Examples with MapPermission com.hazelcast.security.permission.MapPermission used on opensource projects

Example 1 with MapPermission

use of com.hazelcast.security.permission.MapPermission in project hazelcast by hazelcast.

the class StreamEventJournalP method streamRemoteMapSupplier.

@SuppressWarnings("unchecked")
public static <K, V, T> ProcessorMetaSupplier streamRemoteMapSupplier(@Nonnull String mapName, @Nonnull String clientXml, @Nonnull PredicateEx<? super EventJournalMapEvent<K, V>> predicate, @Nonnull FunctionEx<? super EventJournalMapEvent<K, V>, ? extends T> projection, @Nonnull JournalInitialPosition initialPos, @Nonnull EventTimePolicy<? super T> eventTimePolicy) {
    checkSerializable(predicate, "predicate");
    checkSerializable(projection, "projection");
    return new ClusterMetaSupplier<>(clientXml, SecuredFunctions.mapEventJournalReaderFn(mapName), predicate, projection, initialPos, eventTimePolicy, () -> new MapPermission(mapName, ACTION_CREATE, ACTION_READ));
}

Example 2 with MapPermission

use of com.hazelcast.security.permission.MapPermission in project hazelcast by hazelcast.

the class SqlSecurityCallbackTest method check.

private void check(String sql, boolean useIndex) {
    // Execute twice to make sure that permission is checked when the plan is cached.
    for (int i = 0; i < 2; i++) {
        TestSqlSecurityContext securityContext = new TestSqlSecurityContext();
        try (SqlResult ignored = ((SqlServiceImpl) instance().getSql()).execute(new SqlStatement(sql), securityContext)) {
            // Check whether the index is used as expected.
            checkIndexUsage(sql, useIndex);
            // Check permissions.
            assertThat(securityContext.getPermissions()).contains(new MapPermission(mapName, ActionConstants.ACTION_READ));
        }
    }
}

Example 3 with MapPermission

use of com.hazelcast.security.permission.MapPermission in project hazelcast by hazelcast.

the class CalciteSqlOptimizer method extractPermissions.

private List<Permission> extractPermissions(PhysicalRel physicalRel) {
    List<Permission> permissions = new ArrayList<>();
    physicalRel.accept(new RelShuttleImpl() {

        @Override
        public RelNode visit(TableScan scan) {
            addPermissionForTable(scan.getTable(), ActionConstants.ACTION_READ);
            return super.visit(scan);
        }

        @Override
        public RelNode visit(RelNode other) {
            addPermissionForTable(other.getTable(), ActionConstants.ACTION_PUT);
            return super.visit(other);
        }

        private void addPermissionForTable(RelOptTable t, String action) {
            if (t == null) {
                return;
            }
            HazelcastTable table = t.unwrap(HazelcastTable.class);
            if (table != null && table.getTarget() instanceof AbstractMapTable) {
                String mapName = ((AbstractMapTable) table.getTarget()).getMapName();
                permissions.add(new MapPermission(mapName, action));
            }
        }
    });
    return permissions;
}

Example 4 with MapPermission

use of com.hazelcast.security.permission.MapPermission in project hazelcast by hazelcast.

the class StreamEventJournalP method streamMapSupplier.

@SuppressWarnings("unchecked")
public static <K, V, T> ProcessorMetaSupplier streamMapSupplier(@Nonnull String mapName, @Nonnull PredicateEx<? super EventJournalMapEvent<K, V>> predicate, @Nonnull FunctionEx<? super EventJournalMapEvent<K, V>, ? extends T> projection, @Nonnull JournalInitialPosition initialPos, @Nonnull EventTimePolicy<? super T> eventTimePolicy) {
    checkSerializable(predicate, "predicate");
    checkSerializable(projection, "projection");
    return new ClusterMetaSupplier<>(null, SecuredFunctions.mapEventJournalReaderFn(mapName), predicate, projection, initialPos, eventTimePolicy, () -> new MapPermission(mapName, ACTION_CREATE, ACTION_READ));
}