Examples with ViewExpression io.trino.spi.security.ViewExpression used on opensource projects

Search in sources :

Example 51 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestColumnMask method testDifferentIdentity.

@Test
public void testDifferentIdentity() {
    accessControl.reset();
    accessControl.columnMask(new QualifiedObjectName(CATALOG, "tiny", "orders"), "orderkey", RUN_AS_USER, new ViewExpression(RUN_AS_USER, Optional.of(CATALOG), Optional.of("tiny"), "100"));
    accessControl.columnMask(new QualifiedObjectName(CATALOG, "tiny", "orders"), "orderkey", USER, new ViewExpression(RUN_AS_USER, Optional.of(CATALOG), Optional.of("tiny"), "(SELECT sum(orderkey) FROM orders)"));
    assertThat(assertions.query("SELECT max(orderkey) FROM orders")).matches("VALUES BIGINT '1500000'");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.junit.jupiter.api.Test)

Example 52 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestColumnMask method testMaterializedView.

@Test
public void testMaterializedView() {
    // mask materialized view columns
    accessControl.reset();
    accessControl.columnMask(new QualifiedObjectName(MOCK_CATALOG, "default", "nation_fresh_materialized_view"), "name", USER, new ViewExpression(USER, Optional.empty(), Optional.empty(), "reverse(name)"));
    accessControl.columnMask(new QualifiedObjectName(MOCK_CATALOG, "default", "nation_materialized_view"), "name", USER, new ViewExpression(USER, Optional.empty(), Optional.empty(), "reverse(name)"));
    accessControl.columnMask(new QualifiedObjectName(MOCK_CATALOG, "default", "materialized_view_with_casts"), "name", USER, new ViewExpression(USER, Optional.empty(), Optional.empty(), "reverse(name)"));
    assertThat(assertions.query(Session.builder(SESSION).setIdentity(Identity.forUser(USER).build()).build(), "SELECT name FROM mock.default.nation_fresh_materialized_view WHERE nationkey = 1")).matches("VALUES CAST('ANITNEGRA' AS VARCHAR(25))");
    assertThat(assertions.query(Session.builder(SESSION).setIdentity(Identity.forUser(USER).build()).build(), "SELECT name FROM mock.default.nation_materialized_view WHERE nationkey = 1")).matches("VALUES CAST('ANITNEGRA' AS VARCHAR(25))");
    assertThat(assertions.query(Session.builder(SESSION).setIdentity(Identity.forUser(USER).build()).build(), "SELECT name FROM mock.default.materialized_view_with_casts WHERE nationkey = 1")).matches("VALUES CAST('RA' AS VARCHAR(2))");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.junit.jupiter.api.Test)

Example 53 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFilterInaccessibleColumns method testRowFilterOnNotAccessibleColumn.

@Test
public void testRowFilterOnNotAccessibleColumn() {
    accessControl.rowFilter(new QualifiedObjectName(CATALOG, TINY_SCHEMA_NAME, "nation"), USER, new ViewExpression(ADMIN, Optional.of(CATALOG), Optional.of(TINY_SCHEMA_NAME), "comment IS NOT null"));
    accessControl.deny(privilege(USER, "nation.comment", SELECT_COLUMN));
    assertThat(assertions.query("SELECT * FROM nation WHERE name = 'FRANCE'")).matches("VALUES (BIGINT '6', CAST('FRANCE' AS VARCHAR(25)), BIGINT '3')");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Example 54 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFilterInaccessibleColumns method testRowFilterOnNotAccessibleColumnKO.

@Test
public void testRowFilterOnNotAccessibleColumnKO() {
    accessControl.rowFilter(new QualifiedObjectName(CATALOG, TINY_SCHEMA_NAME, "nation"), USER, new ViewExpression(USER, Optional.of(CATALOG), Optional.of(TINY_SCHEMA_NAME), "comment IS NOT null"));
    accessControl.deny(privilege(USER, "nation.comment", SELECT_COLUMN));
    assertThatThrownBy(() -> assertions.query("SELECT * FROM nation WHERE name = 'FRANCE'")).hasMessage("Access Denied: Cannot select from columns [nationkey, regionkey, name, comment] in table or view local.tiny.nation");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Example 55 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFilterInaccessibleColumns method testMaskingOnAccessibleColumn.

@Test
public void testMaskingOnAccessibleColumn() {
    accessControl.columnMask(new QualifiedObjectName(CATALOG, TINY_SCHEMA_NAME, "nation"), "nationkey", USER, new ViewExpression(ADMIN, Optional.of(CATALOG), Optional.of(TINY_SCHEMA_NAME), "-nationkey"));
    assertThat(assertions.query("SELECT * FROM nation WHERE name = 'FRANCE'")).matches("VALUES (BIGINT '-6',CAST('FRANCE' AS VARCHAR(25)), BIGINT '3', CAST('refully final requests. regular, ironi' AS VARCHAR(152)))");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Aggregations

ViewExpression (io.trino.spi.security.ViewExpression)56 QualifiedObjectName (io.trino.metadata.QualifiedObjectName)48 Test (org.junit.jupiter.api.Test)41 Test (org.testng.annotations.Test)10 SystemAccessControl (io.trino.spi.security.SystemAccessControl)7 ImmutableList (com.google.common.collect.ImmutableList)5 TrinoException (io.trino.spi.TrinoException)5 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)5 SchemaTableName (io.trino.spi.connector.SchemaTableName)4 ImmutableSet (com.google.common.collect.ImmutableSet)3 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)3 AllowAllSystemAccessControl (io.trino.plugin.base.security.AllowAllSystemAccessControl)3 DefaultSystemAccessControl (io.trino.plugin.base.security.DefaultSystemAccessControl)3 ReadOnlySystemAccessControl (io.trino.plugin.base.security.ReadOnlySystemAccessControl)3 Suppliers.memoizeWithExpiration (com.google.common.base.Suppliers.memoizeWithExpiration)2 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)2 Injector (com.google.inject.Injector)2 Bootstrap (io.airlift.bootstrap.Bootstrap)2 ConfigBinder.configBinder (io.airlift.configuration.ConfigBinder.configBinder)2 Logger (io.airlift.log.Logger)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial