Examples with TransactionManager io.trino.transaction.TransactionManager used on opensource projects

Search in sources :

Example 36 with TransactionManager

use of io.trino.transaction.TransactionManager in project trino by trinodb.

the class TestAccessControlManager method testDenyExecuteProcedureBySystem.

@Test
public void testDenyExecuteProcedureBySystem() {
    CatalogManager catalogManager = new CatalogManager();
    TransactionManager transactionManager = createTestTransactionManager(catalogManager);
    AccessControlManager accessControlManager = createAccessControlManager(transactionManager);
    TestSystemAccessControlFactory accessControlFactory = new TestSystemAccessControlFactory("deny-all");
    accessControlManager.addSystemAccessControlFactory(accessControlFactory);
    accessControlManager.setSystemAccessControl("deny-all", ImmutableMap.of());
    assertDenyExecuteProcedure(transactionManager, accessControlManager, "Access Denied: Cannot execute procedure connector.schema.procedure");
}
Also used : TransactionManager(io.trino.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) CatalogManager(io.trino.metadata.CatalogManager) Test(org.testng.annotations.Test)

Example 37 with TransactionManager

use of io.trino.transaction.TransactionManager in project trino by trinodb.

the class TestAccessControlManager method testDenyExecuteFunctionBySystemAccessControl.

@Test
public void testDenyExecuteFunctionBySystemAccessControl() {
    CatalogManager catalogManager = new CatalogManager();
    TransactionManager transactionManager = createTestTransactionManager(catalogManager);
    AccessControlManager accessControlManager = createAccessControlManager(transactionManager);
    TestSystemAccessControlFactory accessControlFactory = new TestSystemAccessControlFactory("deny-all");
    accessControlManager.addSystemAccessControlFactory(accessControlFactory);
    accessControlManager.setSystemAccessControl("deny-all", ImmutableMap.of());
    transaction(transactionManager, accessControlManager).execute(transactionId -> {
        assertThatThrownBy(() -> accessControlManager.checkCanExecuteFunction(context(transactionId), "executed_function")).isInstanceOf(AccessDeniedException.class).hasMessage("Access Denied: Cannot execute function executed_function");
        assertThatThrownBy(() -> accessControlManager.checkCanGrantExecuteFunctionPrivilege(context(transactionId), "executed_function", Identity.ofUser("bob"), true)).isInstanceOf(AccessDeniedException.class).hasMessage("Access Denied: 'user_name' cannot grant 'executed_function' execution to user 'bob'");
    });
}
Also used : AccessDeniedException(io.trino.spi.security.AccessDeniedException) TransactionManager(io.trino.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) CatalogManager(io.trino.metadata.CatalogManager) Test(org.testng.annotations.Test)

Example 38 with TransactionManager

use of io.trino.transaction.TransactionManager in project trino by trinodb.

the class TestAccessControlManager method testDenySystemAccessControl.

