From 06d269ee0b5a9f6a4a15cba07ad60b5de1beb63a Mon Sep 17 00:00:00 2001
From: Nikita Geer <nikita.geer@pleeco.com>
Date: Thu, 24 Dec 2015 18:12:47 +0300
Subject: [PATCH] acl for zookeeper is added

---
 .../java/io/druid/curator/CuratorConfig.java  | 13 ++++++++++
 .../java/io/druid/curator/CuratorModule.java  | 25 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/server/src/main/java/io/druid/curator/CuratorConfig.java b/server/src/main/java/io/druid/curator/CuratorConfig.java
index 6e704d177b7c..97ba29054f62 100644
--- a/server/src/main/java/io/druid/curator/CuratorConfig.java
+++ b/server/src/main/java/io/druid/curator/CuratorConfig.java
@@ -36,6 +36,9 @@ public class CuratorConfig
 
   @JsonProperty("compress")
   private boolean enableCompression = true;
+  
+  @JsonProperty("acl")
+  private boolean enableAcl = false;
 
   public String getZkHosts()
   {
@@ -66,4 +69,14 @@ public void setEnableCompression(Boolean enableCompression)
   {
     this.enableCompression = enableCompression;
   }
+  
+  public Boolean getEnableAcl()
+  {
+    return enableAcl;
+  }
+
+  public void setEnableAcl(Boolean enableAcl)
+  {
+    this.enableAcl = enableAcl;
+  }
 }
diff --git a/server/src/main/java/io/druid/curator/CuratorModule.java b/server/src/main/java/io/druid/curator/CuratorModule.java
index 5ce1d8e71f39..2767da5f8458 100644
--- a/server/src/main/java/io/druid/curator/CuratorModule.java
+++ b/server/src/main/java/io/druid/curator/CuratorModule.java
@@ -24,14 +24,23 @@
 import com.google.inject.Provides;
 import com.metamx.common.lifecycle.Lifecycle;
 import com.metamx.common.logger.Logger;
+
 import io.druid.guice.JsonConfigProvider;
 import io.druid.guice.LazySingleton;
+
+import org.apache.curator.framework.api.ACLProvider;
 import org.apache.curator.framework.CuratorFramework;
 import org.apache.curator.framework.CuratorFrameworkFactory;
+import org.apache.curator.framework.imps.DefaultACLProvider;
 import org.apache.curator.retry.BoundedExponentialBackoffRetry;
 
 import java.io.IOException;
 
+import java.util.List;
+
+import org.apache.zookeeper.ZooDefs;
+import org.apache.zookeeper.data.ACL;
+
 /**
  */
 public class CuratorModule implements Module
@@ -55,6 +64,7 @@ public CuratorFramework makeCurator(CuratorConfig config, Lifecycle lifecycle) t
                                .sessionTimeoutMs(config.getZkSessionTimeoutMs())
             .retryPolicy(new BoundedExponentialBackoffRetry(1000, 45000, 30))
             .compressionProvider(new PotentiallyGzippedCompressionProvider(config.getEnableCompression()))
+            .aclProvider(config.getEnableAcl() ? new SecuredACLProvider() : new DefaultACLProvider())
             .build();
 
     lifecycle.addHandler(
@@ -78,4 +88,19 @@ public void stop()
 
     return framework;
   }
+  
+  class SecuredACLProvider implements ACLProvider 
+  {
+		@Override
+		public List<ACL> getDefaultAcl() 
+		{
+			return ZooDefs.Ids.CREATOR_ALL_ACL;
+		}
+
+		@Override
+		public List<ACL> getAclForPath(String path) 
+		{
+			return ZooDefs.Ids.CREATOR_ALL_ACL;
+		}
+	}
 }