Examples with TrinoPrincipal io.trino.spi.security.TrinoPrincipal used on opensource projects

Search in sources :

Example 41 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class CreateSchemaTask method getCreatePrincipal.

private static TrinoPrincipal getCreatePrincipal(CreateSchema statement, Session session, Metadata metadata, String catalog) {
    if (statement.getPrincipal().isEmpty()) {
        return new TrinoPrincipal(PrincipalType.USER, session.getUser());
    }
    TrinoPrincipal principal = createPrincipal(statement.getPrincipal().get());
    checkRoleExists(session, statement, metadata, principal, Optional.of(catalog));
    return principal;
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal)

Example 42 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestAccessControl method createQueryRunner.

@Override
protected QueryRunner createQueryRunner() throws Exception {
    Session session = testSessionBuilder().setCatalog("blackhole").setSchema("default").build();
    DistributedQueryRunner queryRunner = DistributedQueryRunner.builder(session).setNodeCount(1).build();
    queryRunner.installPlugin(new BlackHolePlugin());
    queryRunner.createCatalog("blackhole", "blackhole");
    queryRunner.installPlugin(new TpchPlugin());
    queryRunner.createCatalog("tpch", "tpch");
    queryRunner.installPlugin(new MockConnectorPlugin(MockConnectorFactory.builder().withGetViews((connectorSession, prefix) -> {
        ConnectorViewDefinition definitionRunAsDefiner = new ConnectorViewDefinition("select 1", Optional.of("mock"), Optional.of("default"), ImmutableList.of(new ConnectorViewDefinition.ViewColumn("test", BIGINT.getTypeId())), Optional.of("comment"), Optional.of("admin"), false);
        ConnectorViewDefinition definitionRunAsInvoker = new ConnectorViewDefinition("select 1", Optional.of("mock"), Optional.of("default"), ImmutableList.of(new ConnectorViewDefinition.ViewColumn("test", BIGINT.getTypeId())), Optional.of("comment"), Optional.empty(), true);
        return ImmutableMap.of(new SchemaTableName("default", "test_view_definer"), definitionRunAsDefiner, new SchemaTableName("default", "test_view_invoker"), definitionRunAsInvoker);
    }).withListRoleGrants((connectorSession, roles, grantees, limit) -> ImmutableSet.of(new RoleGrant(new TrinoPrincipal(USER, "alice"), "alice_role", false))).build()));
    queryRunner.createCatalog("mock", "mock");
    for (String tableName : ImmutableList.of("orders", "nation", "region", "lineitem")) {
        queryRunner.execute(format("CREATE TABLE %1$s AS SELECT * FROM tpch.tiny.%1$s WITH NO DATA", tableName));
    }
    return queryRunner;
}
Also used : EXECUTE_QUERY(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.EXECUTE_QUERY) SHOW_COLUMNS(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SHOW_COLUMNS) USER(io.trino.spi.security.PrincipalType.USER) Test(org.testng.annotations.Test) TRUNCATE_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.TRUNCATE_TABLE) CREATE_VIEW_WITH_SELECT_COLUMNS(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.CREATE_VIEW_WITH_SELECT_COLUMNS) SHOW_CREATE_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SHOW_CREATE_TABLE) BlackHolePlugin(io.trino.plugin.blackhole.BlackHolePlugin) AbstractTestQueryFramework(io.trino.testing.AbstractTestQueryFramework) Assertions(io.airlift.testing.Assertions) DELETE_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.DELETE_TABLE) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) MockConnectorFactory(io.trino.connector.MockConnectorFactory) TestingPrivilege(io.trino.testing.TestingAccessControlManager.TestingPrivilege) SET_TABLE_PROPERTIES(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SET_TABLE_PROPERTIES) ConnectorViewDefinition(io.trino.spi.connector.ConnectorViewDefinition) TpchPlugin(io.trino.plugin.tpch.TpchPlugin) CREATE_MATERIALIZED_VIEW(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.CREATE_MATERIALIZED_VIEW) TestTable.randomTableSuffix(io.trino.testing.sql.TestTable.randomTableSuffix) INSERT_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.INSERT_TABLE) RENAME_COLUMN(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.RENAME_COLUMN) ImmutableSet(com.google.common.collect.ImmutableSet) QUERY_MAX_MEMORY(io.trino.SystemSessionProperties.QUERY_MAX_MEMORY) ImmutableMap(com.google.common.collect.ImmutableMap) DROP_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.DROP_TABLE) SchemaTableName(io.trino.spi.connector.SchemaTableName) String.format(java.lang.String.format) SelectedRole(io.trino.spi.security.SelectedRole) DROP_COLUMN(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.DROP_COLUMN) TestingSession.testSessionBuilder(io.trino.testing.TestingSession.testSessionBuilder) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) BIGINT(io.trino.spi.type.BigintType.BIGINT) RENAME_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.RENAME_TABLE) ROLE(io.trino.spi.security.SelectedRole.Type.ROLE) UPDATE_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.UPDATE_TABLE) TestingSession(io.trino.testing.TestingSession) Optional(java.util.Optional) CREATE_VIEW(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.CREATE_VIEW) SET_USER(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SET_USER) Session(io.trino.Session) SELECT_COLUMN(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SELECT_COLUMN) CREATE_TABLE(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.CREATE_TABLE) ImmutableList(com.google.common.collect.ImmutableList) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Identity(io.trino.spi.security.Identity) SET_SESSION(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.SET_SESSION) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) EXECUTE_FUNCTION(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.EXECUTE_FUNCTION) GRANT_EXECUTE_FUNCTION(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.GRANT_EXECUTE_FUNCTION) RoleGrant(io.trino.spi.security.RoleGrant) TestingAccessControlManager.privilege(io.trino.testing.TestingAccessControlManager.privilege) QueryRunner(io.trino.testing.QueryRunner) ADD_COLUMN(io.trino.testing.TestingAccessControlManager.TestingPrivilegeType.ADD_COLUMN) RoleGrant(io.trino.spi.security.RoleGrant) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) BlackHolePlugin(io.trino.plugin.blackhole.BlackHolePlugin) TpchPlugin(io.trino.plugin.tpch.TpchPlugin) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) SchemaTableName(io.trino.spi.connector.SchemaTableName) TestingSession(io.trino.testing.TestingSession) Session(io.trino.Session) ConnectorViewDefinition(io.trino.spi.connector.ConnectorViewDefinition)

Example 43 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestGrantOnSchema method initClass.

@BeforeClass
public void initClass() throws Exception {
    queryRunner = DistributedQueryRunner.builder(admin).build();
    MockConnectorFactory connectorFactory = MockConnectorFactory.builder().withListSchemaNames(session -> ImmutableList.of("information_schema", "default")).withListTables((session, schema) -> "default".equalsIgnoreCase(schema) ? ImmutableList.of(new SchemaTableName(schema, "table_one")) : ImmutableList.of()).withSchemaGrants(schemaGrants).build();
    queryRunner.installPlugin(new MockConnectorPlugin(connectorFactory));
    queryRunner.createCatalog("local", "mock");
    assertions = new QueryAssertions(queryRunner);
    schemaGrants.grant(new TrinoPrincipal(USER, admin.getUser()), "default", EnumSet.allOf(Privilege.class), true);
}
Also used : AfterClass(org.testng.annotations.AfterClass) DataProvider(org.testng.annotations.DataProvider) DataProviders(io.trino.testing.DataProviders) USER(io.trino.spi.security.PrincipalType.USER) BeforeClass(org.testng.annotations.BeforeClass) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Test(org.testng.annotations.Test) SchemaTableName(io.trino.spi.connector.SchemaTableName) String.format(java.lang.String.format) TestingSession.testSessionBuilder(io.trino.testing.TestingSession.testSessionBuilder) DistributedQueryRunner(io.trino.testing.DistributedQueryRunner) ImmutableList(com.google.common.collect.ImmutableList) MockConnectorFactory(io.trino.connector.MockConnectorFactory) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Randoms.randomUsername(io.trino.common.Randoms.randomUsername) Identity(io.trino.spi.security.Identity) Grants(io.trino.connector.Grants) QueryAssertions(io.trino.sql.query.QueryAssertions) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) MutableGrants(io.trino.connector.MutableGrants) Privilege(io.trino.spi.security.Privilege) EnumSet(java.util.EnumSet) Session(io.trino.Session) MockConnectorFactory(io.trino.connector.MockConnectorFactory) QueryAssertions(io.trino.sql.query.QueryAssertions) TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) MockConnectorPlugin(io.trino.connector.MockConnectorPlugin) Privilege(io.trino.spi.security.Privilege) SchemaTableName(io.trino.spi.connector.SchemaTableName) BeforeClass(org.testng.annotations.BeforeClass)

Example 44 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestGrantOnSchema method testExistingGrants.

@Test(dataProviderClass = DataProviders.class, dataProvider = "trueFalse")
public void testExistingGrants(boolean grantOption) {
    String username = randomUsername();
    Session user = sessionOf(username);
    schemaGrants.grant(new TrinoPrincipal(USER, user.getUser()), "default", EnumSet.allOf(Privilege.class), grantOption);
    assertThat(assertions.query(admin, "SHOW SCHEMAS FROM local")).matches("VALUES (VARCHAR 'information_schema'), (VARCHAR 'default')");
    assertThat(assertions.query(user, "SHOW SCHEMAS FROM local")).matches("VALUES (VARCHAR 'information_schema'), (VARCHAR 'default')");
    assertThat(assertions.query(admin, "SHOW TABLES FROM default")).matches("VALUES (VARCHAR 'table_one')");
    assertThat(assertions.query(user, "SHOW TABLES FROM default")).matches("VALUES (VARCHAR 'table_one')");
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Privilege(io.trino.spi.security.Privilege) Session(io.trino.Session) Test(org.testng.annotations.Test)

Example 45 with TrinoPrincipal

use of io.trino.spi.security.TrinoPrincipal in project trino by trinodb.

the class TestGrantOnTable method testExistingGrants.

@Test(dataProviderClass = DataProviders.class, dataProvider = "trueFalse")
public void testExistingGrants(boolean grantOption) {
    String username = randomUsername();
    Session user = sessionOf(username);
    tableGrants.grant(new TrinoPrincipal(USER, username), table, EnumSet.allOf(Privilege.class), grantOption);
    assertThat(assertions.query(admin, "SHOW TABLES FROM local.default")).matches("VALUES (VARCHAR 'table_one')");
    assertThat(assertions.query(user, "SHOW TABLES FROM local.default")).matches("VALUES (VARCHAR 'table_one')");
}
Also used : TrinoPrincipal(io.trino.spi.security.TrinoPrincipal) Privilege(io.trino.spi.security.Privilege) Session(io.trino.Session) Test(org.testng.annotations.Test)

Aggregations

TrinoPrincipal (io.trino.spi.security.TrinoPrincipal)57 Test (org.testng.annotations.Test)44 SchemaTableName (io.trino.spi.connector.SchemaTableName)20 Session (io.trino.Session)15 SystemAccessControl (io.trino.spi.security.SystemAccessControl)12 CatalogSchemaName (io.trino.spi.connector.CatalogSchemaName)11 USER (io.trino.spi.security.PrincipalType.USER)9 Optional (java.util.Optional)9 MockConnectorFactory (io.trino.connector.MockConnectorFactory)8 Identity (io.trino.spi.security.Identity)8 ImmutableList (com.google.common.collect.ImmutableList)7 Privilege (io.trino.spi.security.Privilege)7 TestingSession.testSessionBuilder (io.trino.testing.TestingSession.testSessionBuilder)7 ImmutableSet (com.google.common.collect.ImmutableSet)6 MockConnectorPlugin (io.trino.connector.MockConnectorPlugin)6 WarningCollector (io.trino.execution.warnings.WarningCollector)6 Metadata (io.trino.metadata.Metadata)6 AccessControl (io.trino.security.AccessControl)6 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)6 RoleGrant (io.trino.spi.security.RoleGrant)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial