Examples with VirtualGroupRequest com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest used on opensource projects

Search in sources :

Example 11 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class StackToTemplatePreparationObjectConverter method convert.

public TemplatePreparationObject convert(Stack source) {
    try {
        Map<String, Collection<ClusterExposedServiceView>> views = serviceEndpointCollector.prepareClusterExposedServicesViews(source.getCluster(), stackUtil.extractClusterManagerAddress(source));
        DetailedEnvironmentResponse environment = environmentClientService.getByCrn(source.getEnvironmentCrn());
        Credential credential = credentialConverter.convert(environment.getCredential());
        Cluster cluster = clusterService.getById(source.getCluster().getId());
        FileSystem fileSystem = cluster.getFileSystem();
        Optional<LdapView> ldapView = ldapConfigService.get(source.getEnvironmentCrn(), source.getName());
        ClouderaManagerRepo cm = clusterComponentConfigProvider.getClouderaManagerRepoDetails(cluster.getId());
        List<ClouderaManagerProduct> products = clusterComponentConfigProvider.getClouderaManagerProductDetails(cluster.getId());
        BaseFileSystemConfigurationsView fileSystemConfigurationView = getFileSystemConfigurationView(credential, source, fileSystem);
        updateFileSystemViewWithBackupLocation(environment, fileSystemConfigurationView);
        StackInputs stackInputs = getStackInputs(source);
        Map<String, Object> fixInputs = stackInputs.getFixInputs() == null ? new HashMap<>() : stackInputs.getFixInputs();
        fixInputs.putAll(stackInputs.getDatalakeInputs() == null ? new HashMap<>() : stackInputs.getDatalakeInputs());
        Gateway gateway = cluster.getGateway();
        String gatewaySignKey = null;
        if (gateway != null) {
            gatewaySignKey = gateway.getSignKey();
        }
        IdBroker idbroker = idBrokerService.getByCluster(cluster);
        if (idbroker == null) {
            idbroker = idBrokerConverterUtil.generateIdBrokerSignKeys(cluster);
            idBrokerService.save(idbroker);
        }
        String envCrnForVirtualGroups = getEnvironmentCrnForVirtualGroups(environment);
        VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(envCrnForVirtualGroups, ldapView.map(LdapView::getAdminGroup).orElse(""));
        String accountId = Crn.safeFromString(source.getResourceCrn()).getAccountId();
        List<UserManagementProto.ServicePrincipalCloudIdentities> servicePrincipalCloudIdentities = grpcUmsClient.listServicePrincipalCloudIdentities(accountId, source.getEnvironmentCrn(), MDCUtils.getRequestId());
        BlueprintView blueprintView = blueprintViewProvider.getBlueprintView(cluster.getBlueprint());
        Optional<String> version = Optional.ofNullable(blueprintView.getVersion());
        Builder builder = Builder.builder().withCloudPlatform(CloudPlatform.valueOf(source.getCloudPlatform())).withRdsConfigs(postgresConfigService.createRdsConfigIfNeeded(source, cluster)).withRdsSslCertificateFilePath(dbCertificateProvider.getSslCertsFilePath()).withGateway(gateway, gatewaySignKey, exposedServiceCollector.getAllKnoxExposed(version)).withIdBroker(idbroker).withCustomConfigurationsView(getCustomConfigurationsView(source, cluster)).withCustomInputs(stackInputs.getCustomInputs() == null ? new HashMap<>() : stackInputs.getCustomInputs()).withFixInputs(fixInputs).withBlueprintView(blueprintView).withFileSystemConfigurationView(fileSystemConfigurationView).withGeneralClusterConfigs(calculateGeneralClusterConfigs(source, cluster)).withLdapConfig(ldapView.orElse(null)).withKerberosConfig(kerberosConfigService.get(source.getEnvironmentCrn(), source.getName()).orElse(null)).withProductDetails(cm, products).withExposedServices(views).withDefaultTags(getStackTags(source)).withSharedServiceConfigs(datalakeService.createSharedServiceConfigsView(source)).withStackType(source.getType()).withVirtualGroupView(virtualGroupRequest);
        transactionService.required(() -> {
            builder.withHostgroups(hostGroupService.getByCluster(cluster.getId()));
        });
        decorateBuilderWithPlacement(source, builder);
        decorateBuilderWithAccountMapping(source, environment, credential, builder, virtualGroupRequest);
        decorateBuilderWithServicePrincipals(source, builder, servicePrincipalCloudIdentities);
        decorateDatalakeView(source, builder);
        return builder.build();
    } catch (AccountTagValidationFailed aTVF) {
        throw new CloudbreakServiceException(aTVF);
    } catch (BlueprintProcessingException | IOException | TransactionService.TransactionExecutionException e) {
        throw new CloudbreakServiceException(e.getMessage(), e);
    }
}
Also used : HashMap(java.util.HashMap) BaseFileSystemConfigurationsView(com.sequenceiq.cloudbreak.template.filesystem.BaseFileSystemConfigurationsView) CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException) Builder(com.sequenceiq.cloudbreak.template.TemplatePreparationObject.Builder) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) AccountTagValidationFailed(com.sequenceiq.cloudbreak.tag.AccountTagValidationFailed) StackInputs(com.sequenceiq.cloudbreak.cloud.model.StackInputs) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) FileSystem(com.sequenceiq.cloudbreak.domain.FileSystem) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) BlueprintProcessingException(com.sequenceiq.cloudbreak.template.BlueprintProcessingException) CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) Credential(com.sequenceiq.cloudbreak.dto.credential.Credential) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) Cluster(com.sequenceiq.cloudbreak.domain.stack.cluster.Cluster) IOException(java.io.IOException) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) DetailedEnvironmentResponse(com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse) Collection(java.util.Collection) TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject)

Example 12 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class RangerVirtualGroupService method getRangerVirtualGroup.

public String getRangerVirtualGroup(Stack stack) {
    if (CloudPlatform.MOCK.equalsIgnoreCase(stack.getCloudPlatform())) {
        return "mockGroup";
    }
    Optional<LdapView> ldapView = ldapConfigService.get(stack.getEnvironmentCrn(), stack.getName());
    String virtualGroupsEnvironmentCrn = environmentConfigProvider.getParentEnvironmentCrn(stack.getEnvironmentCrn());
    String adminGroup = ldapView.orElseThrow(() -> new CloudbreakServiceException("Ranger admin group not found.")).getAdminGroup();
    LOGGER.debug("Admin Group:", adminGroup);
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(virtualGroupsEnvironmentCrn, adminGroup);
    return virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.RANGER_ADMIN);
}
Also used : VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException) LdapView(com.sequenceiq.cloudbreak.dto.LdapView)

Example 13 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithFullAdminGroupMapping.

@Test
public void testSetupLdapWithFullAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "NO_ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_DASHBOARD_USER").uuid("uuid").role("ROLE_DASHBOARD_USER"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 14 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithLimitedAdminGroupMapping.

@Test
public void testSetupLdapWithLimitedAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_LIMITED_CLUSTER_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 15 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class StackV4RequestToTemplatePreparationObjectConverter method convert.

public TemplatePreparationObject convert(StackV4Request source) {
    try {
        CloudbreakUser cloudbreakUser = restRequestThreadLocalService.getCloudbreakUser();
        User user = userService.getOrCreate(cloudbreakUser);
        Workspace workspace = workspaceService.get(restRequestThreadLocalService.getRequestedWorkspaceId(), user);
        DetailedEnvironmentResponse environment = environmentClientService.getByCrn(source.getEnvironmentCrn());
        Credential credential = getCredential(source, environment);
        LdapView ldapConfig = getLdapConfig(source, environment);
        BaseFileSystemConfigurationsView fileSystemConfigurationView = getFileSystemConfigurationView(source, credential.getAttributes());
        Set<RDSConfig> rdsConfigs = getRdsConfigs(source, workspace);
        Blueprint blueprint = getBlueprint(source, workspace);
        Set<HostgroupView> hostgroupViews = getHostgroupViews(source);
        Gateway gateway = source.getCluster().getGateway() == null ? null : stackV4RequestToGatewayConverter.convert(source);
        BlueprintView blueprintView = blueprintViewProvider.getBlueprintView(blueprint);
        Optional<String> version = Optional.ofNullable(blueprintView.getVersion());
        GeneralClusterConfigs generalClusterConfigs = generalClusterConfigsProvider.generalClusterConfigs(source, cloudbreakUser.getEmail(), blueprintService.getBlueprintVariant(blueprint));
        String gatewaySignKey = null;
        if (gateway != null) {
            gatewaySignKey = gateway.getSignKey();
        }
        String envCrnForVirtualGroups = getEnvironmentCrnForVirtualGroups(environment);
        VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(envCrnForVirtualGroups, ldapConfig != null ? ldapConfig.getAdminGroup() : "");
        Builder builder = Builder.builder().withCloudPlatform(source.getCloudPlatform()).withRdsConfigs(rdsConfigs).withHostgroupViews(hostgroupViews).withGateway(gateway, gatewaySignKey, exposedServiceCollector.getAllKnoxExposed(version)).withBlueprintView(blueprintView).withFileSystemConfigurationView(fileSystemConfigurationView).withGeneralClusterConfigs(generalClusterConfigs).withLdapConfig(ldapConfig).withCustomInputs(source.getInputs()).withKerberosConfig(getKerberosConfig(source, environment)).withStackType(source.getType()).withVirtualGroupView(virtualGroupRequest);
        decorateBuilderWithPlacement(source, builder);
        decorateBuilderWithAccountMapping(source, environment, credential, builder);
        decorateBuilderWithProductDetails(source, builder);
        decorateDatalakeView(source, builder);
        return builder.build();
    } catch (BlueprintProcessingException | IOException e) {
        throw new CloudbreakServiceException(e.getMessage(), e);
    }
}
Also used : BlueprintProcessingException(com.sequenceiq.cloudbreak.template.BlueprintProcessingException) CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) Credential(com.sequenceiq.cloudbreak.dto.credential.Credential) CloudbreakUser(com.sequenceiq.cloudbreak.common.user.CloudbreakUser) User(com.sequenceiq.cloudbreak.workspace.model.User) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) BaseFileSystemConfigurationsView(com.sequenceiq.cloudbreak.template.filesystem.BaseFileSystemConfigurationsView) RDSConfig(com.sequenceiq.cloudbreak.domain.RDSConfig) Blueprint(com.sequenceiq.cloudbreak.domain.Blueprint) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException) Builder(com.sequenceiq.cloudbreak.template.TemplatePreparationObject.Builder) IOException(java.io.IOException) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) DetailedEnvironmentResponse(com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse) CloudbreakUser(com.sequenceiq.cloudbreak.common.user.CloudbreakUser) HostgroupView(com.sequenceiq.cloudbreak.template.views.HostgroupView) Workspace(com.sequenceiq.cloudbreak.workspace.model.Workspace)

Aggregations

VirtualGroupRequest (com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest)19 LdapView (com.sequenceiq.cloudbreak.dto.LdapView)10 ClouderaManagerRepo (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo)8 BlueprintView (com.sequenceiq.cloudbreak.template.views.BlueprintView)8 IdBroker (com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker)7 Gateway (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway)7 TemplatePreparationObject (com.sequenceiq.cloudbreak.template.TemplatePreparationObject)7 GeneralClusterConfigs (com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs)7 ArrayList (java.util.ArrayList)7 Test (org.junit.Test)7 ApiClusterTemplateConfig (com.cloudera.api.swagger.model.ApiClusterTemplateConfig)6 ClouderaManagerProduct (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct)6 BlueprintTextProcessor (com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor)5 CloudbreakServiceException (com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)3 ExposedServices (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.ExposedServices)3 GatewayTopology (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.GatewayTopology)3 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)3 List (java.util.List)3 ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)2 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial