use of io.prestosql.spi.security.SystemAccessControl in project hetu-core by openlookeng.
the class TestAccessControlManager method testColumnMaskOrdering.
@Test
public void testColumnMaskOrdering() {
CatalogManager catalogManager = new CatalogManager();
TransactionManager transactionManager = createTestTransactionManager(catalogManager);
AccessControlManager accessControlManager = new AccessControlManager(transactionManager);
accessControlManager.addSystemAccessControlFactory(new SystemAccessControlFactory() {
@Override
public String getName() {
return "test";
}
@Override
public SystemAccessControl create(Map<String, String> config) {
return new SystemAccessControl() {
@Override
public void checkCanSetUser(Optional<Principal> principal, String userName) {
}
@Override
public void checkCanImpersonateUser(Identity identity, String propertyName) {
}
@Override
public void checkCanSetSystemSessionProperty(Identity identity, String propertyName) {
}
@Override
public Optional<ViewExpression> getColumnMask(Identity identity, CatalogSchemaTableName tableName, String columnName, Type type) {
return Optional.of(new ViewExpression("user", Optional.empty(), Optional.empty(), "system mask"));
}
};
}
});
accessControlManager.setSystemAccessControl("test", ImmutableMap.of());
CatalogName catalogName = registerBogusConnector(catalogManager, transactionManager, accessControlManager, "catalog");
accessControlManager.addCatalogAccessControl(catalogName, new ConnectorAccessControl() {
@Override
public Optional<ViewExpression> getColumnMask(ConnectorTransactionHandle transactionHandle, Identity identity, SchemaTableName tableName, String columnName, Type type) {
return Optional.of(new ViewExpression("user", Optional.empty(), Optional.empty(), "connector mask"));
}
});
transaction(transactionManager, accessControlManager).execute(transactionId -> {
List<ViewExpression> masks = accessControlManager.getColumnMasks(transactionId, new Identity(USER_NAME, Optional.of(PRINCIPAL)), new QualifiedObjectName("catalog", "schema", "table"), "column", BIGINT);
assertEquals(masks.get(0).getExpression(), "connector mask");
assertEquals(masks.get(1).getExpression(), "system mask");
});
}
use of io.prestosql.spi.security.SystemAccessControl in project hetu-core by openlookeng.
the class AccessControlManager method setSystemAccessControl.
@VisibleForTesting
protected void setSystemAccessControl(String name, Map<String, String> properties) {
requireNonNull(name, "name is null");
requireNonNull(properties, "properties is null");
checkState(systemAccessControlLoading.compareAndSet(false, true), "System access control already initialized");
log.info("-- Loading system access control --");
SystemAccessControlFactory systemAccessControlFactory = systemAccessControlFactories.get(name);
checkState(systemAccessControlFactory != null, "Access control %s is not registered", name);
SystemAccessControl tmpSystemAccessControl = systemAccessControlFactory.create(ImmutableMap.copyOf(properties));
this.systemAccessControl.set(tmpSystemAccessControl);
log.info("-- Loaded system access control %s --", name);
}
Aggregations