Example usage for org.apache.lucene.util.automaton Operations sameLanguage

Introduction

In this page you can find the example usage for org.apache.lucene.util.automaton Operations sameLanguage.

Prototype

public static boolean sameLanguage(Automaton a1, Automaton a2) 

Source Link

Document

Returns true if these two automata accept exactly the same language.

Usage

From source file:org.elasticsearch.xpack.core.security.authz.privilege.PrivilegeTests.java

License:Open Source License

public void testCluster() throws Exception {
    Set<String> name = Sets.newHashSet("monitor");
    ClusterPrivilege cluster = ClusterPrivilege.get(name);
    assertThat(cluster, is(ClusterPrivilege.MONITOR));

    // since "all" implies "monitor", this should be the same language as All
    name = Sets.newHashSet("monitor", "all");
    cluster = ClusterPrivilege.get(name);
    assertTrue(Operations.sameLanguage(ClusterPrivilege.ALL.automaton, cluster.automaton));

    name = Sets.newHashSet("monitor", "none");
    cluster = ClusterPrivilege.get(name);
    assertTrue(Operations.sameLanguage(ClusterPrivilege.MONITOR.automaton, cluster.automaton));

    Set<String> name2 = Sets.newHashSet("none", "monitor");
    ClusterPrivilege cluster2 = ClusterPrivilege.get(name2);
    assertThat(cluster, is(cluster2));/*from   ww w . j  av a 2 s  .  c o  m*/
}

---

From source file:org.elasticsearch.xpack.core.security.authz.privilege.PrivilegeTests.java

License:Open Source License

public void testIndexCollapse() throws Exception {
    IndexPrivilege[] values = IndexPrivilege.values().values()
            .toArray(new IndexPrivilege[IndexPrivilege.values().size()]);
    IndexPrivilege first = values[randomIntBetween(0, values.length - 1)];
    IndexPrivilege second = values[randomIntBetween(0, values.length - 1)];

    Set<String> name = Sets.newHashSet(first.name().iterator().next(), second.name().iterator().next());
    IndexPrivilege index = IndexPrivilege.get(name);

    if (Operations.subsetOf(second.getAutomaton(), first.getAutomaton())) {
        assertTrue(Operations.sameLanguage(index.getAutomaton(), first.getAutomaton()));
    } else if (Operations.subsetOf(first.getAutomaton(), second.getAutomaton())) {
        assertTrue(Operations.sameLanguage(index.getAutomaton(), second.getAutomaton()));
    } else {/*from  w  w  w  .  j a va2 s  .c o m*/
        assertFalse(Operations.sameLanguage(index.getAutomaton(), first.getAutomaton()));
        assertFalse(Operations.sameLanguage(index.getAutomaton(), second.getAutomaton()));
    }
}

---

From source file:org.elasticsearch.xpack.security.authz.store.FileRolesStoreTests.java

License:Open Source License

public void testParseFile() throws Exception {
    Path path = getDataPath("roles.yml");
    Map<String, RoleDescriptor> roles = FileRolesStore.parseFile(path, logger,
            Settings.builder().put(XPackSettings.DLS_FLS_ENABLED.getKey(), true).build(),
            new XPackLicenseState(Settings.EMPTY));
    assertThat(roles, notNullValue());/*from   w w  w  . j  ava2s . co  m*/
    assertThat(roles.size(), is(9));

    RoleDescriptor descriptor = roles.get("role1");
    assertNotNull(descriptor);
    Role role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role1" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster().privilege(), is(ClusterPrivilege.ALL));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(2));
    assertThat(role.runAs(), is(RunAsPermission.NONE));

    IndicesPermission.Group group = role.indices().groups()[0];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(2));
    assertThat(group.indices()[0], equalTo("idx1"));
    assertThat(group.indices()[1], equalTo("idx2"));
    assertThat(group.privilege(), notNullValue());
    assertThat(group.privilege(), is(IndexPrivilege.READ));

    group = role.indices().groups()[1];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(1));
    assertThat(group.indices()[0], equalTo("idx3"));
    assertThat(group.privilege(), notNullValue());
    assertTrue(Operations.subsetOf(IndexPrivilege.READ.getAutomaton(), group.privilege().getAutomaton()));
    assertTrue(Operations.subsetOf(IndexPrivilege.WRITE.getAutomaton(), group.privilege().getAutomaton()));

