use of io.trino.security.AccessControlManager in project trino by trinodb.
the class ConnectorManager method createCatalog.
private synchronized void createCatalog(CatalogName catalogName, String connectorName, InternalConnectorFactory factory, Map<String, String> properties) {
// create all connectors before adding, so a broken connector does not leave the system half updated
CatalogClassLoaderSupplier duplicatePluginClassLoaderFactory = new CatalogClassLoaderSupplier(catalogName, factory.getDuplicatePluginClassLoaderFactory(), handleResolver);
MaterializedConnector connector = new MaterializedConnector(catalogName, createConnector(catalogName, factory.getConnectorFactory(), duplicatePluginClassLoaderFactory, properties), duplicatePluginClassLoaderFactory::destroy);
MaterializedConnector informationSchemaConnector = new MaterializedConnector(createInformationSchemaCatalogName(catalogName), new InformationSchemaConnector(catalogName.getCatalogName(), nodeManager, metadataManager, accessControlManager), () -> {
});
CatalogName systemId = createSystemTablesCatalogName(catalogName);
SystemTablesProvider systemTablesProvider;
if (nodeManager.getCurrentNode().isCoordinator()) {
systemTablesProvider = new CoordinatorSystemTablesProvider(transactionManager, metadataManager, catalogName.getCatalogName(), new StaticSystemTablesProvider(connector.getSystemTables()));
} else {
systemTablesProvider = new StaticSystemTablesProvider(connector.getSystemTables());
}
MaterializedConnector systemConnector = new MaterializedConnector(systemId, new SystemConnector(nodeManager, systemTablesProvider, transactionId -> transactionManager.getConnectorTransaction(transactionId, catalogName)), () -> {
});
SecurityManagement securityManagement = connector.getAccessControl().isPresent() ? CONNECTOR : SYSTEM;
Catalog catalog = new Catalog(catalogName.getCatalogName(), connector.getCatalogName(), connectorName, connector.getConnector(), securityManagement, informationSchemaConnector.getCatalogName(), informationSchemaConnector.getConnector(), systemConnector.getCatalogName(), systemConnector.getConnector());
try {
addConnectorInternal(connector);
addConnectorInternal(informationSchemaConnector);
addConnectorInternal(systemConnector);
catalogManager.registerCatalog(catalog);
} catch (Throwable e) {
catalogManager.removeCatalog(catalog.getCatalogName());
removeConnectorInternal(systemConnector.getCatalogName());
removeConnectorInternal(informationSchemaConnector.getCatalogName());
removeConnectorInternal(connector.getCatalogName());
throw e;
}
connector.getEventListeners().forEach(eventListenerManager::addEventListener);
}
use of io.trino.security.AccessControlManager in project trino by trinodb.
the class TestQueryStateMachine method createQueryStateMachineWithTicker.
private QueryStateMachine createQueryStateMachineWithTicker(Ticker ticker) {
Metadata metadata = createTestMetadataManager();
TransactionManager transactionManager = createTestTransactionManager();
AccessControlManager accessControl = new AccessControlManager(transactionManager, emptyEventListenerManager(), new AccessControlConfig(), DefaultSystemAccessControl.NAME);
accessControl.setSystemAccessControls(List.of(AllowAllSystemAccessControl.INSTANCE));
QueryStateMachine stateMachine = QueryStateMachine.beginWithTicker(Optional.empty(), QUERY, Optional.empty(), TEST_SESSION, LOCATION, new ResourceGroupId("test"), false, transactionManager, accessControl, executor, ticker, metadata, WarningCollector.NOOP, QUERY_TYPE);
stateMachine.setInputs(INPUTS);
stateMachine.setOutput(OUTPUT);
stateMachine.setColumns(OUTPUT_FIELD_NAMES, OUTPUT_FIELD_TYPES);
stateMachine.setUpdateType(UPDATE_TYPE);
for (Entry<String, String> entry : SET_SESSION_PROPERTIES.entrySet()) {
stateMachine.addSetSessionProperties(entry.getKey(), entry.getValue());
}
RESET_SESSION_PROPERTIES.forEach(stateMachine::addResetSessionProperties);
return stateMachine;
}
use of io.trino.security.AccessControlManager in project trino by trinodb.
the class TestPrepareTask method executePrepare.
private Map<String, String> executePrepare(String statementName, Statement statement, String sqlString, Session session) {
TransactionManager transactionManager = createTestTransactionManager();
AccessControlManager accessControl = new AccessControlManager(transactionManager, emptyEventListenerManager(), new AccessControlConfig(), DefaultSystemAccessControl.NAME);
accessControl.setSystemAccessControls(List.of(AllowAllSystemAccessControl.INSTANCE));
QueryStateMachine stateMachine = QueryStateMachine.begin(Optional.empty(), sqlString, Optional.empty(), session, URI.create("fake://uri"), new ResourceGroupId("test"), false, transactionManager, accessControl, executor, metadata, WarningCollector.NOOP, Optional.empty());
Prepare prepare = new Prepare(identifier(statementName), statement);
new PrepareTask(new SqlParser()).execute(prepare, stateMachine, emptyList(), WarningCollector.NOOP);
return stateMachine.getAddedPreparedStatements();
}
use of io.trino.security.AccessControlManager in project trino by trinodb.
the class TestDeallocateTask method executeDeallocate.
private Set<String> executeDeallocate(String statementName, String sqlString, Session session) {
TransactionManager transactionManager = createTestTransactionManager();
AccessControlManager accessControl = new AccessControlManager(transactionManager, emptyEventListenerManager(), new AccessControlConfig(), DefaultSystemAccessControl.NAME);
accessControl.setSystemAccessControls(List.of(AllowAllSystemAccessControl.INSTANCE));
QueryStateMachine stateMachine = QueryStateMachine.begin(Optional.empty(), sqlString, Optional.empty(), session, URI.create("fake://uri"), new ResourceGroupId("test"), false, transactionManager, accessControl, executor, metadata, WarningCollector.NOOP, Optional.empty());
Deallocate deallocate = new Deallocate(new Identifier(statementName));
new DeallocateTask().execute(deallocate, stateMachine, emptyList(), WarningCollector.NOOP);
return stateMachine.getDeallocatedPreparedStatements();
}
use of io.trino.security.AccessControlManager in project trino by trinodb.
the class TestAnalyzer method setup.
@BeforeClass
public void setup() {
LocalQueryRunner queryRunner = LocalQueryRunner.create(TEST_SESSION);
closer.register(queryRunner);
transactionManager = queryRunner.getTransactionManager();
AccessControlManager accessControlManager = new AccessControlManager(transactionManager, emptyEventListenerManager(), new AccessControlConfig(), DefaultSystemAccessControl.NAME);
accessControlManager.setSystemAccessControls(List.of(AllowAllSystemAccessControl.INSTANCE));
this.accessControl = accessControlManager;
queryRunner.addFunctions(InternalFunctionBundle.builder().functions(APPLY_FUNCTION).build());
plannerContext = queryRunner.getPlannerContext();
Metadata metadata = plannerContext.getMetadata();
TestingMetadata testingConnectorMetadata = new TestingMetadata();
TestingConnector connector = new TestingConnector(testingConnectorMetadata);
queryRunner.createCatalog(TPCH_CATALOG, new StaticConnectorFactory("main", connector), ImmutableMap.of());
tablePropertyManager = queryRunner.getTablePropertyManager();
analyzePropertyManager = queryRunner.getAnalyzePropertyManager();
queryRunner.createCatalog(SECOND_CATALOG, MockConnectorFactory.create("second"), ImmutableMap.of());
queryRunner.createCatalog(THIRD_CATALOG, MockConnectorFactory.create("third"), ImmutableMap.of());
SchemaTableName table1 = new SchemaTableName("s1", "t1");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table1, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", BIGINT), new ColumnMetadata("c", BIGINT), new ColumnMetadata("d", BIGINT))), false));
SchemaTableName table2 = new SchemaTableName("s1", "t2");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table2, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", BIGINT))), false));
SchemaTableName table3 = new SchemaTableName("s1", "t3");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table3, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", BIGINT), new ColumnMetadata("x", BIGINT, null, true))), false));
// table in different catalog
SchemaTableName table4 = new SchemaTableName("s2", "t4");
inSetupTransaction(session -> metadata.createTable(session, SECOND_CATALOG, new ConnectorTableMetadata(table4, ImmutableList.of(new ColumnMetadata("a", BIGINT))), false));
// table with a hidden column
SchemaTableName table5 = new SchemaTableName("s1", "t5");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table5, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", BIGINT, null, true))), false));
// table with a varchar column
SchemaTableName table6 = new SchemaTableName("s1", "t6");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table6, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", VARCHAR), new ColumnMetadata("c", BIGINT), new ColumnMetadata("d", BIGINT))), false));
// table with bigint, double, array of bigints and array of doubles column
SchemaTableName table7 = new SchemaTableName("s1", "t7");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table7, ImmutableList.of(new ColumnMetadata("a", BIGINT), new ColumnMetadata("b", DOUBLE), new ColumnMetadata("c", new ArrayType(BIGINT)), new ColumnMetadata("d", new ArrayType(DOUBLE)))), false));
// materialized view referencing table in same schema
MaterializedViewDefinition materializedViewData1 = new MaterializedViewDefinition("select a from t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.of("comment"), Identity.ofUser("user"), Optional.empty(), ImmutableMap.of());
inSetupTransaction(session -> metadata.createMaterializedView(session, new QualifiedObjectName(TPCH_CATALOG, "s1", "mv1"), materializedViewData1, false, true));
// valid view referencing table in same schema
ViewDefinition viewData1 = new ViewDefinition("select a from t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.of("comment"), Optional.of(Identity.ofUser("user")));
inSetupTransaction(session -> metadata.createView(session, new QualifiedObjectName(TPCH_CATALOG, "s1", "v1"), viewData1, false));
// stale view (different column type)
ViewDefinition viewData2 = new ViewDefinition("select a from t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", VARCHAR.getTypeId())), Optional.of("comment"), Optional.of(Identity.ofUser("user")));
inSetupTransaction(session -> metadata.createView(session, new QualifiedObjectName(TPCH_CATALOG, "s1", "v2"), viewData2, false));
// view referencing table in different schema from itself and session
ViewDefinition viewData3 = new ViewDefinition("select a from t4", Optional.of(SECOND_CATALOG), Optional.of("s2"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.of("comment"), Optional.of(Identity.ofUser("owner")));
inSetupTransaction(session -> metadata.createView(session, new QualifiedObjectName(THIRD_CATALOG, "s3", "v3"), viewData3, false));
// valid view with uppercase column name
ViewDefinition viewData4 = new ViewDefinition("select A from t1", Optional.of("tpch"), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.of("comment"), Optional.of(Identity.ofUser("user")));
inSetupTransaction(session -> metadata.createView(session, new QualifiedObjectName("tpch", "s1", "v4"), viewData4, false));
// recursive view referencing to itself
ViewDefinition viewData5 = new ViewDefinition("select * from v5", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.of("comment"), Optional.of(Identity.ofUser("user")));
inSetupTransaction(session -> metadata.createView(session, new QualifiedObjectName(TPCH_CATALOG, "s1", "v5"), viewData5, false));
// type analysis for INSERT
SchemaTableName table8 = new SchemaTableName("s1", "t8");
inSetupTransaction(session -> metadata.createTable(session, TPCH_CATALOG, new ConnectorTableMetadata(table8, ImmutableList.of(new ColumnMetadata("tinyint_column", TINYINT), new ColumnMetadata("integer_column", INTEGER), new ColumnMetadata("decimal_column", createDecimalType(5, 3)), new ColumnMetadata("real_column", REAL), new ColumnMetadata("char_column", createCharType(3)), new ColumnMetadata("bounded_varchar_column", createVarcharType(3)), new ColumnMetadata("unbounded_varchar_column", VARCHAR), new ColumnMetadata("tinyint_array_column", new ArrayType(TINYINT)), new ColumnMetadata("bigint_array_column", new ArrayType(BIGINT)), new ColumnMetadata("nested_bounded_varchar_column", anonymousRow(createVarcharType(3))), new ColumnMetadata("row_column", anonymousRow(TINYINT, createUnboundedVarcharType())), new ColumnMetadata("date_column", DATE))), false));
// for identifier chain resolving tests
queryRunner.createCatalog(CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new StaticConnectorFactory("chain", new TestingConnector(new TestingMetadata())), ImmutableMap.of());
Type singleFieldRowType = TESTING_TYPE_MANAGER.fromSqlType("row(f1 bigint)");
Type rowType = TESTING_TYPE_MANAGER.fromSqlType("row(f1 bigint, f2 bigint)");
Type nestedRowType = TESTING_TYPE_MANAGER.fromSqlType("row(f1 row(f11 bigint, f12 bigint), f2 boolean)");
Type doubleNestedRowType = TESTING_TYPE_MANAGER.fromSqlType("row(f1 row(f11 row(f111 bigint, f112 bigint), f12 boolean), f2 boolean)");
SchemaTableName b = new SchemaTableName("a", "b");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(b, ImmutableList.of(new ColumnMetadata("x", VARCHAR))), false));
SchemaTableName t1 = new SchemaTableName("a", "t1");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(t1, ImmutableList.of(new ColumnMetadata("b", rowType))), false));
SchemaTableName t2 = new SchemaTableName("a", "t2");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(t2, ImmutableList.of(new ColumnMetadata("a", rowType))), false));
SchemaTableName t3 = new SchemaTableName("a", "t3");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(t3, ImmutableList.of(new ColumnMetadata("b", nestedRowType), new ColumnMetadata("c", BIGINT))), false));
SchemaTableName t4 = new SchemaTableName("a", "t4");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(t4, ImmutableList.of(new ColumnMetadata("b", doubleNestedRowType), new ColumnMetadata("c", BIGINT))), false));
SchemaTableName t5 = new SchemaTableName("a", "t5");
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(t5, ImmutableList.of(new ColumnMetadata("b", singleFieldRowType))), false));
QualifiedObjectName tableViewAndMaterializedView = new QualifiedObjectName(TPCH_CATALOG, "s1", "table_view_and_materialized_view");
inSetupTransaction(session -> metadata.createMaterializedView(session, tableViewAndMaterializedView, new MaterializedViewDefinition("SELECT a FROM t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.empty(), Identity.ofUser("some user"), Optional.of(new CatalogSchemaTableName(TPCH_CATALOG, "s1", "t1")), ImmutableMap.of()), false, false));
ViewDefinition viewDefinition = new ViewDefinition("SELECT a FROM t2", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.empty(), Optional.empty());
inSetupTransaction(session -> metadata.createView(session, tableViewAndMaterializedView, viewDefinition, false));
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(tableViewAndMaterializedView.asSchemaTableName(), ImmutableList.of(new ColumnMetadata("a", BIGINT))), false));
QualifiedObjectName tableAndView = new QualifiedObjectName(TPCH_CATALOG, "s1", "table_and_view");
inSetupTransaction(session -> metadata.createView(session, tableAndView, viewDefinition, false));
inSetupTransaction(session -> metadata.createTable(session, CATALOG_FOR_IDENTIFIER_CHAIN_TESTS, new ConnectorTableMetadata(tableAndView.asSchemaTableName(), ImmutableList.of(new ColumnMetadata("a", BIGINT))), false));
QualifiedObjectName freshMaterializedView = new QualifiedObjectName(TPCH_CATALOG, "s1", "fresh_materialized_view");
inSetupTransaction(session -> metadata.createMaterializedView(session, freshMaterializedView, new MaterializedViewDefinition("SELECT a, b FROM t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId()), new ViewColumn("b", BIGINT.getTypeId())), Optional.empty(), Identity.ofUser("some user"), // t3 has a, b column and hidden column x
Optional.of(new CatalogSchemaTableName(TPCH_CATALOG, "s1", "t3")), ImmutableMap.of()), false, false));
testingConnectorMetadata.markMaterializedViewIsFresh(freshMaterializedView.asSchemaTableName());
QualifiedObjectName freshMaterializedViewMismatchedColumnCount = new QualifiedObjectName(TPCH_CATALOG, "s1", "fresh_materialized_view_mismatched_column_count");
inSetupTransaction(session -> metadata.createMaterializedView(session, freshMaterializedViewMismatchedColumnCount, new MaterializedViewDefinition("SELECT a FROM t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId())), Optional.empty(), Identity.ofUser("some user"), Optional.of(new CatalogSchemaTableName(TPCH_CATALOG, "s1", "t2")), ImmutableMap.of()), false, false));
testingConnectorMetadata.markMaterializedViewIsFresh(freshMaterializedViewMismatchedColumnCount.asSchemaTableName());
QualifiedObjectName freshMaterializedMismatchedColumnName = new QualifiedObjectName(TPCH_CATALOG, "s1", "fresh_materialized_view_mismatched_column_name");
inSetupTransaction(session -> metadata.createMaterializedView(session, freshMaterializedMismatchedColumnName, new MaterializedViewDefinition("SELECT a, b as c FROM t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId()), new ViewColumn("c", BIGINT.getTypeId())), Optional.empty(), Identity.ofUser("some user"), Optional.of(new CatalogSchemaTableName(TPCH_CATALOG, "s1", "t2")), ImmutableMap.of()), false, false));
testingConnectorMetadata.markMaterializedViewIsFresh(freshMaterializedMismatchedColumnName.asSchemaTableName());
QualifiedObjectName freshMaterializedMismatchedColumnType = new QualifiedObjectName(TPCH_CATALOG, "s1", "fresh_materialized_view_mismatched_column_type");
inSetupTransaction(session -> metadata.createMaterializedView(session, freshMaterializedMismatchedColumnType, new MaterializedViewDefinition("SELECT a, null b FROM t1", Optional.of(TPCH_CATALOG), Optional.of("s1"), ImmutableList.of(new ViewColumn("a", BIGINT.getTypeId()), new ViewColumn("b", RowType.anonymousRow(TINYINT).getTypeId())), Optional.empty(), Identity.ofUser("some user"), Optional.of(new CatalogSchemaTableName(TPCH_CATALOG, "s1", "t2")), ImmutableMap.of()), false, false));
testingConnectorMetadata.markMaterializedViewIsFresh(freshMaterializedMismatchedColumnType.asSchemaTableName());
}
Aggregations