Example 16 with UmsUsersState
use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.
the class UsersStateDifferenceCalculatorTest method testCalculateUsersToEnable.
@Test
void testCalculateUsersToEnable() {
UsersState.Builder umsUsersStateBuilder = new UsersState.Builder();
UsersState.Builder ipaUsersStateBuilder = new UsersState.Builder();
addUserWithState("user1UmsEnabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user2UmsDisabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user3UmsEnabledIpaEnabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user3UmsEnabledIpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user4UmsEnabledIpaDisabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user4UmsEnabledIpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user5UmsDisabledIpaEnabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user5UmsDisabledIpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user6UmsDisabledIpaDisabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user6UmsDisabledIpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user7IpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user8IpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
// also check that we don't change a protected user
addUserWithState(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), ipaUsersStateBuilder, FmsUser.State.DISABLED);
UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(umsUsersStateBuilder.build()).build();
UsersState ipaUsersState = ipaUsersStateBuilder.build();
ImmutableSet<String> usersToEnable = new UserStateDifferenceCalculator().calculateUsersToEnable(umsUsersState, ipaUsersState);
// the users that are enabled in UMS but disabled in IPA are enabled
// new users added to IPA do not need to be enabled
assertFalse(usersToEnable.contains("user1UmsEnabled"));
assertFalse(usersToEnable.contains("user2UmsDisabled"));
assertFalse(usersToEnable.contains("user3UmsEnabledIpaEnabled"));
assertTrue(usersToEnable.contains("user4UmsEnabledIpaDisabled"));
assertFalse(usersToEnable.contains("user5UmsDisabledIpaEnabled"));
assertFalse(usersToEnable.contains("user6UmsDisabledIpaDisabled"));
assertFalse(usersToEnable.contains("user7IpaEnabled"));
assertFalse(usersToEnable.contains("user8IpaDisabled"));
assertFalse(usersToEnable.contains(FreeIpaChecks.IPA_PROTECTED_USERS.get(0)));
}
Also used :
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
Test(org.junit.jupiter.api.Test)
Example 17 with UmsUsersState
use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.
the class UsersStateDifferenceCalculatorTest method testCalculateGroupsToRemove.
@Test
void testCalculateGroupsToRemove() {
FmsGroup groupUms = new FmsGroup().withName("groupUms");
FmsGroup groupWag = new FmsGroup().withName("groupWag");
FmsGroup groupBoth = new FmsGroup().withName("groupBoth");
FmsGroup groupIPA = new FmsGroup().withName("groupIPA");
FmsGroup groupProtected = new FmsGroup().withName(FreeIpaChecks.IPA_PROTECTED_GROUPS.get(0));
UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addGroup(groupUms).addGroup(groupBoth).build()).setWorkloadAdministrationGroups(Set.of(groupWag)).build();
UsersState ipaUsersState = new UsersState.Builder().addGroup(groupBoth).addGroup(groupIPA).addGroup(groupWag).addGroup(groupProtected).build();
ImmutableSet<FmsGroup> groupsToRemove = new UserStateDifferenceCalculator().calculateGroupsToRemove(umsUsersState, ipaUsersState);
// group that exists only in IPA will be removed
assertTrue(groupsToRemove.contains(groupIPA));
// group that exists in IPA will not be removed if the wag still exists in control plane
// even if the group is not calculated to be synced
assertFalse(groupsToRemove.contains(groupWag));
// protected groups will not be removed
assertFalse(groupsToRemove.contains(groupProtected));
// groups that exist in both or only ums will not be removed
assertFalse(groupsToRemove.contains(groupBoth));
assertFalse(groupsToRemove.contains(groupUms));
}
Also used :
FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
Test(org.junit.jupiter.api.Test)
Example 18 with UmsUsersState
use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.
the class UsersStateDifferenceCalculatorTest method testCalculateUsersToDisable.
@Test
void testCalculateUsersToDisable() {
UsersState.Builder umsUsersStateBuilder = new UsersState.Builder();
UsersState.Builder ipaUsersStateBuilder = new UsersState.Builder();
addUserWithState("user1UmsEnabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user2UmsDisabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user3UmsEnabledIpaEnabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user3UmsEnabledIpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user4UmsEnabledIpaDisabled", umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user4UmsEnabledIpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user5UmsDisabledIpaEnabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user5UmsDisabledIpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user6UmsDisabledIpaDisabled", umsUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user6UmsDisabledIpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
addUserWithState("user7IpaEnabled", ipaUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState("user8IpaDisabled", ipaUsersStateBuilder, FmsUser.State.DISABLED);
// also check that we don't change a protected user
addUserWithState(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), umsUsersStateBuilder, FmsUser.State.ENABLED);
addUserWithState(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), ipaUsersStateBuilder, FmsUser.State.DISABLED);
UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(umsUsersStateBuilder.build()).build();
UsersState ipaUsersState = ipaUsersStateBuilder.build();
ImmutableSet<String> usersToDisable = new UserStateDifferenceCalculator().calculateUsersToDisable(umsUsersState, ipaUsersState);
// the users that are disabled in UMS but enabled in IPA are disabled
// new disabled users added to IPA need to be disabled
assertFalse(usersToDisable.contains("user1UmsEnabled"));
assertFalse(usersToDisable.contains("user2UmsDisabled"));
assertFalse(usersToDisable.contains("user3UmsEnabledIpaEnabled"));
assertFalse(usersToDisable.contains("user4UmsEnabledIpaDisabled"));
assertTrue(usersToDisable.contains("user5UmsDisabledIpaEnabled"));
assertFalse(usersToDisable.contains("user6UmsDisabledIpaDisabled"));
assertFalse(usersToDisable.contains("user7IpaEnabled"));
assertFalse(usersToDisable.contains("user8IpaDisabled"));
assertFalse(usersToDisable.contains(FreeIpaChecks.IPA_PROTECTED_USERS.get(0)));
}
Also used :
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
Test(org.junit.jupiter.api.Test)
Example 19 with UmsUsersState
use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.
the class UserSyncForEnvServiceTest method testSyncUsersInterrupted.
@Test
public void testSyncUsersInterrupted() {
Stack stack1 = mock(Stack.class);
when(stack1.getEnvironmentCrn()).thenReturn(ENV_CRN);
UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(), Set.of(), Optional.empty());
UserSyncOptions options = new UserSyncOptions(true, true, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED);
doAnswer(inv -> {
inv.getArgument(2, Runnable.class).run();
return null;
}).when(operationService).tryWithOperationCleanup(eq(OPERATION_ID), eq(ACCOUNT_ID), any(Runnable.class));
UmsUsersState umsUsersState1 = mock(UmsUsersState.class);
when(umsUsersStateProviderDispatcher.getEnvToUmsUsersStateMap(eq(ACCOUNT_ID), eq(Set.of(ENV_CRN)), eq(Set.of()), eq(Set.of()), any())).thenReturn(Map.of(ENV_CRN, umsUsersState1));
when(asyncTaskExecutor.submit(any(Callable.class))).thenAnswer(inv -> {
Future future = mock(Future.class);
when(future.get()).thenThrow(new InterruptedException("interrupt"));
return future;
});
when(umsEventGenerationIdsProvider.getEventGenerationIds(eq(ACCOUNT_ID), any(Optional.class))).thenReturn(new UmsEventGenerationIds());
underTest.synchronizeUsers(OPERATION_ID, ACCOUNT_ID, List.of(stack1), userSyncFilter, options, System.currentTimeMillis());
verifyNoInteractions(userSyncStatusService);
ArgumentCaptor<Collection> successCaptor = ArgumentCaptor.forClass(Collection.class);
ArgumentCaptor<Collection> failureCaptor = ArgumentCaptor.forClass(Collection.class);
verify(operationService).completeOperation(eq(ACCOUNT_ID), eq(OPERATION_ID), successCaptor.capture(), failureCaptor.capture());
assertTrue(successCaptor.getValue().isEmpty());
List<FailureDetails> failures = (List<FailureDetails>) failureCaptor.getValue();
assertThat(failures, allOf(hasItem(allOf(hasProperty("environment", is(ENV_CRN)), hasProperty("message", is("interrupt")), hasProperty("additionalDetails", anEmptyMap())))));
}
Also used :
Optional(java.util.Optional)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
FailureDetails(com.sequenceiq.freeipa.api.v1.freeipa.user.model.FailureDetails)
Callable(java.util.concurrent.Callable)
Stack(com.sequenceiq.freeipa.entity.Stack)
UmsEventGenerationIds(com.sequenceiq.freeipa.service.freeipa.user.model.UmsEventGenerationIds)
UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)
Future(java.util.concurrent.Future)
Collection(java.util.Collection)
List(java.util.List)
Test(org.junit.jupiter.api.Test)
Example 20 with UmsUsersState
use of com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState in project cloudbreak by hortonworks.
the class UserSyncForEnvServiceTest method testSyncUsersFailures.
@Test
public void testSyncUsersFailures() {
Stack stack1 = mock(Stack.class);
when(stack1.getEnvironmentCrn()).thenReturn(ENV_CRN);
Stack stack2 = mock(Stack.class);
when(stack2.getEnvironmentCrn()).thenReturn(ENV_CRN_2);
UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(Set.of(), Set.of(), Optional.empty());
UserSyncOptions options = new UserSyncOptions(true, true, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED);
doAnswer(inv -> {
inv.getArgument(2, Runnable.class).run();
return null;
}).when(operationService).tryWithOperationCleanup(eq(OPERATION_ID), eq(ACCOUNT_ID), any(Runnable.class));
UmsUsersState umsUsersState1 = mock(UmsUsersState.class);
UmsUsersState umsUsersState2 = mock(UmsUsersState.class);
when(umsUsersStateProviderDispatcher.getEnvToUmsUsersStateMap(eq(ACCOUNT_ID), eq(Set.of(ENV_CRN, ENV_CRN_2)), eq(Set.of()), eq(Set.of()), any())).thenReturn(Map.of(ENV_CRN, umsUsersState1, ENV_CRN_2, umsUsersState2));
when(asyncTaskExecutor.submit(any(Callable.class))).thenAnswer(inv -> {
SyncStatusDetail result = (SyncStatusDetail) inv.getArgument(0, Callable.class).call();
Future future = mock(Future.class);
when(future.get()).thenReturn(result);
return future;
});
when(umsEventGenerationIdsProvider.getEventGenerationIds(eq(ACCOUNT_ID), any(Optional.class))).thenReturn(new UmsEventGenerationIds());
when(userSyncForStackService.synchronizeStack(stack1, umsUsersState1, options)).thenReturn(new SyncStatusDetail(ENV_CRN, SynchronizationStatus.FAILED, "fial1", ImmutableMultimap.of(ENV_CRN, "failed1")));
when(userSyncForStackService.synchronizeStack(stack2, umsUsersState2, options)).thenReturn(new SyncStatusDetail(ENV_CRN_2, SynchronizationStatus.REJECTED, "fial2", ImmutableMultimap.of(ENV_CRN_2, "failed2")));
underTest.synchronizeUsers(OPERATION_ID, ACCOUNT_ID, List.of(stack1, stack2), userSyncFilter, options, System.currentTimeMillis());
verifyNoInteractions(userSyncStatusService);
ArgumentCaptor<Collection> successCaptor = ArgumentCaptor.forClass(Collection.class);
ArgumentCaptor<Collection> failureCaptor = ArgumentCaptor.forClass(Collection.class);
verify(operationService).completeOperation(eq(ACCOUNT_ID), eq(OPERATION_ID), successCaptor.capture(), failureCaptor.capture());
assertTrue(successCaptor.getValue().isEmpty());
List<FailureDetails> failures = (List<FailureDetails>) failureCaptor.getValue();
assertThat(failures, allOf(hasItem(allOf(hasProperty("environment", is(ENV_CRN)), hasProperty("message", is("fial1")), hasProperty("additionalDetails", hasEntry(ENV_CRN, "failed1")))), hasItem(allOf(hasProperty("environment", is(ENV_CRN_2)), hasProperty("message", is("Unexpected status: REJECTED")), hasProperty("additionalDetails", hasEntry(ENV_CRN_2, "failed2"))))));
}
Also used :
Optional(java.util.Optional)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
FailureDetails(com.sequenceiq.freeipa.api.v1.freeipa.user.model.FailureDetails)
Callable(java.util.concurrent.Callable)
Stack(com.sequenceiq.freeipa.entity.Stack)
UmsEventGenerationIds(com.sequenceiq.freeipa.service.freeipa.user.model.UmsEventGenerationIds)
SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)
UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)
Future(java.util.concurrent.Future)
Collection(java.util.Collection)
List(java.util.List)
Test(org.junit.jupiter.api.Test)
Aggregations
UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)30
Test (org.junit.jupiter.api.Test)23
UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)19
UserSyncOptions (com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)14
SyncStatusDetail (com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)11
UsersStateDifference (com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)9
Stack (com.sequenceiq.freeipa.entity.Stack)8
UmsEventGenerationIds (com.sequenceiq.freeipa.service.freeipa.user.model.UmsEventGenerationIds)7
Collection (java.util.Collection)7
FailureDetails (com.sequenceiq.freeipa.api.v1.freeipa.user.model.FailureDetails)5
List (java.util.List)5
Optional (java.util.Optional)5
Callable (java.util.concurrent.Callable)5
Future (java.util.concurrent.Future)5
SuccessDetails (com.sequenceiq.freeipa.api.v1.freeipa.user.model.SuccessDetails)4
FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)4
FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)4
Set (java.util.Set)4
TimeoutException (java.util.concurrent.TimeoutException)4
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)3
