use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.
the class UserSyncService method getCredentialUpdate.
private WorkloadCredentialUpdate getCredentialUpdate(String username, UmsUsersState umsUsersState) {
UserMetadata userMetadata = requireNonNull(umsUsersState.getUsersState().getUserMetadataMap().get(username), "userMetadata must not be null");
WorkloadCredential workloadCredential = requireNonNull(umsUsersState.getUsersWorkloadCredentialMap().get(username), "workloadCredential must not be null");
return new WorkloadCredentialUpdate(username, userMetadata.getCrn(), workloadCredential);
}
use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.
the class UserSyncStateApplierTest method testApplyDifferenceWithPasswordHashSupport.
@Test
public void testApplyDifferenceWithPasswordHashSupport() throws FreeIpaClientException, TimeoutException {
UsersState usersState = UsersState.newBuilder().addUserMetadata("userToUpdate1", new UserMetadata("userToUpdate1Crn", 1L)).addUserMetadata("userToUpdate2", new UserMetadata("userToUpdate2Crn", 2L)).build();
WorkloadCredential workloadCredential1 = mock(WorkloadCredential.class);
WorkloadCredential workloadCredential2 = mock(WorkloadCredential.class);
UmsUsersState umsUsersState = UmsUsersState.newBuilder().setUsersState(usersState).addWorkloadCredentials("userToUpdate1", workloadCredential1).addWorkloadCredentials("userToUpdate2", workloadCredential2).build();
UserSyncOptions userSyncOptions = mock(UserSyncOptions.class);
UsersStateDifference usersStateDifference = createStateDiff();
Multimap<String, String> warnings = ArrayListMultimap.create();
when(userSyncOptions.isFmsToFreeIpaBatchCallEnabled()).thenReturn(Boolean.TRUE);
Config config = new Config();
config.setIpauserobjectclasses(Set.of("cdpUserAttr"));
when(freeIpaClient.getConfig()).thenReturn(config);
underTest.applyDifference(umsUsersState, ENV_CRN, warnings, usersStateDifference, userSyncOptions, freeIpaClient);
ArgumentCaptor<Set<WorkloadCredentialUpdate>> credentialUpdateCaptor = ArgumentCaptor.forClass(Set.class);
verify(workloadCredentialService).setWorkloadCredentials(eq(userSyncOptions), eq(freeIpaClient), credentialUpdateCaptor.capture(), any());
Set<WorkloadCredentialUpdate> workloadCredentialUpdates = credentialUpdateCaptor.getValue();
assertThat(workloadCredentialUpdates, allOf(hasItem(allOf(hasProperty("username", is("userToUpdate1")), hasProperty("userCrn", is("userToUpdate1Crn")), hasProperty("workloadCredential", is(workloadCredential1)))), hasItem(allOf(hasProperty("username", is("userToUpdate2")), hasProperty("userCrn", is("userToUpdate2Crn")), hasProperty("workloadCredential", is(workloadCredential2))))));
}
use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.
the class UsersStateDifferenceCalculatorTest method addIpaUser.
private void addIpaUser(String username, Optional<Long> ipaCredentialsVersion, UsersState.Builder usersStateBuilder) {
FmsUser fmsUser = new FmsUser().withName(username);
usersStateBuilder.addUser(fmsUser);
if (ipaCredentialsVersion.isPresent()) {
String crn = CrnTestUtil.getUserCrnBuilder().setAccountId(UUID.randomUUID().toString()).setResource(UUID.randomUUID().toString()).build().toString();
usersStateBuilder.addUserMetadata(username, new UserMetadata(crn, ipaCredentialsVersion.get()));
}
}
use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.
the class FreeIpaUsersStateProviderTest method testGetFilteredFreeIpaState.
@Test
void testGetFilteredFreeIpaState() throws Exception {
List<String> user1GroupNames = List.of("group1", "group2");
List<String> user2GroupNames = List.of("group2", "group3", IPA_UNMANAGED_GROUPS.get(0));
List<String> groupsWithoutMembers = List.of("group4");
com.sequenceiq.freeipa.client.model.User user1 = createIpaUser("user1", user1GroupNames);
String userNotFound = "userNotFound";
Set<com.sequenceiq.freeipa.client.model.Group> groupsFindAll = Stream.of(user1GroupNames.stream(), user2GroupNames.stream(), groupsWithoutMembers.stream(), IPA_UNMANAGED_GROUPS.stream()).flatMap(groupName -> groupName).map(this::createIpaGroup).collect(Collectors.toSet());
JsonRpcClientException jsonRpcException = new JsonRpcClientException(FreeIpaErrorCodes.NOT_FOUND.getValue(), "group not found", null);
FreeIpaClientException notFoundException = new FreeIpaClientException("Invoke FreeIPA failed", jsonRpcException);
when(freeIpaClient.userShow(user1.getUid())).thenReturn(user1);
when(freeIpaClient.userShow(userNotFound)).thenThrow(notFoundException);
when(freeIpaClient.groupFindAll()).thenReturn(groupsFindAll);
Set<String> expectedUsers = Sets.newHashSet(user1.getUid());
Set<String> expectedGroups = groupsFindAll.stream().map(com.sequenceiq.freeipa.client.model.Group::getCn).filter(groupName -> !IPA_UNMANAGED_GROUPS.contains(groupName)).collect(Collectors.toSet());
UserMetadata user1Metadata = new UserMetadata("user1-crn", 1L);
doReturn(Optional.of(user1Metadata)).when(userMetadataConverter).toUserMetadata(argThat(arg -> user1.getUid().equals(arg.getUid())));
Map<String, UserMetadata> expectedUserMetadata = Map.of(user1.getUid(), user1Metadata);
UsersState ipaState = underTest.getFilteredFreeIpaState(freeIpaClient, Set.of(user1.getUid(), userNotFound));
for (FmsUser fmsUser : ipaState.getUsers()) {
assertTrue(expectedUsers.contains(fmsUser.getName()));
expectedUsers.remove(fmsUser.getName());
}
assertTrue(expectedUsers.isEmpty());
for (FmsGroup fmsGroup : ipaState.getGroups()) {
assertTrue(expectedGroups.contains(fmsGroup.getName()));
expectedGroups.remove(fmsGroup.getName());
}
assertTrue(expectedGroups.isEmpty());
assertEquals(expectedUserMetadata, ipaState.getUserMetadataMap());
}
use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.
the class UserMetadataConverterTest method testToUserMetadataValidInput.
private void testToUserMetadataValidInput(String input, String expectedCrn, long expectedWorkloadCredentialsVersion) {
User user = new User();
user.setUid("username");
user.setTitle(input);
Optional<UserMetadata> decoded = underTest.toUserMetadata(user);
assertTrue(decoded.isPresent());
assertEquals(expectedCrn, decoded.get().getCrn());
assertEquals(expectedWorkloadCredentialsVersion, decoded.get().getWorkloadCredentialsVersion());
String encoded = underTest.toUserMetadataJson(decoded.get());
assertTrue(encoded.contains(expectedCrn));
assertTrue(encoded.contains(makeValidEncodedMeta(expectedWorkloadCredentialsVersion)));
}
Aggregations