Search in sources :

Example 1 with IAuthorizer

use of org.apache.cassandra.auth.IAuthorizer in project cassandra by apache.

the class InvalidateJmxPermissionsCacheTest method setup.

@BeforeClass
public static void setup() throws Exception {
    CQLTester.setUpClass();
    CQLTester.requireAuthentication();
    IRoleManager roleManager = DatabaseDescriptor.getRoleManager();
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_A, AuthTestUtils.getLoginRoleOptions());
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_B, AuthTestUtils.getLoginRoleOptions());
    JMXResource rootJmxResource = JMXResource.root();
    Set<Permission> jmxPermissions = rootJmxResource.applicablePermissions();
    IAuthorizer authorizer = DatabaseDescriptor.getAuthorizer();
    authorizer.grant(AuthenticatedUser.SYSTEM_USER, jmxPermissions, rootJmxResource, ROLE_A);
    authorizer.grant(AuthenticatedUser.SYSTEM_USER, jmxPermissions, rootJmxResource, ROLE_B);
    AuthCacheService.initializeAndRegisterCaches();
    startJMXServer();
}
Also used : IRoleManager(org.apache.cassandra.auth.IRoleManager) IAuthorizer(org.apache.cassandra.auth.IAuthorizer) Permission(org.apache.cassandra.auth.Permission) JMXResource(org.apache.cassandra.auth.JMXResource) BeforeClass(org.junit.BeforeClass)

Example 2 with IAuthorizer

use of org.apache.cassandra.auth.IAuthorizer in project cassandra by apache.

the class JmxPermissionsCacheKeysTableTest method setup.

// this method is intentionally not called "setUpClass" to let it throw exception brought by startJMXServer method
@BeforeClass
public static void setup() throws Exception {
    // high value is used for convenient debugging
    DatabaseDescriptor.setPermissionsValidity(20_000);
    CQLTester.setUpClass();
    CQLTester.requireAuthentication();
    IRoleManager roleManager = DatabaseDescriptor.getRoleManager();
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_A, AuthTestUtils.getLoginRoleOptions());
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_B, AuthTestUtils.getLoginRoleOptions());
    List<IResource> resources = Arrays.asList(JMXResource.root(), JMXResource.mbean("org.apache.cassandra.db:type=Tables,*"));
    IAuthorizer authorizer = DatabaseDescriptor.getAuthorizer();
    for (IResource resource : resources) {
        Set<Permission> permissions = resource.applicablePermissions();
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_A);
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_B);
    }
    startJMXServer();
}
Also used : IRoleManager(org.apache.cassandra.auth.IRoleManager) IAuthorizer(org.apache.cassandra.auth.IAuthorizer) Permission(org.apache.cassandra.auth.Permission) IResource(org.apache.cassandra.auth.IResource) BeforeClass(org.junit.BeforeClass)

Example 3 with IAuthorizer

use of org.apache.cassandra.auth.IAuthorizer in project cassandra by apache.

the class PermissionsCacheKeysTableTest method setUpClass.

@BeforeClass
public static void setUpClass() {
    // high value is used for convenient debugging
    DatabaseDescriptor.setPermissionsValidity(20_000);
    CQLTester.setUpClass();
    CQLTester.requireAuthentication();
    IRoleManager roleManager = DatabaseDescriptor.getRoleManager();
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_A, AuthTestUtils.getLoginRoleOptions());
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_B, AuthTestUtils.getLoginRoleOptions());
    List<IResource> resources = Arrays.asList(DataResource.root(), DataResource.keyspace(KEYSPACE), DataResource.table(KEYSPACE, "t1"));
    IAuthorizer authorizer = DatabaseDescriptor.getAuthorizer();
    for (IResource resource : resources) {
        Set<Permission> permissions = resource.applicablePermissions();
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_A);
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_B);
    }
}
Also used : IRoleManager(org.apache.cassandra.auth.IRoleManager) IAuthorizer(org.apache.cassandra.auth.IAuthorizer) Permission(org.apache.cassandra.auth.Permission) IResource(org.apache.cassandra.auth.IResource) BeforeClass(org.junit.BeforeClass)

Example 4 with IAuthorizer

use of org.apache.cassandra.auth.IAuthorizer in project cassandra by apache.

the class InvalidatePermissionsCacheTest method setup.

@BeforeClass
public static void setup() throws Exception {
    CQLTester.setUpClass();
    CQLTester.requireAuthentication();
    IRoleManager roleManager = DatabaseDescriptor.getRoleManager();
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_A, AuthTestUtils.getLoginRoleOptions());
    roleManager.createRole(AuthenticatedUser.SYSTEM_USER, ROLE_B, AuthTestUtils.getLoginRoleOptions());
    AuthCacheService.initializeAndRegisterCaches();
    List<IResource> resources = Arrays.asList(DataResource.root(), DataResource.keyspace(KEYSPACE), DataResource.allTables(KEYSPACE), DataResource.table(KEYSPACE, "t1"), RoleResource.root(), RoleResource.role("role_x"), FunctionResource.root(), FunctionResource.keyspace(KEYSPACE), // CQLTester.createFunction from static contex. That's why we initialize it in a separate test case.
    JMXResource.root(), JMXResource.mbean("org.apache.cassandra.auth:type=*"));
    IAuthorizer authorizer = DatabaseDescriptor.getAuthorizer();
    for (IResource resource : resources) {
        Set<Permission> permissions = resource.applicablePermissions();
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_A);
        authorizer.grant(AuthenticatedUser.SYSTEM_USER, permissions, resource, ROLE_B);
    }
    startJMXServer();
}
Also used : IRoleManager(org.apache.cassandra.auth.IRoleManager) IAuthorizer(org.apache.cassandra.auth.IAuthorizer) Permission(org.apache.cassandra.auth.Permission) IResource(org.apache.cassandra.auth.IResource) BeforeClass(org.junit.BeforeClass)

Aggregations

IAuthorizer (org.apache.cassandra.auth.IAuthorizer)4 IRoleManager (org.apache.cassandra.auth.IRoleManager)4 Permission (org.apache.cassandra.auth.Permission)4 BeforeClass (org.junit.BeforeClass)4 IResource (org.apache.cassandra.auth.IResource)3 JMXResource (org.apache.cassandra.auth.JMXResource)1