Examples with Privilege - io.crate.user.Privilege

Example 6 with Privilege

use of io.crate.user.Privilege in project crate by crate.

the class UserPrivilegesTest method testMatchPrivilegeDenyResultsInNoMatch.

@Test
public void testMatchPrivilegeDenyResultsInNoMatch() throws Exception {
    Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"));
    UserPrivileges userPrivileges = new UserPrivileges(privileges);
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.CLUSTER, null), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.SCHEMA, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.TABLE, "doc.t1"), is(false));
}

Also used : Privilege(io.crate.user.Privilege) UserPrivileges(io.crate.user.UserPrivileges) Test(org.junit.Test)

Example 7 with Privilege

use of io.crate.user.Privilege in project crate by crate.

the class UserPrivilegesTest method testMatchPrivilegeComplexSetIncludingDeny.

@Test
public void testMatchPrivilegeComplexSetIncludingDeny() throws Exception {
    Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"), new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "crate"), new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "crate"));
    UserPrivileges userPrivileges = new UserPrivileges(privileges);
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(true));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t2", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "my_schema", "doc"), is(true));
}

Also used : Privilege(io.crate.user.Privilege) UserPrivileges(io.crate.user.UserPrivileges) Test(org.junit.Test)

Example 8 with Privilege

use of io.crate.user.Privilege in project crate by crate.

the class PrivilegesMetadataUpgraderTest method testExistingUserWithPrivilegesDoesntGetMore.

@Test
public void testExistingUserWithPrivilegesDoesntGetMore() throws Exception {
    Map<String, Metadata.Custom> customMap = new HashMap<>(1);
    customMap.put(UsersMetadata.TYPE, new UsersMetadata(UserDefinitions.SINGLE_USER_ONLY));
    customMap.put(UsersPrivilegesMetadata.TYPE, new UsersPrivilegesMetadata(MapBuilder.<String, Set<Privilege>>newMapBuilder().put("Arthur", Set.of(new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"))).map()));
    Map<String, Metadata.Custom> oldCustomMap = new HashMap<>(customMap);
    Map<String, Metadata.Custom> newCustomMap = UPGRADER.apply(Settings.EMPTY, customMap);
    assertThat(newCustomMap, is(oldCustomMap));
}

Also used : Set(java.util.Set) HashMap(java.util.HashMap) Privilege(io.crate.user.Privilege) Test(org.junit.Test)

Example 9 with Privilege

use of io.crate.user.Privilege in project crate by crate.

the class PrivilegesAnalyzer method privilegeTypesToPrivileges.

private static Set<Privilege> privilegeTypesToPrivileges(Collection<Privilege.Type> privilegeTypes, User grantor, State state, List<String> idents, Privilege.Clazz clazz) {
    Set<Privilege> privileges = new HashSet<>(privilegeTypes.size());
    if (Privilege.Clazz.CLUSTER.equals(clazz)) {
        for (Privilege.Type privilegeType : privilegeTypes) {
            Privilege privilege = new Privilege(state, privilegeType, clazz, null, grantor.name());
            privileges.add(privilege);
        }
    } else {
        for (Privilege.Type privilegeType : privilegeTypes) {
            for (String ident : idents) {
                Privilege privilege = new Privilege(state, privilegeType, clazz, ident, grantor.name());
                privileges.add(privilege);
            }
        }
    }
    return privileges;
}

Also used : Privilege(io.crate.user.Privilege) GrantPrivilege(io.crate.sql.tree.GrantPrivilege) DenyPrivilege(io.crate.sql.tree.DenyPrivilege) RevokePrivilege(io.crate.sql.tree.RevokePrivilege) HashSet(java.util.HashSet)

Example 10 with Privilege

use of io.crate.user.Privilege in project crate by crate.

the class UsersPrivilegesMetadata method writeTo.

@Override
public void writeTo(StreamOutput out) throws IOException {
    out.writeVInt(usersPrivileges.size());
    for (Map.Entry<String, Set<Privilege>> entry : usersPrivileges.entrySet()) {
        out.writeString(entry.getKey());
        out.writeVInt(entry.getValue().size());
        for (Privilege privilege : entry.getValue()) {
            privilege.writeTo(out);
        }
    }
}

Also used : Set(java.util.Set) HashSet(java.util.HashSet) EnumSet(java.util.EnumSet) Privilege(io.crate.user.Privilege) HashMap(java.util.HashMap) Map(java.util.Map)

Aggregations

Privilege (io.crate.user.Privilege)12 HashMap (java.util.HashMap)5 HashSet (java.util.HashSet)5 Set (java.util.Set)5 PrivilegeIdent (io.crate.user.PrivilegeIdent)4 EnumSet (java.util.EnumSet)4 Map (java.util.Map)4 Test (org.junit.Test)3 UserPrivileges (io.crate.user.UserPrivileges)2 DenyPrivilege (io.crate.sql.tree.DenyPrivilege)1 GrantPrivilege (io.crate.sql.tree.GrantPrivilege)1 RevokePrivilege (io.crate.sql.tree.RevokePrivilege)1 State (io.crate.user.Privilege.State)1 Nullable (javax.annotation.Nullable)1 ElasticsearchParseException (org.elasticsearch.ElasticsearchParseException)1 XContentParser (org.elasticsearch.common.xcontent.XContentParser)1