congrats Icon
New! Announcing Tabnine Chat Beta
Learn More
Tabnine Logo
Authorizer.listPrivileges
Code IndexAdd Tabnine to your IDE (free)

How to use
listPrivileges
method
in
co.cask.cdap.security.spi.authorization.Authorizer

Best Java code snippets using co.cask.cdap.security.spi.authorization.Authorizer.listPrivileges (Showing top 17 results out of 315)

origin: cdapio/cdap

 @Override
 public Set<Privilege> listPrivileges(Principal principal) throws Exception {
  return delegateAuthorizer.listPrivileges(principal);
 }
}
origin: cdapio/cdap

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: co.cask.cdap/cdap-app-fabric

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder,
              @PathParam("principal-type") String principalType,
              @PathParam("principal-name") String principalName) throws Exception {
 ensureSecurityEnabled();
 Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
 httpResponder.sendJson(HttpResponseStatus.OK,
             GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
 createLogEntry(httpRequest, HttpResponseStatus.OK);
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: caskdata/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

 private void revokeAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
  Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
  authorizer.revoke(Authorizable.fromEntityId(entityId), principal, actions);
  Set<Privilege> revokedPrivileges = new HashSet<>();
  for (Action action : actions) {
   revokedPrivileges.add(new Privilege(entityId, action));
  }
  Assert.assertEquals(Sets.difference(existingPrivileges, revokedPrivileges), authorizer.listPrivileges(principal));
 }
}
origin: cdapio/cdap

private void grantAndAssertSuccess(EntityId entityId, Principal principal, Set<Action> actions) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Set<Privilege> existingPrivileges = authorizer.listPrivileges(principal);
 authorizer.grant(Authorizable.fromEntityId(entityId), principal, actions);
 ImmutableSet.Builder<Privilege> expectedPrivilegesAfterGrant = ImmutableSet.builder();
 for (Action action : actions) {
  expectedPrivilegesAfterGrant.add(new Privilege(entityId, action));
 }
 Assert.assertEquals(Sets.union(existingPrivileges, expectedPrivilegesAfterGrant.build()),
           authorizer.listPrivileges(principal));
}
origin: cdapio/cdap

private void assertNoAccess(Principal principal, final EntityId entityId) throws Exception {
 Authorizer authorizer = getAuthorizer();
 Predicate<Privilege> entityFilter = new Predicate<Privilege>() {
  @Override
  public boolean apply(Privilege input) {
   return Authorizable.fromEntityId(entityId).equals(input.getAuthorizable());
  }
 };
 Assert.assertTrue(Sets.filter(authorizer.listPrivileges(principal), entityFilter).isEmpty());
}
private void assertNoAccess(final EntityId entityId) throws Exception {
origin: cdapio/cdap

@Before
public void setupTest() throws Exception {
 Assert.assertEquals(ImmutableSet.<Privilege>of(), getAuthorizer().listPrivileges(ALICE));
 SecurityRequestContext.setUserId(ALICE.getName());
 cleanUpEntities = new HashSet<>();
}
origin: cdapio/cdap

private void createAuthNamespace() throws Exception {
 Authorizer authorizer = getAuthorizer();
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 getNamespaceAdmin().create(AUTH_NAMESPACE_META);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

@AfterClass
public static void cleanup() throws Exception {
 authorizer.revoke(Authorizable.fromEntityId(NamespaceId.SYSTEM));
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
 SecurityRequestContext.setUserId(OLD_USER_ID);
}
origin: cdapio/cdap

@Test
public void testSimple() throws Exception {
 Authorizer authorizer = get();
 verifyAuthFailure(namespace, user, Action.READ);
 authorizer.grant(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 authorizer.enforce(namespace, user, Action.READ);
 Set<Privilege> expectedPrivileges = new HashSet<>();
 expectedPrivileges.add(new Privilege(namespace, Action.READ));
 Assert.assertEquals(expectedPrivileges, authorizer.listPrivileges(user));
 authorizer.revoke(Authorizable.fromEntityId(namespace), user, Collections.singleton(Action.READ));
 verifyAuthFailure(namespace, user, Action.READ);
}
origin: cdapio/cdap

Assert.assertTrue("Bob should not have any privileges on alice's app", authorizer.listPrivileges(BOB).isEmpty());
Assert.assertEquals(3, authorizer.listPrivileges(BOB).size());
origin: cdapio/cdap

@After
@Override
public void afterTest() throws Exception {
 Authorizer authorizer = getAuthorizer();
 SecurityRequestContext.setUserId(ALICE.getName());
 grantAndAssertSuccess(AUTH_NAMESPACE, SecurityRequestContext.toPrincipal(), EnumSet.of(Action.ADMIN));
 // clean up. remove the namespace if it exists
 if (getNamespaceAdmin().exists(AUTH_NAMESPACE)) {
  getNamespaceAdmin().delete(AUTH_NAMESPACE);
  Assert.assertFalse(getNamespaceAdmin().exists(AUTH_NAMESPACE));
 }
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 for (EntityId entityId : cleanUpEntities) {
  revokeAndAssertSuccess(entityId);
 }
 Assert.assertEquals(Collections.emptySet(), authorizer.listPrivileges(ALICE));
}
origin: cdapio/cdap

          authorizer.listPrivileges(spiderman));
Assert.assertEquals(Collections.EMPTY_SET, authorizer.listPrivileges(spiderman));
origin: cdapio/cdap

@Test
public void testNamespaces() throws Exception {
 NamespaceAdmin namespaceAdmin = getNamespaceAdmin();
 Authorizer authorizer = getAuthorizer();
 try {
  namespaceAdmin.create(AUTH_NAMESPACE_META);
  Assert.fail("Namespace create should have failed because alice is not authorized on " + AUTH_NAMESPACE);
 } catch (UnauthorizedException expected) {
  // expected
 }
 createAuthNamespace();
 Assert.assertTrue(namespaceAdmin.list().contains(AUTH_NAMESPACE_META));
 namespaceAdmin.get(AUTH_NAMESPACE);
 // revoke privileges
 revokeAndAssertSuccess(AUTH_NAMESPACE);
 try {
  Assert.assertTrue(namespaceAdmin.list().isEmpty());
  namespaceAdmin.exists(AUTH_NAMESPACE);
  Assert.fail("Namespace existence check should fail since the privilege of alice has been revoked");
 } catch (UnauthorizedException expected) {
  // expected
 }
 // grant privileges again
 grantAndAssertSuccess(AUTH_NAMESPACE, ALICE, ImmutableSet.of(Action.ADMIN));
 namespaceAdmin.exists(AUTH_NAMESPACE);
 Assert.assertEquals(ImmutableSet.of(new Privilege(AUTH_NAMESPACE, Action.ADMIN)), authorizer.listPrivileges(ALICE));
 NamespaceMeta updated = new NamespaceMeta.Builder(AUTH_NAMESPACE_META).setDescription("new desc").build();
 namespaceAdmin.updateProperties(AUTH_NAMESPACE, updated);
 Assert.assertEquals(updated, namespaceAdmin.get(AUTH_NAMESPACE));
}
origin: cdapio/cdap

Collections.singleton(new Privilege(NamespaceId.SYSTEM, Action.ADMIN)), authorizer.listPrivileges(ALICE));
co.cask.cdap.security.spi.authorizationAuthorizerlistPrivileges

Popular methods of Authorizer

  • grant
  • revoke
  • enforce
  • addRoleToPrincipal
    Add a role to the specified Principal.
  • createRole
    Create a role.
  • dropRole
    Drop a role.
  • isVisible
  • listAllRoles
    Returns all available Role. Only a super user can perform this operation.
  • listRoles
    Returns a set of all Role for the specified Principal.
  • removeRoleFromPrincipal
    Delete a role from the specified Principal.
  • destroy
    Destroys an Authorizer. Authorization extensions can use this method to write any cleanup code.
  • initialize
    Initialize the Authorizer. Authorization extensions can use this method to access an AuthorizationCo
  • destroy,
  • initialize

Popular in Java

  • Start an intent from android
  • onCreateOptionsMenu (Activity)
  • getOriginalFilename (MultipartFile)
    Return the original filename in the client's filesystem.This may contain path information depending
  • getSystemService (Context)
  • FileInputStream (java.io)
    An input stream that reads bytes from a file. File file = ...finally if (in != null) in.clos
  • Time (java.sql)
    Java representation of an SQL TIME value. Provides utilities to format and parse the time's represen
  • SimpleDateFormat (java.text)
    Formats and parses dates in a locale-sensitive manner. Formatting turns a Date into a String, and pa
  • Calendar (java.util)
    Calendar is an abstract base class for converting between a Date object and a set of integer fields
  • Manifest (java.util.jar)
    The Manifest class is used to obtain attribute information for a JarFile and its entries.
  • DateTimeFormat (org.joda.time.format)
    Factory that creates instances of DateTimeFormatter from patterns and styles. Datetime formatting i
  • CodeWhisperer alternatives
Tabnine Logo
  • Products

    Search for Java codeSearch for JavaScript code
  • IDE Plugins

    IntelliJ IDEAWebStormVisual StudioAndroid StudioEclipseVisual Studio CodePyCharmSublime TextPhpStormVimGoLandRubyMineEmacsJupyter NotebookJupyter LabRiderDataGripAppCode
  • Company

    About UsContact UsCareers
  • Resources

    FAQBlogTabnine AcademyTerms of usePrivacy policyJava Code IndexJavascript Code Index
Get Tabnine for your IDE now