Search in sources :

Example 1 with UserMetadata

use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.

the class UserSyncService method getCredentialUpdate.

private WorkloadCredentialUpdate getCredentialUpdate(String username, UmsUsersState umsUsersState) {
    UserMetadata userMetadata = requireNonNull(umsUsersState.getUsersState().getUserMetadataMap().get(username), "userMetadata must not be null");
    WorkloadCredential workloadCredential = requireNonNull(umsUsersState.getUsersWorkloadCredentialMap().get(username), "workloadCredential must not be null");
    return new WorkloadCredentialUpdate(username, userMetadata.getCrn(), workloadCredential);
}
Also used : UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)

Example 2 with UserMetadata

use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.

the class UserSyncStateApplierTest method testApplyDifferenceWithPasswordHashSupport.

@Test
public void testApplyDifferenceWithPasswordHashSupport() throws FreeIpaClientException, TimeoutException {
    UsersState usersState = UsersState.newBuilder().addUserMetadata("userToUpdate1", new UserMetadata("userToUpdate1Crn", 1L)).addUserMetadata("userToUpdate2", new UserMetadata("userToUpdate2Crn", 2L)).build();
    WorkloadCredential workloadCredential1 = mock(WorkloadCredential.class);
    WorkloadCredential workloadCredential2 = mock(WorkloadCredential.class);
    UmsUsersState umsUsersState = UmsUsersState.newBuilder().setUsersState(usersState).addWorkloadCredentials("userToUpdate1", workloadCredential1).addWorkloadCredentials("userToUpdate2", workloadCredential2).build();
    UserSyncOptions userSyncOptions = mock(UserSyncOptions.class);
    UsersStateDifference usersStateDifference = createStateDiff();
    Multimap<String, String> warnings = ArrayListMultimap.create();
    when(userSyncOptions.isFmsToFreeIpaBatchCallEnabled()).thenReturn(Boolean.TRUE);
    Config config = new Config();
    config.setIpauserobjectclasses(Set.of("cdpUserAttr"));
    when(freeIpaClient.getConfig()).thenReturn(config);
    underTest.applyDifference(umsUsersState, ENV_CRN, warnings, usersStateDifference, userSyncOptions, freeIpaClient);
    ArgumentCaptor<Set<WorkloadCredentialUpdate>> credentialUpdateCaptor = ArgumentCaptor.forClass(Set.class);
    verify(workloadCredentialService).setWorkloadCredentials(eq(userSyncOptions), eq(freeIpaClient), credentialUpdateCaptor.capture(), any());
    Set<WorkloadCredentialUpdate> workloadCredentialUpdates = credentialUpdateCaptor.getValue();
    assertThat(workloadCredentialUpdates, allOf(hasItem(allOf(hasProperty("username", is("userToUpdate1")), hasProperty("userCrn", is("userToUpdate1Crn")), hasProperty("workloadCredential", is(workloadCredential1)))), hasItem(allOf(hasProperty("username", is("userToUpdate2")), hasProperty("userCrn", is("userToUpdate2Crn")), hasProperty("workloadCredential", is(workloadCredential2))))));
}
Also used : ImmutableSet(com.google.common.collect.ImmutableSet) Set(java.util.Set) Config(com.sequenceiq.freeipa.client.model.Config) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) Test(org.junit.jupiter.api.Test)

Example 3 with UserMetadata

use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method addIpaUser.

private void addIpaUser(String username, Optional<Long> ipaCredentialsVersion, UsersState.Builder usersStateBuilder) {
    FmsUser fmsUser = new FmsUser().withName(username);
    usersStateBuilder.addUser(fmsUser);
    if (ipaCredentialsVersion.isPresent()) {
        String crn = CrnTestUtil.getUserCrnBuilder().setAccountId(UUID.randomUUID().toString()).setResource(UUID.randomUUID().toString()).build().toString();
        usersStateBuilder.addUserMetadata(username, new UserMetadata(crn, ipaCredentialsVersion.get()));
    }
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)

Example 4 with UserMetadata

use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.

the class FreeIpaUsersStateProviderTest method testGetFilteredFreeIpaState.

@Test
void testGetFilteredFreeIpaState() throws Exception {
    List<String> user1GroupNames = List.of("group1", "group2");
    List<String> user2GroupNames = List.of("group2", "group3", IPA_UNMANAGED_GROUPS.get(0));
    List<String> groupsWithoutMembers = List.of("group4");
    com.sequenceiq.freeipa.client.model.User user1 = createIpaUser("user1", user1GroupNames);
    String userNotFound = "userNotFound";
    Set<com.sequenceiq.freeipa.client.model.Group> groupsFindAll = Stream.of(user1GroupNames.stream(), user2GroupNames.stream(), groupsWithoutMembers.stream(), IPA_UNMANAGED_GROUPS.stream()).flatMap(groupName -> groupName).map(this::createIpaGroup).collect(Collectors.toSet());
    JsonRpcClientException jsonRpcException = new JsonRpcClientException(FreeIpaErrorCodes.NOT_FOUND.getValue(), "group not found", null);
    FreeIpaClientException notFoundException = new FreeIpaClientException("Invoke FreeIPA failed", jsonRpcException);
    when(freeIpaClient.userShow(user1.getUid())).thenReturn(user1);
    when(freeIpaClient.userShow(userNotFound)).thenThrow(notFoundException);
    when(freeIpaClient.groupFindAll()).thenReturn(groupsFindAll);
    Set<String> expectedUsers = Sets.newHashSet(user1.getUid());
    Set<String> expectedGroups = groupsFindAll.stream().map(com.sequenceiq.freeipa.client.model.Group::getCn).filter(groupName -> !IPA_UNMANAGED_GROUPS.contains(groupName)).collect(Collectors.toSet());
    UserMetadata user1Metadata = new UserMetadata("user1-crn", 1L);
    doReturn(Optional.of(user1Metadata)).when(userMetadataConverter).toUserMetadata(argThat(arg -> user1.getUid().equals(arg.getUid())));
    Map<String, UserMetadata> expectedUserMetadata = Map.of(user1.getUid(), user1Metadata);
    UsersState ipaState = underTest.getFilteredFreeIpaState(freeIpaClient, Set.of(user1.getUid(), userNotFound));
    for (FmsUser fmsUser : ipaState.getUsers()) {
        assertTrue(expectedUsers.contains(fmsUser.getName()));
        expectedUsers.remove(fmsUser.getName());
    }
    assertTrue(expectedUsers.isEmpty());
    for (FmsGroup fmsGroup : ipaState.getGroups()) {
        assertTrue(expectedGroups.contains(fmsGroup.getName()));
        expectedGroups.remove(fmsGroup.getName());
    }
    assertTrue(expectedGroups.isEmpty());
    assertEquals(expectedUserMetadata, ipaState.getUserMetadataMap());
}
Also used : FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) IPA_UNMANAGED_GROUPS(com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_UNMANAGED_GROUPS) ArgumentMatchers.argThat(org.mockito.ArgumentMatchers.argThat) Mock(org.mockito.Mock) Pair(org.apache.commons.lang3.tuple.Pair) ExtendWith(org.junit.jupiter.api.extension.ExtendWith) Map(java.util.Map) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) UserMetadataConverter(com.sequenceiq.freeipa.service.freeipa.user.conversion.UserMetadataConverter) Mockito.doReturn(org.mockito.Mockito.doReturn) Stack(com.sequenceiq.freeipa.entity.Stack) InjectMocks(org.mockito.InjectMocks) MockitoExtension(org.mockito.junit.jupiter.MockitoExtension) IPA_PROTECTED_USERS(com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_PROTECTED_USERS) Set(java.util.Set) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) Mockito.when(org.mockito.Mockito.when) UUID(java.util.UUID) FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) Collectors(java.util.stream.Collectors) Maps(com.google.common.collect.Maps) FreeIpaErrorCodes(com.sequenceiq.freeipa.client.FreeIpaErrorCodes) Sets(com.google.common.collect.Sets) Test(org.junit.jupiter.api.Test) List(java.util.List) Stream(java.util.stream.Stream) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException) FreeIpaClientFactory(com.sequenceiq.freeipa.service.freeipa.FreeIpaClientFactory) Optional(java.util.Optional) FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) JsonRpcClientException(com.googlecode.jsonrpc4j.JsonRpcClientException) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) Test(org.junit.jupiter.api.Test)

Example 5 with UserMetadata

use of com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata in project cloudbreak by hortonworks.

the class UserMetadataConverterTest method testToUserMetadataValidInput.

private void testToUserMetadataValidInput(String input, String expectedCrn, long expectedWorkloadCredentialsVersion) {
    User user = new User();
    user.setUid("username");
    user.setTitle(input);
    Optional<UserMetadata> decoded = underTest.toUserMetadata(user);
    assertTrue(decoded.isPresent());
    assertEquals(expectedCrn, decoded.get().getCrn());
    assertEquals(expectedWorkloadCredentialsVersion, decoded.get().getWorkloadCredentialsVersion());
    String encoded = underTest.toUserMetadataJson(decoded.get());
    assertTrue(encoded.contains(expectedCrn));
    assertTrue(encoded.contains(makeValidEncodedMeta(expectedWorkloadCredentialsVersion)));
}
Also used : User(com.sequenceiq.freeipa.client.model.User) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)

Aggregations

UserMetadata (com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)11 Test (org.junit.jupiter.api.Test)5 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)4 User (com.sequenceiq.freeipa.client.model.User)4 FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)4 UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)4 WorkloadCredential (com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)4 Set (java.util.Set)4 FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)3 WorkloadCredentialUpdate (com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate)3 List (java.util.List)3 Map (java.util.Map)3 Maps (com.google.common.collect.Maps)2 Sets (com.google.common.collect.Sets)2 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)2 IPA_PROTECTED_USERS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_PROTECTED_USERS)2 IPA_UNMANAGED_GROUPS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_UNMANAGED_GROUPS)2 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)2 FreeIpaErrorCodes (com.sequenceiq.freeipa.client.FreeIpaErrorCodes)2 Stack (com.sequenceiq.freeipa.entity.Stack)2