Example 1 with SECURITY_REFRESH_PERIOD
use of com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD in project presto by prestodb.
the class TestFileBasedSystemAccessControl method testRefreshing.
@Test
public void testRefreshing() throws Exception {
TransactionManager transactionManager = createTestTransactionManager();
AccessControlManager accessControlManager = new AccessControlManager(transactionManager);
File configFile = newTemporaryFile();
configFile.deleteOnExit();
copy(new File(getResourcePath("catalog.json")), configFile);
accessControlManager.setSystemAccessControl(FileBasedSystemAccessControl.NAME, ImmutableMap.of(SECURITY_CONFIG_FILE, configFile.getAbsolutePath(), SECURITY_REFRESH_PERIOD, "1ms"));
transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
});
copy(new File(getResourcePath("security-config-file-with-unknown-rules.json")), configFile);
sleep(2);
assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
})).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
// test if file based cached control was not cached somewhere
assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
})).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
copy(new File(getResourcePath("catalog.json")), configFile);
sleep(2);
transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(transactionId, alice, context, aliceView);
});
}
Also used :
SystemAccessControl(com.facebook.presto.spi.security.SystemAccessControl)
InterfaceTestUtils.assertAllMethodsOverridden(com.facebook.presto.spi.testing.InterfaceTestUtils.assertAllMethodsOverridden)
PrestoPrincipal(com.facebook.presto.spi.security.PrestoPrincipal)
Assert.assertEquals(org.testng.Assert.assertEquals)
Test(org.testng.annotations.Test)
SECURITY_CONFIG_FILE(com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE)
AccessDeniedException(com.facebook.presto.spi.security.AccessDeniedException)
SchemaTableName(com.facebook.presto.spi.SchemaTableName)
Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy)
Assert.assertThrows(org.testng.Assert.assertThrows)
Identity(com.facebook.presto.spi.security.Identity)
TransactionBuilder.transaction(com.facebook.presto.transaction.TransactionBuilder.transaction)
QualifiedObjectName(com.facebook.presto.common.QualifiedObjectName)
Thread.sleep(java.lang.Thread.sleep)
TransactionManager(com.facebook.presto.transaction.TransactionManager)
Files.newTemporaryFile(org.assertj.core.util.Files.newTemporaryFile)
SECURITY_REFRESH_PERIOD(com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD)
USER(com.facebook.presto.spi.security.PrincipalType.USER)
SELECT(com.facebook.presto.spi.security.Privilege.SELECT)
ImmutableSet(com.google.common.collect.ImmutableSet)
ImmutableMap(com.google.common.collect.ImmutableMap)
KerberosPrincipal(javax.security.auth.kerberos.KerberosPrincipal)
InMemoryTransactionManager.createTestTransactionManager(com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager)
AccessControlContext(com.facebook.presto.spi.security.AccessControlContext)
Set(java.util.Set)
File(java.io.File)
QueryId(com.facebook.presto.spi.QueryId)
Files.copy(com.google.common.io.Files.copy)
Optional(java.util.Optional)
CatalogSchemaName(com.facebook.presto.common.CatalogSchemaName)
TransactionManager(com.facebook.presto.transaction.TransactionManager)
InMemoryTransactionManager.createTestTransactionManager(com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager)
Files.newTemporaryFile(org.assertj.core.util.Files.newTemporaryFile)
File(java.io.File)
Test(org.testng.annotations.Test)
Aggregations
CatalogSchemaName (com.facebook.presto.common.CatalogSchemaName)1
QualifiedObjectName (com.facebook.presto.common.QualifiedObjectName)1
SECURITY_CONFIG_FILE (com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE)1
SECURITY_REFRESH_PERIOD (com.facebook.presto.plugin.base.security.FileBasedAccessControlConfig.SECURITY_REFRESH_PERIOD)1
QueryId (com.facebook.presto.spi.QueryId)1
SchemaTableName (com.facebook.presto.spi.SchemaTableName)1
AccessControlContext (com.facebook.presto.spi.security.AccessControlContext)1
AccessDeniedException (com.facebook.presto.spi.security.AccessDeniedException)1
Identity (com.facebook.presto.spi.security.Identity)1
PrestoPrincipal (com.facebook.presto.spi.security.PrestoPrincipal)1
USER (com.facebook.presto.spi.security.PrincipalType.USER)1
SELECT (com.facebook.presto.spi.security.Privilege.SELECT)1
SystemAccessControl (com.facebook.presto.spi.security.SystemAccessControl)1
InterfaceTestUtils.assertAllMethodsOverridden (com.facebook.presto.spi.testing.InterfaceTestUtils.assertAllMethodsOverridden)1
InMemoryTransactionManager.createTestTransactionManager (com.facebook.presto.transaction.InMemoryTransactionManager.createTestTransactionManager)1
TransactionBuilder.transaction (com.facebook.presto.transaction.TransactionBuilder.transaction)1
TransactionManager (com.facebook.presto.transaction.TransactionManager)1
ImmutableMap (com.google.common.collect.ImmutableMap)1
ImmutableSet (com.google.common.collect.ImmutableSet)1
Files.copy (com.google.common.io.Files.copy)1
