Tabnine Logo
Authorizer.listPrivileges
Code IndexAdd Tabnine to your IDE (free)

How to use
listPrivileges
method
in
co.cask.cdap.security.spi.authorization.Authorizer

Best Java code snippets using co.cask.cdap.security.spi.authorization.Authorizer.listPrivileges (Showing top 17 results out of 315)

  • Add the Codota plugin to your IDE and get smart completions
private void myMethod () {
 SimpleDateFormat s =
  • Codota IconString pattern;new SimpleDateFormat(pattern)
  • Codota IconString template;Locale locale;new SimpleDateFormat(template, locale)
  • Codota Iconnew SimpleDateFormat()
  • Smart code suggestions by Tabnine
}
origin: cdapio/cdap

 @Override
 public Set<Privilege> listPrivileges(Principal principal) throws Exception {
  return delegateAuthorizer.listPrivileges(principal);
 }
}
origin: cdapio/cdap

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: co.cask.cdap/cdap-app-fabric

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: caskdata/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

 private void revokeAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
  Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
  authorizer.revoke(Authorizable.fromEntityId(entityId), principal, actions);
  Set<Privilege> revokedPrivileges = new HashSet<>();
  for (Action action : actions) {
   revokedPrivileges.add(new Privilege(entityId, action));
  }
  Assert.assertEquals(Sets.difference(existingPrivileges, revokedPrivileges), authorizer.listPrivileges(principal));
 }
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

private void assertNoAccess(Principal principal, final EntityId entityId) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Predicate<Privilege> entityFilter = new Predicate<Privilege>() {
  @Override
  public boolean apply(Privilege input) {
   return Authorizable.fromEntityId(entityId).equals(input.getAuthorizable());
  }
 };
 Assert.assertTrue(Sets.filter(authorizer.listPrivileges(principal), entityFilter).isEmpty());
}
private void assertNoAccess(final EntityId entityId) throws Exception {
origin: cdapio/cdap

@Before
public void setupTest() throws Exception {
 Assert.assertEquals(ImmutableSet.<Privilege>of(), getAuthorizer().listPrivileges(ALICE));
 SecurityRequestContext.setUserId(ALICE.getName());
 cleanUpEntities = new HashSet<>();
}
origin: cdapio/cdap

private void createAuthNamespace() throws Exception {
 Authorizer authorizer = getAuthorizer();
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 getNamespaceAdmin().create(AUTH_NAMESPACE_META);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

@AfterClass
public static void cleanup() throws Exception {
 authorizer.revoke(Authorizable.fromEntityId(NamespaceId.SYSTEM));
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
 SecurityRequestContext.setUserId(OLD_USER_ID);
}
origin: cdapio/cdap

@Test
public void testSimple() throws Exception {
 Authorizer authorizer = get();
 verifyAuthFailure(namespace, user, Action.READ);
 authorizer.grant(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 authorizer.enforce(namespace, user, Action.READ);
 Set<Privilege> expectedPrivileges = new HashSet<>();
 expectedPrivileges.add(new Privilege(namespace, Action.READ));
 Assert.assertEquals(expectedPrivileges, authorizer.listPrivileges(user));
 authorizer.revoke(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 verifyAuthFailure(namespace, user, Action.READ);
}
origin: cdapio/cdap

Assert.assertTrue("Bob should not have any privileges on alice's app", authorizer.listPrivileges(BOB).isEmpty());
Assert.assertEquals(3, authorizer.listPrivileges(BOB).size());
origin: cdapio/cdap

@After
@Override
public void afterTest() throws Exception {
 Authorizer authorizer = getAuthorizer();
 SecurityRequestContext.setUserId(ALICE.getName());
 grantAndAssertSuccess(AUTH_NAMESPACE, SecurityRequestContext.toPrincipal(), EnumSet.of(Action.ADMIN));
 // clean up. remove the namespace if it exists
 if (getNamespaceAdmin().exists(AUTH_NAMESPACE)) {
  getNamespaceAdmin().delete(AUTH_NAMESPACE);
  Assert.assertFalse(getNamespaceAdmin().exists(AUTH_NAMESPACE));
 }
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 for (EntityId entityId : cleanUpEntities) {
  revokeAndAssertSuccess(entityId);
 }
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

          authorizer.listPrivileges(spiderman));
Assert.assertEquals(Collections.EMPTY_SET, authorizer.listPrivileges(spiderman));
origin: cdapio/cdap

@Test
public void testNamespaces() throws Exception {
 NamespaceAdmin namespaceAdmin = getNamespaceAdmin();
 Authorizer authorizer = getAuthorizer();
 try {
  namespaceAdmin.create(AUTH_NAMESPACE_META);
  Assert.fail("Namespace create should have failed because alice is not authorized on " + AUTH_NAMESPACE);
 } catch (UnauthorizedException expected) {
  // expected
 }
 createAuthNamespace();
 Assert.assertTrue(namespaceAdmin.list().contains(AUTH_NAMESPACE_META));
 namespaceAdmin.get(AUTH_NAMESPACE);
 // revoke privileges
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 try {
  Assert.assertTrue(namespaceAdmin.list().isEmpty());
  namespaceAdmin.exists(AUTH_NAMESPACE);
  Assert.fail("Namespace existence check should fail since the privilege of alice has been revoked");
 } catch (UnauthorizedException expected) {
  // expected
 }
 // grant privileges again
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 namespaceAdmin.exists(AUTH_NAMESPACE);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
 NamespaceMeta updated = new NamespaceMeta.Builder(AUTH_NAMESPACE_META).setDescription("new desc").build();
 namespaceAdmin.updateProperties(AUTH_NAMESPACE, updated);
 Assert.assertEquals(updated, namespaceAdmin.get(AUTH_NAMESPACE));
}
origin: cdapio/cdap

Collections.singleton(new Privilege(NamespaceId.SYSTEM, Action.ADMIN)), authorizer.listPrivileges(ALICE));
co.cask.cdap.security.spi.authorizationAuthorizerlistPrivileges

Popular methods of Authorizer

  • grant
  • revoke
  • enforce
  • addRoleToPrincipal
    Add a role to the specified Principal.
  • createRole
    Create a role.
  • dropRole
    Drop a role.
  • isVisible
  • listAllRoles
    Returns all available Role. Only a super user can perform this operation.
  • listRoles
    Returns a set of all Role for the specified Principal.
  • removeRoleFromPrincipal
    Delete a role from the specified Principal.
  • destroy
    Destroys an Authorizer. Authorization extensions can use this method to write any cleanup code.
  • initialize
    Initialize the Authorizer. Authorization extensions can use this method to access an AuthorizationCo
  • destroy,
  • initialize

Popular in Java

  • Finding current android device location
  • setContentView (Activity)
  • compareTo (BigDecimal)
  • getOriginalFilename (MultipartFile)
    Return the original filename in the client's filesystem.This may contain path information depending
  • BorderLayout (java.awt)
    A border layout lays out a container, arranging and resizing its components to fit in five regions:
  • PrintStream (java.io)
    Fake signature of an existing Java class.
  • Charset (java.nio.charset)
    A charset is a named mapping between Unicode characters and byte sequences. Every Charset can decode
  • Time (java.sql)
    Java representation of an SQL TIME value. Provides utilities to format and parse the time's represen
  • ReentrantLock (java.util.concurrent.locks)
    A reentrant mutual exclusion Lock with the same basic behavior and semantics as the implicit monitor
  • HttpServlet (javax.servlet.http)
    Provides an abstract class to be subclassed to create an HTTP servlet suitable for a Web site. A sub
Tabnine Logo

  • Products

    Search for Java codeSearch for JavaScript code

  • IDE Plugins

    IntelliJ IDEAWebStormAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimAtomGoLandRubyMineEmacsJupyter

  • Company

    About UsContact UsCareers

  • Resources

    FAQBlogTabnine AcademyStudentsTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now