Examples with VirtualGroupRequest com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest used on opensource projects

Search in sources :

Example 16 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithoutGateway.

@Test
public void roleConfigsWithoutGateway() {
    GeneralClusterConfigs gcc = new GeneralClusterConfigs();
    gcc.setPassword("secret");
    gcc.setAccountId(Optional.of("1234"));
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    TemplatePreparationObject source = Builder.builder().withGeneralClusterConfigs(gcc).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withIdBroker(idBroker).withBlueprintView(blueprintView).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("");
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", ""), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gcc.getPassword()), config("gateway_default_topology_name", "cdp-proxy"), config("gateway_knox_admin_groups", ""), config("gateway_auto_discovery_enabled", "false"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) BlueprintTextProcessor(com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) Test(org.junit.Test)

Example 17 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGatewayWhenOdbcEntitlementFalse.

@Test
public void roleConfigsWithGatewayWhenOdbcEntitlementFalse() {
    GatewayTopology topology = new GatewayTopology();
    topology.setTopologyName("my-topology");
    topology.setExposedServices(Json.silent(new ExposedServices()));
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    gateway.setTopologies(Set.of(topology));
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(false);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", ""), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", gateway.getTopologies().iterator().next().getTopologyName()), config("gateway_knox_admin_groups", ""), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_token_generation_enable_lifespan_input", "true"), config("gateway_token_generation_knox_token_ttl", "86400000"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) BlueprintTextProcessor(com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) ExposedServices(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.ExposedServices) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) GatewayTopology(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.GatewayTopology) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) Test(org.junit.Test)

Example 18 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGatewayWithLdapConfigWhenOdbcEntitlementFalse.

@Test
public void roleConfigsWithGatewayWithLdapConfigWhenOdbcEntitlementFalse() {
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    LdapView ldapConfig = LdapViewBuilder.aLdapView().build();
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withLdapConfig(ldapConfig).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("knox_admins");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(false);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", "knox_admins"), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", "cdp-proxy"), config("gateway_knox_admin_groups", "knox_admins"), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_token_generation_enable_lifespan_input", "true"), config("gateway_token_generation_knox_token_ttl", "86400000"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) BlueprintTextProcessor(com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 19 with VirtualGroupRequest

use of com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProvider method getRoleConfigs.

@Override
protected List<ApiClusterTemplateConfig> getRoleConfigs(String roleType, TemplatePreparationObject source) {
    GatewayView gateway = source.getGatewayView();
    GeneralClusterConfigs generalClusterConfigs = source.getGeneralClusterConfigs();
    String masterSecret = gateway != null ? gateway.getMasterSecret() : generalClusterConfigs.getPassword();
    String topologyName = gateway != null && gateway.getExposedServices() != null ? gateway.getTopologyName() : DEFAULT_TOPOLOGY;
    VirtualGroupRequest virtualGroupRequest = source.getVirtualGroupRequest();
    String adminGroup = virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.KNOX_ADMIN);
    switch(roleType) {
        case KnoxRoles.KNOX_GATEWAY:
            List<ApiClusterTemplateConfig> config = new ArrayList<>();
            config.add(config(KNOX_MASTER_SECRET, masterSecret));
            config.add(config(GATEWAY_DEFAULT_TOPOLOGY_NAME, topologyName));
            config.add(config(GATEWAY_ADMIN_GROUPS, adminGroup));
            config.add(config(GATEWAY_CM_AUTO_DISCOVERY_ENABLED, "false"));
            if (gateway != null) {
                config.add(config(GATEWAY_PATH, gateway.getPath()));
                config.add(config(GATEWAY_SIGNING_KEYSTORE_NAME, SIGNING_JKS));
                config.add(config(GATEWAY_SIGNING_KEYSTORE_TYPE, JKS));
                config.add(config(GATEWAY_SIGNING_KEY_ALIAS, SIGNING_IDENTITY));
                config.add(getGatewayWhitelistConfig(source));
                config.addAll(getDefaultsIfRequired(source));
            }
            if (source.getProductDetailsView() != null && isKnoxDatabaseSupported(source.getProductDetailsView().getCm(), getCdhProduct(source), getCdhPatchVersion(source))) {
                config.add(config(GATEWAY_SERVICE_TOKENSTATE_IMPL, "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService"));
            }
            return config;
        case KnoxRoles.IDBROKER:
            return List.of(config(IDBROKER_MASTER_SECRET, source.getIdBroker().getMasterSecret()), config(IDBROKER_GATEWAY_ADMIN_GROUPS, adminGroup), config(IDBROKER_SIGNING_KEYSTORE_NAME, SIGNING_JKS), config(IDBROKER_SIGNING_KEYSTORE_TYPE, JKS), config(IDBROKER_SIGNING_KEY_ALIAS, SIGNING_IDENTITY));
        default:
            return List.of();
    }
}
Also used : GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ArrayList(java.util.ArrayList) ApiClusterTemplateConfig(com.cloudera.api.swagger.model.ApiClusterTemplateConfig) GatewayView(com.sequenceiq.cloudbreak.template.views.GatewayView)

Aggregations

VirtualGroupRequest (com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest)19 LdapView (com.sequenceiq.cloudbreak.dto.LdapView)10 ClouderaManagerRepo (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo)8 BlueprintView (com.sequenceiq.cloudbreak.template.views.BlueprintView)8 IdBroker (com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker)7 Gateway (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway)7 TemplatePreparationObject (com.sequenceiq.cloudbreak.template.TemplatePreparationObject)7 GeneralClusterConfigs (com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs)7 ArrayList (java.util.ArrayList)7 Test (org.junit.Test)7 ApiClusterTemplateConfig (com.cloudera.api.swagger.model.ApiClusterTemplateConfig)6 ClouderaManagerProduct (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct)6 BlueprintTextProcessor (com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor)5 CloudbreakServiceException (com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)3 ExposedServices (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.ExposedServices)3 GatewayTopology (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.GatewayTopology)3 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)3 List (java.util.List)3 ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)2 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial