Example 21 with DataPolicyMetadata
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class DatabaseUtil method copyDatabaseGrantsAndRoles.
public static void copyDatabaseGrantsAndRoles(Database database, VDBMetaData vdb) {
// roles
for (Grant grant : database.getGrants()) {
Role role = database.getRole(grant.getRole());
DataPolicyMetadata dpm = convert(grant, role);
vdb.addDataPolicy(dpm);
}
for (Role role : database.getRoles()) {
if (vdb.getDataPolicyMap().get(role.getName()) == null) {
DataPolicyMetadata dpm = convert(null, role);
vdb.addDataPolicy(dpm);
}
}
}
Also used :
DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata)
Example 22 with DataPolicyMetadata
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class DatabaseUtil method convert.
static DataPolicyMetadata convert(Grant from, Role role) {
DataPolicyMetadata dpm = new DataPolicyMetadata();
dpm.setName(role.getName());
if (from != null) {
for (Permission p : from.getPermissions()) {
if (Boolean.TRUE.equals(p.hasPrivilege(Privilege.ALL_PRIVILEGES))) {
dpm.setGrantAll(true);
continue;
} else if (Boolean.TRUE.equals(p.hasPrivilege(Privilege.TEMPORARY_TABLE))) {
dpm.setAllowCreateTemporaryTables(true);
continue;
}
PermissionMetaData pmd = convert(p);
dpm.addPermission(pmd);
}
}
dpm.setDescription(role.getAnnotation());
if (role.getJassRoles() != null && !role.getJassRoles().isEmpty()) {
dpm.setMappedRoleNames(role.getJassRoles());
}
if (role.isAnyAuthenticated()) {
dpm.setAnyAuthenticated(true);
}
return dpm;
}
Also used :
DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata)
DataPermission(org.teiid.adminapi.DataPolicy.DataPermission)
Permission(org.teiid.metadata.Grant.Permission)
PermissionMetaData(org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData)
Example 23 with DataPolicyMetadata
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class RowBasedSecurityHelper method applyRowSecurity.
public static boolean applyRowSecurity(QueryMetadataInterface metadata, final GroupSymbol group, CommandContext cc) throws QueryMetadataException, TeiidComponentException {
Map<String, DataPolicy> policies = cc.getAllowedDataPolicies();
if (policies == null || policies.isEmpty()) {
return false;
}
String fullName = metadata.getFullName(group.getMetadataID());
for (Map.Entry<String, DataPolicy> entry : policies.entrySet()) {
DataPolicyMetadata dpm = (DataPolicyMetadata) entry.getValue();
if (dpm.hasRowSecurity(fullName)) {
return true;
}
}
return false;
}
Also used :
DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata)
DataPolicy(org.teiid.adminapi.DataPolicy)
Map(java.util.Map)
HashMap(java.util.HashMap)
Example 24 with DataPolicyMetadata
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestDQPCore method setUp.
@Before
public void setUp() throws Exception {
agds = new AutoGenDataService();
DQPWorkContext context = RealMetadataFactory.buildWorkContext(RealMetadataFactory.createTransformationMetadata(RealMetadataFactory.exampleBQTCached().getMetadataStore(), "bqt"));
// $NON-NLS-1$
context.getVDB().getModel("BQT3").setVisible(false);
// $NON-NLS-1$
context.getVDB().getModel("VQT").setVisible(false);
HashMap<String, DataPolicy> policies = new HashMap<String, DataPolicy>();
policies.put("foo", new DataPolicyMetadata());
context.setPolicies(policies);
ConnectorManagerRepository repo = Mockito.mock(ConnectorManagerRepository.class);
context.getVDB().addAttchment(ConnectorManagerRepository.class, repo);
Mockito.stub(repo.getConnectorManager(Mockito.anyString())).toReturn(agds);
BufferManagerImpl bm = BufferManagerFactory.createBufferManager();
bm.setInlineLobs(false);
FakeBufferService bs = new FakeBufferService(bm, bm);
core = new DQPCore();
core.setBufferManager(bs.getBufferManager());
core.setResultsetCache(new SessionAwareCache<CachedResults>("resultset", new DefaultCacheFactory(new CacheConfiguration()), SessionAwareCache.Type.RESULTSET, 0));
core.setPreparedPlanCache(new SessionAwareCache<PreparedPlan>("preparedplan", new DefaultCacheFactory(new CacheConfiguration()), SessionAwareCache.Type.PREPAREDPLAN, 0));
core.setTransactionService(new FakeTransactionService());
config = new DQPConfiguration();
config.setMaxActivePlans(1);
config.setUserRequestSourceConcurrency(2);
DefaultAuthorizationValidator daa = new DefaultAuthorizationValidator();
daa.setPolicyDecider(new DataRolePolicyDecider());
config.setAuthorizationValidator(daa);
core.start(config);
core.getPrepPlanCache().setModTime(1);
core.getRsCache().setTupleBufferCache(bs.getBufferManager());
}
Also used :
BufferManagerImpl(org.teiid.common.buffer.impl.BufferManagerImpl)
HashMap(java.util.HashMap)
ConnectorManagerRepository(org.teiid.dqp.internal.datamgr.ConnectorManagerRepository)
DefaultCacheFactory(org.teiid.cache.DefaultCacheFactory)
FakeBufferService(org.teiid.dqp.service.FakeBufferService)
DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata)
DataPolicy(org.teiid.adminapi.DataPolicy)
FakeTransactionService(org.teiid.dqp.internal.datamgr.FakeTransactionService)
AutoGenDataService(org.teiid.dqp.service.AutoGenDataService)
CacheConfiguration(org.teiid.cache.CacheConfiguration)
Before(org.junit.Before)
Example 25 with DataPolicyMetadata
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestDQPWorkContext method testAnyAuthenticated.
@Test
public void testAnyAuthenticated() {
DQPWorkContext message = new DQPWorkContext();
SessionMetadata mock = Mockito.mock(SessionMetadata.class);
message.setSession(mock);
VDBMetaData vdb = new VDBMetaData();
DataPolicyMetadata dpm = new DataPolicyMetadata();
dpm.setAnyAuthenticated(true);
vdb.addDataPolicy(dpm);
Mockito.stub(mock.getVdb()).toReturn(vdb);
// unauthenticated
Map<String, DataPolicy> map = message.getAllowedDataPolicies();
assertEquals(0, map.size());
// authenticated
message = new DQPWorkContext();
Mockito.stub(mock.getSubject()).toReturn(new Subject());
message.setSession(mock);
map = message.getAllowedDataPolicies();
assertEquals(1, map.size());
}
Also used :
DataPolicyMetadata(org.teiid.adminapi.impl.DataPolicyMetadata)
SessionMetadata(org.teiid.adminapi.impl.SessionMetadata)
VDBMetaData(org.teiid.adminapi.impl.VDBMetaData)
DataPolicy(org.teiid.adminapi.DataPolicy)
Subject(javax.security.auth.Subject)
Test(org.junit.Test)
Aggregations
DataPolicyMetadata (org.teiid.adminapi.impl.DataPolicyMetadata)47
Test (org.junit.Test)26
PermissionMetaData (org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData)24
List (java.util.List)14
DefaultCapabilitiesFinder (org.teiid.query.optimizer.capabilities.DefaultCapabilitiesFinder)13
DataPolicy (org.teiid.adminapi.DataPolicy)12
HashMap (java.util.HashMap)7
VDBMetaData (org.teiid.adminapi.impl.VDBMetaData)7
Map (java.util.Map)4
AdminProcessingException (org.teiid.adminapi.AdminProcessingException)4
ModelMetaData (org.teiid.adminapi.impl.ModelMetaData)3
ConnectorManagerRepository (org.teiid.dqp.internal.datamgr.ConnectorManagerRepository)3
DQPWorkContext (org.teiid.dqp.internal.process.DQPWorkContext)3
CommandContext (org.teiid.query.util.CommandContext)3
ArrayList (java.util.ArrayList)2
DataPermission (org.teiid.adminapi.DataPolicy.DataPermission)2
Translator (org.teiid.adminapi.Translator)2
ConnectorManager (org.teiid.dqp.internal.datamgr.ConnectorManager)2
Permission (org.teiid.metadata.Grant.Permission)2
Expression (org.teiid.query.sql.symbol.Expression)2
