Search in sources :

Example 1 with SECURITY_CONFIG_FILE

use of com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE in project presto by prestodb.

the class TestFileBasedSystemAccessControl method testRefreshing.

@Test
public void testRefreshing() throws Exception {
    TransactionManager transactionManager = createTestTransactionManager();
    AccessControlManager accessControlManager = new AccessControlManager(transactionManager);
    File configFile = newTemporaryFile();
    configFile.deleteOnExit();
    copy(new File(getResourcePath("catalog.json")), configFile);
    accessControlManager.setSystemAccessControl(FileBasedSystemAccessControl.NAME, ImmutableMap.of(SECURITY_CONFIG_FILE, configFile.getAbsolutePath(), SECURITY_REFRESH_PERIOD, "1ms"));
    transaction(transactionManager, accessControlManager).execute(transactionId -> {
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
    });
    copy(new File(getResourcePath("security-config-file-with-unknown-rules.json")), configFile);
    sleep(2);
    assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
    })).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
    // test if file based cached control was not cached somewhere
    assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
    })).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
    copy(new File(getResourcePath("catalog.json")), configFile);
    sleep(2);
    transaction(transactionManager, accessControlManager).execute(transactionId -> {
        accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
    });
}
Also used : SystemAccessControl(com.facebook.presto.spi.security.SystemAccessControl) InterfaceTestUtils.assertAllMethodsOverridden(com.facebook.presto.spi.testing.InterfaceTestUtils.assertAllMethodsOverridden) PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal) Assert.assertEquals(org.testng.Assert.assertEquals) Test(org.testng.annotations.Test) SECURITY_CONFIG_FILE(com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE) AccessDeniedException(com.facebook.presto.spi.security.AccessDeniedException) SchemaTableName(com.facebook.presto.spi.SchemaTableName) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Assert.assertThrows(org.testng.Assert.assertThrows) Identity(com.facebook.presto.spi.security.Identity) TransactionBuilder.transaction(com.facebook.presto.transaction.TransactionBuilder.transaction) QualifiedObjectName(com.facebook.presto.common.QualifiedObjectName) Thread.sleep(java.lang.Thread.sleep) TransactionManager(com.facebook.presto.transaction.TransactionManager) Files.newTemporaryFile(org.assertj.core.util.Files.newTemporaryFile) SECURITY_REFRESH_PERIOD(com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD) USER(com.facebook.presto.spi.security.PrincipalType.USER) SELECT(com.facebook.presto.spi.security.Privilege.SELECT) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal) InMemoryTransactionManager.createTestTransactionManager(com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager) AccessControlContext(com.facebook.presto.spi.security.AccessControlContext) Set(java.util.Set) File(java.io.File) QueryId(com.facebook.presto.spi.QueryId) Files.copy(com.google.common.io.Files.copy) Optional(java.util.Optional) CatalogSchemaName(com.facebook.presto.common.CatalogSchemaName) TransactionManager(com.facebook.presto.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager) Files.newTemporaryFile(org.assertj.core.util.Files.newTemporaryFile) File(java.io.File) Test(org.testng.annotations.Test)

Aggregations

CatalogSchemaName (com.facebook.presto.common.CatalogSchemaName)1 QualifiedObjectName (com.facebook.presto.common.QualifiedObjectName)1 SECURITY_CONFIG_FILE (com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE)1 SECURITY_REFRESH_PERIOD (com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD)1 QueryId (com.facebook.presto.spi.QueryId)1 SchemaTableName (com.facebook.presto.spi.SchemaTableName)1 AccessControlContext (com.facebook.presto.spi.security.AccessControlContext)1 AccessDeniedException (com.facebook.presto.spi.security.AccessDeniedException)1 Identity (com.facebook.presto.spi.security.Identity)1 PrestoPrincipal (com.facebook.presto.spi.security.PrestoPrincipal)1 USER (com.facebook.presto.spi.security.PrincipalType.USER)1 SELECT (com.facebook.presto.spi.security.Privilege.SELECT)1 SystemAccessControl (com.facebook.presto.spi.security.SystemAccessControl)1 InterfaceTestUtils.assertAllMethodsOverridden (com.facebook.presto.spi.testing.InterfaceTestUtils.assertAllMethodsOverridden)1 InMemoryTransactionManager.createTestTransactionManager (com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager)1 TransactionBuilder.transaction (com.facebook.presto.transaction.TransactionBuilder.transaction)1 TransactionManager (com.facebook.presto.transaction.TransactionManager)1 ImmutableMap (com.google.common.collect.ImmutableMap)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 Files.copy (com.google.common.io.Files.copy)1