Examples with LdapView com.sequenceiq.cloudbreak.dto.LdapView used on opensource projects

Search in sources :

Example 11 with LdapView

use of com.sequenceiq.cloudbreak.dto.LdapView in project cloudbreak by hortonworks.

the class StackToTemplatePreparationObjectConverterTest method testConvertWhenClusterFromClusterServiceHasLdapConfigThenItShouldBeStored.

@Test
public void testConvertWhenClusterFromClusterServiceHasLdapConfigThenItShouldBeStored() {
    LdapView ldapView = LdapView.LdapViewBuilder.aLdapView().withProtocol("").withBindDn("admin<>").build();
    when(ldapConfigService.get(anyString(), anyString())).thenReturn(Optional.of(ldapView));
    when(blueprintViewProvider.getBlueprintView(any())).thenReturn(getBlueprintView());
    TemplatePreparationObject result = underTest.convert(stackMock);
    assertThat(result.getLdapConfig().isPresent()).isTrue();
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.jupiter.api.Test)

Example 12 with LdapView

use of com.sequenceiq.cloudbreak.dto.LdapView in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithFullAdminGroupMapping.

@Test
public void testSetupLdapWithFullAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "NO_ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_DASHBOARD_USER").uuid("uuid").role("ROLE_DASHBOARD_USER"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 13 with LdapView

use of com.sequenceiq.cloudbreak.dto.LdapView in project cloudbreak by hortonworks.

the class ClouderaManagerLdapServiceTest method testSetupLdapWithLimitedAdminGroupMapping.

@Test
public void testSetupLdapWithLimitedAdminGroupMapping() throws ApiException, ClouderaManagerClientInitException {
    // GIVEN
    ReflectionTestUtils.setField(underTest, "adminRole", "ROLE_ADMIN");
    ReflectionTestUtils.setField(underTest, "limitedAdminRole", "ROLE_LIMITED_CLUSTER_ADMIN");
    ReflectionTestUtils.setField(underTest, "userRole", "ROLE_USER");
    ReflectionTestUtils.setField(underTest, "dashboardUserRole", "ROLE_DASHBOARD_USER");
    LdapView ldapConfig = getLdapConfig();
    VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(TestConstants.CRN, "");
    ApiAuthRoleMetadataList apiAuthRoleMetadataList = new ApiAuthRoleMetadataList().addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_LIMITED_CLUSTER_ADMIN").uuid("uuid").role("ROLE_LIMITED_CLUSTER_ADMIN"));
    apiAuthRoleMetadataList.addItemsItem(new ApiAuthRoleMetadata().displayName("ROLE_ADMIN").uuid("uuid").role("ROLE_ADMIN"));
    when(authRolesResourceApi.readAuthRolesMetadata(null)).thenReturn(apiAuthRoleMetadataList);
    when(virtualGroupService.createOrGetVirtualGroup(virtualGroupRequest, UmsVirtualGroupRight.CLOUDER_MANAGER_ADMIN)).thenReturn("virtualGroup");
    // WHEN
    underTest.setupLdap(stack, cluster, httpClientConfig, ldapConfig, virtualGroupRequest);
    // THEN
    ArgumentCaptor<ApiExternalUserMappingList> apiExternalUserMappingListArgumentCaptor = ArgumentCaptor.forClass(ApiExternalUserMappingList.class);
    verify(externalUserMappingsResourceApi).createExternalUserMappings(apiExternalUserMappingListArgumentCaptor.capture());
    ApiExternalUserMapping apiExternalUserMapping = apiExternalUserMappingListArgumentCaptor.getValue().getItems().get(0);
    ApiAuthRoleRef authRole = apiExternalUserMapping.getAuthRoles().get(0);
    assertEquals("ROLE_LIMITED_CLUSTER_ADMIN", authRole.getDisplayName());
    assertEquals("uuid", authRole.getUuid());
    assertEquals("virtualGroup", apiExternalUserMapping.getName());
}
Also used : ApiAuthRoleMetadataList(com.cloudera.api.swagger.model.ApiAuthRoleMetadataList) ApiExternalUserMappingList(com.cloudera.api.swagger.model.ApiExternalUserMappingList) ApiAuthRoleRef(com.cloudera.api.swagger.model.ApiAuthRoleRef) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) ApiAuthRoleMetadata(com.cloudera.api.swagger.model.ApiAuthRoleMetadata) ApiExternalUserMapping(com.cloudera.api.swagger.model.ApiExternalUserMapping) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) Test(org.junit.Test)

Example 14 with LdapView

use of com.sequenceiq.cloudbreak.dto.LdapView in project cloudbreak by hortonworks.

the class StackV4RequestToTemplatePreparationObjectConverter method convert.

public TemplatePreparationObject convert(StackV4Request source) {
    try {
        CloudbreakUser cloudbreakUser = restRequestThreadLocalService.getCloudbreakUser();
        User user = userService.getOrCreate(cloudbreakUser);
        Workspace workspace = workspaceService.get(restRequestThreadLocalService.getRequestedWorkspaceId(), user);
        DetailedEnvironmentResponse environment = environmentClientService.getByCrn(source.getEnvironmentCrn());
        Credential credential = getCredential(source, environment);
        LdapView ldapConfig = getLdapConfig(source, environment);
        BaseFileSystemConfigurationsView fileSystemConfigurationView = getFileSystemConfigurationView(source, credential.getAttributes());
        Set<RDSConfig> rdsConfigs = getRdsConfigs(source, workspace);
        Blueprint blueprint = getBlueprint(source, workspace);
        Set<HostgroupView> hostgroupViews = getHostgroupViews(source);
        Gateway gateway = source.getCluster().getGateway() == null ? null : stackV4RequestToGatewayConverter.convert(source);
        BlueprintView blueprintView = blueprintViewProvider.getBlueprintView(blueprint);
        Optional<String> version = Optional.ofNullable(blueprintView.getVersion());
        GeneralClusterConfigs generalClusterConfigs = generalClusterConfigsProvider.generalClusterConfigs(source, cloudbreakUser.getEmail(), blueprintService.getBlueprintVariant(blueprint));
        String gatewaySignKey = null;
        if (gateway != null) {
            gatewaySignKey = gateway.getSignKey();
        }
        String envCrnForVirtualGroups = getEnvironmentCrnForVirtualGroups(environment);
        VirtualGroupRequest virtualGroupRequest = new VirtualGroupRequest(envCrnForVirtualGroups, ldapConfig != null ? ldapConfig.getAdminGroup() : "");
        Builder builder = Builder.builder().withCloudPlatform(source.getCloudPlatform()).withRdsConfigs(rdsConfigs).withHostgroupViews(hostgroupViews).withGateway(gateway, gatewaySignKey, exposedServiceCollector.getAllKnoxExposed(version)).withBlueprintView(blueprintView).withFileSystemConfigurationView(fileSystemConfigurationView).withGeneralClusterConfigs(generalClusterConfigs).withLdapConfig(ldapConfig).withCustomInputs(source.getInputs()).withKerberosConfig(getKerberosConfig(source, environment)).withStackType(source.getType()).withVirtualGroupView(virtualGroupRequest);
        decorateBuilderWithPlacement(source, builder);
        decorateBuilderWithAccountMapping(source, environment, credential, builder);
        decorateBuilderWithProductDetails(source, builder);
        decorateDatalakeView(source, builder);
        return builder.build();
    } catch (BlueprintProcessingException | IOException e) {
        throw new CloudbreakServiceException(e.getMessage(), e);
    }
}
Also used : BlueprintProcessingException(com.sequenceiq.cloudbreak.template.BlueprintProcessingException) CloudCredential(com.sequenceiq.cloudbreak.cloud.model.CloudCredential) Credential(com.sequenceiq.cloudbreak.dto.credential.Credential) CloudbreakUser(com.sequenceiq.cloudbreak.common.user.CloudbreakUser) User(com.sequenceiq.cloudbreak.workspace.model.User) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) BaseFileSystemConfigurationsView(com.sequenceiq.cloudbreak.template.filesystem.BaseFileSystemConfigurationsView) RDSConfig(com.sequenceiq.cloudbreak.domain.RDSConfig) Blueprint(com.sequenceiq.cloudbreak.domain.Blueprint) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) CloudbreakServiceException(com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException) Builder(com.sequenceiq.cloudbreak.template.TemplatePreparationObject.Builder) IOException(java.io.IOException) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) DetailedEnvironmentResponse(com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse) CloudbreakUser(com.sequenceiq.cloudbreak.common.user.CloudbreakUser) HostgroupView(com.sequenceiq.cloudbreak.template.views.HostgroupView) Workspace(com.sequenceiq.cloudbreak.workspace.model.Workspace)

Example 15 with LdapView

use of com.sequenceiq.cloudbreak.dto.LdapView in project cloudbreak by hortonworks.

the class KnoxGatewayConfigProviderTest method roleConfigsWithGatewayWithLdapConfigWhenOdbcEntitlementFalse.

@Test
public void roleConfigsWithGatewayWithLdapConfigWhenOdbcEntitlementFalse() {
    Gateway gateway = new Gateway();
    gateway.setKnoxMasterSecret("admin");
    gateway.setPath("/a/b/c");
    IdBroker idBroker = new IdBroker();
    idBroker.setMasterSecret("supersecret");
    BlueprintTextProcessor blueprintTextProcessor = mock(BlueprintTextProcessor.class);
    LdapView ldapConfig = LdapViewBuilder.aLdapView().build();
    BlueprintView blueprintView = new BlueprintView("text", "7.2.11", "CDH", blueprintTextProcessor);
    GeneralClusterConfigs generalClusterConfigs = new GeneralClusterConfigs();
    generalClusterConfigs.setAccountId(Optional.of("1234"));
    TemplatePreparationObject source = Builder.builder().withGateway(gateway, "key", new HashSet<>()).withLdapConfig(ldapConfig).withGeneralClusterConfigs(generalClusterConfigs).withBlueprintView(blueprintView).withVirtualGroupView(new VirtualGroupRequest(TestConstants.CRN, "")).withProductDetails(new ClouderaManagerRepo().withVersion("7.4.2"), List.of(new ClouderaManagerProduct().withVersion("7.2.10").withName("CDH"))).withIdBroker(idBroker).build();
    when(virtualGroupService.createOrGetVirtualGroup(source.getVirtualGroupRequest(), UmsVirtualGroupRight.KNOX_ADMIN)).thenReturn("knox_admins");
    when(entitlementService.isOjdbcTokenDhOneHour(anyString())).thenReturn(false);
    assertEquals(List.of(config("idbroker_master_secret", "supersecret"), config("idbroker_gateway_knox_admin_groups", "knox_admins"), config("idbroker_gateway_signing_keystore_name", "signing.jks"), config("idbroker_gateway_signing_keystore_type", "JKS"), config("idbroker_gateway_signing_key_alias", "signing-identity")), underTest.getRoleConfigs(KnoxRoles.IDBROKER, source));
    assertEquals(List.of(config("gateway_master_secret", gateway.getKnoxMasterSecret()), config("gateway_default_topology_name", "cdp-proxy"), config("gateway_knox_admin_groups", "knox_admins"), config("gateway_auto_discovery_enabled", "false"), config("gateway_path", gateway.getPath()), config("gateway_signing_keystore_name", "signing.jks"), config("gateway_signing_keystore_type", "JKS"), config("gateway_signing_key_alias", "signing-identity"), config("gateway_dispatch_whitelist", "^*.*$"), config("gateway_token_generation_enable_lifespan_input", "true"), config("gateway_token_generation_knox_token_ttl", "86400000"), config("gateway_service_tokenstate_impl", "org.apache.knox.gateway.services.token.impl.JDBCTokenStateService")), ThreadBasedUserCrnProvider.doAs(TEST_USER_CRN, () -> underTest.getRoleConfigs(KnoxRoles.KNOX_GATEWAY, source)));
    assertEquals(List.of(), underTest.getRoleConfigs("NAMENODE", source));
}
Also used : TemplatePreparationObject(com.sequenceiq.cloudbreak.template.TemplatePreparationObject) ClouderaManagerRepo(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo) GeneralClusterConfigs(com.sequenceiq.cloudbreak.template.model.GeneralClusterConfigs) VirtualGroupRequest(com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest) Gateway(com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway) BlueprintTextProcessor(com.sequenceiq.cloudbreak.template.processor.BlueprintTextProcessor) BlueprintView(com.sequenceiq.cloudbreak.template.views.BlueprintView) ClouderaManagerProduct(com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct) IdBroker(com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker) LdapView(com.sequenceiq.cloudbreak.dto.LdapView) HashSet(java.util.HashSet) Test(org.junit.Test)

Aggregations

LdapView (com.sequenceiq.cloudbreak.dto.LdapView)15 VirtualGroupRequest (com.sequenceiq.cloudbreak.auth.altus.VirtualGroupRequest)10 Test (org.junit.Test)7 ClouderaManagerRepo (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerRepo)5 Gateway (com.sequenceiq.cloudbreak.domain.stack.cluster.gateway.Gateway)5 ApiAuthRoleMetadataList (com.cloudera.api.swagger.model.ApiAuthRoleMetadataList)4 ApiExternalUserMappingList (com.cloudera.api.swagger.model.ApiExternalUserMappingList)4 IdBroker (com.sequenceiq.cloudbreak.domain.stack.cluster.IdBroker)4 ApiAuthRoleMetadata (com.cloudera.api.swagger.model.ApiAuthRoleMetadata)3 ClouderaManagerProduct (com.sequenceiq.cloudbreak.cloud.model.ClouderaManagerProduct)3 CloudbreakServiceException (com.sequenceiq.cloudbreak.common.exception.CloudbreakServiceException)3 Stack (com.sequenceiq.cloudbreak.domain.stack.Stack)3 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)3 TemplatePreparationObject (com.sequenceiq.cloudbreak.template.TemplatePreparationObject)3 BlueprintView (com.sequenceiq.cloudbreak.template.views.BlueprintView)3 HashMap (java.util.HashMap)3 HashSet (java.util.HashSet)3 ApiAuthRoleRef (com.cloudera.api.swagger.model.ApiAuthRoleRef)2 ApiExternalUserMapping (com.cloudera.api.swagger.model.ApiExternalUserMapping)2 CloudCredential (com.sequenceiq.cloudbreak.cloud.model.CloudCredential)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial