Search in sources :

Example 1 with AuthRolesResourceApi

use of com.cloudera.api.swagger.AuthRolesResourceApi in project cloudbreak by hortonworks.

the class ClouderaManagerLdapService method setupLdap.

public void setupLdap(Stack stack, Cluster cluster, HttpClientConfig clientConfig, LdapView ldapView, VirtualGroupRequest virtualGroupRequest) throws ApiException, ClouderaManagerClientInitException {
    if (ldapView != null) {
        String user = cluster.getCloudbreakAmbariUser();
        String password = cluster.getCloudbreakAmbariPassword();
        ApiClient client = clouderaManagerApiClientProvider.getV31Client(stack.getGatewayPort(), user, password, clientConfig);
        LOGGER.debug("Setup LDAP on ClouderaManager API for stack: {}", stack.getId());
        ExternalUserMappingsResourceApi externalUserMappingsResourceApi = clouderaManagerApiFactory.getExternalUserMappingsResourceApi(client);
        AuthRolesResourceApi authRolesResourceApi = clouderaManagerApiFactory.getAuthRolesResourceApi(client);
        ApiAuthRoleMetadataList roleMetadataList = authRolesResourceApi.readAuthRolesMetadata(null);
        if (roleMetadataList.getItems() != null) {
            Optional<ApiAuthRoleMetadata> dashboardUserRoleOpt = findRole(roleMetadataList, dashboardUserRole);
            Optional<ApiAuthRoleMetadata> limitedAdminRoleOpt = findRole(roleMetadataList, limitedAdminRole);
            Optional<ApiAuthRoleMetadata> role = limitedAdminRoleOpt.isPresent() ? limitedAdminRoleOpt : findRole(roleMetadataList, adminRole);
            if (role.isPresent()) {
                String virtualGroup = virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN);
                addGroupMapping(externalUserMappingsResourceApi, role.get(), dashboardUserRoleOpt, virtualGroup);
            } else {
                LOGGER.info("Cannot setup admin group mapping. Admin roles ({}, {}) are not found", adminRole, limitedAdminRole);
            }
            Optional<ApiAuthRoleMetadata> userMetadata = roleMetadataList.getItems().stream().filter(toRole(userRole)).findFirst();
            if (userMetadata.isPresent() && StringUtils.isNotBlank(ldapView.getUserGroup())) {
                addGroupMapping(externalUserMappingsResourceApi, userMetadata.get(), dashboardUserRoleOpt, ldapView.getUserGroup());
            } else {
                LOGGER.info("Cannot setup user group mapping. User metadata present: [{}] User group: [{}]", userMetadata.isPresent(), ldapView.getUserGroup());
            }
        }
    }
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ExternalUserMappingsResourceApi(com.cloudera.api.swagger.ExternalUserMappingsResourceApi) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) AuthRolesResourceApi(com.cloudera.api.swagger.AuthRolesResourceApi) ApiClient(com.cloudera.api.swagger.client.ApiClient)

Aggregations

AuthRolesResourceApi (com.cloudera.api.swagger.AuthRolesResourceApi)1 ExternalUserMappingsResourceApi (com.cloudera.api.swagger.ExternalUserMappingsResourceApi)1 ApiClient (com.cloudera.api.swagger.client.ApiClient)1 ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)1 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)1