Examples with ConnectorAccessControl io.trino.spi.connector.ConnectorAccessControl used on opensource projects

Search in sources :

Example 16 with ConnectorAccessControl

use of io.trino.spi.connector.ConnectorAccessControl in project trino by trinodb.

the class TestFileBasedAccessControl method testTableRules.

@Test
public void testTableRules() {
    SchemaTableName testTable = new SchemaTableName("test", "test");
    SchemaTableName aliceTable = new SchemaTableName("aliceschema", "alicetable");
    SchemaTableName bobTable = new SchemaTableName("bobschema", "bobtable");
    ConnectorAccessControl accessControl = createAccessControl("table.json");
    accessControl.checkCanSelectFromColumns(ALICE, testTable, ImmutableSet.of());
    accessControl.checkCanSelectFromColumns(ALICE, bobTable, ImmutableSet.of());
    accessControl.checkCanSelectFromColumns(ALICE, bobTable, ImmutableSet.of("bobcolumn"));
    accessControl.checkCanShowColumns(ALICE, bobTable);
    assertEquals(accessControl.filterColumns(ALICE, bobTable, ImmutableSet.of("a")), ImmutableSet.of("a"));
    accessControl.checkCanSelectFromColumns(BOB, bobTable, ImmutableSet.of());
    accessControl.checkCanShowColumns(BOB, bobTable);
    assertEquals(accessControl.filterColumns(BOB, bobTable, ImmutableSet.of("a")), ImmutableSet.of("a"));
    accessControl.checkCanInsertIntoTable(BOB, bobTable);
    accessControl.checkCanDeleteFromTable(BOB, bobTable);
    accessControl.checkCanTruncateTable(BOB, bobTable);
    accessControl.checkCanSelectFromColumns(CHARLIE, bobTable, ImmutableSet.of());
    accessControl.checkCanSelectFromColumns(CHARLIE, bobTable, ImmutableSet.of("bobcolumn"));
    accessControl.checkCanInsertIntoTable(CHARLIE, bobTable);
    accessControl.checkCanSelectFromColumns(JOE, bobTable, ImmutableSet.of());
    accessControl.checkCanCreateTable(ADMIN, new SchemaTableName("bob", "test"), Map.of());
    accessControl.checkCanCreateTable(ADMIN, testTable, Map.of());
    accessControl.checkCanCreateTable(ADMIN, new SchemaTableName("authenticated", "test"), Map.of());
    assertDenied(() -> accessControl.checkCanCreateTable(ADMIN, new SchemaTableName("secret", "test"), Map.of()));
    accessControl.checkCanCreateTable(ALICE, new SchemaTableName("aliceschema", "test"), Map.of());
    assertDenied(() -> accessControl.checkCanCreateTable(ALICE, testTable, Map.of()));
    assertDenied(() -> accessControl.checkCanCreateTable(CHARLIE, new SchemaTableName("aliceschema", "test"), Map.of()));
    assertDenied(() -> accessControl.checkCanCreateTable(CHARLIE, testTable, Map.of()));
    accessControl.checkCanCreateViewWithSelectFromColumns(BOB, bobTable, ImmutableSet.of());
    accessControl.checkCanDropTable(ADMIN, bobTable);
    accessControl.checkCanTruncateTable(ADMIN, bobTable);
    accessControl.checkCanRenameTable(ADMIN, bobTable, new SchemaTableName("aliceschema", "newbobtable"));
    accessControl.checkCanRenameTable(ALICE, aliceTable, new SchemaTableName("aliceschema", "newalicetable"));
    accessControl.checkCanRenameView(ADMIN, new SchemaTableName("bobschema", "bobview"), new SchemaTableName("aliceschema", "newbobview"));
    accessControl.checkCanRenameView(ALICE, new SchemaTableName("aliceschema", "aliceview"), new SchemaTableName("aliceschema", "newaliceview"));
    accessControl.checkCanRenameMaterializedView(ADMIN, new SchemaTableName("bobschema", "bobmaterializedview"), new SchemaTableName("aliceschema", "newbobaterializedview"));
    accessControl.checkCanRenameMaterializedView(ALICE, new SchemaTableName("aliceschema", "alicevaterializediew"), new SchemaTableName("aliceschema", "newaliceaterializedview"));
    accessControl.checkCanSetMaterializedViewProperties(ADMIN, new SchemaTableName("bobschema", "bobmaterializedview"), ImmutableMap.of());
    accessControl.checkCanSetMaterializedViewProperties(ALICE, new SchemaTableName("aliceschema", "alicevaterializediew"), ImmutableMap.of());
    accessControl.checkCanSetTableProperties(ADMIN, bobTable, ImmutableMap.of());
    accessControl.checkCanSetTableProperties(ALICE, aliceTable, ImmutableMap.of());
    assertDenied(() -> accessControl.checkCanInsertIntoTable(ALICE, bobTable));
    assertDenied(() -> accessControl.checkCanDropTable(BOB, bobTable));
    assertDenied(() -> accessControl.checkCanRenameTable(BOB, bobTable, new SchemaTableName("bobschema", "newbobtable")));
    assertDenied(() -> accessControl.checkCanRenameTable(ALICE, aliceTable, new SchemaTableName("bobschema", "newalicetable")));
    assertDenied(() -> accessControl.checkCanSetTableProperties(BOB, bobTable, ImmutableMap.of()));
    assertDenied(() -> accessControl.checkCanInsertIntoTable(BOB, testTable));
    assertDenied(() -> accessControl.checkCanSelectFromColumns(ADMIN, new SchemaTableName("secret", "secret"), ImmutableSet.of()));
    assertDenied(() -> accessControl.checkCanSelectFromColumns(JOE, new SchemaTableName("secret", "secret"), ImmutableSet.of()));
    assertDenied(() -> accessControl.checkCanCreateViewWithSelectFromColumns(JOE, bobTable, ImmutableSet.of()));
    assertDenied(() -> accessControl.checkCanRenameView(BOB, new SchemaTableName("bobschema", "bobview"), new SchemaTableName("bobschema", "newbobview")));
    assertDenied(() -> accessControl.checkCanRenameView(ALICE, aliceTable, new SchemaTableName("bobschema", "newalicetable")));
    assertDenied(() -> accessControl.checkCanRenameMaterializedView(BOB, new SchemaTableName("bobschema", "bobmaterializedview"), new SchemaTableName("bobschema", "newbobaterializedview")));
    assertDenied(() -> accessControl.checkCanRenameMaterializedView(ALICE, aliceTable, new SchemaTableName("bobschema", "newaliceaterializedview")));
    assertDenied(() -> accessControl.checkCanSetMaterializedViewProperties(ALICE, new SchemaTableName("bobschema", "bobmaterializedview"), ImmutableMap.of()));
    assertDenied(() -> accessControl.checkCanSetMaterializedViewProperties(BOB, new SchemaTableName("bobschema", "bobmaterializedview"), ImmutableMap.of()));
    accessControl.checkCanSetTableAuthorization(ADMIN, testTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role"));
    accessControl.checkCanSetTableAuthorization(ADMIN, testTable, new TrinoPrincipal(PrincipalType.USER, "some_user"));
    accessControl.checkCanSetTableAuthorization(ALICE, aliceTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role"));
    accessControl.checkCanSetTableAuthorization(ALICE, aliceTable, new TrinoPrincipal(PrincipalType.USER, "some_user"));
    assertDenied(() -> accessControl.checkCanSetTableAuthorization(ALICE, bobTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role")));
    assertDenied(() -> accessControl.checkCanSetTableAuthorization(ALICE, bobTable, new TrinoPrincipal(PrincipalType.USER, "some_user")));
    accessControl.checkCanSetViewAuthorization(ADMIN, testTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role"));
    accessControl.checkCanSetViewAuthorization(ADMIN, testTable, new TrinoPrincipal(PrincipalType.USER, "some_user"));
    accessControl.checkCanSetViewAuthorization(ALICE, aliceTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role"));
    accessControl.checkCanSetViewAuthorization(ALICE, aliceTable, new TrinoPrincipal(PrincipalType.USER, "some_user"));
    assertDenied(() -> accessControl.checkCanSetViewAuthorization(ALICE, bobTable, new TrinoPrincipal(PrincipalType.ROLE, "some_role")));
    assertDenied(() -> accessControl.checkCanSetViewAuthorization(ALICE, bobTable, new TrinoPrincipal(PrincipalType.USER, "some_user")));
}
Also used : ConnectorAccessControl(io.trino.spi.connector.ConnectorAccessControl) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) SchemaTableName(io.trino.spi.connector.SchemaTableName) Test(org.testng.annotations.Test)

Aggregations

ConnectorAccessControl (io.trino.spi.connector.ConnectorAccessControl)16 Test (org.testng.annotations.Test)12 SchemaTableName (io.trino.spi.connector.SchemaTableName)7 TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)5 ThreadContextClassLoader (io.trino.spi.classloader.ThreadContextClassLoader)4 Procedure (io.trino.spi.procedure.Procedure)4 Optional (java.util.Optional)3 Set (java.util.Set)3 ImmutableList (com.google.common.collect.ImmutableList)2 Injector (com.google.inject.Injector)2 Key (com.google.inject.Key)2 Module (com.google.inject.Module)2 TypeLiteral (com.google.inject.TypeLiteral)2 Bootstrap (io.airlift.bootstrap.Bootstrap)2 LifeCycleManager (io.airlift.bootstrap.LifeCycleManager)2 EventModule (io.airlift.event.client.EventModule)2 JsonModule (io.airlift.json.JsonModule)2 ClassLoaderSafeConnectorPageSinkProvider (io.trino.plugin.base.classloader.ClassLoaderSafeConnectorPageSinkProvider)2 ClassLoaderSafeConnectorPageSourceProvider (io.trino.plugin.base.classloader.ClassLoaderSafeConnectorPageSourceProvider)2 ClassLoaderSafeConnectorSplitManager (io.trino.plugin.base.classloader.ClassLoaderSafeConnectorSplitManager)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial