Examples with Role - com.sequenceiq.freeipa.client.model.Role

Example 11 with Role

use of com.sequenceiq.freeipa.client.model.Role in project cloudbreak by hortonworks.

the class KerberosMgmtRoleComponent method deleteRoleIfItIsNoLongerUsed.

public void deleteRoleIfItIsNoLongerUsed(String role, FreeIpaClient ipaClient) throws FreeIpaClientException {
    if (role != null) {
        Optional<Role> optionalRole = FreeIpaClientExceptionUtil.ignoreNotFoundExceptionWithValue(() -> ipaClient.showRole(role), "Role [{}} not found", role);
        if (optionalRole.isPresent()) {
            Role ipaRole = optionalRole.get();
            List<String> usesOfRole = new ArrayList<>();
            usesOfRole.addAll(ipaRole.getMemberUser());
            usesOfRole.addAll(ipaRole.getMemberGroup());
            usesOfRole.addAll(ipaRole.getMemberHost());
            usesOfRole.addAll(ipaRole.getMemberHostGroup());
            usesOfRole.addAll(ipaRole.getMemberService());
            if (usesOfRole.isEmpty()) {
                FreeIpaClientExceptionUtil.ignoreNotFoundException(() -> ipaClient.deleteRole(role), "The role [{}] does not exist, so it was not deleted.", role);
            } else {
                LOGGER.debug("The role {} is still in use, so it was not deleted.", role);
            }
        }
    }
}

Also used : Role(com.sequenceiq.freeipa.client.model.Role) ArrayList(java.util.ArrayList)

Example 12 with Role

use of com.sequenceiq.freeipa.client.model.Role in project cloudbreak by hortonworks.

the class KerberosMgmtRoleComponent method addRoleAndPrivileges.

public void addRoleAndPrivileges(Optional<Service> service, Optional<Host> host, RoleRequest roleRequest, FreeIpaClient ipaClient) throws FreeIpaClientException {
    if (roleRequest != null && StringUtils.isNotBlank(roleRequest.getRoleName())) {
        Role role = fetchOrCreateRole(roleRequest, ipaClient);
        addPrivilegesToRole(roleRequest.getPrivileges(), ipaClient, role);
        Set<String> servicesToAssignRole = service.stream().filter(s -> s.getMemberOfRole().stream().noneMatch(member -> member.contains(roleRequest.getRoleName()))).map(Service::getKrbcanonicalname).collect(Collectors.toSet());
        Set<String> hostsToAssignRole = host.stream().filter(h -> h.getMemberOfRole().stream().noneMatch(member -> member.contains(roleRequest.getRoleName()))).map(Host::getFqdn).collect(Collectors.toSet());
        LOGGER.debug("Adding role [{}] to host {} and service {}", role.getCn(), hostsToAssignRole, servicesToAssignRole);
        ipaClient.addRoleMember(role.getCn(), null, null, hostsToAssignRole, null, servicesToAssignRole);
    } else {
        LOGGER.debug("RoleRequest or role name is empty, skipping adding privileges. {}", roleRequest);
    }
}

Also used : Role(com.sequenceiq.freeipa.client.model.Role) Logger(org.slf4j.Logger) FreeIpaClientExceptionUtil(com.sequenceiq.freeipa.client.FreeIpaClientExceptionUtil) Privilege(com.sequenceiq.freeipa.client.model.Privilege) LoggerFactory(org.slf4j.LoggerFactory) Set(java.util.Set) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) Collectors(java.util.stream.Collectors) StringUtils(org.apache.commons.lang3.StringUtils) ArrayList(java.util.ArrayList) Service(com.sequenceiq.freeipa.client.model.Service) List(java.util.List) Component(org.springframework.stereotype.Component) FreeIpaClientExceptionWrapper(com.sequenceiq.freeipa.client.FreeIpaClientExceptionWrapper) Host(com.sequenceiq.freeipa.client.model.Host) Role(com.sequenceiq.freeipa.client.model.Role) Optional(java.util.Optional) RoleRequest(com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)

Example 13 with Role

use of com.sequenceiq.freeipa.client.model.Role in project cloudbreak by hortonworks.

the class RoleAddResponse method handleInternal.

@Override
protected Role handleInternal(List<CloudVmMetaDataStatus> metadatas, String body) {
    Role role = new Role();
    role.setCn("roleName");
    role.setMemberUser(List.of());
    role.setMemberGroup(List.of());
    role.setMemberHost(List.of());
    role.setMemberHostGroup(List.of());
    role.setMemberService(List.of());
    return role;
}

Also used : Role(com.sequenceiq.freeipa.client.model.Role)

Aggregations

Role (com.sequenceiq.freeipa.client.model.Role)13 Test (org.junit.jupiter.api.Test)8 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)7 RoleRequest (com.sequenceiq.freeipa.api.v1.kerberosmgmt.model.RoleRequest)6 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)5 Host (com.sequenceiq.freeipa.client.model.Host)5 Privilege (com.sequenceiq.freeipa.client.model.Privilege)5 HashSet (java.util.HashSet)5 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)4 ArrayList (java.util.ArrayList)4 Service (com.sequenceiq.freeipa.client.model.Service)2 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)1 FreeIpaClientExceptionUtil (com.sequenceiq.freeipa.client.FreeIpaClientExceptionUtil)1 FreeIpaClientExceptionWrapper (com.sequenceiq.freeipa.client.FreeIpaClientExceptionWrapper)1 List (java.util.List)1 Optional (java.util.Optional)1 Set (java.util.Set)1 Collectors (java.util.stream.Collectors)1 StringUtils (org.apache.commons.lang3.StringUtils)1 Logger (org.slf4j.Logger)1