Example 1 with MultiSourceElement
use of org.teiid.dqp.internal.process.multisource.MultiSourceElement in project teiid by teiid.
the class DefaultAuthorizationValidator method validate.
@Override
public boolean validate(String[] originalSql, Command command, QueryMetadataInterface metadata, CommandContext commandContext, CommandType commandType) throws QueryValidatorException, TeiidComponentException {
boolean modified = false;
if (policyDecider != null && policyDecider.validateCommand(commandContext)) {
if (ignoreUnathorizedInAsterisk(command, commandContext)) {
Query query = (Query) command;
HashMap<String, LanguageObject> map = null;
for (Expression ex : query.getSelect().getSymbols()) {
if (ex instanceof MultipleElementSymbol) {
MultipleElementSymbol mes = (MultipleElementSymbol) ex;
if (map == null) {
map = new HashMap<String, LanguageObject>();
}
for (Iterator<ElementSymbol> iter = mes.getElementSymbols().iterator(); iter.hasNext(); ) {
ElementSymbol es = iter.next();
Object metadataObject = es.getMetadataID();
if (metadataObject instanceof MultiSourceElement || metadataObject instanceof TempMetadataID) {
continue;
}
map.clear();
AuthorizationValidationVisitor.addToNameMap(metadataObject, es, map, commandContext.getMetadata());
Set<String> results = this.policyDecider.getInaccessibleResources(PermissionType.READ, map.keySet(), Context.QUERY, commandContext);
if (!results.isEmpty()) {
// remove from the select
iter.remove();
modified = true;
}
}
}
}
if (query.getProjectedSymbols().isEmpty()) {
throw new QueryValidatorException(QueryPlugin.Util.gs(QueryPlugin.Event.TEIID31151));
}
}
AuthorizationValidationVisitor visitor = new AuthorizationValidationVisitor(this.policyDecider, commandContext);
Request.validateWithVisitor(visitor, metadata, command);
}
return modified;
}
Also used :
ElementSymbol(org.teiid.query.sql.symbol.ElementSymbol)
MultipleElementSymbol(org.teiid.query.sql.symbol.MultipleElementSymbol)
Query(org.teiid.query.sql.lang.Query)
TempMetadataID(org.teiid.query.metadata.TempMetadataID)
MultipleElementSymbol(org.teiid.query.sql.symbol.MultipleElementSymbol)
Expression(org.teiid.query.sql.symbol.Expression)
QueryValidatorException(org.teiid.api.exception.query.QueryValidatorException)
LanguageObject(org.teiid.query.sql.LanguageObject)
LanguageObject(org.teiid.query.sql.LanguageObject)
MultiSourceElement(org.teiid.dqp.internal.process.multisource.MultiSourceElement)
Example 2 with MultiSourceElement
use of org.teiid.dqp.internal.process.multisource.MultiSourceElement in project teiid by teiid.
the class AuthorizationValidationVisitor method validateEntitlements.
/**
* Check that the user is entitled to access all data elements in the command.
*
* @param symbols The collection of <code>Symbol</code>s affected by these actions.
* @param actionCode The actions to validate for
* @param auditContext The {@link AuthorizationService} to use when resource auditing is done.
*/
protected void validateEntitlements(Collection<? extends LanguageObject> symbols, DataPolicy.PermissionType actionCode, Context auditContext) {
Map<String, LanguageObject> nameToSymbolMap = new LinkedHashMap<String, LanguageObject>();
for (LanguageObject symbol : symbols) {
try {
Object metadataID = null;
if (symbol instanceof ElementSymbol) {
metadataID = ((ElementSymbol) symbol).getMetadataID();
if (metadataID instanceof MultiSourceElement || metadataID instanceof TempMetadataID) {
continue;
}
} else if (symbol instanceof GroupSymbol) {
GroupSymbol group = (GroupSymbol) symbol;
metadataID = group.getMetadataID();
if (metadataID instanceof TempMetadataID) {
if (group.isProcedure()) {
Map<String, LanguageObject> procMap = new LinkedHashMap<String, LanguageObject>();
addToNameMap(((TempMetadataID) metadataID).getOriginalMetadataID(), symbol, procMap, getMetadata());
validateEntitlements(PermissionType.EXECUTE, auditContext, procMap);
} else if (group.isTempTable() && group.isImplicitTempGroupSymbol()) {
validateTemp(actionCode, group.getNonCorrelationName(), false, group, auditContext);
}
continue;
}
}
addToNameMap(metadataID, symbol, nameToSymbolMap, getMetadata());
} catch (QueryMetadataException e) {
handleException(e);
} catch (TeiidComponentException e) {
handleException(e);
}
}
validateEntitlements(actionCode, auditContext, nameToSymbolMap);
}
Also used :
ElementSymbol(org.teiid.query.sql.symbol.ElementSymbol)
TempMetadataID(org.teiid.query.metadata.TempMetadataID)
QueryMetadataException(org.teiid.api.exception.query.QueryMetadataException)
GroupSymbol(org.teiid.query.sql.symbol.GroupSymbol)
LanguageObject(org.teiid.query.sql.LanguageObject)
TeiidComponentException(org.teiid.core.TeiidComponentException)
LanguageObject(org.teiid.query.sql.LanguageObject)
MultiSourceElement(org.teiid.dqp.internal.process.multisource.MultiSourceElement)
Aggregations
MultiSourceElement (org.teiid.dqp.internal.process.multisource.MultiSourceElement)2
TempMetadataID (org.teiid.query.metadata.TempMetadataID)2
LanguageObject (org.teiid.query.sql.LanguageObject)2
ElementSymbol (org.teiid.query.sql.symbol.ElementSymbol)2
QueryMetadataException (org.teiid.api.exception.query.QueryMetadataException)1
QueryValidatorException (org.teiid.api.exception.query.QueryValidatorException)1
TeiidComponentException (org.teiid.core.TeiidComponentException)1
Query (org.teiid.query.sql.lang.Query)1
Expression (org.teiid.query.sql.symbol.Expression)1
GroupSymbol (org.teiid.query.sql.symbol.GroupSymbol)1
MultipleElementSymbol (org.teiid.query.sql.symbol.MultipleElementSymbol)1
