Search in sources :

Example 6 with PermissionMetaData

use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.

the class TestColumnMasking method testSubqueryProcedureMask.

@Test
public void testSubqueryProcedureMask() throws Exception {
    DataPolicyMetadata policy1 = new DataPolicyMetadata();
    PermissionMetaData pmd11 = new PermissionMetaData();
    pmd11.setResourceName("pm1.sp1.e2");
    // takes presedence
    pmd11.setOrder(1);
    pmd11.setMask("(select min(e2) from pm1.g3 where e1 = pm1.sp1.e2)");
    policy1.addPermission(pmd11);
    policy1.setName("other-role");
    context.getAllowedDataPolicies().put("other-role", policy1);
    HardcodedDataManager dataManager = new HardcodedDataManager();
    dataManager.addData("EXEC pm1.sp1()", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 2) });
    dataManager.addData("SELECT pm1.g3.e1, pm1.g3.e2 FROM pm1.g3", new List<?>[] { Arrays.asList("1", 0), Arrays.asList("2", -1) });
    ProcessorPlan plan = helpGetPlan(helpParse("exec pm1.sp1()"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
    List<?>[] expectedResults = new List<?>[] { Arrays.asList("a", 0), Arrays.asList(null, -1) };
    helpProcess(plan, context, dataManager, expectedResults);
}
Also used : DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata) List(java.util.List) DefaultCapabilitiesFinder(org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder) PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData) Test(org.junit.Test)

Example 7 with PermissionMetaData

use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.

the class TestColumnMasking method testViewMaskWithRowFilter.

@Test
public void testViewMaskWithRowFilter() throws Exception {
    DataPolicyMetadata policy1 = new DataPolicyMetadata();
    PermissionMetaData pmd11 = new PermissionMetaData();
    pmd11.setResourceName("vm1.g1.e2");
    pmd11.setMask("null");
    PermissionMetaData pmd12 = new PermissionMetaData();
    pmd12.setResourceName("vm1.g1");
    // should be applied before the mask affect, otherwise we'd get no rows
    pmd12.setCondition("e2 = 1");
    policy1.addPermission(pmd11, pmd12);
    policy1.setName("other-role");
    context.getAllowedDataPolicies().put("other-role", policy1);
    HardcodedDataManager dataManager = new HardcodedDataManager();
    dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 1) });
    ProcessorPlan plan = helpGetPlan(helpParse("select g2.e2 from vm1.g1 as g2"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
    List<?>[] expectedResults = new List<?>[] { Collections.singletonList(null) };
    helpProcess(plan, context, dataManager, expectedResults);
}
Also used : DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata) List(java.util.List) DefaultCapabilitiesFinder(org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder) PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData) Test(org.junit.Test)

Example 8 with PermissionMetaData

use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.

the class TestColumnMasking method testColumnSubstitution.

@Test
public void testColumnSubstitution() throws Exception {
    DataPolicyMetadata policy1 = new DataPolicyMetadata();
    PermissionMetaData pmd11 = new PermissionMetaData();
    pmd11.setResourceName("vm1.g15.x");
    pmd11.setMask("e1");
    policy1.addPermission(pmd11);
    policy1.setName("other-role");
    context.getAllowedDataPolicies().put("other-role", policy1);
    HardcodedDataManager dataManager = new HardcodedDataManager();
    dataManager.addData("SELECT pm3.g1.e1 FROM pm3.g1", new List<?>[] { Arrays.asList("a"), Arrays.asList("b") });
    ProcessorPlan plan = helpGetPlan(helpParse("select * from vm1.g15"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
    List<?>[] expectedResults = new List<?>[] { Arrays.asList("a", "a"), Arrays.asList("b", "b") };
    helpProcess(plan, context, dataManager, expectedResults);
}
Also used : DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata) List(java.util.List) DefaultCapabilitiesFinder(org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder) PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData) Test(org.junit.Test)

Example 9 with PermissionMetaData

use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.

the class TestColumnMasking method testConditionalMask.

@Test
public void testConditionalMask() throws Exception {
    DataPolicyMetadata policy1 = new DataPolicyMetadata();
    PermissionMetaData pmd11 = new PermissionMetaData();
    pmd11.setResourceName("pm1.g1.e2");
    // takes presedence
    pmd11.setOrder(1);
    pmd11.setCondition("e1 = 'c'");
    pmd11.setMask("0");
    policy1.addPermission(pmd11);
    policy1.setName("other-role");
    context.getAllowedDataPolicies().put("other-role", policy1);
    HardcodedDataManager dataManager = new HardcodedDataManager();
    dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 2), Arrays.asList("c", 0) });
    ProcessorPlan plan = helpGetPlan(helpParse("select g2.e2 from pm1.g1 as g2"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
    List<?>[] expectedResults = new List<?>[] { Collections.singletonList(null), Arrays.asList(2), Arrays.asList(0) };
    helpProcess(plan, context, dataManager, expectedResults);
}
Also used : DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata) List(java.util.List) DefaultCapabilitiesFinder(org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder) PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData) Test(org.junit.Test)

Example 10 with PermissionMetaData

use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.

the class TestColumnMasking method testViewMask.

@Test
public void testViewMask() throws Exception {
    DataPolicyMetadata policy1 = new DataPolicyMetadata();
    PermissionMetaData pmd11 = new PermissionMetaData();
    pmd11.setResourceName("vm1.g1.e2");
    pmd11.setMask("null");
    policy1.addPermission(pmd11);
    policy1.setName("other-role");
    context.getAllowedDataPolicies().put("other-role", policy1);
    HardcodedDataManager dataManager = new HardcodedDataManager();
    dataManager.addData("SELECT pm1.g1.e1 FROM pm1.g1", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 2) });
    ProcessorPlan plan = helpGetPlan(helpParse("select g2.e2 from vm1.g1 as g2"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
    List<?>[] expectedResults = new List<?>[] { Collections.singletonList(null), Collections.singletonList(null) };
    helpProcess(plan, context, dataManager, expectedResults);
}
Also used : DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata) List(java.util.List) DefaultCapabilitiesFinder(org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder) PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData) Test(org.junit.Test)

Aggregations

PermissionMetaData (org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData)29 DataPolicyMetadata (org.teiid.adminapi.impl.DataPolicyMetadata)24 Test (org.junit.Test)20 List (java.util.List)14 DefaultCapabilitiesFinder (org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder)13 DataPolicy (org.teiid.adminapi.DataPolicy)6 HashMap (java.util.HashMap)4 ArrayList (java.util.ArrayList)3 DQPWorkContext (org.teiid.dqp.internal.process.DQPWorkContext)3 CommandContext (org.teiid.query.util.CommandContext)3 Map (java.util.Map)2 Translator (org.teiid.adminapi.Translator)2 Expression (org.teiid.query.sql.symbol.Expression)2 Properties (java.util.Properties)1 XMLStreamException (javax.xml.stream.XMLStreamException)1 ModelNode (org.jboss.dmr.ModelNode)1 DataPermission (org.teiid.adminapi.DataPolicy.DataPermission)1 ModelMetaData (org.teiid.adminapi.impl.ModelMetaData)1 VDBMetaData (org.teiid.adminapi.impl.VDBMetaData)1 VDBTranslatorMetaData (org.teiid.adminapi.impl.VDBTranslatorMetaData)1