public EmbeddedConfiguration() { DefaultAuthorizationValidator authorizationValidator = new DefaultAuthorizationValidator(); authorizationValidator.setPolicyDecider(new DataRolePolicyDecider()); this.setAuthorizationValidator(authorizationValidator); }
Boolean result = isAccessible(record, commandContext, action); if (!result && record instanceof Schema) { Schema s = (Schema)record; if (s.getTables().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.READ))) { result = true; } else if (s.getProcedures().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.EXECUTE))) { result = true; } else if (s.getFunctions().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.EXECUTE))) { result = true;
DefaultAuthorizationValidator dav = new DefaultAuthorizationValidator(); dav.setPolicyDecider(dataRolePolicyDecider); this.context.setSessionVariable(DefaultAuthorizationValidator.IGNORE_UNAUTHORIZED_ASTERISK, "true"); boolean modified = dav.validate(new String[] {}, command, metadata, this.context, CommandType.USER); assertTrue(modified); dav.validate(new String[] {}, command, metadata, this.context, CommandType.USER); fail(); } catch (QueryValidatorException e) {
boolean modified = false; if (policyDecider != null && policyDecider.validateCommand(commandContext)) { if (ignoreUnathorizedInAsterisk(command, commandContext)) { Query query = (Query)command; HashMap<String, LanguageObject> map = null;
private Request helpProcessMessage(RequestMessage message, SessionAwareCache<PreparedPlan> cache, DQPWorkContext workContext) throws TeiidComponentException, TeiidProcessingException { Request request = null; if (cache != null) { request = new PreparedStatementRequest(cache); } else { request = new Request(); } ConnectorManagerRepository repo = Mockito.mock(ConnectorManagerRepository.class); workContext.getVDB().addAttchment(ConnectorManagerRepository.class, repo); Mockito.stub(repo.getConnectorManager(Mockito.anyString())).toReturn(new AutoGenDataService()); request.initialize(message, Mockito.mock(BufferManager.class), new FakeDataManager(), new FakeTransactionService(), TEMP_TABLE_STORE, workContext, null); DefaultAuthorizationValidator drav = new DefaultAuthorizationValidator(); request.setAuthorizationValidator(drav); request.processRequest(); return request; }
boolean modified = false; if (policyDecider != null && policyDecider.validateCommand(commandContext)) { if (ignoreUnathorizedInAsterisk(command, commandContext)) { Query query = (Query)command; HashMap<String, LanguageObject> map = null;
new FakeTransactionService(), null, workContext, prepPlanCache); serverRequest.setMetadata(capFinder, metadata); DefaultAuthorizationValidator drav = new DefaultAuthorizationValidator(); serverRequest.setAuthorizationValidator(drav); serverRequest.processRequest();
/** * Test Request.validateEntitlement(). * Make sure that this can be called both before and after metadata is initialized. * See defect 17209. * @throws Exception * @since 4.2 */ @Test public void testValidateEntitlement() throws Exception { QueryMetadataInterface metadata = RealMetadataFactory.example1Cached(); Request request = new Request(); Command command = QueryParser.getQueryParser().parseCommand(QUERY); QueryResolver.resolveCommand(command, metadata); RequestMessage message = new RequestMessage(); DQPWorkContext workContext = RealMetadataFactory.buildWorkContext(metadata, RealMetadataFactory.example1VDB()); request.initialize(message, BufferManagerFactory.getStandaloneBufferManager(), null, new FakeTransactionService(), TEMP_TABLE_STORE, workContext, null); request.initMetadata(); DefaultAuthorizationValidator drav = new DefaultAuthorizationValidator(); DataRolePolicyDecider drpd = new DataRolePolicyDecider(); drpd.setAllowCreateTemporaryTablesByDefault(true); drpd.setAllowFunctionCallsByDefault(true); drav.setPolicyDecider(drpd); request.setAuthorizationValidator(drav); request.validateAccess(new String[] {QUERY}, command, CommandType.USER); }
boolean modified = false; if (policyDecider != null && policyDecider.validateCommand(commandContext)) { if (ignoreUnathorizedInAsterisk(command, commandContext)) { Query query = (Query)command; HashMap<String, LanguageObject> map = null;
Boolean result = isAccessible(record, commandContext, action); if (!result && record instanceof Schema) { Schema s = (Schema)record; if (s.getTables().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.READ))) { result = true; } else if (s.getProcedures().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.EXECUTE))) { result = true; } else if (s.getFunctions().entrySet().stream().anyMatch(e->isAccessible(e.getValue(), commandContext, PermissionType.EXECUTE))) { result = true;
config.setMaxActivePlans(1); config.setUserRequestSourceConcurrency(2); DefaultAuthorizationValidator daa = new DefaultAuthorizationValidator(); daa.setPolicyDecider(new DataRolePolicyDecider()); config.setAuthorizationValidator(daa); core.start(config);