Search in sources :

Example 51 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestRevokeOnSchema method initClass.

@BeforeClass
public void initClass() throws Exception {
    queryRunner = DistributedQueryRunner.builder(userWithAllPrivileges).build();
    Grants<String> schemaGrants = new MutableGrants<>();
    schemaGrants.grant(new TrinoPrincipal(USER, admin.getUser()), "default", EnumSet.allOf(Privilege.class), true);
    schemaGrants.grant(new TrinoPrincipal(USER, userWithAllPrivileges.getUser()), "default", EnumSet.allOf(Privilege.class), true);
    schemaGrants.grant(new TrinoPrincipal(USER, userWithSelect.getUser()), "default", ImmutableSet.of(Privilege.SELECT), true);
    MockConnectorFactory connectorFactory = MockConnectorFactory.builder().withListSchemaNames(session -> ImmutableList.of("information_schema", "default")).withSchemaGrants(schemaGrants).build();
    queryRunner.installPlugin(new MockConnectorPlugin(connectorFactory));
    queryRunner.createCatalog("local", "mock");
    assertions = new QueryAssertions(queryRunner);
}
Also used : MockConnectorFactory(io.trino.connector.MockConnectorFactory) QueryAssertions(io.trino.sql.query.QueryAssertions) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) MutableGrants(io.trino.connector.MutableGrants) Privilege(io.trino.spi.security.Privilege) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) BeforeClass(org.testng.annotations.BeforeClass)

Example 52 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestingSystemSecurityMetadata method getRoleGrantsRecursively.

private Set<RoleGrant> getRoleGrantsRecursively(TrinoPrincipal principal) {
    Queue<RoleGrant> pending = new ArrayDeque<>(getRoleGrants(principal));
    Set<RoleGrant> seen = new HashSet<>();
    while (!pending.isEmpty()) {
        RoleGrant current = pending.remove();
        if (!seen.add(current)) {
            continue;
        }
        pending.addAll(getRoleGrants(new TrinoPrincipal(ROLE, current.getRoleName())));
    }
    return ImmutableSet.copyOf(seen);
}
Also used : RoleGrant(io.trino.spi.security.RoleGrant) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) ArrayDeque(java.util.ArrayDeque) HashSet(java.util.HashSet)

Example 53 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestMemoryMetadata method testCreatedViewShouldBeListedAsTable.

@Test
public void testCreatedViewShouldBeListedAsTable() {
    String schemaName = "test";
    SchemaTableName viewName = new SchemaTableName(schemaName, "test_view");
    metadata.createSchema(SESSION, schemaName, ImmutableMap.of(), new TrinoPrincipal(USER, SESSION.getUser()));
    metadata.createView(SESSION, viewName, testingViewDefinition("aaa"), true);
    assertThat(metadata.listTables(SESSION, Optional.of(schemaName))).contains(viewName);
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) SchemaTableName(io.trino.spi.connector.SchemaTableName) Test(org.testng.annotations.Test)

Example 54 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestMemoryMetadata method testCreateViewWithReplace.

@Test
public void testCreateViewWithReplace() {
    SchemaTableName test = new SchemaTableName("test", "test_view");
    metadata.createSchema(SESSION, "test", ImmutableMap.of(), new TrinoPrincipal(USER, SESSION.getUser()));
    metadata.createView(SESSION, test, testingViewDefinition("aaa"), true);
    metadata.createView(SESSION, test, testingViewDefinition("bbb"), true);
    assertThat(metadata.getView(SESSION, test)).map(ConnectorViewDefinition::getOriginalSql).hasValue("bbb");
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) SchemaTableName(io.trino.spi.connector.SchemaTableName) Test(org.testng.annotations.Test)

Example 55 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestMemoryMetadata method testViews.

@Test
public void testViews() {
    SchemaTableName test1 = new SchemaTableName("test", "test_view1");
    SchemaTableName test2 = new SchemaTableName("test", "test_view2");
    SchemaTableName test3 = new SchemaTableName("test", "test_view3");
    // create schema
    metadata.createSchema(SESSION, "test", ImmutableMap.of(), new TrinoPrincipal(USER, SESSION.getUser()));
    // create views
    metadata.createView(SESSION, test1, testingViewDefinition("test1"), false);
    metadata.createView(SESSION, test2, testingViewDefinition("test2"), false);
    // verify listing
    List<SchemaTableName> list = metadata.listViews(SESSION, Optional.of("test"));
    assertEqualsIgnoreOrder(list, ImmutableList.of(test1, test2));
    // verify getting data
    Map<SchemaTableName, ConnectorViewDefinition> views = metadata.getViews(SESSION, Optional.of("test"));
    assertEquals(views.keySet(), ImmutableSet.of(test1, test2));
    assertEquals(views.get(test1).getOriginalSql(), "test1");
    assertEquals(views.get(test2).getOriginalSql(), "test2");
    // all schemas
    assertThat(metadata.getViews(SESSION, Optional.empty())).containsOnlyKeys(test1, test2);
    // exact match on one schema and table
    assertThat(metadata.getView(SESSION, new SchemaTableName("test", "test_view1"))).map(ConnectorViewDefinition::getOriginalSql).contains("test1");
    // non-existent table
    assertThat(metadata.getView(SESSION, new SchemaTableName("test", "nonexistenttable"))).isEmpty();
    // non-existent schema
    assertThat(metadata.getViews(SESSION, Optional.of("nonexistentschema"))).isEmpty();
    // drop first view
    metadata.dropView(SESSION, test1);
    assertThat(metadata.getViews(SESSION, Optional.of("test"))).containsOnlyKeys(test2);
    // rename second view
    metadata.renameView(SESSION, test2, test3);
    assertThat(metadata.getViews(SESSION, Optional.of("test"))).containsOnlyKeys(test3);
    // drop second view
    metadata.dropView(SESSION, test3);
    assertThat(metadata.getViews(SESSION, Optional.of("test"))).isEmpty();
    // verify listing everything
    assertThat(metadata.getViews(SESSION, Optional.empty())).isEmpty();
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) SchemaTableName(io.trino.spi.connector.SchemaTableName) ConnectorViewDefinition(io.trino.spi.connector.ConnectorViewDefinition) Test(org.testng.annotations.Test)

Aggregations

TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)57 Test (org.testng.annotations.Test)44 SchemaTableName (io.trino.spi.connector.SchemaTableName)20 Session (io.trino.Session)15 SystemAccessControl (io.trino.spi.security.SystemAccessControl)12 CatalogSchemaName (io.trino.spi.connector.CatalogSchemaName)11 USER (io.trino.spi.security.PrincipalType.USER)9 Optional (java.util.Optional)9 MockConnectorFactory (io.trino.connector.MockConnectorFactory)8 Identity (io.trino.spi.security.Identity)8 ImmutableList (com.google.common.collect.ImmutableList)7 Privilege (io.trino.spi.security.Privilege)7 TestingSession.testSessionBuilder (io.trino.testing.TestingSession.testSessionBuilder)7 ImmutableSet (com.google.common.collect.ImmutableSet)6 MockConnectorPlugin (io.trino.connector.MockConnectorPlugin)6 WarningCollector (io.trino.execution.warnings.WarningCollector)6 Metadata (io.trino.metadata.Metadata)6 AccessControl (io.trino.security.AccessControl)6 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)6 RoleGrant (io.trino.spi.security.RoleGrant)6