Examples with AuthorizationEnforcementModule io.cdap.cdap.security.authorization.AuthorizationEnforcementModule used on opensource projects

Search in sources :

Example 36 with AuthorizationEnforcementModule

use of io.cdap.cdap.security.authorization.AuthorizationEnforcementModule in project cdap by cdapio.

the class MetricsSuiteTestBase method startMetricsService.

public static Injector startMetricsService(CConfiguration conf) throws Exception {
    Injector injector = Guice.createInjector(Modules.override(new ConfigModule(conf), RemoteAuthenticatorModules.getNoOpModule(), new NonCustomLocationUnitTestModule(), new InMemoryDiscoveryModule(), new MetricsHandlerModule(), new MetricsClientRuntimeModule().getInMemoryModules(), new DataFabricModules().getInMemoryModules(), new DataSetsModules().getStandaloneModules(), new DataSetServiceModules().getInMemoryModules(), new ExploreClientModule(), new NamespaceAdminTestModule(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule()).with(new AbstractModule() {

        @Override
        protected void configure() {
            bind(Store.class).to(DefaultStore.class);
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(NoOpOwnerAdmin.class);
            // TODO (CDAP-14677): find a better way to inject metadata publisher
            bind(MetadataServiceClient.class).to(NoOpMetadataServiceClient.class);
        }
    }));
    transactionManager = injector.getInstance(TransactionManager.class);
    transactionManager.startAndWait();
    StoreDefinition.createAllTables(injector.getInstance(StructuredTableAdmin.class));
    dsOpService = injector.getInstance(DatasetOpExecutorService.class);
    dsOpService.startAndWait();
    datasetService = injector.getInstance(DatasetService.class);
    datasetService.startAndWait();
    metrics = injector.getInstance(MetricsQueryService.class);
    metrics.startAndWait();
    collectionService = injector.getInstance(MetricsCollectionService.class);
    collectionService.startAndWait();
    // initialize the dataset instantiator
    DiscoveryServiceClient discoveryClient = injector.getInstance(DiscoveryServiceClient.class);
    EndpointStrategy metricsEndPoints = new RandomEndpointStrategy(() -> discoveryClient.discover(Constants.Service.METRICS));
    discoverable = metricsEndPoints.pick(1L, TimeUnit.SECONDS);
    Assert.assertNotNull("Could not discover metrics service", discoverable);
    return injector;
}
Also used : InMemoryDiscoveryModule(io.cdap.cdap.common.guice.InMemoryDiscoveryModule) DataSetServiceModules(io.cdap.cdap.data.runtime.DataSetServiceModules) DiscoveryServiceClient(org.apache.twill.discovery.DiscoveryServiceClient) NamespaceAdminTestModule(io.cdap.cdap.common.guice.NamespaceAdminTestModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) StructuredTableAdmin(io.cdap.cdap.spi.data.StructuredTableAdmin) UGIProvider(io.cdap.cdap.security.impersonation.UGIProvider) UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) MetricStore(io.cdap.cdap.api.metrics.MetricStore) Store(io.cdap.cdap.app.store.Store) DefaultStore(io.cdap.cdap.internal.app.store.DefaultStore) DatasetService(io.cdap.cdap.data2.datafabric.dataset.service.DatasetService) MetricsClientRuntimeModule(io.cdap.cdap.metrics.guice.MetricsClientRuntimeModule) RandomEndpointStrategy(io.cdap.cdap.common.discovery.RandomEndpointStrategy) EndpointStrategy(io.cdap.cdap.common.discovery.EndpointStrategy) Injector(com.google.inject.Injector) MetricsQueryService(io.cdap.cdap.metrics.query.MetricsQueryService) MetricsCollectionService(io.cdap.cdap.api.metrics.MetricsCollectionService) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) NoOpOwnerAdmin(io.cdap.cdap.security.impersonation.NoOpOwnerAdmin) OwnerAdmin(io.cdap.cdap.security.impersonation.OwnerAdmin) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) AbstractModule(com.google.inject.AbstractModule) MetadataServiceClient(io.cdap.cdap.data2.metadata.writer.MetadataServiceClient) NoOpMetadataServiceClient(io.cdap.cdap.data2.metadata.writer.NoOpMetadataServiceClient) MetricsHandlerModule(io.cdap.cdap.metrics.guice.MetricsHandlerModule) ExploreClientModule(io.cdap.cdap.explore.guice.ExploreClientModule) TransactionManager(org.apache.tephra.TransactionManager) DatasetOpExecutorService(io.cdap.cdap.data2.datafabric.dataset.service.executor.DatasetOpExecutorService) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) RandomEndpointStrategy(io.cdap.cdap.common.discovery.RandomEndpointStrategy)

Example 37 with AuthorizationEnforcementModule

use of io.cdap.cdap.security.authorization.AuthorizationEnforcementModule in project cdap by cdapio.

the class DistributedProgramContainerModule method getCoreModules.

private List<Module> getCoreModules() {
    Arguments systemArgs = programOpts.getArguments();
    ClusterMode clusterMode = systemArgs.hasOption(ProgramOptionConstants.CLUSTER_MODE) ? ClusterMode.valueOf(systemArgs.getOption(ProgramOptionConstants.CLUSTER_MODE)) : ClusterMode.ON_PREMISE;
    List<Module> modules = new ArrayList<>();
    modules.add(new ConfigModule(cConf, hConf));
    modules.add(new IOModule());
    modules.add(new DFSLocationModule());
    modules.add(new MetricsClientRuntimeModule().getDistributedModules());
    modules.add(new MessagingClientModule());
    modules.add(new AuditModule());
    modules.add(new AuthorizationEnforcementModule().getDistributedModules());
    modules.add(new SecureStoreClientModule());
    modules.add(new MetadataReaderWriterModules().getDistributedModules());
    modules.add(new NamespaceQueryAdminModule());
    modules.add(new DataSetsModules().getDistributedModules());
    modules.add(new AbstractModule() {

        @Override
        protected void configure() {
            bind(ProgramStateWriter.class).to(MessagingProgramStateWriter.class);
            bind(WorkflowStateWriter.class).to(MessagingWorkflowStateWriter.class);
            // don't need to perform any impersonation from within user programs
            bind(UGIProvider.class).to(CurrentUGIProvider.class).in(Scopes.SINGLETON);
            // Bind ProgramId to the passed in instance programId so that we can retrieve it back later when needed.
            // For example see ProgramDiscoveryExploreClient.
            // Also binding to instance is fine here as the programId is guaranteed to not change throughout the
            // lifecycle of this program runnable
            bind(ProgramId.class).toInstance(programRunId.getParent());
            bind(ProgramRunId.class).toInstance(programRunId);
            if (serviceAnnouncer != null) {
                bind(ServiceAnnouncer.class).toInstance(serviceAnnouncer);
            }
            bind(PreferencesFetcher.class).to(RemotePreferencesFetcherInternal.class).in(Scopes.SINGLETON);
        }
    });
    addDataFabricModules(modules);
    switch(clusterMode) {
        case ON_PREMISE:
            addOnPremiseModules(modules);
            break;
        case ISOLATED:
            addIsolatedModules(modules);
            break;
        default:
    }
    return modules;
}
Also used : IOModule(io.cdap.cdap.common.guice.IOModule) MessagingClientModule(io.cdap.cdap.messaging.guice.MessagingClientModule) NamespaceQueryAdminModule(io.cdap.cdap.common.namespace.guice.NamespaceQueryAdminModule) SecureStoreClientModule(io.cdap.cdap.security.guice.SecureStoreClientModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) UGIProvider(io.cdap.cdap.security.impersonation.UGIProvider) CurrentUGIProvider(io.cdap.cdap.security.impersonation.CurrentUGIProvider) Arguments(io.cdap.cdap.app.runtime.Arguments) SystemArguments(io.cdap.cdap.internal.app.runtime.SystemArguments) ArrayList(java.util.ArrayList) MetricsClientRuntimeModule(io.cdap.cdap.metrics.guice.MetricsClientRuntimeModule) MessagingProgramStateWriter(io.cdap.cdap.internal.app.program.MessagingProgramStateWriter) AbstractModule(com.google.inject.AbstractModule) MetadataReaderWriterModules(io.cdap.cdap.metadata.MetadataReaderWriterModules) DFSLocationModule(io.cdap.cdap.common.guice.DFSLocationModule) MessagingWorkflowStateWriter(io.cdap.cdap.internal.app.runtime.workflow.MessagingWorkflowStateWriter) PreferencesFetcher(io.cdap.cdap.metadata.PreferencesFetcher) AuditModule(io.cdap.cdap.data2.audit.AuditModule) Module(com.google.inject.Module) SecureStoreClientModule(io.cdap.cdap.security.guice.SecureStoreClientModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) NamespaceQueryAdminModule(io.cdap.cdap.common.namespace.guice.NamespaceQueryAdminModule) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) CoreSecurityModule(io.cdap.cdap.security.guice.CoreSecurityModule) DFSLocationModule(io.cdap.cdap.common.guice.DFSLocationModule) KafkaLogAppenderModule(io.cdap.cdap.logging.guice.KafkaLogAppenderModule) MessagingClientModule(io.cdap.cdap.messaging.guice.MessagingClientModule) RemoteLogAppenderModule(io.cdap.cdap.logging.guice.RemoteLogAppenderModule) CoreSecurityRuntimeModule(io.cdap.cdap.security.guice.CoreSecurityRuntimeModule) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) KafkaClientModule(io.cdap.cdap.common.guice.KafkaClientModule) ZKClientModule(io.cdap.cdap.common.guice.ZKClientModule) TMSLogAppenderModule(io.cdap.cdap.logging.guice.TMSLogAppenderModule) AuditModule(io.cdap.cdap.data2.audit.AuditModule) IOModule(io.cdap.cdap.common.guice.IOModule) ZKDiscoveryModule(io.cdap.cdap.common.guice.ZKDiscoveryModule) MetricsClientRuntimeModule(io.cdap.cdap.metrics.guice.MetricsClientRuntimeModule) AbstractModule(com.google.inject.AbstractModule) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule)

