Examples with UsersStateDifference com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference used on opensource projects

Search in sources :

Example 11 with UsersStateDifference

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.

the class UserSyncForStackServiceTest method testSynchronizeStackSuccessFullAtFirst.

@Test
public void testSynchronizeStackSuccessFullAtFirst() throws Exception {
    UmsUsersState umsUsersState = mock(UmsUsersState.class);
    UserSyncOptions options = new UserSyncOptions(true, false, WorkloadCredentialsUpdateType.FORCE_UPDATE);
    UsersState usersState = mock(UsersState.class);
    when(usersState.getUsers()).thenReturn(ImmutableSet.of());
    when(usersState.getGroups()).thenReturn(ImmutableSet.of());
    when(freeIpaUsersStateProvider.getUsersState(FREE_IPA_CLIENT)).thenReturn(usersState);
    UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
    when(userStateDifferenceCalculator.fromUmsAndIpaUsersStates(umsUsersState, usersState, options)).thenReturn(usersStateDifference);
    when(entitlementService.cloudIdentityMappingEnabled(ACCOUNT)).thenReturn(TRUE);
    when(entitlementService.isEnvironmentPrivilegedUserEnabled(ACCOUNT)).thenReturn(TRUE);
    SyncStatusDetail result = underTest.synchronizeStack(STACK, umsUsersState, options);
    verify(freeIpaUsersStateProvider, never()).getFilteredFreeIpaState(any(), any());
    verify(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
    verifyNoMoreInteractions(stateApplier);
    verify(cloudIdentitySyncService).syncCloudIdentities(eq(STACK), eq(umsUsersState), any());
    verify(sudoRuleService).setupSudoRule(STACK, FREE_IPA_CLIENT);
    assertEquals(ENV_CRN, result.getEnvironmentCrn());
    assertEquals(COMPLETED, result.getStatus());
    assertTrue(result.getWarnings().isEmpty());
}
Also used : SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) Test(org.junit.jupiter.api.Test)

Example 12 with UsersStateDifference

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.

the class UserSyncForStackServiceTest method testSynchronizeFailsToSetupSudoRules.

@Test
public void testSynchronizeFailsToSetupSudoRules() throws Exception {
    UmsUsersState umsUsersState = mock(UmsUsersState.class);
    UserSyncOptions options = new UserSyncOptions(true, false, WorkloadCredentialsUpdateType.FORCE_UPDATE);
    UsersState usersState = mock(UsersState.class);
    when(usersState.getUsers()).thenReturn(ImmutableSet.of());
    when(usersState.getGroups()).thenReturn(ImmutableSet.of());
    when(freeIpaUsersStateProvider.getUsersState(FREE_IPA_CLIENT)).thenReturn(usersState);
    UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
    when(userStateDifferenceCalculator.fromUmsAndIpaUsersStates(umsUsersState, usersState, options)).thenReturn(usersStateDifference);
    when(entitlementService.cloudIdentityMappingEnabled(ACCOUNT)).thenReturn(TRUE);
    when(entitlementService.isEnvironmentPrivilegedUserEnabled(ACCOUNT)).thenReturn(TRUE);
    doThrow(new Exception(ERROR_MESSAGE)).when(sudoRuleService).setupSudoRule(STACK, FREE_IPA_CLIENT);
    SyncStatusDetail result = underTest.synchronizeStack(STACK, umsUsersState, options);
    verify(freeIpaUsersStateProvider, never()).getFilteredFreeIpaState(any(), any());
    verify(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
    verifyNoMoreInteractions(stateApplier);
    verify(cloudIdentitySyncService).syncCloudIdentities(eq(STACK), eq(umsUsersState), any());
    assertEquals(ENV_CRN, result.getEnvironmentCrn());
    assertEquals(FAILED, result.getStatus());
    assertTrue(result.getWarnings().get(ENV_CRN).contains(ERROR_MESSAGE));
}
Also used : SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) TimeoutException(java.util.concurrent.TimeoutException) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) Test(org.junit.jupiter.api.Test)

Example 13 with UsersStateDifference

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.

the class UserSyncForStackServiceTest method testSynchronizeStackFailsPartial.

@Test
public void testSynchronizeStackFailsPartial() throws FreeIpaClientException, TimeoutException {
    UmsUsersState umsUsersState = mock(UmsUsersState.class);
    when(umsUsersState.getRequestedWorkloadUsernames()).thenReturn(ImmutableSet.of("user1", "user2"));
    UserSyncOptions options = new UserSyncOptions(false, false, WorkloadCredentialsUpdateType.FORCE_UPDATE);
    UsersState usersState = mock(UsersState.class);
    when(usersState.getUsers()).thenReturn(ImmutableSet.of());
    when(usersState.getGroups()).thenReturn(ImmutableSet.of());
    when(freeIpaUsersStateProvider.getFilteredFreeIpaState(FREE_IPA_CLIENT, Set.of("user1", "user2"))).thenReturn(usersState);
    UsersStateDifference usersStateDifference = mock(UsersStateDifference.class);
    when(userStateDifferenceCalculator.fromUmsAndIpaUsersStates(umsUsersState, usersState, options)).thenReturn(usersStateDifference);
    doAnswer(invocation -> {
        Multimap<String, String> warnings = invocation.getArgument(2, Multimap.class);
        warnings.put(ENV_CRN, "failed");
        return null;
    }).when(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
    SyncStatusDetail result = underTest.synchronizeStack(STACK, umsUsersState, options);
    verify(freeIpaUsersStateProvider, never()).getUsersState(any());
    verify(stateApplier).applyDifference(eq(umsUsersState), eq(ENV_CRN), any(), eq(usersStateDifference), eq(options), eq(FREE_IPA_CLIENT));
    verifyNoMoreInteractions(stateApplier);
    verifyNoInteractions(cloudIdentitySyncService);
    verifyNoInteractions(sudoRuleService);
    assertEquals(ENV_CRN, result.getEnvironmentCrn());
    assertEquals(FAILED, result.getStatus());
    assertFalse(result.getWarnings().isEmpty());
}
Also used : SyncStatusDetail(com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) Test(org.junit.jupiter.api.Test)

Example 14 with UsersStateDifference

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.

the class UserSyncForStackService method synchronizeStackForDeleteUser.

public SyncStatusDetail synchronizeStackForDeleteUser(Stack stack, String deletedWorkloadUser) {
    MDCBuilder.buildMdcContext(stack);
    String environmentCrn = stack.getEnvironmentCrn();
    Multimap<String, String> warnings = ArrayListMultimap.create();
    try {
        FreeIpaClient freeIpaClient = freeIpaClientFactory.getFreeIpaClientForStack(stack);
        LOGGER.debug("Starting {} for environment {} and deleted user {} ...", USER_SYNC_DELETE, environmentCrn, deletedWorkloadUser);
        LOGGER.debug("Starting {} ...", RETRIEVE_PARTIAL_IPA_STATE);
        UsersState ipaUserState = getIpaStateForUser(freeIpaClient, deletedWorkloadUser);
        LOGGER.debug("Finished {}, found {} users and {} groups.", RETRIEVE_PARTIAL_IPA_STATE, ipaUserState.getUsers().size(), ipaUserState.getGroups().size());
        if (!ipaUserState.getUsers().isEmpty()) {
            ImmutableCollection<String> groupMembershipsToRemove = ipaUserState.getGroupMembership().get(deletedWorkloadUser);
            UsersStateDifference usersStateDifference = userStateDifferenceCalculator.forDeletedUser(deletedWorkloadUser, groupMembershipsToRemove);
            LOGGER.debug("Starting {} ...", APPLY_DIFFERENCE_TO_IPA);
            stateApplier.applyStateDifferenceToIpa(stack.getEnvironmentCrn(), freeIpaClient, usersStateDifference, warnings::put, false);
            LOGGER.debug("Finished {}.", APPLY_DIFFERENCE_TO_IPA);
        }
        LOGGER.debug("Finished {} for environment {} and deleted user {} ...", USER_SYNC_DELETE, environmentCrn, deletedWorkloadUser);
        return toSyncStatusDetail(environmentCrn, warnings);
    } catch (Exception e) {
        LOGGER.warn("Failed to synchronize environment {}", environmentCrn, e);
        return SyncStatusDetail.fail(environmentCrn, e.getLocalizedMessage(), warnings);
    }
}
Also used : FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) TimeoutException(java.util.concurrent.TimeoutException) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException)

Example 15 with UsersStateDifference

use of com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference in project cloudbreak by hortonworks.

the class UserSyncForStackService method synchronizeStack.

public SyncStatusDetail synchronizeStack(Stack stack, UmsUsersState umsUsersState, UserSyncOptions options) {
    MDCBuilder.buildMdcContext(stack);
    String environmentCrn = stack.getEnvironmentCrn();
    Multimap<String, String> warnings = ArrayListMultimap.create();
    logLargeGroupMembershipSizes(environmentCrn, umsUsersState);
    try {
        FreeIpaClient freeIpaClient = freeIpaClientFactory.getFreeIpaClientForStack(stack);
        UsersStateDifference usersStateDifferenceBeforeSync = compareUmsAndFreeIpa(umsUsersState, options, freeIpaClient);
        stateApplier.applyDifference(umsUsersState, environmentCrn, warnings, usersStateDifferenceBeforeSync, options, freeIpaClient);
        retrySyncIfBatchCallHasWarnings(stack, umsUsersState, warnings, options, freeIpaClient, usersStateDifferenceBeforeSync);
        if (options.isFullSync()) {
            // TODO For now we only sync cloud ids during full sync. We should eventually allow more granular syncs (actor level and group level sync).
            if (entitlementService.cloudIdentityMappingEnabled(stack.getAccountId())) {
                LOGGER.debug("Starting {} ...", SYNC_CLOUD_IDENTITIES);
                cloudIdentitySyncService.syncCloudIdentities(stack, umsUsersState, warnings::put);
                LOGGER.debug("Finished {}.", SYNC_CLOUD_IDENTITIES);
            }
            if (entitlementService.isEnvironmentPrivilegedUserEnabled(stack.getAccountId())) {
                LOGGER.debug("Starting {} ...", ADD_SUDO_RULES);
                try {
                    sudoRuleService.setupSudoRule(stack, freeIpaClient);
                } catch (Exception e) {
                    warnings.put(stack.getEnvironmentCrn(), e.getMessage());
                    LOGGER.error("{} failed for environment '{}'.", ADD_SUDO_RULES, stack.getEnvironmentCrn(), e);
                }
                LOGGER.debug("Finished {}.", ADD_SUDO_RULES);
            }
        }
        return toSyncStatusDetail(environmentCrn, warnings);
    } catch (TimeoutException e) {
        LOGGER.warn("Timed out while synchronizing environment {}", environmentCrn, e);
        return SyncStatusDetail.fail(environmentCrn, "Timed out", warnings);
    } catch (Exception e) {
        LOGGER.warn("Failed to synchronize environment {}", environmentCrn, e);
        return SyncStatusDetail.fail(environmentCrn, e.getLocalizedMessage(), warnings);
    }
}
Also used : FreeIpaClient(com.sequenceiq.freeipa.client.FreeIpaClient) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) TimeoutException(java.util.concurrent.TimeoutException) FreeIpaClientException(com.sequenceiq.freeipa.client.FreeIpaClientException) TimeoutException(java.util.concurrent.TimeoutException)

Aggregations

UsersStateDifference (com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference)19 UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)12 UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)11 Test (org.junit.jupiter.api.Test)10 UserSyncOptions (com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions)7 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)6 SyncStatusDetail (com.sequenceiq.freeipa.service.freeipa.user.model.SyncStatusDetail)6 FreeIpaClient (com.sequenceiq.freeipa.client.FreeIpaClient)5 FmsUser (com.sequenceiq.freeipa.service.freeipa.user.model.FmsUser)4 TimeoutException (java.util.concurrent.TimeoutException)4 ImmutableSet (com.google.common.collect.ImmutableSet)2 NotFoundException (com.sequenceiq.cloudbreak.common.exception.NotFoundException)2 Config (com.sequenceiq.freeipa.client.model.Config)2 FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)2 Collection (java.util.Collection)2 Set (java.util.Set)2 ExecutionException (java.util.concurrent.ExecutionException)2 ImmutableMultimap (com.google.common.collect.ImmutableMultimap)1 Multimap (com.google.common.collect.Multimap)1 EntitlementService (com.sequenceiq.cloudbreak.auth.altus.EntitlementService)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial