Examples with Privilege co.cask.cdap.proto.security.Privilege used on opensource projects

Search in sources :

Example 21 with Privilege

use of co.cask.cdap.proto.security.Privilege in project cdap by caskdata.

the class AuthorizationTest method grantAndAssertSuccess.

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
    Authorizer authorizer = getAuthorizer();
    Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
    authorizer.grant(entityId, principal, actions);
    ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
    for (Action action : actions) {
        expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
    }
    Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()), authorizer.listPrivileges(principal));
}
Also used : Action(co.cask.cdap.proto.security.Action) ImmutableSet(com.google.common.collect.ImmutableSet) InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer) Authorizer(co.cask.cdap.security.spi.authorization.Authorizer) Privilege(co.cask.cdap.proto.security.Privilege)

Example 22 with Privilege

use of co.cask.cdap.proto.security.Privilege in project cdap by caskdata.

the class AuthorizationTest method cleanupTest.

@After
public void cleanupTest() throws Exception {
    Authorizer authorizer = getAuthorizer();
    grantAndAssertSuccess(AUTH_NAMESPACE, SecurityRequestContext.toPrincipal(), EnumSet.allOf(Action.class));
    // clean up. remove the namespace. all privileges on the namespace should be revoked
    getNamespaceAdmin().delete(AUTH_NAMESPACE);
    Assert.assertEquals(ImmutableSet.of(new Privilege(instance, Action.ADMIN)), authorizer.listPrivileges(ALICE));
    // revoke privileges on the instance
    revokeAndAssertSuccess(instance);
}
Also used : Action(co.cask.cdap.proto.security.Action) InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer) Authorizer(co.cask.cdap.security.spi.authorization.Authorizer) Privilege(co.cask.cdap.proto.security.Privilege) After(org.junit.After)

Example 23 with Privilege

use of co.cask.cdap.proto.security.Privilege in project cdap by caskdata.

the class AuthorizationTest method createAuthNamespace.

private void createAuthNamespace() throws Exception {
    Authorizer authorizer = getAuthorizer();
    grantAndAssertSuccess(instance, ALICE, ImmutableSet.of(Action.ADMIN));
    getNamespaceAdmin().create(AUTH_NAMESPACE_META);
    Assert.assertEquals(ImmutableSet.of(new Privilege(instance, Action.ADMIN), new Privilege(AUTH_NAMESPACE, Action.ADMIN), new Privilege(AUTH_NAMESPACE, Action.READ), new Privilege(AUTH_NAMESPACE, Action.WRITE), new Privilege(AUTH_NAMESPACE, Action.EXECUTE)), authorizer.listPrivileges(ALICE));
}
Also used : InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer) Authorizer(co.cask.cdap.security.spi.authorization.Authorizer) Privilege(co.cask.cdap.proto.security.Privilege)

Example 24 with Privilege

use of co.cask.cdap.proto.security.Privilege in project cdap by caskdata.

the class AuthorizationTest method assertNoAccess.

private void assertNoAccess(Principal principal, final EntityId entityId) throws Exception {
    Authorizer authorizer = getAuthorizer();
    Predicate<Privilege> entityFilter = new Predicate<Privilege>() {

        @Override
        public boolean apply(Privilege input) {
            return entityId.equals(input.getEntity());
        }
    };
    Assert.assertTrue(Sets.filter(authorizer.listPrivileges(principal), entityFilter).isEmpty());
}
Also used : InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer) Authorizer(co.cask.cdap.security.spi.authorization.Authorizer) Privilege(co.cask.cdap.proto.security.Privilege) Predicate(com.google.common.base.Predicate)

Aggregations

Privilege (co.cask.cdap.proto.security.Privilege)24 Action (co.cask.cdap.proto.security.Action)12 HashSet (java.util.HashSet)8 InMemoryAuthorizer (co.cask.cdap.security.authorization.InMemoryAuthorizer)7 Authorizer (co.cask.cdap.security.spi.authorization.Authorizer)7 Test (org.junit.Test)7 ImmutableSet (com.google.common.collect.ImmutableSet)5 Principal (co.cask.cdap.proto.security.Principal)4 Role (co.cask.cdap.proto.security.Role)3 UnauthorizedException (co.cask.cdap.security.spi.authorization.UnauthorizedException)3 NamespaceMeta (co.cask.cdap.proto.NamespaceMeta)2 NamespaceId (co.cask.cdap.proto.id.NamespaceId)2 Predicate (com.google.common.base.Predicate)2 ArtifactSummary (co.cask.cdap.api.artifact.ArtifactSummary)1 RowMaker (co.cask.cdap.cli.util.RowMaker)1 Table (co.cask.cdap.cli.util.table.Table)1 MethodArgument (co.cask.cdap.common.internal.remote.MethodArgument)1 NamespaceAdmin (co.cask.cdap.common.namespace.NamespaceAdmin)1 TopLevelDirectDataset (co.cask.cdap.data2.dataset2.customds.TopLevelDirectDataset)1 ByteCodeClassLoader (co.cask.cdap.internal.asm.ByteCodeClassLoader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial