Search in sources :

Example 1 with SynchronizeAllUsersRequest

use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.

the class FreeIpaUpgradeTests method syncUsers.

private void syncUsers(TestContext testContext, com.sequenceiq.freeipa.api.client.FreeIpaClient ipaClient, String environmentCrn, String accountId) {
    try {
        SyncOperationStatus lastSyncOperationStatus = ipaClient.getUserV1Endpoint().getLastSyncOperationStatus(environmentCrn);
        if (lastSyncOperationStatus.getStatus() == SynchronizationStatus.RUNNING) {
            waitToCompleted(testContext, lastSyncOperationStatus.getOperationId(), "Initial or periodic usersync");
        }
        SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
        request.setAccountId(accountId);
        request.setEnvironments(Set.of(environmentCrn));
        request.setWorkloadCredentialsUpdateType(WorkloadCredentialsUpdateType.FORCE_UPDATE);
        try {
            SyncOperationStatus syncOperationStatus = ipaClient.getUserV1Endpoint().synchronizeAllUsers(request);
            waitToCompleted(testContext, syncOperationStatus.getOperationId(), "Full forced usersync");
        } catch (WebApplicationException e) {
            if (e.getResponse() != null && Response.Status.CONFLICT.getStatusCode() == e.getResponse().getStatus()) {
                logger.info("Usersync is already running");
            } else {
                throw e;
            }
        }
    } catch (Exception e) {
        logger.error("Full forced usersync test failed during upgrade", e);
        throw new TestFailException("Full forced usersync test failed during upgrade with: " + e.getMessage(), e);
    }
}
Also used : WebApplicationException(javax.ws.rs.WebApplicationException) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException) SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) WebApplicationException(javax.ws.rs.WebApplicationException) TestFailException(com.sequenceiq.it.cloudbreak.exception.TestFailException)

Example 2 with SynchronizeAllUsersRequest

use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersMultipleDeleteWorkloadUsers.

@Test
void synchronizeAllUsersMultipleDeleteWorkloadUsers() {
    Set<String> users = Set.of(USER_CRN);
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setEnvironments(Set.of());
    request.setUsers(users);
    request.setDeletedWorkloadUsers(Set.of("workload-user-01", "workload-user-02"));
    assertThrows(BadRequestException.class, () -> ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
}
Also used : SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 3 with SynchronizeAllUsersRequest

use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersUnauthorizedAccountId.

@Test
void synchronizeAllUsersUnauthorizedAccountId() {
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setAccountId(ACCOUNT_ID);
    String actorInDifferentAccount = "crn:cdp:iam:us-west-1:" + UUID.randomUUID() + ":user:" + UUID.randomUUID();
    assertThrows(AccessDeniedException.class, () -> ThreadBasedUserCrnProvider.doAs(actorInDifferentAccount, () -> underTest.synchronizeAllUsers(request)));
}
Also used : SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 4 with SynchronizeAllUsersRequest

use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersNullDeleteWorkloadUser.

@Test
void synchronizeAllUsersNullDeleteWorkloadUser() {
    Set<String> environments = Set.of(ENV_CRN);
    Set<String> users = Set.of(USER_CRN);
    Set<String> machineUsers = Set.of(MACHINE_USER_CRN);
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setEnvironments(environments);
    request.setUsers(users);
    request.setMachineUsers(machineUsers);
    request.setWorkloadCredentialsUpdateType(WorkloadCredentialsUpdateType.FORCE_UPDATE);
    request.setDeletedWorkloadUsers(null);
    Operation operation = mock(Operation.class);
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    assertEquals(status, ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(users, machineUsers, Optional.empty());
    verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, USER_CRN, environments, userSyncFilter, WorkloadCredentialsUpdateType.FORCE_UPDATE, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) Operation(com.sequenceiq.freeipa.entity.Operation) SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 5 with SynchronizeAllUsersRequest

use of com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest in project cloudbreak by hortonworks.

the class FreeIpaCommunicator method synchronizeAllUsers.

@Retryable(value = Exception.class, maxAttempts = 5, backoff = @Backoff(delay = 10000))
public SyncOperationStatus synchronizeAllUsers(SynchronizeAllUsersRequest request) {
    LOGGER.info("Invoking freeIpa user sync request: {}", request);
    String envCrn = request.getEnvironments().iterator().next();
    SyncOperationStatus lastSyncStatus = ThreadBasedUserCrnProvider.doAsInternalActor(internalCrnGeneratorFactory.autoscale().getInternalCrnForServiceAsString(), () -> userV1Endpoint.getLastSyncOperationStatus(envCrn));
    if (SynchronizationStatus.RUNNING.equals(lastSyncStatus.getStatus())) {
        LOGGER.info("There is a user sync operation already running for environment: {} with operationId: {}, " + "skipping request to trigger another user sync", envCrn, lastSyncStatus.getOperationId());
        return lastSyncStatus;
    } else {
        return ThreadBasedUserCrnProvider.doAsInternalActor(internalCrnGeneratorFactory.autoscale().getInternalCrnForServiceAsString(), () -> userV1Endpoint.synchronizeAllUsers(request));
    }
}
Also used : SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) Retryable(org.springframework.retry.annotation.Retryable)

Aggregations

SynchronizeAllUsersRequest (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)12 Test (org.junit.jupiter.api.Test)10 SyncOperationStatus (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)8 OperationToSyncOperationStatus (com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus)5 Operation (com.sequenceiq.freeipa.entity.Operation)5 UserSyncRequestFilter (com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter)5 MachineUser (com.cloudera.thunderhead.service.usermanagement.UserManagementProto.MachineUser)3 RegionAwareInternalCrnGeneratorFactory (com.sequenceiq.cloudbreak.auth.crn.RegionAwareInternalCrnGeneratorFactory)3 Optional (java.util.Optional)3 Cluster (com.sequenceiq.periscope.domain.Cluster)2 LinkedHashMultimap (com.google.common.collect.LinkedHashMultimap)1 RegionAwareInternalCrnGenerator (com.sequenceiq.cloudbreak.auth.crn.RegionAwareInternalCrnGenerator)1 TestFailException (com.sequenceiq.it.cloudbreak.exception.TestFailException)1 WebApplicationException (javax.ws.rs.WebApplicationException)1 Retryable (org.springframework.retry.annotation.Retryable)1