I want to remove acl recursively in AzureData lake Gen1.
I can see the client APIs for Gen2.
But i can't find any client Apis for gen1.
Is it possible using python?
Below code is from Microsoft Official docs This is for DataLake Gen2
def remove_permission_recursively(is_default_scope):
try:
file_system_client = service_client.get_file_system_client(file_system="my-container")
directory_client = file_system_client.get_directory_client("my-parent-directory")
acl = 'user:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
if is_default_scope:
acl = 'default:user:xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx'
directory_client.remove_access_control_recursive(acl=acl)
except Exception as e:
print(e)
CodePudding user response:
We have Python SDK to perform filesystem operations on Azure Data Lake Storage Gen1.
Here we need to install below modules:
pip install azure-mgmt-resource
pip install azure-mgmt-datalake-store
pip install azure-datalake-store
We have Microsoft documentation on this to explain about how we can handle file system operations on Azure with DLS Gen1.
Also, we have below methods which will help us to deal with ACL:
remove_acl(self, path)
remove_acl_entries(self, path, acl_spec, recursive=False, number_of_sub_process=None)
remove_default_acl(self, path)
To use them in a recursive way we have a parameter of Boolean type where we can specify whether we can remove ACL’s recursively or not.
For more details about these methods, refer to GitHub azure-datalake-store-python documentation.
Below is the function for remove_acl_entries() in detail:
def remove_acl_entries(self, path, acl_spec, recursive=False, number_of_sub_process=None):
"""
Remove existing, named, Access Control List (ACL) entries on a file or folder.
If the entry does not exist already it is ignored.
Default entries cannot be removed this way, please use remove_default_acl for that.
Unnamed entries cannot be removed in this way, please use remove_acl for that.
Note: this is by default not recursive, and applies only to the file or folder specified.
Parameters
----------
path: str
Location to remove the ACL entries.
acl_spec: str
The ACL specification to remove from the ACL at the path in the format (note that the permission portion is missing)
'[default:]user|group|other:[entity id or UPN],[default:]user|group|other:[entity id or UPN],...'
recursive: bool
Specifies whether to remove ACLs recursively or not
"""
if recursive:
multi_processor_change_acl(adl=self, path=path, method_name="rem_acl", acl_spec=acl_spec,
number_of_sub_process=number_of_sub_process)
else:
self._acl_call('REMOVEACLENTRIES', path, acl_spec, invalidate_cache=True)