Search in sources :

Example 6 with Permission

use of org.teiid.metadata.Grant.Permission in project teiid by teiid.

the class DatabaseUtil method convert.

private static Permission convert(DataPermission dp) {
    Permission p = new Permission();
    p.setAllowAlter(dp.getAllowAlter());
    p.setAllowDelete(dp.getAllowDelete());
    p.setAllowExecute(dp.getAllowExecute());
    p.setAllowInsert(dp.getAllowCreate());
    p.setAllowSelect(dp.getAllowRead());
    p.setAllowUpdate(dp.getAllowUpdate());
    p.setResourceName(dp.getResourceName());
    if (dp.getAllowLanguage() != null && dp.getAllowLanguage()) {
        p.setAllowUsage(true);
        p.setResourceType(ResourceType.LANGUAGE);
    } else if (dp.getResourceType() != null) {
        p.setResourceType(ResourceType.valueOf(dp.getResourceType().name()));
    } else {
        // $NON-NLS-1$ //$NON-NLS-2$
        int dotCount = dp.getResourceName().length() - dp.getResourceName().replaceAll("\\.", "").length();
        if (dotCount == 0) {
            p.setResourceType(ResourceType.SCHEMA);
        } else if (dp.getAllowExecute() != null && dp.getAllowExecute()) {
            // this may not be correct as it could be a function as well
            p.setResourceType(ResourceType.PROCEDURE);
        } else if (dotCount >= 2) {
            // this may not be correct as it could be a table
            p.setResourceType(ResourceType.COLUMN);
        } else {
            p.setResourceType(ResourceType.TABLE);
        }
    }
    if (dp.getMask() != null) {
        p.setMask(dp.getMask());
        p.setMaskOrder(dp.getOrder());
    }
    if (dp.getCondition() != null) {
        p.setCondition(dp.getCondition(), dp.getConstraint());
    }
    return p;
}
Also used : DataPermission(org.teiid.adminapi.DataPolicy.DataPermission) Permission(org.teiid.metadata.Grant.Permission)

Example 7 with Permission

use of org.teiid.metadata.Grant.Permission in project teiid by teiid.

the class MetadataStore method removeGrant.

public void removeGrant(Grant toRemoveGrant) {
    if (toRemoveGrant == null) {
        return;
    }
    Grant previous = this.grants.get(toRemoveGrant.getRole());
    if (previous == null) {
        this.grants.put(toRemoveGrant.getRole(), toRemoveGrant);
    } else {
        for (Permission revokePermission : toRemoveGrant.getPermissions()) {
            boolean found = false;
            for (Permission currentPermission : new ArrayList<Permission>(previous.getPermissions())) {
                if (currentPermission.resourceMatches(revokePermission)) {
                    found = true;
                    if (revokePermission.getMask() != null) {
                        if (currentPermission.getMask() != null) {
                            currentPermission.setMask(null);
                            currentPermission.setMaskOrder(null);
                        } else {
                        // TODO: could be exception
                        }
                    }
                    if (revokePermission.getCondition() != null) {
                        if (currentPermission.getCondition() != null) {
                            currentPermission.setCondition(null, null);
                        } else {
                        // TODO: could be exception
                        }
                    }
                    currentPermission.removePrivileges(revokePermission.getRevokePrivileges());
                }
                if (currentPermission.getPrivileges().isEmpty() && currentPermission.getRevokePrivileges().isEmpty() && currentPermission.getCondition() == null && currentPermission.getMask() == null) {
                    previous.removePermission(currentPermission);
                }
                if (found) {
                    break;
                }
            }
            if (!found) {
                previous.addPermission(revokePermission);
            }
        }
        if (previous.getPermissions().isEmpty()) {
            this.grants.remove(toRemoveGrant.getRole());
        }
    }
}
Also used : Permission(org.teiid.metadata.Grant.Permission) ArrayList(java.util.ArrayList)

Example 8 with Permission

use of org.teiid.metadata.Grant.Permission in project teiid by teiid.

the class TestDDLParser method testGrantAll.

@Test
public void testGrantAll() throws Exception {
    String ddl = "CREATE DATABASE FOO;" + "USE DATABASE FOO ;" + "CREATE FOREIGN DATA WRAPPER postgresql;" + "CREATE SERVER pgsql TYPE 'custom' FOREIGN DATA WRAPPER postgresql OPTIONS (\"jndi-name\" 'jndiname');" + "CREATE  SCHEMA test SERVER pgsql;" + "SET SCHEMA test;" + "CREATE FOREIGN TABLE G1( e1 integer, e2 varchar, e3 date);" + "CREATE ROLE superuser WITH JAAS ROLE x,y WITH ANY AUTHENTICATED;" + "GRANT ALL PRIVILEGES TO superuser;";
    Database db = helpParse(ddl);
    Role role = db.getRole("superuser");
    assertNotNull(role);
    Collection<Grant> grants = db.getGrants();
    assertEquals(1, grants.size());
    Grant g = grants.iterator().next();
    assertEquals(1, g.getPermissions().size());
    Permission p = g.getPermissions().iterator().next();
    assertTrue(p.hasPrivilege(Privilege.ALL_PRIVILEGES));
}
Also used : Permission(org.teiid.metadata.Grant.Permission) Test(org.junit.Test)

Example 9 with Permission

use of org.teiid.metadata.Grant.Permission in project teiid by teiid.

the class TestDDLParser method testGrantWithCondition.

@Test
public void testGrantWithCondition() throws Exception {
    String ddl = "CREATE DATABASE FOO;" + "USE DATABASE FOO ;" + "CREATE FOREIGN DATA WRAPPER postgresql;" + "CREATE SERVER pgsql TYPE 'custom' FOREIGN DATA WRAPPER postgresql OPTIONS (\"jndi-name\" 'jndiname');" + "CREATE  SCHEMA test SERVER pgsql;" + "SET SCHEMA test;" + "CREATE FOREIGN TABLE G1( e1 integer, e2 varchar, e3 date);" + "CREATE ROLE superuser WITH JAAS ROLE x,y WITH ANY AUTHENTICATED;" + "GRANT SELECT ON TABLE test.G1 CONDITION CONSTRAINT 'foo=bar' TO superuser;";
    Database db = helpParse(ddl);
    Role role = db.getRole("superuser");
    assertNotNull(role);
    Collection<Grant> grants = db.getGrants();
    assertEquals(1, grants.size());
    Grant g = grants.iterator().next();
    assertEquals(1, g.getPermissions().size());
    Permission p = g.getPermissions().iterator().next();
    assertTrue(p.hasPrivilege(Privilege.SELECT));
    assertEquals("foo=bar", p.getCondition());
    assertTrue(p.isConditionAConstraint());
}
Also used : Permission(org.teiid.metadata.Grant.Permission) Test(org.junit.Test)

Aggregations

Permission (org.teiid.metadata.Grant.Permission)9 Test (org.junit.Test)4 DataPermission (org.teiid.adminapi.DataPolicy.DataPermission)3 ArrayList (java.util.ArrayList)2 DataPolicyMetadata (org.teiid.adminapi.impl.DataPolicyMetadata)2 DataPolicy (org.teiid.adminapi.DataPolicy)1 Translator (org.teiid.adminapi.Translator)1 PermissionMetaData (org.teiid.adminapi.impl.DataPolicyMetadata.PermissionMetaData)1 ModelMetaData (org.teiid.adminapi.impl.ModelMetaData)1 SourceMappingMetadata (org.teiid.adminapi.impl.SourceMappingMetadata)1