Search in sources :

Example 6 with UserSyncRequestFilter

use of com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersAsInternalActor.

@Test
void synchronizeAllUsersAsInternalActor() {
    Set<String> environments = Set.of(ENV_CRN);
    Set<String> users = Set.of(USER_CRN);
    Set<String> machineUsers = Set.of(MACHINE_USER_CRN);
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setEnvironments(environments);
    request.setUsers(users);
    request.setMachineUsers(machineUsers);
    request.setAccountId(ACCOUNT_ID);
    Operation operation = mock(Operation.class);
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    assertEquals(status, ThreadBasedUserCrnProvider.doAsInternalActor("crn:altus:iam:us-west-1:altus:user:__internal__actor__", () -> underTest.synchronizeAllUsers(request)));
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(users, machineUsers, Optional.empty());
    verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, "crn:altus:iam:us-west-1:altus:user:__internal__actor__", environments, userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) Operation(com.sequenceiq.freeipa.entity.Operation) SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 7 with UserSyncRequestFilter

use of com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeUserMachineUser.

@Test
void synchronizeUserMachineUser() {
    Operation operation = mock(Operation.class);
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    SynchronizeUserRequest request = mock(SynchronizeUserRequest.class);
    assertEquals(status, ThreadBasedUserCrnProvider.doAs(MACHINE_USER_CRN, () -> underTest.synchronizeUser(request)));
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(), Set.of(MACHINE_USER_CRN), Optional.empty());
    verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, MACHINE_USER_CRN, Set.of(), userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) SynchronizeUserRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeUserRequest) Operation(com.sequenceiq.freeipa.entity.Operation) Test(org.junit.jupiter.api.Test)

Example 8 with UserSyncRequestFilter

use of com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersDeleteWorkloadUser.

@Test
void synchronizeAllUsersDeleteWorkloadUser() {
    Set<String> users = Set.of(USER_CRN);
    String deletedWorkloadUser = "workload-user";
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setEnvironments(Set.of());
    request.setUsers(users);
    request.setDeletedWorkloadUsers(Set.of(deletedWorkloadUser));
    Operation operation = mock(Operation.class);
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    assertEquals(status, ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(users, Set.of(), Optional.of(deletedWorkloadUser));
    verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, USER_CRN, Set.of(), userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) Operation(com.sequenceiq.freeipa.entity.Operation) SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 9 with UserSyncRequestFilter

use of com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeAllUsersRejected.

@Test
void synchronizeAllUsersRejected() {
    Set<String> environments = Set.of(ENV_CRN);
    Set<String> users = Set.of(USER_CRN);
    SynchronizeAllUsersRequest request = new SynchronizeAllUsersRequest();
    request.setEnvironments(environments);
    request.setUsers(users);
    Operation operation = mock(Operation.class);
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(users, Set.of(), Optional.empty());
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, USER_CRN, environments, userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT)).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(status.getStatus()).thenReturn(SynchronizationStatus.REJECTED);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    assertThrows(SyncOperationAlreadyRunningException.class, () -> ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeAllUsers(request)));
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) Operation(com.sequenceiq.freeipa.entity.Operation) SynchronizeAllUsersRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest) Test(org.junit.jupiter.api.Test)

Example 10 with UserSyncRequestFilter

use of com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter in project cloudbreak by hortonworks.

the class UserV1ControllerTest method synchronizeUser.

@Test
void synchronizeUser() {
    Operation operation = mock(Operation.class);
    when(userSyncService.synchronizeUsersWithCustomPermissionCheck(any(), any(), any(), any(), any(), any())).thenReturn(operation);
    SyncOperationStatus status = mock(SyncOperationStatus.class);
    when(operationToSyncOperationStatus.convert(operation)).thenReturn(status);
    SynchronizeUserRequest request = mock(SynchronizeUserRequest.class);
    assertEquals(status, ThreadBasedUserCrnProvider.doAs(USER_CRN, () -> underTest.synchronizeUser(request)));
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(USER_CRN), Set.of(), Optional.empty());
    verify(userSyncService, times(1)).synchronizeUsersWithCustomPermissionCheck(ACCOUNT_ID, USER_CRN, Set.of(), userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) OperationToSyncOperationStatus(com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus) SyncOperationStatus(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus) SynchronizeUserRequest(com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeUserRequest) Operation(com.sequenceiq.freeipa.entity.Operation) Test(org.junit.jupiter.api.Test)

Aggregations

Operation (com.sequenceiq.freeipa.entity.Operation)10 UserSyncRequestFilter (com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter)10 SyncOperationStatus (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SyncOperationStatus)8 OperationToSyncOperationStatus (com.sequenceiq.freeipa.converter.freeipa.user.OperationToSyncOperationStatus)8 Test (org.junit.jupiter.api.Test)8 SynchronizeAllUsersRequest (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeAllUsersRequest)5 SynchronizeUserRequest (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SynchronizeUserRequest)3 CustomPermissionCheck (com.sequenceiq.authorization.annotation.CustomPermissionCheck)2 AccountIdNotNeeded (com.sequenceiq.authorization.annotation.AccountIdNotNeeded)1 CheckPermissionByResourceCrn (com.sequenceiq.authorization.annotation.CheckPermissionByResourceCrn)1 ResourceCrn (com.sequenceiq.authorization.annotation.ResourceCrn)1 Crn (com.sequenceiq.cloudbreak.auth.crn.Crn)1 BadRequestException (com.sequenceiq.cloudbreak.common.exception.BadRequestException)1