Examples with ViewExpression io.trino.spi.security.ViewExpression used on opensource projects

Search in sources :

Example 21 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFilterInaccessibleColumns method testMaskingWithCaseOnNotAccessibleColumn.

@Test
public void testMaskingWithCaseOnNotAccessibleColumn() {
    accessControl.deny(privilege(USER, "nation.nationkey", SELECT_COLUMN));
    accessControl.columnMask(new QualifiedObjectName(CATALOG, TINY_SCHEMA_NAME, "nation"), "comment", USER, new ViewExpression(ADMIN, Optional.of(CATALOG), Optional.of(TINY_SCHEMA_NAME), "CASE nationkey WHEN 6 THEN 'masked-comment' ELSE comment END"));
    assertThat(assertions.query("SELECT * FROM nation WHERE name = 'FRANCE'")).matches("VALUES (CAST('FRANCE' AS VARCHAR(25)), BIGINT '3', CAST('masked-comment' AS VARCHAR(152)))");
    assertThat(assertions.query("SELECT * FROM nation WHERE name = 'CANADA'")).matches("VALUES (CAST('CANADA' AS VARCHAR(25)), BIGINT '1', CAST('eas hang ironic, silent packages. slyly regular packages are furiously over the tithes. fluffily bold' AS VARCHAR(152)))");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Example 22 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFilterInaccessibleColumns method testMaskingWithCaseOnNotAccessibleColumnKO.

@Test
public void testMaskingWithCaseOnNotAccessibleColumnKO() {
    accessControl.deny(privilege(USER, "nation.nationkey", SELECT_COLUMN));
    accessControl.columnMask(new QualifiedObjectName(CATALOG, TINY_SCHEMA_NAME, "nation"), "comment", USER, new ViewExpression(USER, Optional.of(CATALOG), Optional.of(TINY_SCHEMA_NAME), "CASE nationkey WHEN 6 THEN 'masked-comment' ELSE comment END"));
    assertThatThrownBy(() -> assertions.query("SELECT * FROM nation WHERE name = 'FRANCE'")).hasMessage("Access Denied: Cannot select from columns [nationkey, regionkey, name, comment] in table or view local.tiny.nation");
}
Also used : QualifiedObjectName(io.trino.metadata.QualifiedObjectName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Example 23 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFileBasedSystemAccessControl method assertViewExpressionEquals.

private static void assertViewExpressionEquals(Optional<ViewExpression> result, ViewExpression expected) {
    assertTrue(result.isPresent());
    ViewExpression actual = result.get();
    assertEquals(actual.getIdentity(), expected.getIdentity(), "Identity");
    assertEquals(actual.getCatalog(), expected.getCatalog(), "Catalog");
    assertEquals(actual.getSchema(), expected.getSchema(), "Schema");
    assertEquals(actual.getExpression(), expected.getExpression(), "Expression");
}
Also used : ViewExpression(io.trino.spi.security.ViewExpression)

Example 24 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFileBasedSystemAccessControl method testGetRowFilter.

@Test
public void testGetRowFilter() {
    SystemAccessControl accessControl = newFileBasedSystemAccessControl("file-based-system-access-table.json");
    assertEquals(accessControl.getRowFilter(ALICE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns")), Optional.empty());
    assertViewExpressionEquals(accessControl.getRowFilter(CHARLIE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns")), new ViewExpression(CHARLIE.getIdentity().getUser(), Optional.of("some-catalog"), Optional.of("bobschema"), "starts_with(value, 'filter')"));
    assertViewExpressionEquals(accessControl.getRowFilter(CHARLIE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns_with_grant")), new ViewExpression("filter-user", Optional.of("some-catalog"), Optional.of("bobschema"), "starts_with(value, 'filter-with-user')"));
}
Also used : SystemAccessControl(io.trino.spi.security.SystemAccessControl) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Example 25 with ViewExpression

use of io.trino.spi.security.ViewExpression in project trino by trinodb.

the class TestFileBasedSystemAccessControl method testGetColumnMask.

@Test
public void testGetColumnMask() {
    SystemAccessControl accessControl = newFileBasedSystemAccessControl("file-based-system-access-table.json");
    assertEquals(accessControl.getColumnMask(ALICE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns"), "masked", VARCHAR), Optional.empty());
    assertViewExpressionEquals(accessControl.getColumnMask(CHARLIE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns"), "masked", VARCHAR), new ViewExpression(CHARLIE.getIdentity().getUser(), Optional.of("some-catalog"), Optional.of("bobschema"), "'mask'"));
    assertViewExpressionEquals(accessControl.getColumnMask(CHARLIE, new CatalogSchemaTableName("some-catalog", "bobschema", "bobcolumns"), "masked_with_user", VARCHAR), new ViewExpression("mask-user", Optional.of("some-catalog"), Optional.of("bobschema"), "'mask-with-user'"));
}
Also used : SystemAccessControl(io.trino.spi.security.SystemAccessControl) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName) ViewExpression(io.trino.spi.security.ViewExpression) Test(org.testng.annotations.Test)

Aggregations

ViewExpression (io.trino.spi.security.ViewExpression)56 QualifiedObjectName (io.trino.metadata.QualifiedObjectName)48 Test (org.junit.jupiter.api.Test)41 Test (org.testng.annotations.Test)10 SystemAccessControl (io.trino.spi.security.SystemAccessControl)7 ImmutableList (com.google.common.collect.ImmutableList)5 TrinoException (io.trino.spi.TrinoException)5 CatalogSchemaTableName (io.trino.spi.connector.CatalogSchemaTableName)5 SchemaTableName (io.trino.spi.connector.SchemaTableName)4 ImmutableSet (com.google.common.collect.ImmutableSet)3 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)3 AllowAllSystemAccessControl (io.trino.plugin.base.security.AllowAllSystemAccessControl)3 DefaultSystemAccessControl (io.trino.plugin.base.security.DefaultSystemAccessControl)3 ReadOnlySystemAccessControl (io.trino.plugin.base.security.ReadOnlySystemAccessControl)3 Suppliers.memoizeWithExpiration (com.google.common.base.Suppliers.memoizeWithExpiration)2 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)2 Injector (com.google.inject.Injector)2 Bootstrap (io.airlift.bootstrap.Bootstrap)2 ConfigBinder.configBinder (io.airlift.configuration.ConfigBinder.configBinder)2 Logger (io.airlift.log.Logger)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial