Search in sources :

Example 1 with UserPrivileges

use of io.crate.user.UserPrivileges in project crate by crate.

the class UserPrivilegesTest method testMatchPrivilegeDenyResultsInNoMatch.

@Test
public void testMatchPrivilegeDenyResultsInNoMatch() throws Exception {
    Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"));
    UserPrivileges userPrivileges = new UserPrivileges(privileges);
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.CLUSTER, null), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.SCHEMA, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.TABLE, "doc.t1"), is(false));
}
Also used : Privilege(io.crate.user.Privilege) UserPrivileges(io.crate.user.UserPrivileges) Test(org.junit.Test)

Example 2 with UserPrivileges

use of io.crate.user.UserPrivileges in project crate by crate.

the class UserPrivilegesTest method testMatchPrivilegesEmpty.

@Test
public void testMatchPrivilegesEmpty() throws Exception {
    UserPrivileges userPrivileges = new UserPrivileges(Collections.emptyList());
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.CLUSTER, null, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.SCHEMA, "doc", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DDL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.CLUSTER, null), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.SCHEMA, "doc"), is(false));
    assertThat(userPrivileges.matchPrivilegeOfAnyType(Privilege.Clazz.TABLE, "doc.t1"), is(false));
}
Also used : UserPrivileges(io.crate.user.UserPrivileges) Test(org.junit.Test)

Example 3 with UserPrivileges

use of io.crate.user.UserPrivileges in project crate by crate.

the class UserPrivilegesTest method testMatchPrivilegeComplexSetIncludingDeny.

@Test
public void testMatchPrivilegeComplexSetIncludingDeny() throws Exception {
    Collection<Privilege> privileges = Set.of(new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.CLUSTER, null, "crate"), new Privilege(Privilege.State.DENY, Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "doc", "crate"), new Privilege(Privilege.State.GRANT, Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "crate"));
    UserPrivileges userPrivileges = new UserPrivileges(privileges);
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t1", "doc"), is(true));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.TABLE, "doc.t2", "doc"), is(false));
    assertThat(userPrivileges.matchPrivilege(Privilege.Type.DQL, Privilege.Clazz.SCHEMA, "my_schema", "doc"), is(true));
}
Also used : Privilege(io.crate.user.Privilege) UserPrivileges(io.crate.user.UserPrivileges) Test(org.junit.Test)

Aggregations

UserPrivileges (io.crate.user.UserPrivileges)3 Test (org.junit.Test)3 Privilege (io.crate.user.Privilege)2