Search in sources :

Example 1 with FmsUser

use of com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser in project cloudbreak by hortonworks.

the class UserSyncService method addUsers.

void addUsers(boolean fmsToFreeipaBatchCallEnabled, FreeIpaClient freeIpaClient, Set<FmsUser> fmsUsers, BiConsumer<String, String> warnings) throws FreeIpaClientException {
    List<UserAddOperation> operations = Lists.newArrayList();
    for (FmsUser fmsUser : fmsUsers) {
        operations.add(UserAddOperation.create(fmsUser.getName(), fmsUser.getFirstName(), fmsUser.getLastName(), fmsUser.getState() == FmsUser.State.DISABLED));
    }
    invokeOperation(operations, fmsToFreeipaBatchCallEnabled, freeIpaClient, warnings, Set.of(FreeIpaErrorCodes.DUPLICATE_ENTRY), true);
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UserAddOperation(com.sequenceiq.freeipa.client.operation.UserAddOperation)

Example 2 with FmsUser

use of com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser in project cloudbreak by hortonworks.

the class UserSyncStateApplierTest method createStateDiff.

private UsersStateDifference createStateDiff() {
    FmsGroup groupToAdd1 = new FmsGroup().withName("groupToAdd1");
    FmsGroup groupToAdd2 = new FmsGroup().withName("groupToAdd2");
    FmsGroup groupToRemove1 = new FmsGroup().withName("groupToRemove1");
    FmsGroup groupToRemove2 = new FmsGroup().withName("groupToRemove2");
    FmsUser userToAdd1 = new FmsUser().withName("userToAdd1").withFirstName("clark").withLastName("kent");
    FmsUser userToAdd2 = new FmsUser().withName("userToAdd2").withFirstName("peter").withLastName("parker");
    String userToRemove1 = "userToRemove1";
    String userToRemove2 = "userToRemove2";
    String userToDisable1 = "userToDisable1";
    String userToDisable2 = "userToDisable2";
    String userToEnable1 = "userToEnable1";
    String userToEnable2 = "userToEnable2";
    return new UsersStateDifference(ImmutableSet.of(groupToAdd1, groupToAdd2), ImmutableSet.of(groupToRemove1, groupToRemove2), ImmutableSet.of(userToAdd1, userToAdd2), ImmutableSet.of("userToUpdate1", "userToUpdate2"), ImmutableSet.of(userToRemove1, userToRemove2), ImmutableMultimap.<String, String>builder().put(groupToAdd1.getName(), userToAdd1.getName()).put(groupToAdd2.getName(), userToAdd2.getName()).build(), ImmutableMultimap.<String, String>builder().put(groupToRemove1.getName(), userToRemove1).put(groupToRemove2.getName(), userToRemove2).build(), ImmutableSet.of(userToDisable1, userToDisable2), ImmutableSet.of(userToEnable1, userToEnable2));
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)

Example 3 with FmsUser

use of com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method addUmsUser.

private FmsUser addUmsUser(String username, long umsCredentialsVersion, UmsUsersState.Builder umsStateBuilder, UsersState.Builder usersStateBuilder) {
    FmsUser fmsUser = new FmsUser().withName(username);
    usersStateBuilder.addUser(fmsUser);
    umsStateBuilder.addWorkloadCredentials(username, UserSyncTestUtils.createWorkloadCredential("hashedPassword", umsCredentialsVersion));
    return fmsUser;
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)

Example 4 with FmsUser

use of com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateUsersWithCredentialsToUpdate.

private void testCalculateUsersWithCredentialsToUpdate(boolean updatedOptimizationEnabled) {
    UmsUsersState.Builder umsUsersStateBuilder = UmsUsersState.newBuilder();
    UsersState.Builder usersStateBuilderForUms = UsersState.newBuilder();
    UsersState.Builder usersStateBuilderForIpa = UsersState.newBuilder();
    FmsUser userUms = addUmsUser("userUms", 1L, umsUsersStateBuilder, usersStateBuilderForUms);
    FmsUser userWithNoIpaMetadata = addUmsUser("userWithNoIpaMetadata", 0L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithNoIpaMetadata.getName(), Optional.empty(), usersStateBuilderForIpa);
    FmsUser userWithStaleIpaCredentials = addUmsUser("userWithStaleIpaCredentials", 2L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithStaleIpaCredentials.getName(), Optional.of(1L), usersStateBuilderForIpa);
    FmsUser userWithUpToDateIpaCredentials = addUmsUser("userWithUpToDateIpaCredentials", 5L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithUpToDateIpaCredentials.getName(), Optional.of(5L), usersStateBuilderForIpa);
    FmsUser userProtected = addUmsUser(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), 0L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userProtected.getName(), Optional.empty(), usersStateBuilderForIpa);
    UmsUsersState umsUsersState = umsUsersStateBuilder.setUsersState(usersStateBuilderForUms.build()).build();
    UsersState ipaUsersState = usersStateBuilderForIpa.build();
    ImmutableSet<String> usersWithCredentialsToUpdate = new UserStateDifferenceCalculator().calculateUsersWithCredentialsToUpdate(umsUsersState, ipaUsersState, updatedOptimizationEnabled);
    // User that exists only in UMS requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userUms.getName()));
    // User whose IPA credentials version is unknown requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userWithNoIpaMetadata.getName()));
    // User with stale IPA credentials requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userWithStaleIpaCredentials.getName()));
    // User with up-to-date IPA credentials requires credentials update if update optimization is disabled
    assertEquals(!updatedOptimizationEnabled, usersWithCredentialsToUpdate.contains(userWithUpToDateIpaCredentials.getName()));
    // We never update credentials for protected users
    assertFalse(usersWithCredentialsToUpdate.contains(userProtected.getName()));
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)

Example 5 with FmsUser

use of com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method addIpaUser.

private void addIpaUser(String username, Optional<Long> ipaCredentialsVersion, UsersState.Builder usersStateBuilder) {
    FmsUser fmsUser = new FmsUser().withName(username);
    usersStateBuilder.addUser(fmsUser);
    if (ipaCredentialsVersion.isPresent()) {
        String crn = CrnTestUtil.getUserCrnBuilder().setAccountId(UUID.randomUUID().toString()).setResource(UUID.randomUUID().toString()).build().toString();
        usersStateBuilder.addUserMetadata(username, new UserMetadata(crn, ipaCredentialsVersion.get()));
    }
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)

Aggregations

FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)42 Test (org.junit.jupiter.api.Test)33 UserManagementProto (com.cloudera.thunderhead.service.usermanagement.UserManagementProto)23 UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)8 FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)6 UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)5 List (java.util.List)5 Map (java.util.Map)5 UserMetadata (com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)4 UsersStateDifference (com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)3 Collection (java.util.Collection)3 Set (java.util.Set)3 Maps (com.google.common.collect.Maps)2 Sets (com.google.common.collect.Sets)2 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)2 IPA_PROTECTED_USERS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_PROTECTED_USERS)2 IPA_UNMANAGED_GROUPS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_UNMANAGED_GROUPS)2 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)2 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)2 FreeIpaErrorCodes (com.sequenceiq.freeipa.client.FreeIpaErrorCodes)2