Search in sources :

Example 1 with BasicSecurityDruidModule

use of org.apache.druid.security.basic.BasicSecurityDruidModule in project druid by druid-io.

the class BasicAuthUtilsTest method testPermissionSerdeIsChillAboutUnknownEnumStuffs.

@Test
public void testPermissionSerdeIsChillAboutUnknownEnumStuffs() throws JsonProcessingException {
    final String someRoleName = "some-role";
    final String otherRoleName = "other-role";
    final String thirdRoleName = "third-role";
    final ResourceAction fooRead = new ResourceAction(new Resource("foo", ResourceType.DATASOURCE), Action.READ);
    final ResourceAction barRead = new ResourceAction(new Resource("bar", ResourceType.DATASOURCE), Action.READ);
    final ResourceAction customRead = new ResourceAction(new Resource("bar", "CUSTOM"), Action.READ);
    final ObjectMapper mapper = TestHelper.makeJsonMapper();
    mapper.registerModules(new BasicSecurityDruidModule().getJacksonModules());
    Map<String, Object> rawMap = new HashMap<>();
    rawMap.put(someRoleName, new BasicAuthorizerRole(someRoleName, BasicAuthorizerPermission.makePermissionList(ImmutableList.of(fooRead, barRead))));
    // custom ResourceType
    rawMap.put(otherRoleName, ImmutableMap.of("name", otherRoleName, "permissions", ImmutableList.of(ImmutableMap.of("resourceAction", fooRead, "resourceNamePattern", "foo"), ImmutableMap.of("resourceAction", customRead, "resourceNamePattern", "bar"))));
    // bad Action
    rawMap.put(thirdRoleName, ImmutableMap.of("name", thirdRoleName, "permissions", ImmutableList.of(ImmutableMap.of("resourceAction", ImmutableMap.of("resource", ImmutableMap.of("name", "some-view", "type", "VIEW"), "action", "READ"), "resourceNamePattern", "some-view"), ImmutableMap.of("resourceAction", ImmutableMap.of("resource", ImmutableMap.of("name", "foo", "type", "DATASOURCE"), "action", "UNKNOWN"), "resourceNamePattern", "some-view"))));
    byte[] mapBytes = mapper.writeValueAsBytes(rawMap);
    Map<String, BasicAuthorizerRole> roleMap = BasicAuthUtils.deserializeAuthorizerRoleMap(mapper, mapBytes);
    Assert.assertNotNull(roleMap);
    Assert.assertEquals(3, roleMap.size());
    Assert.assertTrue(roleMap.containsKey(someRoleName));
    Assert.assertEquals(2, roleMap.get(someRoleName).getPermissions().size());
    Assert.assertEquals(BasicAuthorizerPermission.makePermissionList(ImmutableList.of(fooRead, barRead)), roleMap.get(someRoleName).getPermissions());
    // this one has custom resource type... this test is somewhat pointless, it made more sense when type was an enum
    Assert.assertTrue(roleMap.containsKey(otherRoleName));
    Assert.assertEquals(2, roleMap.get(otherRoleName).getPermissions().size());
    Assert.assertEquals(BasicAuthorizerPermission.makePermissionList(ImmutableList.of(fooRead, customRead)), roleMap.get(otherRoleName).getPermissions());
    // this one has an unknown Action, expect only 1 permission to deserialize correctly and failure ignored
    Assert.assertTrue(roleMap.containsKey(thirdRoleName));
    Assert.assertEquals(1, roleMap.get(thirdRoleName).getPermissions().size());
    Assert.assertEquals(BasicAuthorizerPermission.makePermissionList(ImmutableList.of(new ResourceAction(new Resource("some-view", ResourceType.VIEW), Action.READ))), roleMap.get(thirdRoleName).getPermissions());
}
Also used : HashMap(java.util.HashMap) BasicSecurityDruidModule(org.apache.druid.security.basic.BasicSecurityDruidModule) Resource(org.apache.druid.server.security.Resource) BasicAuthorizerRole(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ResourceAction(org.apache.druid.server.security.ResourceAction) Test(org.junit.Test)

Aggregations

ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)1 HashMap (java.util.HashMap)1 BasicSecurityDruidModule (org.apache.druid.security.basic.BasicSecurityDruidModule)1 BasicAuthorizerRole (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole)1 Resource (org.apache.druid.server.security.Resource)1 ResourceAction (org.apache.druid.server.security.ResourceAction)1 Test (org.junit.Test)1