Search in sources :

Example 1 with ApiExternalUserMappingList

use of com.cloudera.api.swagger.model.ApiExternalUserMappingList in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithFullAdminGroupMapping.

@Test
public void testSetupLdapWithFullAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "NO_ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_DASHBOARD_USER").uuid("uuid").role("ROLE_DASHBOARD_USER"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 2 with ApiExternalUserMappingList

use of com.cloudera.api.swagger.model.ApiExternalUserMappingList in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithLimitedAdminGroupMapping.

@Test
public void testSetupLdapWithLimitedAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_LIMITED_CLUSTER_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 3 with ApiExternalUserMappingList

use of com.cloudera.api.swagger.model.ApiExternalUserMappingList in project cloudbreak by hortonworks.

the class ClouderaManagerLdapService method addGroupMapping.

private void addGroupMapping(ExternalUserMappingsResourceApi cmApi, ApiAuthRoleMetadata adminRole, Optional<ApiAuthRoleMetadata> dashboardUserRoleOpt, String ldapGroup) throws ApiException {
    LOGGER.info("Associating virtual group '{}' to CM role '{}'", ldapGroup, adminRole.getDisplayName());
    ApiExternalUserMappingList apiExternalUserMappingList = new ApiExternalUserMappingList().addItemsItem(new ApiExternalUserMapping().name(ldapGroup).type(ApiExternalUserMappingType.LDAP).addAuthRolesItem(new ApiAuthRoleRef().displayName(adminRole.getDisplayName()).uuid(adminRole.getUuid())));
    if (dashboardUserRoleOpt.isPresent()) {
        ApiAuthRoleMetadata dashboardUserRole = dashboardUserRoleOpt.get();
        LOGGER.info("Associating virtual group '{}' to CM role '{}'", ldapGroup, dashboardUserRole.getDisplayName());
        apiExternalUserMappingList.getItems().get(0).addAuthRolesItem(new ApiAuthRoleRef().displayName(dashboardUserRole.getDisplayName()).uuid(dashboardUserRole.getUuid()));
    }
    cmApi.createExternalUserMappings(apiExternalUserMappingList);
}
Also used : ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping)

Aggregations

ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)3 ApiAuthRoleRef (com.cloudera.api.swagger.model.ApiAuthRoleRef)3 ApiExternalUserMapping (com.cloudera.api.swagger.model.ApiExternalUserMapping)3 ApiExternalUserMappingList (com.cloudera.api.swagger.model.ApiExternalUserMappingList)3 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)2 VirtualGroupRequest (com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest)2 LdapView (com.sequenceiq.cloudbreak.dto.LdapView)2 Test (org.junit.Test)2