|
15 | 15 |
|
16 | 16 | import com.google.common.collect.ImmutableSet; |
17 | 17 | import io.airlift.log.Logging; |
| 18 | +import io.trino.Session; |
18 | 19 | import io.trino.jdbc.TrinoConnection; |
19 | 20 | import io.trino.metadata.SystemSecurityMetadata; |
20 | 21 | import io.trino.plugin.memory.MemoryPlugin; |
21 | 22 | import io.trino.server.testing.TestingTrinoServer; |
| 23 | +import io.trino.spi.security.Identity; |
22 | 24 | import io.trino.spi.security.TrinoPrincipal; |
23 | 25 | import io.trino.testing.TestingAccessControlManager; |
24 | 26 | import org.junit.jupiter.api.BeforeAll; |
|
34 | 36 | import java.sql.SQLException; |
35 | 37 | import java.sql.Statement; |
36 | 38 | import java.util.Optional; |
| 39 | +import java.util.Set; |
37 | 40 | import java.util.stream.Stream; |
38 | 41 |
|
39 | 42 | import static com.google.inject.multibindings.OptionalBinder.newOptionalBinder; |
40 | 43 | import static io.trino.jdbc.BaseTrinoDriverTest.getCurrentUser; |
41 | 44 | import static io.trino.spi.security.PrincipalType.USER; |
| 45 | +import static io.trino.testing.TestingSession.testSessionBuilder; |
42 | 46 | import static java.lang.String.format; |
43 | 47 | import static org.assertj.core.api.Assertions.assertThat; |
44 | 48 | import static org.assertj.core.api.Assertions.assertThatThrownBy; |
@@ -138,6 +142,31 @@ public void testImpersonationDisallowedWhenRoleIsNone() |
138 | 142 | } |
139 | 143 | } |
140 | 144 |
|
| 145 | + @Test |
| 146 | + @Timeout(10) |
| 147 | + public void testSessionRepresentationReturnsCorrectGroupsDuringImpersonation() |
| 148 | + { |
| 149 | + // given |
| 150 | + Set<String> aliceGroups = ImmutableSet.of("alice_group"); |
| 151 | + Set<String> johnGroups = ImmutableSet.of("john_group"); |
| 152 | + Identity alice = Identity.forUser("alice").withGroups(aliceGroups).build(); |
| 153 | + Identity john = Identity.forUser("john").withGroups(johnGroups).build(); |
| 154 | + |
| 155 | + // when |
| 156 | + Session aliceImpersonationSession = testSessionBuilder() |
| 157 | + .setOriginalIdentity(alice) |
| 158 | + .setIdentity(john) |
| 159 | + .build(); |
| 160 | + |
| 161 | + // then |
| 162 | + Set<String> originalUserGroups = aliceImpersonationSession.toSessionRepresentation() |
| 163 | + .getOriginalUserGroups(); |
| 164 | + Set<String> userGroups = aliceImpersonationSession.toSessionRepresentation() |
| 165 | + .getGroups(); |
| 166 | + assertThat(originalUserGroups).isEqualTo(aliceGroups); |
| 167 | + assertThat(userGroups).isEqualTo(johnGroups); |
| 168 | + } |
| 169 | + |
141 | 170 | private Connection createConnection(String catalog, String schema, String user) |
142 | 171 | throws SQLException |
143 | 172 | { |
|
0 commit comments