Examples with UmsUsersState com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState used on opensource projects

Example 6 with UmsUsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateUsersToRemove.

@Test
void testCalculateUsersToRemove() {
    FmsUser userUms = new FmsUser().withName("userUms");
    FmsUser userBoth = new FmsUser().withName("userBoth");
    FmsUser userIPA = new FmsUser().withName("userIPA");
    FmsUser userIPA2 = new FmsUser().withName("userIPA2");
    FmsUser userProtected = new FmsUser().withName(FreeIpaChecks.IPA_PROTECTED_USERS.get(0));
    UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addUser(userUms).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userUms.getName()).addUser(userBoth).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userBoth.getName()).build()).build();
    UsersState ipaUsersState = new UsersState.Builder().addUser(userBoth).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userBoth.getName()).addUser(userIPA).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userIPA.getName()).addUser(userIPA2).addUser(userProtected).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userProtected.getName()).build();
    ImmutableSet<String> usersToRemove = new UserStateDifferenceCalculator().calculateUsersToRemove(umsUsersState, ipaUsersState);
    // the users that exists only in IPA that are members of the CDP_USERSYNC_INTERNAL_GROUP will be removed
    assertTrue(usersToRemove.contains(userIPA.getName()));
    // protected users will be ignored
    assertFalse(usersToRemove.contains(userProtected.getName()));
    // users that exist only in ums, exist in both ums and ipa, or are not members of CDP_USERSYNC_INTERNAL_GROUP will not be removed
    assertFalse(usersToRemove.contains(userUms.getName()));
    assertFalse(usersToRemove.contains(userBoth.getName()));
    assertFalse(usersToRemove.contains(userIPA2.getName()));
}

Example 7 with UmsUsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateUsersToAdd.

@Test
void testCalculateUsersToAdd() {
    FmsUser userUms = new FmsUser().withName("userUms");
    FmsUser userDisabledUms = new FmsUser().withName("userDisabledUms").withState(FmsUser.State.DISABLED);
    FmsUser userProtected = new FmsUser().withName(FreeIpaChecks.IPA_PROTECTED_USERS.get(0));
    FmsUser userBothUms = new FmsUser().withName("userBoth");
    FmsUser userBothIpa = new FmsUser().withName("userBoth");
    FmsUser userIpa = new FmsUser().withName("userIPA");
    FmsUser userSameStateUms = new FmsUser().withName("userSameState").withState(FmsUser.State.DISABLED);
    FmsUser userSameStateIpa = new FmsUser().withName("userSameState").withState(FmsUser.State.DISABLED);
    FmsUser userDifferentStateUms = new FmsUser().withName("userDifferentState").withState(FmsUser.State.ENABLED);
    FmsUser userDifferentStateIpa = new FmsUser().withName("userDifferentState").withState(FmsUser.State.DISABLED);
    UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addUser(userUms).addUser(userDisabledUms).addUser(userProtected).addUser(userBothUms).addUser(userSameStateUms).addUser(userDifferentStateUms).build()).build();
    UsersState ipaUsersState = new UsersState.Builder().addUser(userBothIpa).addUser(userIpa).addUser(userSameStateIpa).addUser(userDifferentStateIpa).build();
    ImmutableSet<FmsUser> usersToAdd = new UserStateDifferenceCalculator().calculateUsersToAdd(umsUsersState, ipaUsersState);
    // the user that exists only in the UMS will be added
    assertTrue(usersToAdd.contains(userUms));
    assertTrue(usersToAdd.contains(userDisabledUms));
    // protected users will be ignored
    assertFalse(usersToAdd.contains(userProtected));
    // users that exist in both or only in ipa will not be added
    assertFalse(usersToAdd.contains(userBothUms));
    assertFalse(usersToAdd.contains(userIpa));
    assertFalse(usersToAdd.contains(userSameStateUms));
    assertFalse(usersToAdd.contains(userDifferentStateUms));
}

Example 8 with UmsUsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.

the class UserSyncForEnvServiceTest method testSyncUsers.

@Test
public void testSyncUsers() {
    Stack stack1 = mock(Stack.class);
    when(stack1.getEnvironmentCrn()).thenReturn(ENV_CRN);
    Stack stack2 = mock(Stack.class);
    when(stack2.getEnvironmentCrn()).thenReturn(ENV_CRN_2);
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(), Set.of(), Optional.empty());
    UserSyncOptions options = new UserSyncOptions(true, true, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED);
    doAnswer(inv -> {
        inv.getArgument(2, Runnable.class).run();
        return null;
    }).when(operationService).tryWithOperationCleanup(eq(OPERATION_ID), eq(ACCOUNT_ID), any(Runnable.class));
    UmsUsersState umsUsersState1 = mock(UmsUsersState.class);
    UmsUsersState umsUsersState2 = mock(UmsUsersState.class);
    when(umsUsersStateProviderDispatcher.getEnvToUmsUsersStateMap(eq(ACCOUNT_ID), eq(Set.of(ENV_CRN, ENV_CRN_2)), eq(Set.of()), eq(Set.of()), any())).thenReturn(Map.of(ENV_CRN, umsUsersState1, ENV_CRN_2, umsUsersState2));
    when(asyncTaskExecutor.submit(any(Callable.class))).thenAnswer(inv -> {
        SyncStatusDetail result = (SyncStatusDetail) inv.getArgument(0, Callable.class).call();
        Future future = mock(Future.class);
        when(future.get()).thenReturn(result);
        return future;
    });
    when(umsEventGenerationIdsProvider.getEventGenerationIds(eq(ACCOUNT_ID), any(Optional.class))).thenReturn(new UmsEventGenerationIds());
    when(userSyncForStackService.synchronizeStack(stack1, umsUsersState1, options)).thenReturn(new SyncStatusDetail(ENV_CRN, SynchronizationStatus.COMPLETED, "", ImmutableMultimap.of()));
    when(userSyncForStackService.synchronizeStack(stack2, umsUsersState2, options)).thenReturn(new SyncStatusDetail(ENV_CRN_2, SynchronizationStatus.COMPLETED, "", ImmutableMultimap.of()));
    when(userSyncStatusService.getOrCreateForStack(stack1)).thenReturn(new UserSyncStatus());
    when(userSyncStatusService.getOrCreateForStack(stack2)).thenReturn(new UserSyncStatus());
    underTest.synchronizeUsers(OPERATION_ID, ACCOUNT_ID, List.of(stack1, stack2), userSyncFilter, options, System.currentTimeMillis());
    verify(umsVirtualGroupCreateService).createVirtualGroups(ACCOUNT_ID, List.of(stack1, stack2));
    verify(userSyncStatusService, times(2)).save(any(UserSyncStatus.class));
    ArgumentCaptor<Collection> successCaptor = ArgumentCaptor.forClass(Collection.class);
    ArgumentCaptor<Collection> failureCaptor = ArgumentCaptor.forClass(Collection.class);
    verify(operationService).completeOperation(eq(ACCOUNT_ID), eq(OPERATION_ID), successCaptor.capture(), failureCaptor.capture());
    assertTrue(failureCaptor.getValue().isEmpty());
    assertTrue(successCaptor.getValue().contains(new SuccessDetails(ENV_CRN)));
    assertTrue(successCaptor.getValue().contains(new SuccessDetails(ENV_CRN_2)));
}

Example 9 with UmsUsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.

the class UserSyncForEnvServiceTest method testSyncUsersTimesOut.

@Test
public void testSyncUsersTimesOut() {
    ReflectionTestUtils.setField(underTest, "operationTimeout", 0L);
    Stack stack1 = mock(Stack.class);
    when(stack1.getEnvironmentCrn()).thenReturn(ENV_CRN);
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(), Set.of(), Optional.empty());
    UserSyncOptions options = new UserSyncOptions(true, true, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED);
    doAnswer(inv -> {
        inv.getArgument(2, Runnable.class).run();
        return null;
    }).when(operationService).tryWithOperationCleanup(eq(OPERATION_ID), eq(ACCOUNT_ID), any(Runnable.class));
    UmsUsersState umsUsersState1 = mock(UmsUsersState.class);
    when(umsUsersStateProviderDispatcher.getEnvToUmsUsersStateMap(eq(ACCOUNT_ID), eq(Set.of(ENV_CRN)), eq(Set.of()), eq(Set.of()), any())).thenReturn(Map.of(ENV_CRN, umsUsersState1));
    Future<?> future = mock(Future.class);
    when(asyncTaskExecutor.submit(any(Callable.class))).thenAnswer(inv -> {
        when(future.get(0L, TimeUnit.MILLISECONDS)).thenThrow(new TimeoutException("timeout"));
        return future;
    });
    when(umsEventGenerationIdsProvider.getEventGenerationIds(eq(ACCOUNT_ID), any(Optional.class))).thenReturn(new UmsEventGenerationIds());
    when(entitlementService.isUserSyncThreadTimeoutEnabled(ACCOUNT_ID)).thenReturn(Boolean.TRUE);
    underTest.synchronizeUsers(OPERATION_ID, ACCOUNT_ID, List.of(stack1), userSyncFilter, options, System.currentTimeMillis());
    verifyNoInteractions(userSyncStatusService);
    ArgumentCaptor<Collection> successCaptor = ArgumentCaptor.forClass(Collection.class);
    ArgumentCaptor<Collection> failureCaptor = ArgumentCaptor.forClass(Collection.class);
    verify(operationService).completeOperation(eq(ACCOUNT_ID), eq(OPERATION_ID), successCaptor.capture(), failureCaptor.capture());
    assertTrue(successCaptor.getValue().isEmpty());
    verify(future).cancel(true);
    List<FailureDetails> failures = (List<FailureDetails>) failureCaptor.getValue();
    assertThat(failures, allOf(hasItem(allOf(hasProperty("environment", is(ENV_CRN)), hasProperty("message", is("Timed out")), hasProperty("additionalDetails", anEmptyMap())))));
}

Example 10 with UmsUsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.

the class UserSyncForStackServiceTest method testSynchronizeStackSuccessPartialAtFirst.

@Test
public void testSynchronizeStackSuccessPartialAtFirst() throws FreeIpaClientException, TimeoutException {
    UmsUsersState umsUsersState = mock(UmsUsersState.class);
    when(umsUsersState.getRequestedWorkloadUsernames()).thenReturn(ImmutableSet.of("user1", "user2"));
    UserSyncOptions options = new UserSyncOptions(false, false, WorkloadCredentialsUpdateType.FORCE_UPDATE);
    UsersState usersState = mock(UsersState.class);
    when(usersState.getUsers()).thenReturn(ImmutableSet.of());
    when(usersState.getGroups()).thenReturn(ImmutableSet.of());
    when(freeIpaUsersStateProvider.getFilteredFreeIpaState(FREE_IPA_CLIENT, Set.of("user1", "user2"))).thenReturn(usersState);
    UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
    when(userStateDifferenceCalculator.fromUmsAndIpaUsersStates(umsUsersState, usersState, options)).thenReturn(usersStateDifference);
    SyncStatusDetail result = underTest.synchronizeStack(STACK, umsUsersState, options);
    verify(freeIpaUsersStateProvider, never()).getUsersState(any());
    verify(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
    verifyNoMoreInteractions(stateApplier);
    verifyNoInteractions(cloudIdentitySyncService);
    verifyNoInteractions(sudoRuleService);
    assertEquals(ENV_CRN, result.getEnvironmentCrn());
    assertEquals(COMPLETED, result.getStatus());
    assertTrue(result.getWarnings().isEmpty());
}