Example 38 with AuthorizationEnforcementModule

use of io.cdap.cdap.security.authorization.AuthorizationEnforcementModule in project cdap by cdapio.

the class HBaseMetricsTableTest method setup.

@BeforeClass
public static void setup() throws Exception {
    CConfiguration cConf = CConfiguration.create();
    cConf.set(Constants.CFG_HDFS_USER, System.getProperty("user.name"));
    Injector injector = Guice.createInjector(new DataFabricModules().getDistributedModules(), new ConfigModule(cConf, TEST_HBASE.getConfiguration()), new ZKClientModule(), new ZKDiscoveryModule(), new TransactionMetricsModule(), new DFSLocationModule(), new NamespaceAdminTestModule(), new SystemDatasetRuntimeModule().getDistributedModules(), new DataSetsModules().getInMemoryModules(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getNoOpModule(), new AbstractModule() {

        @Override
        protected void configure() {
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(DefaultOwnerAdmin.class);
        }
    });
    dsFramework = injector.getInstance(DatasetFramework.class);
    tableUtil = injector.getInstance(HBaseTableUtil.class);
    ddlExecutor = new HBaseDDLExecutorFactory(cConf, TEST_HBASE.getHBaseAdmin().getConfiguration()).get();
    ddlExecutor.createNamespaceIfNotExists(tableUtil.getHBaseNamespace(NamespaceId.SYSTEM));
}
Also used : UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) ZKDiscoveryModule(io.cdap.cdap.common.guice.ZKDiscoveryModule) NamespaceAdminTestModule(io.cdap.cdap.common.guice.NamespaceAdminTestModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) DefaultOwnerAdmin(io.cdap.cdap.security.impersonation.DefaultOwnerAdmin) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) HBaseTableUtil(io.cdap.cdap.data2.util.hbase.HBaseTableUtil) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) AbstractModule(com.google.inject.AbstractModule) DatasetFramework(io.cdap.cdap.data2.dataset2.DatasetFramework) ZKClientModule(io.cdap.cdap.common.guice.ZKClientModule) DFSLocationModule(io.cdap.cdap.common.guice.DFSLocationModule) Injector(com.google.inject.Injector) HBaseDDLExecutorFactory(io.cdap.cdap.data2.util.hbase.HBaseDDLExecutorFactory) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) BeforeClass(org.junit.BeforeClass)

Example 39 with AuthorizationEnforcementModule

use of io.cdap.cdap.security.authorization.AuthorizationEnforcementModule in project cdap by cdapio.

the class LevelDBMetricsTableTest method setup.

