Example 1 with UsersStateDifference
use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.
the class UserSyncService method retrySyncIfBatchCallHasWarnings.
private void retrySyncIfBatchCallHasWarnings(Stack stack, UmsUsersState umsUsersState, Multimap<String, String> warnings, UserSyncOptions options, FreeIpaClient freeIpaClient, UsersStateDifference usersStateDifferenceBeforeSync) throws FreeIpaClientException {
if (options.isFullSync() && !warnings.isEmpty() && options.isFmsToFreeIpaBatchCallEnabled()) {
UsersStateDifference usersStateDifferenceAfterSync = compareUmsAndFreeIpa(umsUsersState, options, freeIpaClient);
if (usersStateDifferenceChanged(usersStateDifferenceBeforeSync, usersStateDifferenceAfterSync)) {
Multimap<String, String> retryWarnings = ArrayListMultimap.create();
try {
LOGGER.info(String.format("Sync was partially successful for %s, thus we are trying it once again", stack.getResourceCrn()));
applyDifference(umsUsersState, stack.getEnvironmentCrn(), retryWarnings, usersStateDifferenceAfterSync, options, freeIpaClient);
warnings.clear();
} finally {
warnings.putAll(retryWarnings);
}
}
}
}
Also used :
UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)
Example 2 with UsersStateDifference
use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.
the class UserSyncStateApplierTest method createStateDiff.
private UsersStateDifference createStateDiff() {
FmsGroup groupToAdd1 = new FmsGroup().withName("groupToAdd1");
FmsGroup groupToAdd2 = new FmsGroup().withName("groupToAdd2");
FmsGroup groupToRemove1 = new FmsGroup().withName("groupToRemove1");
FmsGroup groupToRemove2 = new FmsGroup().withName("groupToRemove2");
FmsUser userToAdd1 = new FmsUser().withName("userToAdd1").withFirstName("clark").withLastName("kent");
FmsUser userToAdd2 = new FmsUser().withName("userToAdd2").withFirstName("peter").withLastName("parker");
String userToRemove1 = "userToRemove1";
String userToRemove2 = "userToRemove2";
String userToDisable1 = "userToDisable1";
String userToDisable2 = "userToDisable2";
String userToEnable1 = "userToEnable1";
String userToEnable2 = "userToEnable2";
return new UsersStateDifference(ImmutableSet.of(groupToAdd1, groupToAdd2), ImmutableSet.of(groupToRemove1, groupToRemove2), ImmutableSet.of(userToAdd1, userToAdd2), ImmutableSet.of("userToUpdate1", "userToUpdate2"), ImmutableSet.of(userToRemove1, userToRemove2), ImmutableMultimap.<String, String>builder().put(groupToAdd1.getName(), userToAdd1.getName()).put(groupToAdd2.getName(), userToAdd2.getName()).build(), ImmutableMultimap.<String, String>builder().put(groupToRemove1.getName(), userToRemove1).put(groupToRemove2.getName(), userToRemove2).build(), ImmutableSet.of(userToDisable1, userToDisable2), ImmutableSet.of(userToEnable1, userToEnable2));
}
Also used :
FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)
FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)
UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)
Example 3 with UsersStateDifference
use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.
the class UserSyncStateApplierTest method testApplyDifferenceWithPasswordHashSupport.
@Test
public void testApplyDifferenceWithPasswordHashSupport() throws FreeIpaClientException, TimeoutException {
UsersState usersState = UsersState.newBuilder().addUserMetadata("userToUpdate1", new UserMetadata("userToUpdate1Crn", 1L)).addUserMetadata("userToUpdate2", new UserMetadata("userToUpdate2Crn", 2L)).build();
WorkloadCredential workloadCredential1 = mock(WorkloadCredential.class);
WorkloadCredential workloadCredential2 = mock(WorkloadCredential.class);
UmsUsersState umsUsersState = UmsUsersState.newBuilder().setUsersState(usersState).addWorkloadCredentials("userToUpdate1", workloadCredential1).addWorkloadCredentials("userToUpdate2", workloadCredential2).build();
UserSyncOptions userSyncOptions = mock(UserSyncOptions.class);
UsersStateDifference usersStateDifference = createStateDiff();
Multimap<String, String> warnings = ArrayListMultimap.create();
when(userSyncOptions.isFmsToFreeIpaBatchCallEnabled()).thenReturn(Boolean.TRUE);
Config config = new Config();
config.setIpauserobjectclasses(Set.of("cdpUserAttr"));
when(freeIpaClient.getConfig()).thenReturn(config);
underTest.applyDifference(umsUsersState, ENV_CRN, warnings, usersStateDifference, userSyncOptions, freeIpaClient);
ArgumentCaptor<Set<WorkloadCredentialUpdate>> credentialUpdateCaptor = ArgumentCaptor.forClass(Set.class);
verify(workloadCredentialService).setWorkloadCredentials(eq(userSyncOptions), eq(freeIpaClient), credentialUpdateCaptor.capture(), any());
Set<WorkloadCredentialUpdate> workloadCredentialUpdates = credentialUpdateCaptor.getValue();
assertThat(workloadCredentialUpdates, allOf(hasItem(allOf(hasProperty("username", is("userToUpdate1")), hasProperty("userCrn", is("userToUpdate1Crn")), hasProperty("workloadCredential", is(workloadCredential1)))), hasItem(allOf(hasProperty("username", is("userToUpdate2")), hasProperty("userCrn", is("userToUpdate2Crn")), hasProperty("workloadCredential", is(workloadCredential2))))));
}
Also used :
ImmutableSet(com.google.common.collect.ImmutableSet)
Set(java.util.Set)
Config(com.sequenceiq.freeipa.client.model.Config)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)
UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)
WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate)
UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)
Test(org.junit.jupiter.api.Test)
Example 4 with UsersStateDifference
use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.
the class UserSyncForStackServiceTest method testSynchronizeStackSuccessPartialAtFirst.
@Test
public void testSynchronizeStackSuccessPartialAtFirst() throws FreeIpaClientException, TimeoutException {
UmsUsersState umsUsersState = mock(UmsUsersState.class);
when(umsUsersState.getRequestedWorkloadUsernames()).thenReturn(ImmutableSet.of("user1", "user2"));
UserSyncOptions options = new UserSyncOptions(false, false, WorkloadCredentialsUpdateType.FORCE_UPDATE);
UsersState usersState = mock(UsersState.class);
when(usersState.getUsers()).thenReturn(ImmutableSet.of());
when(usersState.getGroups()).thenReturn(ImmutableSet.of());
when(freeIpaUsersStateProvider.getFilteredFreeIpaState(FREE_IPA_CLIENT, Set.of("user1", "user2"))).thenReturn(usersState);
UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
when(userStateDifferenceCalculator.fromUmsAndIpaUsersStates(umsUsersState, usersState, options)).thenReturn(usersStateDifference);
SyncStatusDetail result = underTest.synchronizeStack(STACK, umsUsersState, options);
verify(freeIpaUsersStateProvider, never()).getUsersState(any());
verify(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
verifyNoMoreInteractions(stateApplier);
verifyNoInteractions(cloudIdentitySyncService);
verifyNoInteractions(sudoRuleService);
assertEquals(ENV_CRN, result.getEnvironmentCrn());
assertEquals(COMPLETED, result.getStatus());
assertTrue(result.getWarnings().isEmpty());
}
Also used :
SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)
Test(org.junit.jupiter.api.Test)
Example 5 with UsersStateDifference
use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.
the class UserSyncForStackServiceTest method testSynchronizeStackForDeleteUser.
@Test
public void testSynchronizeStackForDeleteUser() throws FreeIpaClientException, TimeoutException {
UsersState usersState = mock(UsersState.class);
when(usersState.getUsers()).thenReturn(ImmutableSet.of(new FmsUser().withName("deleteMe")));
when(usersState.getGroups()).thenReturn(ImmutableSet.of());
when(usersState.getGroupMembership()).thenReturn(ImmutableMultimap.of("deleteMe", "group"));
when(freeIpaUsersStateProvider.getFilteredFreeIpaState(FREE_IPA_CLIENT, Set.of("deleteMe"))).thenReturn(usersState);
UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
ArgumentCaptor<Collection<String>> captor = ArgumentCaptor.forClass(Collection.class);
when(userStateDifferenceCalculator.forDeletedUser(eq("deleteMe"), captor.capture())).thenReturn(usersStateDifference);
SyncStatusDetail result = underTest.synchronizeStackForDeleteUser(STACK, "deleteMe");
verify(stateApplier).applyStateDifferenceToIpa(eq(ENV_CRN), eq(FREE_IPA_CLIENT), eq(usersStateDifference), any(), eq(false));
assertTrue(captor.getValue().contains("group"));
assertEquals(1, captor.getValue().size());
assertEquals(ENV_CRN, result.getEnvironmentCrn());
assertEquals(COMPLETED, result.getStatus());
assertTrue(result.getWarnings().isEmpty());
}
Also used :
SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)
FmsUser(com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)
Collection(java.util.Collection)
UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)
UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)
UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)
Test(org.junit.jupiter.api.Test)
Aggregations
UsersStateDifference (com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)19
UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)12
UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)11
Test (org.junit.jupiter.api.Test)10
UserSyncOptions (com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)7
FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)6
SyncStatusDetail (com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)6
FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)5
FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)4
TimeoutException (java.util.concurrent.TimeoutException)4
ImmutableSet (com.google.common.collect.ImmutableSet)2
NotFoundException (com.sequenceiq.cloudbreak.common.exception.NotFoundException)2
Config (com.sequenceiq.freeipa.client.model.Config)2
FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)2
Collection (java.util.Collection)2
Set (java.util.Set)2
ExecutionException (java.util.concurrent.ExecutionException)2
ImmutableMultimap (com.google.common.collect.ImmutableMultimap)1
Multimap (com.google.common.collect.Multimap)1
EntitlementService (com.sequenceiq.cloudbreak.auth.altus.EntitlementService)1