@Test
public void testDenySystemAccessControl() {
    try (LocalQueryRunner queryRunner = LocalQueryRunner.create(TEST_SESSION)) {
        TransactionManager transactionManager = queryRunner.getTransactionManager();
        AccessControlManager accessControlManager = createAccessControlManager(transactionManager);
        TestSystemAccessControlFactory accessControlFactory = new TestSystemAccessControlFactory("test");
        accessControlManager.addSystemAccessControlFactory(accessControlFactory);
        accessControlManager.setSystemAccessControl("test", ImmutableMap.of());
        queryRunner.createCatalog("catalog", MockConnectorFactory.create(), ImmutableMap.of());
        accessControlManager.addCatalogAccessControl(new CatalogName("connector"), new DenyConnectorAccessControl());
        assertThatThrownBy(() -> transaction(transactionManager, accessControlManager).execute(transactionId -> {
            accessControlManager.checkCanSelectFromColumns(context(transactionId), new QualifiedObjectName("secured_catalog", "schema", "table"), ImmutableSet.of("column"));
        })).isInstanceOf(TrinoException.class).hasMessageMatching("Access Denied: Cannot select from table secured_catalog.schema.table");
    }
}
Also used : QueryId(io.trino.spi.QueryId) TransactionBuilder.transaction(io.trino.transaction.TransactionBuilder.transaction) TransactionManager(io.trino.transaction.TransactionManager) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Test(org.testng.annotations.Test) SystemSecurityContext(io.trino.spi.security.SystemSecurityContext) CatalogName(io.trino.connector.CatalogName) MockConnectorFactory(io.trino.connector.MockConnectorFactory) Map(java.util.Map) CatalogSchemaName(io.trino.spi.connector.CatalogSchemaName) TEST_SESSION(io.trino.SessionTestUtils.TEST_SESSION) Path(java.nio.file.Path) WRITE(java.nio.file.StandardOpenOption.WRITE) ImmutableSet(com.google.common.collect.ImmutableSet) ImmutableMap(com.google.common.collect.ImmutableMap) ViewExpression(io.trino.spi.security.ViewExpression) ConnectorAccessControl(io.trino.spi.connector.ConnectorAccessControl) Set(java.util.Set) TrinoException(io.trino.spi.TrinoException) SchemaTableName(io.trino.spi.connector.SchemaTableName) BasicPrincipal(io.trino.spi.security.BasicPrincipal) TestingEventListenerManager.emptyEventListenerManager(io.trino.testing.TestingEventListenerManager.emptyEventListenerManager) List(java.util.List) Principal(java.security.Principal) BIGINT(io.trino.spi.type.BigintType.BIGINT) ReadOnlySystemAccessControl(io.trino.plugin.base.security.ReadOnlySystemAccessControl) CatalogSchemaTableName(io.trino.spi.connector.CatalogSchemaTableName) Optional(java.util.Optional) SystemAccessControlFactory(io.trino.spi.security.SystemAccessControlFactory) AccessDeniedException(io.trino.spi.security.AccessDeniedException) TestingEventListenerManager(io.trino.testing.TestingEventListenerManager) TRUNCATE_EXISTING(java.nio.file.StandardOpenOption.TRUNCATE_EXISTING) Type(io.trino.spi.type.Type) Assert.assertEquals(org.testng.Assert.assertEquals) AllowAllAccessControl(io.trino.plugin.base.security.AllowAllAccessControl) SystemAccessControl(io.trino.spi.security.SystemAccessControl) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) ImmutableList(com.google.common.collect.ImmutableList) Assertions.assertThatThrownBy(org.assertj.core.api.Assertions.assertThatThrownBy) Identity(io.trino.spi.security.Identity) LocalQueryRunner(io.trino.testing.LocalQueryRunner) Objects.requireNonNull(java.util.Objects.requireNonNull) ConnectorSecurityContext(io.trino.spi.connector.ConnectorSecurityContext) Files(java.nio.file.Files) AccessDeniedException.denySelectTable(io.trino.spi.security.AccessDeniedException.denySelectTable) IOException(java.io.IOException) Files.createTempFile(java.nio.file.Files.createTempFile) QualifiedObjectName(io.trino.metadata.QualifiedObjectName) DefaultSystemAccessControl(io.trino.plugin.base.security.DefaultSystemAccessControl) EventListenerManager(io.trino.eventlistener.EventListenerManager) CatalogManager(io.trino.metadata.CatalogManager) CREATE(java.nio.file.StandardOpenOption.CREATE) TransactionId(io.trino.transaction.TransactionId) EventListener(io.trino.spi.eventlistener.EventListener) AllowAllSystemAccessControl(io.trino.plugin.base.security.AllowAllSystemAccessControl) TransactionManager(io.trino.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) TrinoException(io.trino.spi.TrinoException) CatalogName(io.trino.connector.CatalogName) LocalQueryRunner(io.trino.testing.LocalQueryRunner) QualifiedObjectName(io.trino.metadata.QualifiedObjectName) Test(org.testng.annotations.Test)

Example 39 with TransactionManager

use of io.trino.transaction.TransactionManager in project trino by trinodb.

the class TestQuerySessionSupplier method createSessionSupplier.

private static QuerySessionSupplier createSessionSupplier(SqlEnvironmentConfig config) {
    TransactionManager transactionManager = createTestTransactionManager();
    Metadata metadata = testMetadataManagerBuilder().withTransactionManager(transactionManager).build();
    return new QuerySessionSupplier(metadata, new AllowAllAccessControl(), new SessionPropertyManager(), config);
}
Also used : TransactionManager(io.trino.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) AllowAllAccessControl(io.trino.security.AllowAllAccessControl) Metadata(io.trino.metadata.Metadata) SessionPropertyManager(io.trino.metadata.SessionPropertyManager)

Example 40 with TransactionManager

use of io.trino.transaction.TransactionManager in project trino by trinodb.

the class TestFileBasedSystemAccessControl method testCanSetUserOperations.

@Test
public void testCanSetUserOperations() {
    TransactionManager transactionManager = createTestTransactionManager();
    AccessControlManager accessControlManager = newAccessControlManager(transactionManager, "catalog_principal.json");
    try {
        accessControlManager.checkCanSetUser(Optional.empty(), alice.getUser());
        throw new AssertionError("expected AccessDeniedExeption");
    } catch (AccessDeniedException expected) {
    }
    accessControlManager.checkCanSetUser(kerberosValidAlice.getPrincipal(), kerberosValidAlice.getUser());
    accessControlManager.checkCanSetUser(kerberosValidNonAsciiUser.getPrincipal(), kerberosValidNonAsciiUser.getUser());
    try {
        accessControlManager.checkCanSetUser(kerberosInvalidAlice.getPrincipal(), kerberosInvalidAlice.getUser());
        throw new AssertionError("expected AccessDeniedExeption");
    } catch (AccessDeniedException expected) {
    }
    accessControlManager.checkCanSetUser(kerberosValidShare.getPrincipal(), kerberosValidShare.getUser());
    try {
        accessControlManager.checkCanSetUser(kerberosInValidShare.getPrincipal(), kerberosInValidShare.getUser());
        throw new AssertionError("expected AccessDeniedExeption");
    } catch (AccessDeniedException expected) {
    }
    accessControlManager.checkCanSetUser(validSpecialRegexWildDot.getPrincipal(), validSpecialRegexWildDot.getUser());
    accessControlManager.checkCanSetUser(validSpecialRegexEndQuote.getPrincipal(), validSpecialRegexEndQuote.getUser());
    try {
        accessControlManager.checkCanSetUser(invalidSpecialRegex.getPrincipal(), invalidSpecialRegex.getUser());
        throw new AssertionError("expected AccessDeniedExeption");
    } catch (AccessDeniedException expected) {
    }
    AccessControlManager accessControlManagerNoPatterns = newAccessControlManager(transactionManager, "catalog.json");
    accessControlManagerNoPatterns.checkCanSetUser(kerberosValidAlice.getPrincipal(), kerberosValidAlice.getUser());
}
Also used : AccessDeniedException(io.trino.spi.security.AccessDeniedException) TransactionManager(io.trino.transaction.TransactionManager) InMemoryTransactionManager.createTestTransactionManager(io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager) Test(org.testng.annotations.Test)

Aggregations

TransactionManager (io.trino.transaction.TransactionManager)48 InMemoryTransactionManager.createTestTransactionManager (io.trino.transaction.InMemoryTransactionManager.createTestTransactionManager)42 Test (org.testng.annotations.Test)40 AccessDeniedException (io.trino.spi.security.AccessDeniedException)17 Session (io.trino.Session)16 QualifiedObjectName (io.trino.metadata.QualifiedObjectName)16 Optional (java.util.Optional)13 ImmutableSet (com.google.common.collect.ImmutableSet)12 SchemaTableName (io.trino.spi.connector.SchemaTableName)12 Map (java.util.Map)12 ImmutableMap (com.google.common.collect.ImmutableMap)11 DefaultSystemAccessControl (io.trino.plugin.base.security.DefaultSystemAccessControl)11 Identity (io.trino.spi.security.Identity)11 Set (java.util.Set)11 Assert.assertEquals (org.testng.Assert.assertEquals)11 QueryId (io.trino.spi.QueryId)10 CatalogSchemaName (io.trino.spi.connector.CatalogSchemaName)10 TestingEventListenerManager.emptyEventListenerManager (io.trino.testing.TestingEventListenerManager.emptyEventListenerManager)10 TransactionBuilder.transaction (io.trino.transaction.TransactionBuilder.transaction)10 Assertions.assertThatThrownBy (org.assertj.core.api.Assertions.assertThatThrownBy)10
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial