use of io.trino.plugin.base.security.FileBasedAccessControlConfig.SECURITY_CONFIG_FILE in project trino by trinodb.
the class TestFileBasedSystemAccessControl method testRefreshing.
@Test
public void testRefreshing() throws Exception {
TransactionManager transactionManager = createTestTransactionManager();
AccessControlManager accessControlManager = new AccessControlManager(transactionManager, emptyEventListenerManager(), new AccessControlConfig(), DefaultSystemAccessControl.NAME);
File configFile = newTemporaryFile();
configFile.deleteOnExit();
copy(new File(getResourcePath("catalog.json")), configFile);
accessControlManager.setSystemAccessControl(FileBasedSystemAccessControl.NAME, ImmutableMap.of(SECURITY_CONFIG_FILE, configFile.getAbsolutePath(), SECURITY_REFRESH_PERIOD, "1ms"));
transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
});
copy(new File(getResourcePath("security-config-file-with-unknown-rules.json")), configFile);
sleep(2);
assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
})).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
// test if file based cached control was not cached somewhere
assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
})).isInstanceOf(IllegalArgumentException.class).hasMessageStartingWith("Invalid JSON file");
copy(new File(getResourcePath("catalog.json")), configFile);
sleep(2);
transaction(transactionManager, accessControlManager).execute(transactionId -> {
accessControlManager.checkCanCreateView(new SecurityContext(transactionId, alice, queryId), aliceView);
});
}
Aggregations