This is an automated email from the ASF dual-hosted git repository.
xiangfu pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/pinot.git
The following commit(s) were added to refs/heads/master by this push:
new c907dca fixing permission check case issue in BasicAuthPrincipal
(#7354)
c907dca is described below
commit c907dca917b208cade9d46d2e0804c335901d9b2
Author: Xiang Fu <[email protected]>
AuthorDate: Mon Aug 23 19:18:41 2021 -0700
fixing permission check case issue in BasicAuthPrincipal (#7354)
---
.../apache/pinot/core/auth/BasicAuthPrincipal.java | 5 ++-
.../org/apache/pinot/core/auth/BasicAuthTest.java | 51 ++++++++++++++++++++++
2 files changed, 54 insertions(+), 2 deletions(-)
diff --git
a/pinot-core/src/main/java/org/apache/pinot/core/auth/BasicAuthPrincipal.java
b/pinot-core/src/main/java/org/apache/pinot/core/auth/BasicAuthPrincipal.java
index 2cc6354..e2d7cb9 100644
---
a/pinot-core/src/main/java/org/apache/pinot/core/auth/BasicAuthPrincipal.java
+++
b/pinot-core/src/main/java/org/apache/pinot/core/auth/BasicAuthPrincipal.java
@@ -19,6 +19,7 @@
package org.apache.pinot.core.auth;
import java.util.Set;
+import java.util.stream.Collectors;
/**
@@ -34,7 +35,7 @@ public class BasicAuthPrincipal {
_name = name;
_token = token;
_tables = tables;
- _permissions = permissions;
+ _permissions = permissions.stream().map(s ->
s.toLowerCase()).collect(Collectors.toSet());
}
public String getName() {
@@ -50,6 +51,6 @@ public class BasicAuthPrincipal {
}
public boolean hasPermission(String permission) {
- return _permissions.isEmpty() || _permissions.contains(permission);
+ return _permissions.isEmpty() ||
_permissions.contains(permission.toLowerCase());
}
}
diff --git
a/pinot-core/src/test/java/org/apache/pinot/core/auth/BasicAuthTest.java
b/pinot-core/src/test/java/org/apache/pinot/core/auth/BasicAuthTest.java
new file mode 100644
index 0000000..bcadc8b8
--- /dev/null
+++ b/pinot-core/src/test/java/org/apache/pinot/core/auth/BasicAuthTest.java
@@ -0,0 +1,51 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.pinot.core.auth;
+
+import com.google.common.collect.ImmutableSet;
+import org.testng.Assert;
+import org.testng.annotations.Test;
+
+
+public class BasicAuthTest {
+
+ @Test
+ public void testBasicAuthPrincipal()
+ throws Exception {
+ Assert.assertTrue(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("READ"))
+ .hasTable("myTable"));
+ Assert.assertTrue(
+ new BasicAuthPrincipal("name", "token", ImmutableSet.of("myTable",
"myTable1"), ImmutableSet.of("Read"))
+ .hasTable("myTable1"));
+ Assert.assertFalse(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("read"))
+ .hasTable("myTable1"));
+ Assert.assertFalse(
+ new BasicAuthPrincipal("name", "token", ImmutableSet.of("myTable",
"myTable1"), ImmutableSet.of("read"))
+ .hasTable("myTable2"));
+
+ Assert.assertTrue(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("READ"))
+ .hasPermission("read"));
+ Assert.assertTrue(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("Read"))
+ .hasPermission("READ"));
+ Assert.assertTrue(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("read"))
+ .hasPermission("Read"));
+ Assert.assertFalse(new BasicAuthPrincipal("name", "token",
ImmutableSet.of("myTable"), ImmutableSet.of("read"))
+ .hasPermission("write"));
+ }
+}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