@BeforeClass
public static void setup() throws Exception {
    CConfiguration conf = CConfiguration.create();
    conf.set(Constants.CFG_LOCAL_DATA_DIR, tmpFolder.newFolder().getAbsolutePath());
    Injector injector = Guice.createInjector(new ConfigModule(conf), new NonCustomLocationUnitTestModule(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule(), new InMemoryDiscoveryModule(), new SystemDatasetRuntimeModule().getInMemoryModules(), new DataSetsModules().getInMemoryModules(), new DataFabricLevelDBModule(), new TransactionMetricsModule());
    dsFramework = injector.getInstance(DatasetFramework.class);
}
Also used : InMemoryDiscoveryModule(io.cdap.cdap.common.guice.InMemoryDiscoveryModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) CConfiguration(io.cdap.cdap.common.conf.CConfiguration) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) DataFabricLevelDBModule(io.cdap.cdap.data.runtime.DataFabricLevelDBModule) TransactionMetricsModule(io.cdap.cdap.data.runtime.TransactionMetricsModule) DatasetFramework(io.cdap.cdap.data2.dataset2.DatasetFramework) Injector(com.google.inject.Injector) SystemDatasetRuntimeModule(io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule) BeforeClass(org.junit.BeforeClass)

Example 40 with AuthorizationEnforcementModule

use of io.cdap.cdap.security.authorization.AuthorizationEnforcementModule in project cdap by cdapio.

the class BaseHiveExploreServiceTest method createInMemoryModules.

private static List<Module> createInMemoryModules(CConfiguration configuration, Configuration hConf, TemporaryFolder tmpFolder) throws IOException {
    configuration.set(Constants.CFG_DATA_INMEMORY_PERSISTENCE, Constants.InMemoryPersistenceType.MEMORY.name());
    configuration.set(Constants.CFG_LOCAL_DATA_DIR, tmpFolder.newFolder().getAbsolutePath());
    configuration.set(Constants.Explore.LOCAL_DATA_DIR, tmpFolder.newFolder("hive").getAbsolutePath());
    configuration.set(TxConstants.Manager.CFG_TX_SNAPSHOT_LOCAL_DIR, tmpFolder.newFolder("tx").getAbsolutePath());
    configuration.setBoolean(TxConstants.Manager.CFG_DO_PERSIST, true);
    return ImmutableList.of(new ConfigModule(configuration, hConf), RemoteAuthenticatorModules.getNoOpModule(), new IOModule(), new InMemoryDiscoveryModule(), new MessagingServerRuntimeModule().getInMemoryModules(), new NonCustomLocationUnitTestModule(), new DataSetsModules().getStandaloneModules(), new DataSetServiceModules().getInMemoryModules(), new MetricsClientRuntimeModule().getInMemoryModules(), new ExploreRuntimeModule().getInMemoryModules(), new ExploreClientModule(), new AuthorizationTestModule(), new AuthorizationEnforcementModule().getInMemoryModules(), new AuthenticationContextModules().getMasterModule(), new NamespaceAdminTestModule(), new AbstractModule() {

        @Override
        protected void configure() {
            bind(UGIProvider.class).to(UnsupportedUGIProvider.class);
            bind(OwnerAdmin.class).to(DefaultOwnerAdmin.class);
            bind(MetadataServiceClient.class).to(NoOpMetadataServiceClient.class);
            // Use LocalFileTransactionStateStorage, so that we can use transaction snapshots for assertions in test
            install(Modules.override(new DataFabricModules().getInMemoryModules()).with(new AbstractModule() {

