use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.
the class TestColumnMasking method testInvalidTableMask.
@Test(expected = QueryMetadataException.class)
public void testInvalidTableMask() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd11 = new PermissionMetaData();
pmd11.setResourceName("pm1.g1.e2");
// takes presedence
pmd11.setOrder(1);
pmd11.setMask("'a'");
policy1.addPermission(pmd11);
policy1.setName("other-role");
context.getAllowedDataPolicies().put("other-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 2) });
ProcessorPlan plan = helpGetPlan(helpParse("select e2 from pm1.g1"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
List<?>[] expectedResults = new List<?>[] { Collections.singletonList(null), Arrays.asList(2) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.
the class TestColumnMasking method testWindowFunctionViewMask.
@Test(expected = QueryMetadataException.class)
public void testWindowFunctionViewMask() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd11 = new PermissionMetaData();
pmd11.setResourceName("vm1.g1.e2");
pmd11.setMask("min(e2) over ()");
policy1.addPermission(pmd11);
policy1.setName("other-role");
context.getAllowedDataPolicies().put("other-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
ProcessorPlan plan = helpGetPlan(helpParse("select g2.e2 from vm1.g1 as g2"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
helpProcess(plan, context, dataManager, null);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.
the class TestColumnMasking method createContext.
private static CommandContext createContext() {
CommandContext context = createCommandContext();
DQPWorkContext workContext = new DQPWorkContext();
HashMap<String, DataPolicy> policies = new HashMap<String, DataPolicy>();
DataPolicyMetadata policy = new DataPolicyMetadata();
PermissionMetaData pmd = new PermissionMetaData();
pmd.setResourceName("pm1.sp1.e1");
pmd.setMask("case when e2 > 1 then null else e1 end");
PermissionMetaData pmd1 = new PermissionMetaData();
pmd1.setResourceName("pm1.g1.e2");
pmd1.setMask("case when e1 = 'a' then null else e2 end");
policy.addPermission(pmd, pmd1);
policy.setName("some-role");
policies.put("some-role", policy);
workContext.setPolicies(policies);
context.setDQPWorkContext(workContext);
return context;
}
use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.
the class TestRowBasedSecurity method testUpdateFilter4.
/**
* Tests an outside column in the constraint
*/
@Test
public void testUpdateFilter4() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("e2 = 1 and e3");
policy1.addPermission(pmd3);
policy1.setName("some-role");
context.getAllowedDataPolicies().put("some-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT g_0.e4, g_0.e3, g_0.e1 FROM pm1.g1 AS g_0 WHERE (g_0.e3 = TRUE) AND (g_0.e2 = 1) AND (g_0.e1 IN ('a', 'b'))", new List<?>[] { Arrays.asList(Double.valueOf(1), Boolean.TRUE, "a"), Arrays.asList(Double.valueOf(1), Boolean.TRUE, "b") });
dataManager.addData("UPDATE pm1.g1 SET e2 = 1 WHERE pm1.g1.e1 = 'a'", new List<?>[] { Arrays.asList(1) });
dataManager.addData("UPDATE pm1.g1 SET e2 = 1 WHERE pm1.g1.e1 = 'b'", new List<?>[] { Arrays.asList(1) });
ProcessorPlan plan = helpGetPlan(helpParse("update pm1.g1 set e2 = case when e4 = 1 then 1 else 2 end where e1 in ('a', 'b')"), RealMetadataFactory.example4(), TestOptimizer.getGenericFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList(2) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData in project teiid by teiid.
the class TestRowBasedSecurity method testSubqueryHint.
@Test
public void testSubqueryHint() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("e1 in /*+ DJ */ (select e1 from pm1.g3)");
policy1.addPermission(pmd3);
policy1.setName("some-other-role");
context.getAllowedDataPolicies().clear();
context.getAllowedDataPolicies().put("some-other-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT pm1.g3.e1 FROM pm1.g3", new List<?>[] { Arrays.asList("b"), Arrays.asList("a") });
dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("b", 1), Arrays.asList("a", 2) });
ProcessorPlan plan = helpGetPlan(helpParse("select e1, e2 from pm1.g1"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) };
helpProcess(plan, context, dataManager, expectedResults);
dataManager.addData("SELECT g_0.e1 AS c_0 FROM pm1.g3 AS g_0 ORDER BY c_0", new List<?>[] { Arrays.asList("a"), Arrays.asList("b") });
dataManager.addData("SELECT g_0.e1 AS c_0, g_0.e2 AS c_1 FROM pm1.g1 AS g_0 WHERE g_0.e1 IN ('a', 'b') ORDER BY c_0", new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) });
plan = helpGetPlan(helpParse("select e1, e2 from pm1.g1"), RealMetadataFactory.example1Cached(), TestOptimizer.getGenericFinder(), context);
expectedResults = new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) };
helpProcess(plan, context, dataManager, expectedResults);
}
Aggregations