Examples with UsersState com.sequenceiq.freeipa.service.freeipa.user.model.UsersState used on opensource projects

Search in sources :

Example 1 with UsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersState in project cloudbreak by hortonworks.

the class UserSyncStateApplierTest method testApplyDifferenceWithPasswordHashSupport.

@Test
public void testApplyDifferenceWithPasswordHashSupport() throws FreeIpaClientException, TimeoutException {
    UsersState usersState = UsersState.newBuilder().addUserMetadata("userToUpdate1", new UserMetadata("userToUpdate1Crn", 1L)).addUserMetadata("userToUpdate2", new UserMetadata("userToUpdate2Crn", 2L)).build();
    WorkloadCredential workloadCredential1 = mock(WorkloadCredential.class);
    WorkloadCredential workloadCredential2 = mock(WorkloadCredential.class);
    UmsUsersState umsUsersState = UmsUsersState.newBuilder().setUsersState(usersState).addWorkloadCredentials("userToUpdate1", workloadCredential1).addWorkloadCredentials("userToUpdate2", workloadCredential2).build();
    UserSyncOptions userSyncOptions = mock(UserSyncOptions.class);
    UsersStateDifference usersStateDifference = createStateDiff();
    Multimap<String, String> warnings = ArrayListMultimap.create();
    when(userSyncOptions.isFmsToFreeIpaBatchCallEnabled()).thenReturn(Boolean.TRUE);
    Config config = new Config();
    config.setIpauserobjectclasses(Set.of("cdpUserAttr"));
    when(freeIpaClient.getConfig()).thenReturn(config);
    underTest.applyDifference(umsUsersState, ENV_CRN, warnings, usersStateDifference, userSyncOptions, freeIpaClient);
    ArgumentCaptor<Set<WorkloadCredentialUpdate>> credentialUpdateCaptor = ArgumentCaptor.forClass(Set.class);
    verify(workloadCredentialService).setWorkloadCredentials(eq(userSyncOptions), eq(freeIpaClient), credentialUpdateCaptor.capture(), any());
    Set<WorkloadCredentialUpdate> workloadCredentialUpdates = credentialUpdateCaptor.getValue();
    assertThat(workloadCredentialUpdates, allOf(hasItem(allOf(hasProperty("username", is("userToUpdate1")), hasProperty("userCrn", is("userToUpdate1Crn")), hasProperty("workloadCredential", is(workloadCredential1)))), hasItem(allOf(hasProperty("username", is("userToUpdate2")), hasProperty("userCrn", is("userToUpdate2Crn")), hasProperty("workloadCredential", is(workloadCredential2))))));
}
Also used : ImmutableSet(com.google.common.collect.ImmutableSet) Set(java.util.Set) Config(com.sequenceiq.freeipa.client.model.Config) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) Test(org.junit.jupiter.api.Test)

Example 2 with UsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateUsersWithCredentialsToUpdate.

private void testCalculateUsersWithCredentialsToUpdate(boolean updatedOptimizationEnabled) {
    UmsUsersState.Builder umsUsersStateBuilder = UmsUsersState.newBuilder();
    UsersState.Builder usersStateBuilderForUms = UsersState.newBuilder();
    UsersState.Builder usersStateBuilderForIpa = UsersState.newBuilder();
    FmsUser userUms = addUmsUser("userUms", 1L, umsUsersStateBuilder, usersStateBuilderForUms);
    FmsUser userWithNoIpaMetadata = addUmsUser("userWithNoIpaMetadata", 0L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithNoIpaMetadata.getName(), Optional.empty(), usersStateBuilderForIpa);
    FmsUser userWithStaleIpaCredentials = addUmsUser("userWithStaleIpaCredentials", 2L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithStaleIpaCredentials.getName(), Optional.of(1L), usersStateBuilderForIpa);
    FmsUser userWithUpToDateIpaCredentials = addUmsUser("userWithUpToDateIpaCredentials", 5L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userWithUpToDateIpaCredentials.getName(), Optional.of(5L), usersStateBuilderForIpa);
    FmsUser userProtected = addUmsUser(FreeIpaChecks.IPA_PROTECTED_USERS.get(0), 0L, umsUsersStateBuilder, usersStateBuilderForUms);
    addIpaUser(userProtected.getName(), Optional.empty(), usersStateBuilderForIpa);
    UmsUsersState umsUsersState = umsUsersStateBuilder.setUsersState(usersStateBuilderForUms.build()).build();
    UsersState ipaUsersState = usersStateBuilderForIpa.build();
    ImmutableSet<String> usersWithCredentialsToUpdate = new UserStateDifferenceCalculator().calculateUsersWithCredentialsToUpdate(umsUsersState, ipaUsersState, updatedOptimizationEnabled);
    // User that exists only in UMS requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userUms.getName()));
    // User whose IPA credentials version is unknown requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userWithNoIpaMetadata.getName()));
    // User with stale IPA credentials requires credentials update
    assertTrue(usersWithCredentialsToUpdate.contains(userWithStaleIpaCredentials.getName()));
    // User with up-to-date IPA credentials requires credentials update if update optimization is disabled
    assertEquals(!updatedOptimizationEnabled, usersWithCredentialsToUpdate.contains(userWithUpToDateIpaCredentials.getName()));
    // We never update credentials for protected users
    assertFalse(usersWithCredentialsToUpdate.contains(userProtected.getName()));
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)

Example 3 with UsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateGroupsToAdd.

@Test
void testCalculateGroupsToAdd() {
    FmsGroup groupUms = new FmsGroup().withName("groupUms");
    FmsGroup groupWag = new FmsGroup().withName("groupWag");
    FmsGroup groupBoth = new FmsGroup().withName("groupBoth");
    FmsGroup groupIPA = new FmsGroup().withName("groupIPA");
    FmsGroup groupProtected = new FmsGroup().withName(FreeIpaChecks.IPA_PROTECTED_GROUPS.get(0));
    UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addGroup(groupUms).addGroup(groupBoth).addGroup(groupProtected).build()).setWorkloadAdministrationGroups(Set.of(groupWag)).build();
    UsersState ipaUsersState = new UsersState.Builder().addGroup(groupBoth).addGroup(groupIPA).build();
    ImmutableSet<FmsGroup> groupsToAdd = new UserStateDifferenceCalculator().calculateGroupsToAdd(umsUsersState, ipaUsersState);
    // group that exists only in UMS will be added
    assertTrue(groupsToAdd.contains(groupUms));
    // protected groups will be ignored
    assertFalse(groupsToAdd.contains(groupProtected));
    // extra wags will not be added
    assertFalse(groupsToAdd.contains(groupWag));
    // groups that exist in both or only ipa will not be added
    assertFalse(groupsToAdd.contains(groupBoth));
    assertFalse(groupsToAdd.contains(groupIPA));
}
Also used : FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) Test(org.junit.jupiter.api.Test)

Example 4 with UsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateGroupMembershipsToAdd.

@Test
void testCalculateGroupMembershipsToAdd() {
    String group = "group";
    String unmanagedGroup = FreeIpaChecks.IPA_UNMANAGED_GROUPS.get(0);
    String userUms = "userUms";
    String userBoth = "userBoth";
    String userIPA = "userIPA";
    UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addMemberToGroup(group, userUms).addMemberToGroup(group, userBoth).addMemberToGroup(unmanagedGroup, userUms).build()).build();
    UsersState ipaUsersState = new UsersState.Builder().addMemberToGroup(group, userBoth).addMemberToGroup(group, userIPA).build();
    ImmutableMultimap<String, String> groupMembershipsToAdd = new UserStateDifferenceCalculator().calculateGroupMembershipToAdd(umsUsersState, ipaUsersState);
    // group that exists only in UMS will be added
    assertTrue(groupMembershipsToAdd.get(group).contains(userUms));
    // unmanaged groups will be ignored
    assertFalse(groupMembershipsToAdd.get(unmanagedGroup).contains(userUms));
    // groups that exist in both or only ipa will not be added
    assertFalse(groupMembershipsToAdd.get(group).contains(userBoth));
    assertFalse(groupMembershipsToAdd.get(group).contains(userIPA));
}
Also used : UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) Test(org.junit.jupiter.api.Test)

Example 5 with UsersState

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersState in project cloudbreak by hortonworks.

the class UsersStateDifferenceCalculatorTest method testCalculateUsersToRemove.

@Test
void testCalculateUsersToRemove() {
    FmsUser userUms = new FmsUser().withName("userUms");
    FmsUser userBoth = new FmsUser().withName("userBoth");
    FmsUser userIPA = new FmsUser().withName("userIPA");
    FmsUser userIPA2 = new FmsUser().withName("userIPA2");
    FmsUser userProtected = new FmsUser().withName(FreeIpaChecks.IPA_PROTECTED_USERS.get(0));
    UmsUsersState umsUsersState = new UmsUsersState.Builder().setUsersState(new UsersState.Builder().addUser(userUms).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userUms.getName()).addUser(userBoth).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userBoth.getName()).build()).build();
    UsersState ipaUsersState = new UsersState.Builder().addUser(userBoth).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userBoth.getName()).addUser(userIPA).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userIPA.getName()).addUser(userIPA2).addUser(userProtected).addMemberToGroup(UserSyncConstants.CDP_USERSYNC_INTERNAL_GROUP, userProtected.getName()).build();
    ImmutableSet<String> usersToRemove = new UserStateDifferenceCalculator().calculateUsersToRemove(umsUsersState, ipaUsersState);
    // the users that exists only in IPA that are members of the CDP_USERSYNC_INTERNAL_GROUP will be removed
    assertTrue(usersToRemove.contains(userIPA.getName()));
    // protected users will be ignored
    assertFalse(usersToRemove.contains(userProtected.getName()));
    // users that exist only in ums, exist in both ums and ipa, or are not members of CDP_USERSYNC_INTERNAL_GROUP will not be removed
    assertFalse(usersToRemove.contains(userUms.getName()));
    assertFalse(usersToRemove.contains(userBoth.getName()));
    assertFalse(usersToRemove.contains(userIPA2.getName()));
}
Also used : FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) Test(org.junit.jupiter.api.Test)

Aggregations

UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)27 UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)23 Test (org.junit.jupiter.api.Test)19 UsersStateDifference (com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)11 FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)10 FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)8 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)7 SyncStatusDetail (com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)7 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)6 UserSyncOptions (com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)6 Set (java.util.Set)6 UserMetadata (com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)4 IPA_PROTECTED_USERS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_PROTECTED_USERS)3 IPA_UNMANAGED_GROUPS (com.sequenceiq.freeipa.client.FreeIpaChecks.IPA_UNMANAGED_GROUPS)3 Stack (com.sequenceiq.freeipa.entity.Stack)3 FreeIpaClientFactory (com.sequenceiq.freeipa.service.freeipa.FreeIpaClientFactory)3 UserMetadataConverter (com.sequenceiq.freeipa.service.freeipa.user.conversion.UserMetadataConverter)3 Collection (java.util.Collection)3 UserManagementProto (com.cloudera.thunderhead.service.usermanagement.UserManagementProto)2 ImmutableSet (com.google.common.collect.ImmutableSet)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial