Search in sources :

Example 21 with ResourceAction

use of org.apache.druid.server.security.ResourceAction in project druid by druid-io.

the class CoordinatorBasicAuthorizerMetadataStorageUpdaterTest method testSetRolePermissions.

// role and permission tests
@Test
public void testSetRolePermissions() {
    updater.createUser(AUTHORIZER_NAME, "druid");
    updater.createRole(AUTHORIZER_NAME, "druidRole");
    updater.assignUserRole(AUTHORIZER_NAME, "druid", "druidRole");
    List<ResourceAction> permsToAdd = ImmutableList.of(new ResourceAction(new Resource("testResource", ResourceType.DATASOURCE), Action.WRITE));
    updater.setPermissions(AUTHORIZER_NAME, "druidRole", permsToAdd);
    Map<String, BasicAuthorizerUser> expectedUserMap = new HashMap<>(BASE_USER_MAP);
    expectedUserMap.put("druid", new BasicAuthorizerUser("druid", ImmutableSet.of("druidRole")));
    Map<String, BasicAuthorizerRole> expectedRoleMap = new HashMap<>(BASE_ROLE_MAP);
    expectedRoleMap.put("druidRole", new BasicAuthorizerRole("druidRole", BasicAuthorizerPermission.makePermissionList(permsToAdd)));
    Map<String, BasicAuthorizerUser> actualUserMap = BasicAuthUtils.deserializeAuthorizerUserMap(objectMapper, updater.getCurrentUserMapBytes(AUTHORIZER_NAME));
    Map<String, BasicAuthorizerRole> actualRoleMap = BasicAuthUtils.deserializeAuthorizerRoleMap(objectMapper, updater.getCurrentRoleMapBytes(AUTHORIZER_NAME));
    Assert.assertEquals(expectedUserMap, actualUserMap);
    Assert.assertEquals(expectedRoleMap, actualRoleMap);
    updater.setPermissions(AUTHORIZER_NAME, "druidRole", null);
    expectedRoleMap.put("druidRole", new BasicAuthorizerRole("druidRole", null));
    actualRoleMap = BasicAuthUtils.deserializeAuthorizerRoleMap(objectMapper, updater.getCurrentRoleMapBytes(AUTHORIZER_NAME));
    Assert.assertEquals(expectedUserMap, actualUserMap);
    Assert.assertEquals(expectedRoleMap, actualRoleMap);
}
Also used : BasicAuthorizerUser(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUser) HashMap(java.util.HashMap) Resource(org.apache.druid.server.security.Resource) BasicAuthorizerRole(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole) ResourceAction(org.apache.druid.server.security.ResourceAction) Test(org.junit.Test)

Example 22 with ResourceAction

use of org.apache.druid.server.security.ResourceAction in project druid by druid-io.

the class CoordinatorBasicAuthorizerMetadataStorageUpdaterTest method testAddBadPermission.

@Test
public void testAddBadPermission() {
    expectedException.expect(BasicSecurityDBResourceException.class);
    expectedException.expectMessage("Invalid permission, resource name regex[??????????] does not compile.");
    updater.createRole(AUTHORIZER_NAME, "druidRole");
    List<ResourceAction> permsToAdd = ImmutableList.of(new ResourceAction(new Resource("??????????", ResourceType.DATASOURCE), Action.WRITE));
    updater.setPermissions(AUTHORIZER_NAME, "druidRole", permsToAdd);
}
Also used : Resource(org.apache.druid.server.security.Resource) ResourceAction(org.apache.druid.server.security.ResourceAction) Test(org.junit.Test)

Example 23 with ResourceAction

use of org.apache.druid.server.security.ResourceAction in project druid by druid-io.

the class BasicRoleBasedAuthorizerTest method testAuth.

@Test
public void testAuth() {
    updater.createUser(DB_AUTHORIZER_NAME, "druid");
    updater.createRole(DB_AUTHORIZER_NAME, "druidRole");
    updater.assignUserRole(DB_AUTHORIZER_NAME, "druid", "druidRole");
    List<ResourceAction> permissions = Collections.singletonList(new ResourceAction(new Resource("testResource", ResourceType.DATASOURCE), Action.WRITE));
    updater.setPermissions(DB_AUTHORIZER_NAME, "druidRole", permissions);
    AuthenticationResult authenticationResult = new AuthenticationResult("druid", "druid", null, null);
    Access access = authorizer.authorize(authenticationResult, new Resource("testResource", ResourceType.DATASOURCE), Action.WRITE);
    Assert.assertTrue(access.isAllowed());
    access = authorizer.authorize(authenticationResult, new Resource("wrongResource", ResourceType.DATASOURCE), Action.WRITE);
    Assert.assertFalse(access.isAllowed());
}
Also used : Resource(org.apache.druid.server.security.Resource) Access(org.apache.druid.server.security.Access) ResourceAction(org.apache.druid.server.security.ResourceAction) AuthenticationResult(org.apache.druid.server.security.AuthenticationResult) Test(org.junit.Test)

Example 24 with ResourceAction

use of org.apache.druid.server.security.ResourceAction in project druid by druid-io.

the class CoordinatorBasicAuthorizerResourceTest method testUsersGroupMappingsRolesAndPerms.

@Test
public void testUsersGroupMappingsRolesAndPerms() {
    Response response = resource.createUser(req, AUTHORIZER_NAME, "druid");
    Assert.assertEquals(200, response.getStatus());
    response = resource.createUser(req, AUTHORIZER_NAME, "druid2");
    Assert.assertEquals(200, response.getStatus());
    response = resource.createGroupMapping(req, AUTHORIZER_NAME, "druidGroupMapping", new BasicAuthorizerGroupMapping("druidGroupMapping", "", new HashSet<>()));
    Assert.assertEquals(200, response.getStatus());
    response = resource.createGroupMapping(req, AUTHORIZER_NAME, "druid2GroupMapping", new BasicAuthorizerGroupMapping("druid2GroupMapping", "", new HashSet<>()));
    Assert.assertEquals(200, response.getStatus());
    response = resource.createRole(req, AUTHORIZER_NAME, "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.createRole(req, AUTHORIZER_NAME, "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    List<ResourceAction> perms = ImmutableList.of(new ResourceAction(new Resource("A", ResourceType.DATASOURCE), Action.READ), new ResourceAction(new Resource("B", ResourceType.DATASOURCE), Action.WRITE), new ResourceAction(new Resource("C", ResourceType.CONFIG), Action.WRITE));
    List<ResourceAction> perms2 = ImmutableList.of(new ResourceAction(new Resource("D", ResourceType.STATE), Action.READ), new ResourceAction(new Resource("E", ResourceType.DATASOURCE), Action.WRITE), new ResourceAction(new Resource("F", ResourceType.CONFIG), Action.WRITE));
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole", perms);
    Assert.assertEquals(200, response.getStatus());
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole2", perms2);
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToUser(req, AUTHORIZER_NAME, "druid", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToUser(req, AUTHORIZER_NAME, "druid", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToUser(req, AUTHORIZER_NAME, "druid2", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToUser(req, AUTHORIZER_NAME, "druid2", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToGroupMapping(req, AUTHORIZER_NAME, "druidGroupMapping", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToGroupMapping(req, AUTHORIZER_NAME, "druidGroupMapping", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToGroupMapping(req, AUTHORIZER_NAME, "druid2GroupMapping", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.assignRoleToGroupMapping(req, AUTHORIZER_NAME, "druid2GroupMapping", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    BasicAuthorizerRole expectedRole = new BasicAuthorizerRole("druidRole", BasicAuthorizerPermission.makePermissionList(perms));
    BasicAuthorizerRole expectedRole2 = new BasicAuthorizerRole("druidRole2", BasicAuthorizerPermission.makePermissionList(perms2));
    Set<BasicAuthorizerRole> expectedRoles = Sets.newHashSet(expectedRole, expectedRole2);
    BasicAuthorizerUserFull expectedUserFull = new BasicAuthorizerUserFull("druid", expectedRoles);
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull, response.getEntity());
    BasicAuthorizerUserFullSimplifiedPermissions expectedUserFullSimplifiedPermissions = new BasicAuthorizerUserFullSimplifiedPermissions("druid", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedRoles));
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions, response.getEntity());
    BasicAuthorizerUserFull expectedUserFull2 = new BasicAuthorizerUserFull("druid2", expectedRoles);
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull2, response.getEntity());
    BasicAuthorizerUserFullSimplifiedPermissions expectedUserFullSimplifiedPermissions2 = new BasicAuthorizerUserFullSimplifiedPermissions("druid2", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedRoles));
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions2, response.getEntity());
    BasicAuthorizerGroupMappingFull expectedGroupMappingFull = new BasicAuthorizerGroupMappingFull("druidGroupMapping", "", expectedRoles);
    response = resource.getGroupMapping(req, AUTHORIZER_NAME, "druidGroupMapping", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedGroupMappingFull, response.getEntity());
    BasicAuthorizerGroupMappingFull expectedGroupMappingFull2 = new BasicAuthorizerGroupMappingFull("druid2GroupMapping", "", expectedRoles);
    response = resource.getGroupMapping(req, AUTHORIZER_NAME, "druid2GroupMapping", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedGroupMappingFull2, response.getEntity());
    Set<String> expectedUserSet = Sets.newHashSet("druid", "druid2");
    Set<String> expectedGroupMappingSet = Sets.newHashSet("druidGroupMapping", "druid2GroupMapping");
    BasicAuthorizerRoleFull expectedRoleFull = new BasicAuthorizerRoleFull("druidRole", expectedUserSet, expectedGroupMappingSet, BasicAuthorizerPermission.makePermissionList(perms));
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleFull, response.getEntity());
    BasicAuthorizerRoleSimplifiedPermissions expectedRoleSimplifiedPerms = new BasicAuthorizerRoleSimplifiedPermissions("druidRole", expectedUserSet, perms);
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms, response.getEntity());
    expectedRoleSimplifiedPerms = new BasicAuthorizerRoleSimplifiedPermissions("druidRole", null, perms);
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", null, "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms, response.getEntity());
    BasicAuthorizerRoleFull expectedRoleFull2 = new BasicAuthorizerRoleFull("druidRole2", expectedUserSet, expectedGroupMappingSet, BasicAuthorizerPermission.makePermissionList(perms2));
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole2", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleFull2, response.getEntity());
    BasicAuthorizerRoleSimplifiedPermissions expectedRoleSimplifiedPerms2 = new BasicAuthorizerRoleSimplifiedPermissions("druidRole2", expectedUserSet, perms2);
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole2", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms2, response.getEntity());
    expectedRoleSimplifiedPerms2 = new BasicAuthorizerRoleSimplifiedPermissions("druidRole2", null, perms2);
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole2", null, "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms2, response.getEntity());
    perms = ImmutableList.of(new ResourceAction(new Resource("A", ResourceType.DATASOURCE), Action.READ), new ResourceAction(new Resource("C", ResourceType.CONFIG), Action.WRITE));
    perms2 = ImmutableList.of(new ResourceAction(new Resource("E", ResourceType.DATASOURCE), Action.WRITE));
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole", perms);
    Assert.assertEquals(200, response.getStatus());
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole2", perms2);
    Assert.assertEquals(200, response.getStatus());
    expectedRole = new BasicAuthorizerRole("druidRole", BasicAuthorizerPermission.makePermissionList(perms));
    expectedRole2 = new BasicAuthorizerRole("druidRole2", BasicAuthorizerPermission.makePermissionList(perms2));
    expectedRoles = Sets.newHashSet(expectedRole, expectedRole2);
    expectedUserFull = new BasicAuthorizerUserFull("druid", expectedRoles);
    expectedUserFull2 = new BasicAuthorizerUserFull("druid2", expectedRoles);
    expectedUserFullSimplifiedPermissions = new BasicAuthorizerUserFullSimplifiedPermissions("druid", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedRoles));
    expectedUserFullSimplifiedPermissions2 = new BasicAuthorizerUserFullSimplifiedPermissions("druid2", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedRoles));
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull2, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions2, response.getEntity());
    response = resource.unassignRoleFromUser(req, AUTHORIZER_NAME, "druid", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.unassignRoleFromUser(req, AUTHORIZER_NAME, "druid2", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    response = resource.unassignRoleFromGroupMapping(req, AUTHORIZER_NAME, "druidGroupMapping", "druidRole");
    Assert.assertEquals(200, response.getStatus());
    response = resource.unassignRoleFromGroupMapping(req, AUTHORIZER_NAME, "druid2GroupMapping", "druidRole2");
    Assert.assertEquals(200, response.getStatus());
    expectedUserFull = new BasicAuthorizerUserFull("druid", Sets.newHashSet(expectedRole2));
    expectedUserFull2 = new BasicAuthorizerUserFull("druid2", Sets.newHashSet(expectedRole));
    expectedRoleFull = new BasicAuthorizerRoleFull("druidRole", Sets.newHashSet("druid2"), Sets.newHashSet("druid2GroupMapping"), BasicAuthorizerPermission.makePermissionList(perms));
    expectedRoleFull2 = new BasicAuthorizerRoleFull("druidRole2", Sets.newHashSet("druid"), Sets.newHashSet("druidGroupMapping"), BasicAuthorizerPermission.makePermissionList(perms2));
    expectedUserFullSimplifiedPermissions = new BasicAuthorizerUserFullSimplifiedPermissions("druid", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedUserFull.getRoles()));
    expectedUserFullSimplifiedPermissions2 = new BasicAuthorizerUserFullSimplifiedPermissions("druid2", BasicAuthorizerRoleSimplifiedPermissions.convertRoles(expectedUserFull2.getRoles()));
    expectedRoleSimplifiedPerms = new BasicAuthorizerRoleSimplifiedPermissions(expectedRoleFull);
    expectedRoleSimplifiedPerms2 = new BasicAuthorizerRoleSimplifiedPermissions(expectedRoleFull2);
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFull2, response.getEntity());
    response = resource.getUser(req, AUTHORIZER_NAME, "druid2", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedUserFullSimplifiedPermissions2, response.getEntity());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleFull, response.getEntity());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms, response.getEntity());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole2", "", null);
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleFull2, response.getEntity());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole2", "", "");
    Assert.assertEquals(200, response.getStatus());
    Assert.assertEquals(expectedRoleSimplifiedPerms2, response.getEntity());
}
Also used : BasicAuthorizerGroupMappingFull(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMappingFull) BasicAuthorizerRoleSimplifiedPermissions(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRoleSimplifiedPermissions) BasicAuthorizerRoleFull(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRoleFull) BasicAuthorizerResource(org.apache.druid.security.basic.authorization.endpoint.BasicAuthorizerResource) Resource(org.apache.druid.server.security.Resource) BasicAuthorizerUserFull(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUserFull) Response(javax.ws.rs.core.Response) BasicAuthorizerUserFullSimplifiedPermissions(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerUserFullSimplifiedPermissions) BasicAuthorizerGroupMapping(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMapping) BasicAuthorizerRole(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole) ResourceAction(org.apache.druid.server.security.ResourceAction) Test(org.junit.Test)

Example 25 with ResourceAction

use of org.apache.druid.server.security.ResourceAction in project druid by druid-io.

the class CoordinatorBasicAuthorizerResourceTest method testRolesAndPerms.

@Test
public void testRolesAndPerms() {
    Response response = resource.createRole(req, AUTHORIZER_NAME, "druidRole");
    Assert.assertEquals(200, response.getStatus());
    List<ResourceAction> perms = ImmutableList.of(new ResourceAction(new Resource("A", ResourceType.DATASOURCE), Action.READ), new ResourceAction(new Resource("B", ResourceType.DATASOURCE), Action.WRITE), new ResourceAction(new Resource("C", ResourceType.CONFIG), Action.WRITE));
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole", perms);
    Assert.assertEquals(200, response.getStatus());
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "wrongRole", perms);
    Assert.assertEquals(400, response.getStatus());
    Assert.assertEquals(errorMapWithMsg("Role [wrongRole] does not exist."), response.getEntity());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", null, null);
    Assert.assertEquals(200, response.getStatus());
    BasicAuthorizerRole expectedRole = new BasicAuthorizerRole("druidRole", BasicAuthorizerPermission.makePermissionList(perms));
    Assert.assertEquals(expectedRole, response.getEntity());
    List<ResourceAction> newPerms = ImmutableList.of(new ResourceAction(new Resource("D", ResourceType.DATASOURCE), Action.READ), new ResourceAction(new Resource("B", ResourceType.DATASOURCE), Action.WRITE), new ResourceAction(new Resource("F", ResourceType.CONFIG), Action.WRITE));
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole", newPerms);
    Assert.assertEquals(200, response.getStatus());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", null, null);
    Assert.assertEquals(200, response.getStatus());
    expectedRole = new BasicAuthorizerRole("druidRole", BasicAuthorizerPermission.makePermissionList(newPerms));
    Assert.assertEquals(expectedRole, response.getEntity());
    response = resource.setRolePermissions(req, AUTHORIZER_NAME, "druidRole", null);
    Assert.assertEquals(200, response.getStatus());
    response = resource.getRole(req, AUTHORIZER_NAME, "druidRole", null, null);
    Assert.assertEquals(200, response.getStatus());
    expectedRole = new BasicAuthorizerRole("druidRole", null);
    Assert.assertEquals(expectedRole, response.getEntity());
}
Also used : Response(javax.ws.rs.core.Response) BasicAuthorizerResource(org.apache.druid.security.basic.authorization.endpoint.BasicAuthorizerResource) Resource(org.apache.druid.server.security.Resource) BasicAuthorizerRole(org.apache.druid.security.basic.authorization.entity.BasicAuthorizerRole) ResourceAction(org.apache.druid.server.security.ResourceAction) Test(org.junit.Test)

Aggregations

ResourceAction (org.apache.druid.server.security.ResourceAction)40 Resource (org.apache.druid.server.security.Resource)35 Test (org.junit.Test)22 Access (org.apache.druid.server.security.Access)19 ForbiddenException (org.apache.druid.server.security.ForbiddenException)13 HashMap (java.util.HashMap)8 Response (javax.ws.rs.core.Response)8 Path (javax.ws.rs.Path)6 Produces (javax.ws.rs.Produces)6 List (java.util.List)5 POST (javax.ws.rs.POST)5 WebApplicationException (javax.ws.rs.WebApplicationException)5 BasicAuthorizerGroupMapping (org.apache.druid.security.basic.authorization.entity.BasicAuthorizerGroupMapping)5 Inject (com.google.inject.Inject)4 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 Nullable (javax.annotation.Nullable)4 HttpServletRequest (javax.servlet.http.HttpServletRequest)4 Consumes (javax.ws.rs.Consumes)4 DELETE (javax.ws.rs.DELETE)4