use of io.crate.user.UserPrivileges in project crate by crate.
the class UserPrivilegesTest method testMatchPrivilegeDenyResultsInNoMatch.
@Test
public void testMatchPrivilegeDenyResultsInNoMatch() throws Exception {
Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"));
UserPrivileges userPrivileges = new UserPrivileges(privileges);
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "doc"), is(false));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "doc"), is(false));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.CLUSTER, null), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.SCHEMA, "doc"), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.TABLE, "doc.t1"), is(false));
}
use of io.crate.user.UserPrivileges in project crate by crate.
the class UserPrivilegesTest method testMatchPrivilegesEmpty.
@Test
public void testMatchPrivilegesEmpty() throws Exception {
UserPrivileges userPrivileges = new UserPrivileges(Collections.emptyList());
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.CLUSTER, null, "doc"), is(false));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.SCHEMA, "doc", "doc"), is(false));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.CLUSTER, null), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.SCHEMA, "doc"), is(false));
assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.TABLE, "doc.t1"), is(false));
}
use of io.crate.user.UserPrivileges in project crate by crate.
the class UserPrivilegesTest method testMatchPrivilegeComplexSetIncludingDeny.
@Test
public void testMatchPrivilegeComplexSetIncludingDeny() throws Exception {
Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"), new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "crate"), new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "crate"));
UserPrivileges userPrivileges = new UserPrivileges(privileges);
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(true));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t2", "doc"), is(false));
assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "my_schema", "doc"), is(true));
}
Aggregations