@Test(expectedExceptions = PrestoException.class, expectedExceptionsMessageRegExp = "Access Denied: Cannot select from columns \\[column\\] in table or view schema.table") public void testDenyCatalogAccessControl() { CatalogManager catalogManager = new CatalogManager(); TransactionManager transactionManager = createTestTransactionManager(catalogManager); AccessControlManager accessControlManager = new AccessControlManager(transactionManager); TestSystemAccessControlFactory accessControlFactory = new TestSystemAccessControlFactory("test"); accessControlManager.addSystemAccessControlFactory(accessControlFactory); accessControlManager.setSystemAccessControl("test", ImmutableMap.of()); ConnectorId connectorId = registerBogusConnector(catalogManager, transactionManager, accessControlManager, "catalog"); accessControlManager.addCatalogAccessControl(connectorId, new DenyConnectorAccessControl()); transaction(transactionManager, accessControlManager) .execute(transactionId -> { accessControlManager.checkCanSelectFromColumns(transactionId, new Identity(USER_NAME, Optional.of(PRINCIPAL)), new QualifiedObjectName("catalog", "schema", "table"), ImmutableSet.of("column")); }); }
@Test(expectedExceptions = PrestoException.class, expectedExceptionsMessageRegExp = "Access Denied: Cannot select from table secured_catalog.schema.table") public void testDenySystemAccessControl() { CatalogManager catalogManager = new CatalogManager(); TransactionManager transactionManager = createTestTransactionManager(catalogManager); AccessControlManager accessControlManager = new AccessControlManager(transactionManager); TestSystemAccessControlFactory accessControlFactory = new TestSystemAccessControlFactory("test"); accessControlManager.addSystemAccessControlFactory(accessControlFactory); accessControlManager.setSystemAccessControl("test", ImmutableMap.of()); registerBogusConnector(catalogManager, transactionManager, accessControlManager, "connector"); accessControlManager.addCatalogAccessControl(new ConnectorId("connector"), new DenyConnectorAccessControl()); transaction(transactionManager, accessControlManager) .execute(transactionId -> { accessControlManager.checkCanSelectFromColumns(transactionId, new Identity(USER_NAME, Optional.of(PRINCIPAL)), new QualifiedObjectName("secured_catalog", "schema", "table"), ImmutableSet.of("column")); }); }
@Test(expectedExceptions = PrestoException.class, expectedExceptionsMessageRegExp = "Access Denied: Cannot select from table schema.table") public void testDenyCatalogAccessControl() throws Exception { TransactionManager transactionManager = createTestTransactionManager(); AccessControlManager accessControlManager = new AccessControlManager(transactionManager); accessControlManager.setSystemAccessControl(ALLOW_ALL_ACCESS_CONTROL, ImmutableMap.<String, String>of()); registerBogusConnector(transactionManager, "connector"); accessControlManager.addCatalogAccessControl("connector", "catalog", new DenyConnectorAccessControl()); transaction(transactionManager) .execute(transactionId -> { accessControlManager.checkCanSelectFromTable(transactionId, new Identity(USER_NAME, Optional.of(PRINCIPAL)), new QualifiedObjectName("catalog", "schema", "table")); }); }