                @Override
                protected void configure() {
                    bind(TransactionStateStorage.class).annotatedWith(Names.named("persist")).to(LocalFileTransactionStateStorage.class).in(Scopes.SINGLETON);
                    bind(TransactionStateStorage.class).toProvider(TransactionStateStorageProvider.class).in(Singleton.class);
                }
            }));
        }
    });
}
Also used : IOModule(io.cdap.cdap.common.guice.IOModule) InMemoryDiscoveryModule(io.cdap.cdap.common.guice.InMemoryDiscoveryModule) DataSetServiceModules(io.cdap.cdap.data.runtime.DataSetServiceModules) UnsupportedUGIProvider(io.cdap.cdap.security.impersonation.UnsupportedUGIProvider) NamespaceAdminTestModule(io.cdap.cdap.common.guice.NamespaceAdminTestModule) ConfigModule(io.cdap.cdap.common.guice.ConfigModule) AuthenticationContextModules(io.cdap.cdap.security.auth.context.AuthenticationContextModules) DataSetsModules(io.cdap.cdap.data.runtime.DataSetsModules) MessagingServerRuntimeModule(io.cdap.cdap.messaging.guice.MessagingServerRuntimeModule) ExploreRuntimeModule(io.cdap.cdap.explore.guice.ExploreRuntimeModule) NonCustomLocationUnitTestModule(io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule) MetricsClientRuntimeModule(io.cdap.cdap.metrics.guice.MetricsClientRuntimeModule) DefaultOwnerAdmin(io.cdap.cdap.security.impersonation.DefaultOwnerAdmin) AuthorizationTestModule(io.cdap.cdap.security.authorization.AuthorizationTestModule) AbstractModule(com.google.inject.AbstractModule) ExploreClientModule(io.cdap.cdap.explore.guice.ExploreClientModule) Singleton(com.google.inject.Singleton) NoOpMetadataServiceClient(io.cdap.cdap.data2.metadata.writer.NoOpMetadataServiceClient) LocalFileTransactionStateStorage(org.apache.tephra.persist.LocalFileTransactionStateStorage) TransactionStateStorage(org.apache.tephra.persist.TransactionStateStorage) DataFabricModules(io.cdap.cdap.data.runtime.DataFabricModules) AuthorizationEnforcementModule(io.cdap.cdap.security.authorization.AuthorizationEnforcementModule)

Aggregations

AuthorizationEnforcementModule (io.cdap.cdap.security.authorization.AuthorizationEnforcementModule)80 ConfigModule (io.cdap.cdap.common.guice.ConfigModule)76 AuthenticationContextModules (io.cdap.cdap.security.auth.context.AuthenticationContextModules)76 AbstractModule (com.google.inject.AbstractModule)66 AuthorizationTestModule (io.cdap.cdap.security.authorization.AuthorizationTestModule)64 DataSetsModules (io.cdap.cdap.data.runtime.DataSetsModules)62 NonCustomLocationUnitTestModule (io.cdap.cdap.common.guice.NonCustomLocationUnitTestModule)50 CConfiguration (io.cdap.cdap.common.conf.CConfiguration)48 BeforeClass (org.junit.BeforeClass)42 InMemoryDiscoveryModule (io.cdap.cdap.common.guice.InMemoryDiscoveryModule)40 SystemDatasetRuntimeModule (io.cdap.cdap.data.runtime.SystemDatasetRuntimeModule)40 UnsupportedUGIProvider (io.cdap.cdap.security.impersonation.UnsupportedUGIProvider)40 TransactionManager (org.apache.tephra.TransactionManager)40 DataFabricModules (io.cdap.cdap.data.runtime.DataFabricModules)36 NoOpMetricsCollectionService (io.cdap.cdap.common.metrics.NoOpMetricsCollectionService)34 DefaultOwnerAdmin (io.cdap.cdap.security.impersonation.DefaultOwnerAdmin)32 StructuredTableAdmin (io.cdap.cdap.spi.data.StructuredTableAdmin)32 MetricsCollectionService (io.cdap.cdap.api.metrics.MetricsCollectionService)30 Injector (com.google.inject.Injector)28 NamespaceAdminTestModule (io.cdap.cdap.common.guice.NamespaceAdminTestModule)28
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial