Examples with TrinoPrincipal io.trino.spi.security.TrinoPrincipal used on opensource projects

Search in sources :

Example 46 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestGrantOnTable method initClass.

@BeforeClass
public void initClass() throws Exception {
    queryRunner = DistributedQueryRunner.builder(admin).build();
    MockConnectorFactory connectorFactory = MockConnectorFactory.builder().withListSchemaNames(session -> ImmutableList.of("default")).withListTables((session, schemaName) -> "default".equalsIgnoreCase(schemaName) ? ImmutableList.of(table) : ImmutableList.of()).withGetTableHandle((session, tableName) -> tableName.equals(table) ? new MockConnectorTableHandle(tableName) : null).withSchemaGrants(new MutableGrants<>()).withTableGrants(tableGrants).build();
    queryRunner.installPlugin(new MockConnectorPlugin(connectorFactory));
    queryRunner.createCatalog("local", "mock");
    assertions = new QueryAssertions(queryRunner);
    tableGrants.grant(new TrinoPrincipal(USER, "admin"), table, EnumSet.allOf(Privilege.class), true);
}
Also used : DataProvider(org.testng.annotations.DataProvider) USER(io.trino.spi.security.PrincipalType.USER) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Test(org.testng.annotations.Test) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) ImmutableList(com.google.common.collect.ImmutableList) MockConnectorFactory(io.trino.connector.MockConnectorFactory) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Identity(io.trino.spi.security.Identity) Grants(io.trino.connector.Grants) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Privilege(io.trino.spi.security.Privilege) EnumSet(java.util.EnumSet) AfterClass(org.testng.annotations.AfterClass) DataProviders(io.trino.testing.DataProviders) BeforeClass(org.testng.annotations.BeforeClass) SchemaTableName(io.trino.spi.connector.SchemaTableName) String.format(java.lang.String.format) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) TestingSession.testSessionBuilder(io.trino.testing.TestingSession.testSessionBuilder) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Randoms.randomUsername(io.trino.common.Randoms.randomUsername) QueryAssertions(io.trino.sql.query.QueryAssertions) MutableGrants(io.trino.connector.MutableGrants) Session(io.trino.Session) MockConnectorFactory(io.trino.connector.MockConnectorFactory) QueryAssertions(io.trino.sql.query.QueryAssertions) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Privilege(io.trino.spi.security.Privilege) BeforeClass(org.testng.annotations.BeforeClass)

Example 47 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestDenyOnSchema method testValidDenySchema.

@Test(dataProvider = "privileges")
public void testValidDenySchema(String privilege) {
    String username = randomUsername();
    denyCalled = false;
    expectedSchemaName = new CatalogSchemaName("local", "default");
    if (privilege.equalsIgnoreCase("all privileges")) {
        expectedPrivileges = ImmutableSet.copyOf(Privilege.values());
    } else {
        expectedPrivileges = ImmutableSet.of(Privilege.valueOf(privilege.toUpperCase(ROOT)));
    }
    expectedGrantee = new TrinoPrincipal(USER, username);
    queryRunner.execute(admin, format("DENY %s ON SCHEMA default TO %s", privilege, username));
    assertThat(denyCalled).isTrue();
}
Also used : CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Test(org.testng.annotations.Test)

Example 48 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestDenyOnSchema method initClass.

@BeforeClass
public void initClass() throws Exception {
    queryRunner = DistributedQueryRunner.builder(admin).setAdditionalModule(binder -> {
        newOptionalBinder(binder, SystemSecurityMetadata.class).setBinding().toInstance(new DisabledSystemSecurityMetadata() {

            @Override
            public void denySchemaPrivileges(Session session, CatalogSchemaName schemaName, Set<Privilege> privileges, TrinoPrincipal grantee) {
                assertThat(expectedSchemaName).isEqualTo(schemaName);
                assertThat(expectedPrivileges).isEqualTo(privileges);
                assertThat(expectedGrantee).isEqualTo(grantee);
                assertThat(denyCalled).isFalse();
                denyCalled = true;
            }
        });
    }).build();
    MockConnectorFactory connectorFactory = MockConnectorFactory.builder().withListSchemaNames(session -> ImmutableList.of("default")).withListTables((session, schemaName) -> "default".equalsIgnoreCase(schemaName) ? ImmutableList.of(table) : ImmutableList.of()).withGetTableHandle((session, tableName) -> tableName.equals(table) ? new MockConnectorTableHandle(tableName) : null).build();
    queryRunner.installPlugin(new MockConnectorPlugin(connectorFactory));
    queryRunner.createCatalog("local", "mock");
    assertions = new QueryAssertions(queryRunner);
    tableGrants.grant(new TrinoPrincipal(USER, "admin"), table, EnumSet.allOf(Privilege.class), true);
}
Also used : SystemSecurityMetadata(io.trino.metadata.SystemSecurityMetadata) DataProvider(org.testng.annotations.DataProvider) USER(io.trino.spi.security.PrincipalType.USER) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Test(org.testng.annotations.Test) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) ImmutableList(com.google.common.collect.ImmutableList) MockConnectorFactory(io.trino.connector.MockConnectorFactory) DisabledSystemSecurityMetadata(io.trino.metadata.DisabledSystemSecurityMetadata) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Identity(io.trino.spi.security.Identity) Grants(io.trino.connector.Grants) CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) ROOT(java.util.Locale.ROOT) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Privilege(io.trino.spi.security.Privilege) EnumSet(java.util.EnumSet) OptionalBinder.newOptionalBinder(com.google.inject.multibindings.OptionalBinder.newOptionalBinder) AfterClass(org.testng.annotations.AfterClass) ImmutableSet(com.google.common.collect.ImmutableSet) BeforeClass(org.testng.annotations.BeforeClass) Set(java.util.Set) SchemaTableName(io.trino.spi.connector.SchemaTableName) String.format(java.lang.String.format) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) TestingSession.testSessionBuilder(io.trino.testing.TestingSession.testSessionBuilder) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Randoms.randomUsername(io.trino.common.Randoms.randomUsername) QueryAssertions(io.trino.sql.query.QueryAssertions) MutableGrants(io.trino.connector.MutableGrants) Session(io.trino.Session) MockConnectorFactory(io.trino.connector.MockConnectorFactory) QueryAssertions(io.trino.sql.query.QueryAssertions) CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) DisabledSystemSecurityMetadata(io.trino.metadata.DisabledSystemSecurityMetadata) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Privilege(io.trino.spi.security.Privilege) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Session(io.trino.Session) BeforeClass(org.testng.annotations.BeforeClass)

Example 49 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestDenyOnTable method initClass.

@BeforeClass
public void initClass() throws Exception {
    queryRunner = DistributedQueryRunner.builder(admin).setAdditionalModule(binder -> {
        newOptionalBinder(binder, SystemSecurityMetadata.class).setBinding().toInstance(new DisabledSystemSecurityMetadata() {

            @Override
            public void denyTablePrivileges(Session session, QualifiedObjectName tableName, Set<Privilege> privileges, TrinoPrincipal grantee) {
                assertThat(expectedTableName).isEqualTo(tableName);
                assertThat(expectedPrivileges).isEqualTo(privileges);
                assertThat(expectedGrantee).isEqualTo(grantee);
                assertThat(denyCalled).isFalse();
                denyCalled = true;
            }
        });
    }).build();
    MockConnectorFactory connectorFactory = MockConnectorFactory.builder().withListSchemaNames(session -> ImmutableList.of("default")).withListTables((session, schemaName) -> "default".equalsIgnoreCase(schemaName) ? ImmutableList.of(table) : ImmutableList.of()).withGetTableHandle((session, tableName) -> tableName.equals(table) ? new MockConnectorTableHandle(tableName) : null).build();
    queryRunner.installPlugin(new MockConnectorPlugin(connectorFactory));
    queryRunner.createCatalog("local", "mock");
    assertions = new QueryAssertions(queryRunner);
    tableGrants.grant(new TrinoPrincipal(USER, "admin"), table, EnumSet.allOf(Privilege.class), true);
}
Also used : SystemSecurityMetadata(io.trino.metadata.SystemSecurityMetadata) DataProvider(org.testng.annotations.DataProvider) USER(io.trino.spi.security.PrincipalType.USER) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Test(org.testng.annotations.Test) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) ImmutableList(com.google.common.collect.ImmutableList) MockConnectorFactory(io.trino.connector.MockConnectorFactory) DisabledSystemSecurityMetadata(io.trino.metadata.DisabledSystemSecurityMetadata) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Identity(io.trino.spi.security.Identity) Grants(io.trino.connector.Grants) ROOT(java.util.Locale.ROOT) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Privilege(io.trino.spi.security.Privilege) EnumSet(java.util.EnumSet) OptionalBinder.newOptionalBinder(com.google.inject.multibindings.OptionalBinder.newOptionalBinder) AfterClass(org.testng.annotations.AfterClass) ImmutableSet(com.google.common.collect.ImmutableSet) BeforeClass(org.testng.annotations.BeforeClass) Set(java.util.Set) SchemaTableName(io.trino.spi.connector.SchemaTableName) String.format(java.lang.String.format) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) TestingSession.testSessionBuilder(io.trino.testing.TestingSession.testSessionBuilder) QualifiedObjectName(io.trino.metadata.QualifiedObjectName) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Randoms.randomUsername(io.trino.common.Randoms.randomUsername) QueryAssertions(io.trino.sql.query.QueryAssertions) MutableGrants(io.trino.connector.MutableGrants) Session(io.trino.Session) MockConnectorFactory(io.trino.connector.MockConnectorFactory) QueryAssertions(io.trino.sql.query.QueryAssertions) MockConnectorTableHandle(io.trino.connector.MockConnectorTableHandle) DisabledSystemSecurityMetadata(io.trino.metadata.DisabledSystemSecurityMetadata) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Privilege(io.trino.spi.security.Privilege) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) QualifiedObjectName(io.trino.metadata.QualifiedObjectName) Session(io.trino.Session) BeforeClass(org.testng.annotations.BeforeClass)

Example 50 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestDenyOnTable method testValidDenyTable.

@Test(dataProvider = "privileges")
public void testValidDenyTable(String privilege) {
    String username = randomUsername();
    denyCalled = false;
    expectedTableName = new QualifiedObjectName("local", "default", "table_one");
    if (privilege.equalsIgnoreCase("all privileges")) {
        expectedPrivileges = ImmutableSet.copyOf(Privilege.values());
    } else {
        expectedPrivileges = ImmutableSet.of(Privilege.valueOf(privilege.toUpperCase(ROOT)));
    }
    expectedGrantee = new TrinoPrincipal(USER, username);
    queryRunner.execute(admin, format("DENY %s ON TABLE table_one TO %s", privilege, username));
    assertThat(denyCalled).isTrue();
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) QualifiedObjectName(io.trino.metadata.QualifiedObjectName) Test(org.testng.annotations.Test)

Aggregations

TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)57 Test (org.testng.annotations.Test)44 SchemaTableName (io.trino.spi.connector.SchemaTableName)20 Session (io.trino.Session)15 SystemAccessControl (io.trino.spi.security.SystemAccessControl)12 CatalogSchemaName (io.trino.spi.connector.CatalogSchemaName)11 USER (io.trino.spi.security.PrincipalType.USER)9 Optional (java.util.Optional)9 MockConnectorFactory (io.trino.connector.MockConnectorFactory)8 Identity (io.trino.spi.security.Identity)8 ImmutableList (com.google.common.collect.ImmutableList)7 Privilege (io.trino.spi.security.Privilege)7 TestingSession.testSessionBuilder (io.trino.testing.TestingSession.testSessionBuilder)7 ImmutableSet (com.google.common.collect.ImmutableSet)6 MockConnectorPlugin (io.trino.connector.MockConnectorPlugin)6 WarningCollector (io.trino.execution.warnings.WarningCollector)6 Metadata (io.trino.metadata.Metadata)6 AccessControl (io.trino.security.AccessControl)6 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)6 RoleGrant (io.trino.spi.security.RoleGrant)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial