Examples with ProjectInstance org.apache.kylin.metadata.project.ProjectInstance used on opensource projects

Example 16 with ProjectInstance

use of org.apache.kylin.metadata.project.ProjectInstance in project ranger by apache.

the class RangerKylinAuthorizerTest method adminProjectKylinWithoutPermission2.

/**
 * yuwen admin kylin_project failed
 */
@Test
@WithMockUser(username = YUWEN, roles = { ROLE_USER })
public void adminProjectKylinWithoutPermission2() {
    ProjectInstance project = name2Projects.get(KYLIN_PROJECT);
    boolean result = aclEvaluate.hasProjectAdminPermission(project);
    Assert.assertFalse(result);
}

Example 17 with ProjectInstance

use of org.apache.kylin.metadata.project.ProjectInstance in project ranger by apache.

the class RangerKylinAccessRequest method checkPermission.

@Override
public boolean checkPermission(String user, List<String> groups, String entityType, String entityUuid, Permission permission) {
    if (LOG.isDebugEnabled()) {
        LOG.debug("==> RangerKylinAuthorizer.checkPermission( user=" + user + ", groups=" + groups + ", entityType=" + entityType + ", entityUuid=" + entityUuid + ", permission=" + permission + ")");
    }
    boolean ret = false;
    if (kylinPlugin != null) {
        String projectName = null;
        KylinConfig kylinConfig = KylinConfig.getInstanceFromEnv();
        if (AclEntityType.PROJECT_INSTANCE.equals(entityType)) {
            ProjectInstance projectInstance = ProjectManager.getInstance(kylinConfig).getPrjByUuid(entityUuid);
            if (projectInstance != null) {
                projectName = projectInstance.getName();
            } else {
                if (LOG.isWarnEnabled()) {
                    LOG.warn("Could not find kylin project for given uuid=" + entityUuid);
                }
            }
        }
        String accessType = ExternalAclProvider.transformPermission(permission);
        String clusterName = kylinPlugin.getClusterName();
        RangerKylinAccessRequest request = new RangerKylinAccessRequest(projectName, user, groups, accessType, clusterName, clientIPAddress);
        RangerAccessResult result = kylinPlugin.isAccessAllowed(request);
        if (result != null && result.getIsAllowed()) {
            ret = true;
        }
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("<== RangerKylinAuthorizer.checkPermission(): result=" + ret);
    }
    return ret;
}

Example 18 with ProjectInstance

use of org.apache.kylin.metadata.project.ProjectInstance in project ranger by apache.

the class RangerKylinAuthorizerTest method operationProjectAllWithAdminPermission.

/**
 * kylin operation all projects success
 */
@Test
@WithMockUser(username = KYLIN, roles = { ROLE_USER })
public void operationProjectAllWithAdminPermission() {
    for (ProjectInstance project : uuid2Projects.values()) {
        boolean result = aclEvaluate.hasProjectOperationPermission(project);
        Assert.assertTrue(result);
    }
}

Example 19 with ProjectInstance

use of org.apache.kylin.metadata.project.ProjectInstance in project ranger by apache.

the class RangerKylinAuthorizerTest method adminProjectLearnWithoutPermission.

/**
 * yuwen admin learn_project failed
 */
@Test
@WithMockUser(username = YUWEN, roles = { ROLE_USER })
public void adminProjectLearnWithoutPermission() {
    ProjectInstance project = name2Projects.get(LEARN_PROJECT);
    boolean result = aclEvaluate.hasProjectAdminPermission(project);
    Assert.assertFalse(result);
}

Example 20 with ProjectInstance

use of org.apache.kylin.metadata.project.ProjectInstance in project ranger by apache.

the class RangerKylinAuthorizerTest method readProjectTestWithAdminPermission.

/**
 * zhangqiang read test_project success
 */
@Test
@WithMockUser(username = ZHANGQIANG, roles = { ROLE_USER })
public void readProjectTestWithAdminPermission() {
    ProjectInstance project = name2Projects.get(TEST_PROJECT);
    boolean result = aclEvaluate.hasProjectReadPermission(project);
    Assert.assertTrue(result);
}