congrats Icon
New! Tabnine Pro 14-day free trial
Start a free trial
Tabnine Logo
Authorizer.listPrivileges
Code IndexAdd Tabnine to your IDE (free)

How to use
listPrivileges
method
in
co.cask.cdap.security.spi.authorization.Authorizer

Best Java code snippets using co.cask.cdap.security.spi.authorization.Authorizer.listPrivileges (Showing top 17 results out of 315)

origin: cdapio/cdap

 @Override
 public Set<Privilege> listPrivileges(Principal principal) throws Exception {
  return delegateAuthorizer.listPrivileges(principal);
 }
}
origin: cdapio/cdap

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: co.cask.cdap/cdap-app-fabric

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: caskdata/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

 private void revokeAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
  Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
  authorizer.revoke(Authorizable.fromEntityId(entityId), principal, actions);
  Set<Privilege> revokedPrivileges = new HashSet<>();
  for (Action action : actions) {
   revokedPrivileges.add(new Privilege(entityId, action));
  }
  Assert.assertEquals(Sets.difference(existingPrivileges, revokedPrivileges), authorizer.listPrivileges(principal));
 }
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

private void assertNoAccess(Principal principal, final EntityId entityId) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Predicate<Privilege> entityFilter = new Predicate<Privilege>() {
  @Override
  public boolean apply(Privilege input) {
   return Authorizable.fromEntityId(entityId).equals(input.getAuthorizable());
  }
 };
 Assert.assertTrue(Sets.filter(authorizer.listPrivileges(principal), entityFilter).isEmpty());
}
private void assertNoAccess(final EntityId entityId) throws Exception {
origin: cdapio/cdap

@Before
public void setupTest() throws Exception {
 Assert.assertEquals(ImmutableSet.<Privilege>of(), getAuthorizer().listPrivileges(ALICE));
 SecurityRequestContext.setUserId(ALICE.getName());
 cleanUpEntities = new HashSet<>();
}
origin: cdapio/cdap

private void createAuthNamespace() throws Exception {
 Authorizer authorizer = getAuthorizer();
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 getNamespaceAdmin().create(AUTH_NAMESPACE_META);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

@AfterClass
public static void cleanup() throws Exception {
 authorizer.revoke(Authorizable.fromEntityId(NamespaceId.SYSTEM));
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
 SecurityRequestContext.setUserId(OLD_USER_ID);
}
origin: cdapio/cdap

@Test
public void testSimple() throws Exception {
 Authorizer authorizer = get();
 verifyAuthFailure(namespace, user, Action.READ);
 authorizer.grant(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 authorizer.enforce(namespace, user, Action.READ);
 Set<Privilege> expectedPrivileges = new HashSet<>();
 expectedPrivileges.add(new Privilege(namespace, Action.READ));
 Assert.assertEquals(expectedPrivileges, authorizer.listPrivileges(user));
 authorizer.revoke(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 verifyAuthFailure(namespace, user, Action.READ);
}
origin: cdapio/cdap

Assert.assertTrue("Bob should not have any privileges on alice's app", authorizer.listPrivileges(BOB).isEmpty());
Assert.assertEquals(3, authorizer.listPrivileges(BOB).size());
origin: cdapio/cdap

@After
@Override
public void afterTest() throws Exception {
 Authorizer authorizer = getAuthorizer();
 SecurityRequestContext.setUserId(ALICE.getName());
 grantAndAssertSuccess(AUTH_NAMESPACE, SecurityRequestContext.toPrincipal(), EnumSet.of(Action.ADMIN));
 // clean up. remove the namespace if it exists
 if (getNamespaceAdmin().exists(AUTH_NAMESPACE)) {
  getNamespaceAdmin().delete(AUTH_NAMESPACE);
  Assert.assertFalse(getNamespaceAdmin().exists(AUTH_NAMESPACE));
 }
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 for (EntityId entityId : cleanUpEntities) {
  revokeAndAssertSuccess(entityId);
 }
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

          authorizer.listPrivileges(spiderman));
Assert.assertEquals(Collections.EMPTY_SET, authorizer.listPrivileges(spiderman));
origin: cdapio/cdap

@Test
public void testNamespaces() throws Exception {
 NamespaceAdmin namespaceAdmin = getNamespaceAdmin();
 Authorizer authorizer = getAuthorizer();
 try {
  namespaceAdmin.create(AUTH_NAMESPACE_META);
  Assert.fail("Namespace create should have failed because alice is not authorized on " + AUTH_NAMESPACE);
 } catch (UnauthorizedException expected) {
  // expected
 }
 createAuthNamespace();
 Assert.assertTrue(namespaceAdmin.list().contains(AUTH_NAMESPACE_META));
 namespaceAdmin.get(AUTH_NAMESPACE);
 // revoke privileges
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 try {
  Assert.assertTrue(namespaceAdmin.list().isEmpty());
  namespaceAdmin.exists(AUTH_NAMESPACE);
  Assert.fail("Namespace existence check should fail since the privilege of alice has been revoked");
 } catch (UnauthorizedException expected) {
  // expected
 }
 // grant privileges again
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 namespaceAdmin.exists(AUTH_NAMESPACE);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
 NamespaceMeta updated = new NamespaceMeta.Builder(AUTH_NAMESPACE_META).setDescription("new desc").build();
 namespaceAdmin.updateProperties(AUTH_NAMESPACE, updated);
 Assert.assertEquals(updated, namespaceAdmin.get(AUTH_NAMESPACE));
}
origin: cdapio/cdap

Collections.singleton(new Privilege(NamespaceId.SYSTEM, Action.ADMIN)), authorizer.listPrivileges(ALICE));
co.cask.cdap.security.spi.authorizationAuthorizerlistPrivileges

Popular methods of Authorizer

  • grant
  • revoke
  • enforce
  • addRoleToPrincipal
    Add a role to the specified Principal.
  • createRole
    Create a role.
  • dropRole
    Drop a role.
  • isVisible
  • listAllRoles
    Returns all available Role. Only a super user can perform this operation.
  • listRoles
    Returns a set of all Role for the specified Principal.
  • removeRoleFromPrincipal
    Delete a role from the specified Principal.
  • destroy
    Destroys an Authorizer. Authorization extensions can use this method to write any cleanup code.
  • initialize
    Initialize the Authorizer. Authorization extensions can use this method to access an AuthorizationCo
  • destroy,
  • initialize

Popular in Java

  • Start an intent from android
  • getSystemService (Context)
  • onCreateOptionsMenu (Activity)
  • setContentView (Activity)
  • HttpServer (com.sun.net.httpserver)
    This class implements a simple HTTP server. A HttpServer is bound to an IP address and port number a
  • BufferedImage (java.awt.image)
    The BufferedImage subclass describes an java.awt.Image with an accessible buffer of image data. All
  • BufferedInputStream (java.io)
    A BufferedInputStream adds functionality to another input stream-namely, the ability to buffer the i
  • Notification (javax.management)
  • HttpServletRequest (javax.servlet.http)
    Extends the javax.servlet.ServletRequest interface to provide request information for HTTP servlets.
  • Location (org.springframework.beans.factory.parsing)
    Class that models an arbitrary location in a Resource.Typically used to track the location of proble
  • CodeWhisperer alternatives
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now