/** * Creates a new {@link Authorizations} object with escaped forms of the * authorizations in the given object. * * @param auths original authorizations * @return authorizations object with escaped authorization strings * @see #escape(byte[], boolean) */ static Authorizations escape(Authorizations auths) { ArrayList<byte[]> retAuths = new ArrayList<byte[]>(auths.getAuthorizations().size()); for (byte[] auth : auths.getAuthorizations()) retAuths.add(escape(auth, false)); return new Authorizations(retAuths); }
/** * Constructs an authorization object from a collection of string authorizations that have each already been encoded as UTF-8 bytes. Warning: This method does * not verify that each encoded string is valid UTF-8. * * @param authorizations collection of authorizations, as strings encoded in UTF-8 * @throws IllegalArgumentException if authorizations is null * @see #Authorizations(String...) */ public Authorizations(Collection<byte[]> authorizations) { for (byte[] auth : authorizations) auths.add(new ArrayByteSequence(auth)); checkAuths(); }
/** * Constructs an authorizations object from a set of human-readable authorizations. * * @param authorizations array of authorizations * @throws IllegalArgumentException if authorizations is null */ public Authorizations(String... authorizations) { setAuthorizations(authorizations); }
public static boolean canRead(String visibility, String[] authorizations) { VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new Authorizations(authorizations)); ColumnVisibility columnVisibility = new ColumnVisibility(visibility); try { return visibilityEvaluator.evaluate(columnVisibility); } catch (VisibilityParseException ex) { throw new RuntimeException("could not evaluate visibility " + visibility, ex); } } }
/** * Properly quotes terms in a column visibility expression. If no quoting is needed, then nothing is done. * * @param term term to quote, encoded as UTF-8 bytes * @return quoted term (unquoted if unnecessary), encoded as UTF-8 bytes * @see #quote(String) */ public static byte[] quote(byte[] term) { boolean needsQuote = false; for (int i = 0; i < term.length; i++) { if (!Authorizations.isValidAuthChar(term[i])) { needsQuote = true; break; } } if (!needsQuote) return term; return VisibilityEvaluator.escape(term, true); } }
@Override public Iterator<byte[]> iterator() { return getAuthorizations().iterator(); } }
public static boolean canRead(String visibility, String[] authorizations) { if (visibility == null) { throw new RuntimeException("visibility cannot be null"); } VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new Authorizations(authorizations)); ColumnVisibility columnVisibility = new ColumnVisibility(visibility); try { return visibilityEvaluator.evaluate(columnVisibility); } catch (VisibilityParseException ex) { throw new RuntimeException("could not evaluate visibility " + visibility, ex); } } }
/** * Properly quotes terms in a column visibility expression. If no quoting is needed, then nothing is done. * * @param term term to quote, encoded as UTF-8 bytes * @return quoted term (unquoted if unnecessary), encoded as UTF-8 bytes * @see #quote(String) */ public static byte[] quote(byte[] term) { boolean needsQuote = false; for (int i = 0; i < term.length; i++) { if (!Authorizations.isValidAuthChar(term[i])) { needsQuote = true; break; } } if (!needsQuote) return term; return VisibilityEvaluator.escape(term, true); } }
@Override public Iterator<byte[]> iterator() { return getAuthorizations().iterator(); } }
public static boolean canRead(String visibility, String[] authorizations) { if (visibility == null) { throw new RuntimeException("visibility cannot be null"); } VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new Authorizations(authorizations)); ColumnVisibility columnVisibility = new ColumnVisibility(visibility); try { return visibilityEvaluator.evaluate(columnVisibility); } catch (VisibilityParseException ex) { throw new RuntimeException("could not evaluate visibility " + visibility, ex); } } }
/** * Creates a new {@link Authorizations} object with escaped forms of the * authorizations in the given object. * * @param auths original authorizations * @return authorizations object with escaped authorization strings * @see #escape(byte[], boolean) */ static Authorizations escape(Authorizations auths) { ArrayList<byte[]> retAuths = new ArrayList<byte[]>(auths.getAuthorizations().size()); for (byte[] auth : auths.getAuthorizations()) retAuths.add(escape(auth, false)); return new Authorizations(retAuths); }
private void setAuthorizations(String... authorizations) { auths.clear(); for (String str : authorizations) { str = str.trim(); auths.add(new ArrayByteSequence(str.getBytes(Constants.UTF8))); } checkAuths(); }
if (!Authorizations.isValidAuthChar(c)) throw new BadArgumentException("bad character (" + c + ")", new String(expression, Constants.UTF8), index - 1);
/** * Constructs an authorizations object from a set of human-readable authorizations. * * @param authorizations array of authorizations * @throws IllegalArgumentException if authorizations is null */ public Authorizations(String... authorizations) { setAuthorizations(authorizations); }
public ImmutableSet<String> getTableNames(Authorizations authorizations) { VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new org.vertexium.security.Authorizations(authorizations.getAuthorizations())); return tables.entrySet().stream() .filter(entry -> entry.getValue().canRead(visibilityEvaluator)) .map(Map.Entry::getKey) .collect(StreamUtils.toImmutableSet()); }
private void setAuthorizations(String... authorizations) { auths.clear(); for (String str : authorizations) { str = str.trim(); auths.add(new ArrayByteSequence(str.getBytes(Constants.UTF8))); } checkAuths(); }
if (!Authorizations.isValidAuthChar(c)) throw new BadArgumentException("bad character (" + c + ")", new String(expression, Constants.UTF8), index - 1);
public Iterable<ExtendedDataRow> getTable(String tableName, Authorizations authorizations) { VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new org.vertexium.security.Authorizations(authorizations.getAuthorizations())); Table table = tables.get(tableName); if (table == null) { throw new VertexiumException("Invalid table '" + tableName + "'"); } Iterable<ExtendedDataRow> rows = table.getRows(visibilityEvaluator); if (!rows.iterator().hasNext()) { throw new VertexiumException("Invalid table '" + tableName + "'"); } return rows; }
/** * Constructs an authorization object from a collection of string authorizations that have each already been encoded as UTF-8 bytes. Warning: This method does * not verify that each encoded string is valid UTF-8. * * @param authorizations collection of authorizations, as strings encoded in UTF-8 * @throws IllegalArgumentException if authorizations is null * @see #Authorizations(String...) */ public Authorizations(Collection<byte[]> authorizations) { for (byte[] auth : authorizations) auths.add(new ArrayByteSequence(auth)); checkAuths(); }
@Override public boolean canRead(Visibility visibility) { Preconditions.checkNotNull(visibility, "visibility is required"); // this is just a shortcut so that we don't need to construct evaluators and visibility objects to check for an empty string. if (visibility.getVisibilityString().length() == 0) { return true; } VisibilityEvaluator visibilityEvaluator = new VisibilityEvaluator(new Authorizations(this.getAuthorizations())); ColumnVisibility columnVisibility = new ColumnVisibility(visibility.getVisibilityString()); try { return visibilityEvaluator.evaluate(columnVisibility); } catch (VisibilityParseException e) { throw new VertexiumException("could not evaluate visibility " + visibility.getVisibilityString(), e); } }