Search in sources :

Example 1 with SystemAccessControlFactory

use of io.prestosql.spi.security.SystemAccessControlFactory in project hetu-core by openlookeng.

the class PluginManager method installPlugin.

public void installPlugin(Plugin plugin) {
    for (BlockEncoding blockEncoding : plugin.getBlockEncodings()) {
        log.info("Registering block encoding %s", blockEncoding.getName());
        metadataManager.getFunctionAndTypeManager().addBlockEncoding(blockEncoding);
    }
    for (Type type : plugin.getTypes()) {
        log.info("Registering type %s", type.getTypeSignature());
        metadataManager.getFunctionAndTypeManager().addType(type);
    }
    for (ParametricType parametricType : plugin.getParametricTypes()) {
        log.info("Registering parametric type %s", parametricType.getName());
        metadataManager.getFunctionAndTypeManager().addParametricType(parametricType);
    }
    for (ConnectorFactory connectorFactory : plugin.getConnectorFactories()) {
        log.info("Registering connector %s", connectorFactory.getName());
        connectorManager.addConnectorFactory(connectorFactory);
        ConnectorCache.addCatalogConfig(plugin, connectorFactory.getName());
    }
    for (SessionPropertyConfigurationManagerFactory sessionConfigFactory : plugin.getSessionPropertyConfigurationManagerFactories()) {
        log.info("Registering session property configuration manager %s", sessionConfigFactory.getName());
        sessionPropertyDefaults.addConfigurationManagerFactory(sessionConfigFactory);
    }
    for (FunctionNamespaceManagerFactory functionNamespaceManagerFactory : plugin.getFunctionNamespaceManagerFactories()) {
        log.info("Registering function namespace manager %s", functionNamespaceManagerFactory.getName());
        metadataManager.getFunctionAndTypeManager().addFunctionNamespaceFactory(functionNamespaceManagerFactory);
    }
    for (ResourceGroupConfigurationManagerFactory configurationManagerFactory : plugin.getResourceGroupConfigurationManagerFactories()) {
        log.info("Registering resource group configuration manager %s", configurationManagerFactory.getName());
        resourceGroupManager.addConfigurationManagerFactory(configurationManagerFactory);
    }
    for (SystemAccessControlFactory accessControlFactory : plugin.getSystemAccessControlFactories()) {
        log.info("Registering system access control %s", accessControlFactory.getName());
        accessControlManager.addSystemAccessControlFactory(accessControlFactory);
    }
    for (PasswordAuthenticatorFactory authenticatorFactory : plugin.getPasswordAuthenticatorFactories()) {
        log.info("Registering password authenticator %s", authenticatorFactory.getName());
        passwordAuthenticatorManager.addPasswordAuthenticatorFactory(authenticatorFactory);
    }
    for (EventListenerFactory eventListenerFactory : plugin.getEventListenerFactories()) {
        log.info("Registering event listener %s", eventListenerFactory.getName());
        eventListenerManager.addEventListenerFactory(eventListenerFactory);
    }
    for (GroupProviderFactory groupProviderFactory : plugin.getGroupProviderFactories()) {
        log.info("Registering group provider %s", groupProviderFactory.getName());
        groupProviderManager.addGroupProviderFactory(groupProviderFactory);
    }
    // Install StateStorePlugin
    for (StateStoreBootstrapper bootstrapper : plugin.getStateStoreBootstrappers()) {
        log.info("Registering  state store bootstrapper");
        stateStoreLauncher.addStateStoreBootstrapper(bootstrapper);
    }
    for (StateStoreFactory stateStoreFactory : plugin.getStateStoreFactories()) {
        log.info("Registering state store %s", stateStoreFactory.getName());
        localStateStoreProvider.addStateStoreFactory(stateStoreFactory);
    }
    for (SeedStoreFactory seedStoreFactory : plugin.getSeedStoreFactories()) {
        log.info("Registering seed store %s", seedStoreFactory.getName());
        seedStoreManager.addSeedStoreFactory(seedStoreFactory);
    }
    for (CubeProvider cubeProvider : plugin.getCubeProviders()) {
        log.info("Registering cube provider %s", cubeProvider.getName());
        cubeManager.addCubeProvider(cubeProvider);
    }
    for (HetuFileSystemClientFactory fileSystemClientFactory : plugin.getFileSystemClientFactory()) {
        log.info("Registering file system provider %s", fileSystemClientFactory.getName());
        fileSystemClientManager.addFileSystemClientFactories(fileSystemClientFactory);
    }
    for (HetuMetaStoreFactory hetuMetaStoreFactory : plugin.getHetuMetaStoreFactories()) {
        log.info("Registering hetu metastore %s", hetuMetaStoreFactory.getName());
        hetuMetaStoreManager.addHetuMetaStoreFactory(hetuMetaStoreFactory);
    }
    for (IndexFactory indexFactory : plugin.getIndexFactories()) {
        log.info("Loading index factory");
        heuristicIndexerManager.loadIndexFactories(indexFactory);
    }
    installFunctionsPlugin(plugin);
}
Also used : ResourceGroupConfigurationManagerFactory(io.prestosql.spi.resourcegroups.ResourceGroupConfigurationManagerFactory) EventListenerFactory(io.prestosql.spi.eventlistener.EventListenerFactory) HetuFileSystemClientFactory(io.prestosql.spi.filesystem.HetuFileSystemClientFactory) SeedStoreFactory(io.prestosql.spi.seedstore.SeedStoreFactory) SystemAccessControlFactory(io.prestosql.spi.security.SystemAccessControlFactory) ParametricType(io.prestosql.spi.type.ParametricType) Type(io.prestosql.spi.type.Type) PasswordAuthenticatorFactory(io.prestosql.spi.security.PasswordAuthenticatorFactory) ConnectorFactory(io.prestosql.spi.connector.ConnectorFactory) IndexFactory(io.prestosql.spi.heuristicindex.IndexFactory) HetuMetaStoreFactory(io.prestosql.spi.metastore.HetuMetaStoreFactory) ParametricType(io.prestosql.spi.type.ParametricType) CubeProvider(io.prestosql.spi.cube.CubeProvider) FunctionNamespaceManagerFactory(io.prestosql.spi.function.FunctionNamespaceManagerFactory) SessionPropertyConfigurationManagerFactory(io.prestosql.spi.session.SessionPropertyConfigurationManagerFactory) BlockEncoding(io.prestosql.spi.block.BlockEncoding) GroupProviderFactory(io.prestosql.spi.security.GroupProviderFactory) StateStoreBootstrapper(io.prestosql.spi.statestore.StateStoreBootstrapper) StateStoreFactory(io.prestosql.spi.statestore.StateStoreFactory)

Example 2 with SystemAccessControlFactory

use of io.prestosql.spi.security.SystemAccessControlFactory in project hetu-core by openlookeng.

the class TestAccessControlManager method testColumnMaskOrdering.

@Test
public void testColumnMaskOrdering() {
    CatalogManager catalogManager = new CatalogManager();
    TransactionManager transactionManager = createTestTransactionManager(catalogManager);
    AccessControlManager accessControlManager = new AccessControlManager(transactionManager);
    accessControlManager.addSystemAccessControlFactory(new SystemAccessControlFactory() {

        @Override
        public String getName() {
            return "test";
        }

        @Override
        public SystemAccessControl create(Map<String, String> config) {
            return new SystemAccessControl() {

                @Override
                public void checkCanSetUser(Optional<Principal> principal, String userName) {
                }

                @Override
                public void checkCanImpersonateUser(Identity identity, String propertyName) {
                }

                @Override
                public void checkCanSetSystemSessionProperty(Identity identity, String propertyName) {
                }

                @Override
                public Optional<ViewExpression> getColumnMask(Identity identity, CatalogSchemaTableName tableName, String columnName, Type type) {
                    return Optional.of(new ViewExpression("user", Optional.empty(), Optional.empty(), "system mask"));
                }
            };
        }
    });
    accessControlManager.setSystemAccessControl("test", ImmutableMap.of());
    CatalogName catalogName = registerBogusConnector(catalogManager, transactionManager, accessControlManager, "catalog");
    accessControlManager.addCatalogAccessControl(catalogName, new ConnectorAccessControl() {

        @Override
        public Optional<ViewExpression> getColumnMask(ConnectorTransactionHandle transactionHandle, Identity identity, SchemaTableName tableName, String columnName, Type type) {
            return Optional.of(new ViewExpression("user", Optional.empty(), Optional.empty(), "connector mask"));
        }
    });
    transaction(transactionManager, accessControlManager).execute(transactionId -> {
        List<ViewExpression> masks = accessControlManager.getColumnMasks(transactionId, new Identity(USER_NAME, Optional.of(PRINCIPAL)), new QualifiedObjectName("catalog", "schema", "table"), "column", BIGINT);
        assertEquals(masks.get(0).getExpression(), "connector mask");
        assertEquals(masks.get(1).getExpression(), "system mask");
    });
}
Also used : Optional(java.util.Optional) ConnectorAccessControl(io.prestosql.spi.connector.ConnectorAccessControl) SystemAccessControl(io.prestosql.spi.security.SystemAccessControl) ConnectorTransactionHandle(io.prestosql.spi.connector.ConnectorTransactionHandle) SchemaTableName(io.prestosql.spi.connector.SchemaTableName) CatalogSchemaTableName(io.prestosql.spi.connector.CatalogSchemaTableName) CatalogManager(io.prestosql.metadata.CatalogManager) CatalogSchemaTableName(io.prestosql.spi.connector.CatalogSchemaTableName) QualifiedObjectName(io.prestosql.spi.connector.QualifiedObjectName) ViewExpression(io.prestosql.spi.security.ViewExpression) SystemAccessControlFactory(io.prestosql.spi.security.SystemAccessControlFactory) Type(io.prestosql.spi.type.Type) TransactionManager(io.prestosql.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.prestosql.transaction.InMemoryTransactionManager.createTestTransactionManager) CatalogName.createSystemTablesCatalogName(io.prestosql.spi.connector.CatalogName.createSystemTablesCatalogName) CatalogName.createInformationSchemaCatalogName(io.prestosql.spi.connector.CatalogName.createInformationSchemaCatalogName) CatalogName(io.prestosql.spi.connector.CatalogName) ConnectorIdentity(io.prestosql.spi.security.ConnectorIdentity) Identity(io.prestosql.spi.security.Identity) BasicPrincipal(io.prestosql.spi.security.BasicPrincipal) Principal(java.security.Principal) PrestoPrincipal(io.prestosql.spi.security.PrestoPrincipal) Test(org.testng.annotations.Test)

Example 3 with SystemAccessControlFactory

use of io.prestosql.spi.security.SystemAccessControlFactory in project hetu-core by openlookeng.

the class AccessControlManager method setSystemAccessControl.

@VisibleForTesting
protected void setSystemAccessControl(String name, Map<String, String> properties) {
    requireNonNull(name, "name is null");
    requireNonNull(properties, "properties is null");
    checkState(systemAccessControlLoading.compareAndSet(false, true), "System access control already initialized");
    log.info("-- Loading system access control --");
    SystemAccessControlFactory systemAccessControlFactory = systemAccessControlFactories.get(name);
    checkState(systemAccessControlFactory != null, "Access control %s is not registered", name);
    SystemAccessControl tmpSystemAccessControl = systemAccessControlFactory.create(ImmutableMap.copyOf(properties));
    this.systemAccessControl.set(tmpSystemAccessControl);
    log.info("-- Loaded system access control %s --", name);
}
Also used : SystemAccessControlFactory(io.prestosql.spi.security.SystemAccessControlFactory) SystemAccessControl(io.prestosql.spi.security.SystemAccessControl) VisibleForTesting(com.google.common.annotations.VisibleForTesting)

Example 4 with SystemAccessControlFactory

use of io.prestosql.spi.security.SystemAccessControlFactory in project ranger by apache.

the class PrestoRangerPlugin method getSystemAccessControlFactories.

@Override
public Iterable<SystemAccessControlFactory> getSystemAccessControlFactories() {
    ArrayList<SystemAccessControlFactory> list = new ArrayList<>();
    SystemAccessControlFactory factory = new RangerSystemAccessControlFactory();
    list.add(factory);
    return list;
}
Also used : SystemAccessControlFactory(io.prestosql.spi.security.SystemAccessControlFactory) ArrayList(java.util.ArrayList)

Aggregations

SystemAccessControlFactory (io.prestosql.spi.security.SystemAccessControlFactory)4 SystemAccessControl (io.prestosql.spi.security.SystemAccessControl)2 Type (io.prestosql.spi.type.Type)2 VisibleForTesting (com.google.common.annotations.VisibleForTesting)1 CatalogManager (io.prestosql.metadata.CatalogManager)1 BlockEncoding (io.prestosql.spi.block.BlockEncoding)1 CatalogName (io.prestosql.spi.connector.CatalogName)1 CatalogName.createInformationSchemaCatalogName (io.prestosql.spi.connector.CatalogName.createInformationSchemaCatalogName)1 CatalogName.createSystemTablesCatalogName (io.prestosql.spi.connector.CatalogName.createSystemTablesCatalogName)1 CatalogSchemaTableName (io.prestosql.spi.connector.CatalogSchemaTableName)1 ConnectorAccessControl (io.prestosql.spi.connector.ConnectorAccessControl)1 ConnectorFactory (io.prestosql.spi.connector.ConnectorFactory)1 ConnectorTransactionHandle (io.prestosql.spi.connector.ConnectorTransactionHandle)1 QualifiedObjectName (io.prestosql.spi.connector.QualifiedObjectName)1 SchemaTableName (io.prestosql.spi.connector.SchemaTableName)1 CubeProvider (io.prestosql.spi.cube.CubeProvider)1 EventListenerFactory (io.prestosql.spi.eventlistener.EventListenerFactory)1 HetuFileSystemClientFactory (io.prestosql.spi.filesystem.HetuFileSystemClientFactory)1 FunctionNamespaceManagerFactory (io.prestosql.spi.function.FunctionNamespaceManagerFactory)1 IndexFactory (io.prestosql.spi.heuristicindex.IndexFactory)1