected else go to 10 10) Query user and groups of it is neither present is +ve/-ve users list not +ve/-ve groups list hence the query is not selected
    
    Specified by:
    
    isQuerySelected in interface ResourcePoolSelector
    
    Specified by:
    
    isQuerySelected in class AbstractResourcePoolSelector
    
    Parameters:
    
    queryContext - QueryContext to get information about query user
    
    Returns:
    
    true if a query is selected by this selector, false otherwise
  - checkQueryUserGroups
```
public boolean checkQueryUserGroups(String queryUser,
                                    Set<String> queryGroups)
```
  - getAllowedUsers
```
public Set<String> getAllowedUsers()
```
  - getAllowedGroups
```
public Set<String> getAllowedGroups()
```
  - getDeniedUsers
```
public Set<String> getDeniedUsers()
```
  - getDeniedGroups
```
public Set<String> getDeniedGroups()
```
  - toString
```
public String toString()
```
    Overrides:
    
    toString in class AbstractResourcePoolSelector

Class AclSelector

Nested Class Summary

Nested classes/interfaces inherited from interface org.apache.drill.exec.resourcemgr.config.selectors.ResourcePoolSelector

Field Summary

Fields inherited from class org.apache.drill.exec.resourcemgr.config.selectors.AbstractResourcePoolSelector

Method Summary

Methods inherited from class org.apache.drill.exec.resourcemgr.config.selectors.AbstractResourcePoolSelector

Methods inherited from class java.lang.Object

Method Detail

isQuerySelected

checkQueryUserGroups

getAllowedUsers

getAllowedGroups

getDeniedUsers

getDeniedGroups

toString