Example 1 with SynchronizeAllUsersRequest
use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.
the class FreeIpaUpgradeTests method syncUsers.
private void syncUsers(TestContext testContext, com.sequenceiq.freeipa.api.client.FreeIpaClient ipaClient, String environmentCrn, String accountId) {
try {
SyncOperationStatus lastSyncOperationStatus = ipaClient.getUserV1Endpoint().getLastSyncOperationStatus(environmentCrn);
if (lastSyncOperationStatus.getStatus() == SynchronizationStatus.RUNNING) {
waitToCompleted(testContext, lastSyncOperationStatus.getOperationId(), "Initial or periodic usersync");
}
SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
request.setAccountId(accountId);
request.setEnvironments(Set.of(environmentCrn));
request.setWorkloadCredentialsUpdateType(WorkloadCredentialsUpdateType.FORCE_UPDATE);
try {
SyncOperationStatus syncOperationStatus = ipaClient.getUserV1Endpoint().synchronizeAllUsers(request);
waitToCompleted(testContext, syncOperationStatus.getOperationId(), "Full forced usersync");
} catch (WebApplicationException e) {
if (e.getResponse() != null && Response.Status.CONFLICT.getStatusCode() == e.getResponse().getStatus()) {
logger.info("Usersync is already running");
} else {
throw e;
}
}
} catch (Exception e) {
logger.error("Full forced usersync test failed during upgrade", e);
throw new TestFailException("Full forced usersync test failed during upgrade with: " + e.getMessage(), e);
}
}
Also used :
WebApplicationException(javax.ws.rs.WebApplicationException)
SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)
TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)
SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)
WebApplicationException(javax.ws.rs.WebApplicationException)
TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)
Example 2 with SynchronizeAllUsersRequest
use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.
the class UserV1ControllerTest method synchronizeAllUsersMultipleDeleteWorkloadUsers.
@Test
void synchronizeAllUsersMultipleDeleteWorkloadUsers() {
Set<String> users = Set.of(USER_CRN);
SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
request.setEnvironments(Set.of());
request.setUsers(users);
request.setDeletedWorkloadUsers(Set.of("workload-user-01", "workload-user-02"));
assertThrows(BadRequestException.class, () -> ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
}
Also used :
SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)
Test(org.junit.jupiter.api.Test)
Example 3 with SynchronizeAllUsersRequest
use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.
the class UserV1ControllerTest method synchronizeAllUsersUnauthorizedAccountId.
@Test
void synchronizeAllUsersUnauthorizedAccountId() {
SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
request.setAccountId(ACCOUNT_ID);
String actorInDifferentAccount = "crn:cdp:iam:us-west-1:" + UUID.randomUUID() + ":user:" + UUID.randomUUID();
assertThrows(AccessDeniedException.class, () -> ThreadBasedUserCrnProvider.doAs(actorInDifferentAccount, () -> underTest.synchronizeAllUsers(request)));
}
Also used :
SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)
Test(org.junit.jupiter.api.Test)
Example 4 with SynchronizeAllUsersRequest
use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.
the class UserV1ControllerTest method synchronizeAllUsersNullDeleteWorkloadUser.
@Test
void synchronizeAllUsersNullDeleteWorkloadUser() {
Set<String> environments = Set.of(ENV_CRN);
Set<String> users = Set.of(USER_CRN);
Set<String> machineUsers = Set.of(MACHINE_USER_CRN);
SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
request.setEnvironments(environments);
request.setUsers(users);
request.setMachineUsers(machineUsers);
request.setWorkloadCredentialsUpdateType(WorkloadCredentialsUpdateType.FORCE_UPDATE);
request.setDeletedWorkloadUsers(null);
Operation operation = mock(Operation.class);
when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
SyncOperationStatus status = mock(SyncOperationStatus.class);
when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
assertEquals(status, ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(users, machineUsers, Optional.empty());
verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, USER_CRN, environments, userSyncFilter, WorkloadCredentialsUpdateType.FORCE_UPDATE, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used :
UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter)
OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus)
SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)
Operation(com.sequenceiq.freeipa.entity.Operation)
SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)
Test(org.junit.jupiter.api.Test)
Example 5 with SynchronizeAllUsersRequest
use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.
the class FreeIpaCommunicator method synchronizeAllUsers.
@Retryable(value = Exception.class, maxAttempts = 5, backoff = @Backoff(delay = 10000))
public SyncOperationStatus synchronizeAllUsers(SynchronizeAllUsersRequest request) {
LOGGER.info("Invoking freeIpa user sync request: {}", request);
String envCrn = request.getEnvironments().iterator().next();
SyncOperationStatus lastSyncStatus = ThreadBasedUserCrnProvider.doAsInternalActor(internalCrnGeneratorFactory.autoscale().getInternalCrnForServiceAsString(), () -> userV1Endpoint.getLastSyncOperationStatus(envCrn));
if (SynchronizationStatus.RUNNING.equals(lastSyncStatus.getStatus())) {
LOGGER.info("There is a user sync operation already running for environment: {} with operationId: {}, " + "skipping request to trigger another user sync", envCrn, lastSyncStatus.getOperationId());
return lastSyncStatus;
} else {
return ThreadBasedUserCrnProvider.doAsInternalActor(internalCrnGeneratorFactory.autoscale().getInternalCrnForServiceAsString(), () -> userV1Endpoint.synchronizeAllUsers(request));
}
}
Also used :
SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)
Retryable(org.springframework.retry.annotation.Retryable)
Aggregations
SynchronizeAllUsersRequest (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)12
Test (org.junit.jupiter.api.Test)10
SyncOperationStatus (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)8
OperationToSyncOperationStatus (com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus)5
Operation (com.sequenceiq.freeipa.entity.Operation)5
UserSyncRequestFilter (com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter)5
MachineUser (com.cloudera.thunderhead.service.usermanagement.UserManagementProto.MachineUser)3
RegionAwareInternalCrnGeneratorFactory (com.sequenceiq.cloudbreak.auth.crn.RegionAwareInternalCrnGeneratorFactory)3
Optional (java.util.Optional)3
Cluster (com.sequenceiq.periscope.domain.Cluster)2
LinkedHashMultimap (com.google.common.collect.LinkedHashMultimap)1
RegionAwareInternalCrnGenerator (com.sequenceiq.cloudbreak.auth.crn.RegionAwareInternalCrnGenerator)1
TestFailException (com.sequenceiq.it.cloudbreak.exception.TestFailException)1
WebApplicationException (javax.ws.rs.WebApplicationException)1
Retryable (org.springframework.retry.annotation.Retryable)1