    descriptor = roles.get("role1.ab");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role1.ab" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster().privilege(), is(ClusterPrivilege.ALL));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(0));
    assertThat(role.runAs(), is(RunAsPermission.NONE));

    descriptor = roles.get("role2");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role2" }));
    assertThat(role.cluster(), notNullValue());
    assertTrue(Operations.sameLanguage(role.cluster().privilege().getAutomaton(),
            ClusterPrivilege.ALL.getAutomaton()));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices(), is(IndicesPermission.NONE));
    assertThat(role.runAs(), is(RunAsPermission.NONE));

    descriptor = roles.get("role3");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role3" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(1));
    assertThat(role.runAs(), is(RunAsPermission.NONE));

    group = role.indices().groups()[0];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(1));
    assertThat(group.indices()[0], equalTo("/.*_.*/"));
    assertThat(group.privilege(), notNullValue());
    assertTrue(Operations.sameLanguage(group.privilege().getAutomaton(),
            MinimizationOperations.minimize(
                    Operations.union(IndexPrivilege.READ.getAutomaton(), IndexPrivilege.WRITE.getAutomaton()),
                    Operations.DEFAULT_MAX_DETERMINIZED_STATES)));

    descriptor = roles.get("role4");
    assertNull(descriptor);

    descriptor = roles.get("role_run_as");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role_run_as" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.indices(), is(IndicesPermission.NONE));
    assertThat(role.runAs(), notNullValue());
    assertThat(role.runAs().check("user1"), is(true));
    assertThat(role.runAs().check("user2"), is(true));
    assertThat(role.runAs().check("user" + randomIntBetween(3, 9)), is(false));

    descriptor = roles.get("role_run_as1");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role_run_as1" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.indices(), is(IndicesPermission.NONE));
    assertThat(role.runAs(), notNullValue());
    assertThat(role.runAs().check("user1"), is(true));
    assertThat(role.runAs().check("user2"), is(true));
    assertThat(role.runAs().check("user" + randomIntBetween(3, 9)), is(false));

    descriptor = roles.get("role_fields");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role_fields" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.runAs(), is(RunAsPermission.NONE));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(1));

    group = role.indices().groups()[0];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(1));
    assertThat(group.indices()[0], equalTo("field_idx"));
    assertThat(group.privilege(), notNullValue());
    assertTrue(Operations.sameLanguage(group.privilege().getAutomaton(), IndexPrivilege.READ.getAutomaton()));
    assertTrue(group.getFieldPermissions().grantsAccessTo("foo"));
    assertTrue(group.getFieldPermissions().grantsAccessTo("boo"));
    assertTrue(group.getFieldPermissions().hasFieldLevelSecurity());

    descriptor = roles.get("role_query");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role_query" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.runAs(), is(RunAsPermission.NONE));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(1));

    group = role.indices().groups()[0];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(1));
    assertThat(group.indices()[0], equalTo("query_idx"));
    assertThat(group.privilege(), notNullValue());
    assertTrue(Operations.sameLanguage(group.privilege().getAutomaton(), IndexPrivilege.READ.getAutomaton()));
    assertFalse(group.getFieldPermissions().hasFieldLevelSecurity());
    assertThat(group.getQuery(), notNullValue());

    descriptor = roles.get("role_query_fields");
    assertNotNull(descriptor);
    role = Role.builder(descriptor, null).build();
    assertThat(role, notNullValue());
    assertThat(role.names(), equalTo(new String[] { "role_query_fields" }));
    assertThat(role.cluster(), notNullValue());
    assertThat(role.cluster(), is(ClusterPermission.SimpleClusterPermission.NONE));
    assertThat(role.runAs(), is(RunAsPermission.NONE));
    assertThat(role.indices(), notNullValue());
    assertThat(role.indices().groups(), notNullValue());
    assertThat(role.indices().groups().length, is(1));

    group = role.indices().groups()[0];
    assertThat(group.indices(), notNullValue());
    assertThat(group.indices().length, is(1));
    assertThat(group.indices()[0], equalTo("query_fields_idx"));
    assertThat(group.privilege(), notNullValue());
    assertTrue(Operations.sameLanguage(group.privilege().getAutomaton(), IndexPrivilege.READ.getAutomaton()));
    assertTrue(group.getFieldPermissions().grantsAccessTo("foo"));
    assertTrue(group.getFieldPermissions().grantsAccessTo("boo"));
    assertTrue(group.getFieldPermissions().hasFieldLevelSecurity());
    assertThat(group.getQuery(), notNullValue());
}

---