use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestRowBasedSecurity method testUpdateFilter4.
/**
* Tests an outside column in the constraint
*/
@Test
public void testUpdateFilter4() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("e2 = 1 and e3");
policy1.addPermission(pmd3);
policy1.setName("some-role");
context.getAllowedDataPolicies().put("some-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT g_0.e4, g_0.e3, g_0.e1 FROM pm1.g1 AS g_0 WHERE (g_0.e3 = TRUE) AND (g_0.e2 = 1) AND (g_0.e1 IN ('a', 'b'))", new List<?>[] { Arrays.asList(Double.valueOf(1), Boolean.TRUE, "a"), Arrays.asList(Double.valueOf(1), Boolean.TRUE, "b") });
dataManager.addData("UPDATE pm1.g1 SET e2 = 1 WHERE pm1.g1.e1 = 'a'", new List<?>[] { Arrays.asList(1) });
dataManager.addData("UPDATE pm1.g1 SET e2 = 1 WHERE pm1.g1.e1 = 'b'", new List<?>[] { Arrays.asList(1) });
ProcessorPlan plan = helpGetPlan(helpParse("update pm1.g1 set e2 = case when e4 = 1 then 1 else 2 end where e1 in ('a', 'b')"), RealMetadataFactory.example4(), TestOptimizer.getGenericFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList(2) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestRowBasedSecurity method testSubqueryHint.
@Test
public void testSubqueryHint() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("e1 in /*+ DJ */ (select e1 from pm1.g3)");
policy1.addPermission(pmd3);
policy1.setName("some-other-role");
context.getAllowedDataPolicies().clear();
context.getAllowedDataPolicies().put("some-other-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT pm1.g3.e1 FROM pm1.g3", new List<?>[] { Arrays.asList("b"), Arrays.asList("a") });
dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("b", 1), Arrays.asList("a", 2) });
ProcessorPlan plan = helpGetPlan(helpParse("select e1, e2 from pm1.g1"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) };
helpProcess(plan, context, dataManager, expectedResults);
dataManager.addData("SELECT g_0.e1 AS c_0 FROM pm1.g3 AS g_0 ORDER BY c_0", new List<?>[] { Arrays.asList("a"), Arrays.asList("b") });
dataManager.addData("SELECT g_0.e1 AS c_0, g_0.e2 AS c_1 FROM pm1.g1 AS g_0 WHERE g_0.e1 IN ('a', 'b') ORDER BY c_0", new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) });
plan = helpGetPlan(helpParse("select e1, e2 from pm1.g1"), RealMetadataFactory.example1Cached(), TestOptimizer.getGenericFinder(), context);
expectedResults = new List<?>[] { Arrays.asList("a", 2), Arrays.asList("b", 1) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestRowBasedSecurity method testMultipleRoles.
/**
* Here the other role makes the g1 rows visible again
*/
@Test
public void testMultipleRoles() throws Exception {
HardcodedDataManager dataManager = new HardcodedDataManager();
dataManager.addData("SELECT pm1.g1.e1, pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList("a", 1), Arrays.asList("b", 2) });
ProcessorPlan plan = helpGetPlan(helpParse("select e2 from pm1.g1"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
helpProcess(plan, context, dataManager, new List<?>[0]);
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("true");
policy1.addPermission(pmd3);
policy1.setName("some-other-role");
context.getAllowedDataPolicies().put("some-other-role", policy1);
dataManager = new HardcodedDataManager();
dataManager.addData("SELECT pm1.g1.e2 FROM pm1.g1", new List<?>[] { Arrays.asList(1), Arrays.asList(2) });
plan = helpGetPlan(helpParse("select e2 from pm1.g1"), RealMetadataFactory.example1Cached(), new DefaultCapabilitiesFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList(1), Arrays.asList(2) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestRowBasedSecurity method testInsertConstraintCorrelatedSubquery.
@Test(expected = TeiidProcessingException.class)
public void testInsertConstraintCorrelatedSubquery() throws Exception {
DataPolicyMetadata policy1 = new DataPolicyMetadata();
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g1");
pmd3.setCondition("e1 = (select min(e1) from pm1.g3 where pm1.g1.e2 = e2)");
policy1.addPermission(pmd3);
policy1.setName("some-other-role");
context.getAllowedDataPolicies().put("some-other-role", policy1);
HardcodedDataManager dataManager = new HardcodedDataManager();
ProcessorPlan plan = helpGetPlan(helpParse("insert into pm1.g1 (e1, e2) values ('a', 1)"), RealMetadataFactory.example1Cached(), TestOptimizer.getGenericFinder(), context);
List<?>[] expectedResults = new List<?>[] { Arrays.asList(0) };
helpProcess(plan, context, dataManager, expectedResults);
}
use of org.teiid.adminapi.impl.DataPolicyMetadata in project teiid by teiid.
the class TestRowBasedSecurity method createContext.
private static CommandContext createContext() {
CommandContext context = createCommandContext();
DQPWorkContext workContext = new DQPWorkContext();
HashMap<String, DataPolicy> policies = new HashMap<String, DataPolicy>();
DataPolicyMetadata policy = new DataPolicyMetadata();
pmd = new PermissionMetaData();
pmd.setResourceName("pm1.g1");
pmd.setCondition("e1 = user()");
PermissionMetaData pmd1 = new PermissionMetaData();
pmd1.setResourceName("pm1.g2");
pmd1.setCondition("foo = bar");
PermissionMetaData pmd2 = new PermissionMetaData();
pmd2.setResourceName("pm1.g4");
pmd2.setCondition("e1 = max(e2)");
PermissionMetaData pmd3 = new PermissionMetaData();
pmd3.setResourceName("pm1.g3");
pmd3.setAllowDelete(true);
PermissionMetaData pmd4 = new PermissionMetaData();
pmd4.setResourceName("pm1.sp1");
pmd4.setCondition("e1 = 'a'");
policy.addPermission(pmd, pmd1, pmd2, pmd3, pmd4);
policy.setName("some-role");
policies.put("some-role", policy);
workContext.setPolicies(policies);
context.setDQPWorkContext(workContext);
return context;
}
Aggregations