Example 11 with RoleRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest in project cloudbreak by hortonworks.
the class KerberosMgmtRoleComponentV1Test method testAddRoleAndPrivilegesForHostWithRole.
@Test
public void testAddRoleAndPrivilegesForHostWithRole() throws Exception {
Host host = new Host();
host.setFqdn(HOST);
RoleRequest roleRequest = new RoleRequest();
roleRequest.setRoleName(ROLE);
Set<String> privileges = new HashSet<>();
privileges.add(PRIVILEGE1);
privileges.add(PRIVILEGE2);
roleRequest.setPrivileges(privileges);
Role role = new Role();
role.setCn(ROLE);
Mockito.when(mockIpaClient.addRole(anyString())).thenReturn(role);
Privilege privilege = new Privilege();
Set<String> hosts = new HashSet<>();
hosts.add(HOST);
Set<String> noServices = new HashSet<>();
Mockito.when(mockIpaClient.showRole(roleRequest.getRoleName())).thenThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(NOT_FOUND, "notfound", null))).thenReturn(role);
Mockito.when(mockIpaClient.showPrivilege(any())).thenReturn(privilege);
Mockito.when(mockIpaClient.addRolePrivileges(any(), any())).thenReturn(role);
Mockito.when(mockIpaClient.addRoleMember(any(), any(), any(), any(), any(), any())).thenReturn(role);
underTest.addRoleAndPrivileges(Optional.empty(), Optional.of(host), roleRequest, mockIpaClient);
Mockito.verify(mockIpaClient).addRole(ROLE);
Mockito.verify(mockIpaClient).addRolePrivileges(ROLE, privileges);
Mockito.verify(mockIpaClient).addRoleMember(ROLE, null, null, hosts, null, noServices);
}
Also used :
Role(com.sequenceiq.freeipa.client.model.Role)
JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException)
FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException)
Host(com.sequenceiq.freeipa.client.model.Host)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
Privilege(com.sequenceiq.freeipa.client.model.Privilege)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
HashSet(java.util.HashSet)
Test(org.junit.jupiter.api.Test)
Example 12 with RoleRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest in project cloudbreak by hortonworks.
the class KerberosMgmtRoleComponentV1Test method testAddRoleAndPrivilegesForHostWithException.
@Test
public void testAddRoleAndPrivilegesForHostWithException() throws Exception {
Host host = new Host();
host.setFqdn(HOST);
RoleRequest roleRequest = new RoleRequest();
roleRequest.setRoleName(ROLE);
Set<String> privileges = new HashSet<>();
privileges.add(PRIVILEGE1);
privileges.add(PRIVILEGE2);
roleRequest.setPrivileges(privileges);
Role role = new Role();
role.setCn(ROLE);
Mockito.when(mockIpaClient.addRole(anyString())).thenThrow(new FreeIpaClientException("expected"));
Mockito.when(mockIpaClient.showRole(roleRequest.getRoleName())).thenThrow(new FreeIpaClientException("notfound", new JsonRpcClientException(NOT_FOUND, "notfound", null))).thenReturn(role);
assertThrows(FreeIpaClientException.class, () -> underTest.addRoleAndPrivileges(Optional.empty(), Optional.of(host), roleRequest, mockIpaClient));
}
Also used :
Role(com.sequenceiq.freeipa.client.model.Role)
JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException)
FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException)
Host(com.sequenceiq.freeipa.client.model.Host)
ArgumentMatchers.anyString(org.mockito.ArgumentMatchers.anyString)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
HashSet(java.util.HashSet)
Test(org.junit.jupiter.api.Test)
Example 13 with RoleRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest in project cloudbreak by hortonworks.
the class HostKeytabServiceTest method testGenerateHostKeytabPrivilegeDoesntExist.
@Test
public void testGenerateHostKeytabPrivilegeDoesntExist() throws FreeIpaClientException {
HostKeytabRequest request = new HostKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setRoleRequest(new RoleRequest());
Stack stack = new Stack();
when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.FALSE);
assertThrows(BadRequestException.class, () -> underTest.generateHostKeytab(request, ACCOUNT_ID));
}
Also used :
HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)
FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Stack(com.sequenceiq.freeipa.entity.Stack)
Test(org.junit.jupiter.api.Test)
Example 14 with RoleRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest in project cloudbreak by hortonworks.
the class HostKeytabServiceTest method testGetExistingHostKeytabRoleRequestSet.
@Test
public void testGetExistingHostKeytabRoleRequestSet() {
HostKeytabRequest request = new HostKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setRoleRequest(new RoleRequest());
assertThrows(BadRequestException.class, () -> underTest.getExistingHostKeytab(request, ACCOUNT_ID));
}
Also used :
HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Test(org.junit.jupiter.api.Test)
Example 15 with RoleRequest
use of com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest in project cloudbreak by hortonworks.
the class HostKeytabServiceTest method testGenerateHostKeytabHostDontHaveKeytab.
@Test
public void testGenerateHostKeytabHostDontHaveKeytab() throws FreeIpaClientException {
HostKeytabRequest request = new HostKeytabRequest();
request.setEnvironmentCrn(ENVIRONMENT_CRN);
request.setRoleRequest(new RoleRequest());
request.setDoNotRecreateKeytab(Boolean.TRUE);
request.setServerHostName("asdf");
Stack stack = new Stack();
when(keytabCommonService.getFreeIpaStackWithMdcContext(request.getEnvironmentCrn(), ACCOUNT_ID)).thenReturn(stack);
FreeIpaClient freeIpaClient = mock(FreeIpaClient.class);
when(freeIpaClientFactory.getFreeIpaClientForStack(stack)).thenReturn(freeIpaClient);
when(roleComponent.privilegesExist(request.getRoleRequest(), freeIpaClient)).thenReturn(Boolean.TRUE);
Host host = new Host();
host.setHasKeytab(Boolean.FALSE);
host.setKrbprincipalname("dfdf");
when(keytabCommonService.addHost(request.getServerHostName(), request.getRoleRequest(), freeIpaClient)).thenReturn(host);
KeytabCache keytabCache = mock(KeytabCache.class);
Secret keytabSecret = new Secret("keytab", "keytabSecret");
Secret principalSecret = new Secret("principal", "principalSecret");
when(keytabCache.getKeytab()).thenReturn(keytabSecret);
when(keytabCache.getPrincipal()).thenReturn(principalSecret);
when(keytabCommonService.getKeytab(request.getEnvironmentCrn(), host.getKrbprincipalname(), request.getServerHostName(), freeIpaClient)).thenReturn(keytabCache);
SecretResponse keytabResponse = new SecretResponse();
keytabResponse.setSecretPath("keytabPath");
when(secretResponseConverter.convert(keytabCache.getKeytab().getSecret())).thenReturn(keytabResponse);
SecretResponse principalResponse = new SecretResponse();
principalResponse.setSecretPath("principalPath");
when(secretResponseConverter.convert(keytabCache.getPrincipal().getSecret())).thenReturn(principalResponse);
HostKeytabResponse response = underTest.generateHostKeytab(request, ACCOUNT_ID);
assertEquals(keytabResponse, response.getKeytab());
assertEquals(principalResponse, response.getHostPrincipal());
}
Also used :
Secret(com.sequenceiq.cloudbreak.service.secret.domain.Secret)
SecretResponse(com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)
HostKeytabResponse(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)
KeytabCache(com.sequenceiq.freeipa.entity.KeytabCache)
HostKeytabRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)
FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient)
Host(com.sequenceiq.freeipa.client.model.Host)
RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)
Stack(com.sequenceiq.freeipa.entity.Stack)
Test(org.junit.jupiter.api.Test)
Aggregations
RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)28
Test (org.junit.jupiter.api.Test)26
FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)17
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)14
Host (com.sequenceiq.freeipa.client.model.Host)13
JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)10
ServiceKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabRequest)8
Service (com.sequenceiq.freeipa.client.model.Service)7
HashSet (java.util.HashSet)7
ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)7
Privilege (com.sequenceiq.freeipa.client.model.Privilege)6
Role (com.sequenceiq.freeipa.client.model.Role)6
HostKeytabRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabRequest)5
ServiceKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.ServiceKeytabResponse)5
RetryableFreeIpaClientException (com.sequenceiq.freeipa.client.RetryableFreeIpaClientException)5
Stack (com.sequenceiq.freeipa.entity.Stack)4
Optional (java.util.Optional)4
Secret (com.sequenceiq.cloudbreak.service.secret.domain.Secret)3
SecretResponse (com.sequenceiq.cloudbreak.service.secret.model.SecretResponse)3
HostKeytabResponse (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.HostKeytabResponse)3
