private DataRolePolicyDecider createPolicyDecider( QueryMetadataInterface metadata, VDBMetaData vdb, DataPolicyMetadata... roles) { vdb.addAttchment(QueryMetadataInterface.class, metadata); HashMap<String, DataPolicy> policies = new HashMap<String, DataPolicy>(); for (DataPolicyMetadata dataPolicyMetadata : roles) { policies.put(dataPolicyMetadata.getName(), dataPolicyMetadata); } vdb.setDataPolicies(new ArrayList<DataPolicy>(policies.values())); this.context.getDQPWorkContext().setPolicies(policies); this.context.getSession().setVdb(vdb); this.context.setMetadata(metadata); DataRolePolicyDecider dataRolePolicyDecider = new DataRolePolicyDecider(); dataRolePolicyDecider.setAllowFunctionCallsByDefault(false); return dataRolePolicyDecider; }
/** * Test Request.validateEntitlement(). * Make sure that this can be called both before and after metadata is initialized. * See defect 17209. * @throws Exception * @since 4.2 */ @Test public void testValidateEntitlement() throws Exception { QueryMetadataInterface metadata = RealMetadataFactory.example1Cached(); Request request = new Request(); Command command = QueryParser.getQueryParser().parseCommand(QUERY); QueryResolver.resolveCommand(command, metadata); RequestMessage message = new RequestMessage(); DQPWorkContext workContext = RealMetadataFactory.buildWorkContext(metadata, RealMetadataFactory.example1VDB()); request.initialize(message, BufferManagerFactory.getStandaloneBufferManager(), null, new FakeTransactionService(), TEMP_TABLE_STORE, workContext, null); request.initMetadata(); DefaultAuthorizationValidator drav = new DefaultAuthorizationValidator(); DataRolePolicyDecider drpd = new DataRolePolicyDecider(); drpd.setAllowCreateTemporaryTablesByDefault(true); drpd.setAllowFunctionCallsByDefault(true); drav.setPolicyDecider(drpd); request.setAuthorizationValidator(drav); request.validateAccess(new String[] {QUERY}, command, CommandType.USER); }