Examples with WorkloadCredential com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential used on opensource projects

Search in sources :

Example 1 with WorkloadCredential

use of com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential in project cloudbreak by hortonworks.

the class BulkUmsUsersStateProvider method addActorsToUmsUsersStateBuilder.

private void addActorsToUmsUsersStateBuilder(int environmentIndex, UserManagementProto.GetUserSyncStateModelResponse userSyncStateModel, ActorHandler actorHandler) {
    // process actors - users and machine users are combined in the actor list
    userSyncStateModel.getActorList().forEach(actor -> {
        UserManagementProto.RightsCheckResult rightsCheckResult = actor.getRightsCheckResult(environmentIndex);
        EnvironmentAccessRights environmentAccessRights = new EnvironmentAccessRights(rightsCheckResult.getHasRight(0), rightsCheckResult.getHasRight(1));
        Supplier<Collection<String>> groupMembershipSupplier = () -> actor.getGroupIndexList().stream().map(groupIndex -> userSyncStateModel.getGroupList().get(groupIndex).getCrn()).collect(Collectors.toList());
        Supplier<Collection<String>> wagMembershipSupplier = () -> actor.getWorkloadAdministrationGroupIndexList().stream().map(wagIndex -> userSyncStateModel.getWorkloadAdministrationGroupList().get(wagIndex).getWorkloadAdministrationGroupName()).collect(Collectors.toList());
        Supplier<WorkloadCredential> workloadCredentialSupplier = () -> workloadCredentialConverter.toWorkloadCredential(actor.getCredentials());
        actorHandler.handleActor(environmentAccessRights, fmsUserConverter.toFmsUser(actor.getActorDetails()), actor.getActorDetails().getCrn(), groupMembershipSupplier, wagMembershipSupplier, workloadCredentialSupplier, actor.getActorDetails().getCloudIdentityList());
    });
}
Also used : IntStream(java.util.stream.IntStream) FmsGroup(com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) Collection(java.util.Collection) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) Set(java.util.Set) FmsUserConverter(com.sequenceiq.freeipa.service.freeipa.user.conversion.FmsUserConverter) Supplier(java.util.function.Supplier) Collectors(java.util.stream.Collectors) Maps(com.google.common.collect.Maps) GrpcUmsClient(com.sequenceiq.cloudbreak.auth.altus.GrpcUmsClient) Inject(javax.inject.Inject) List(java.util.List) Component(org.springframework.stereotype.Component) UserManagementProto(com.cloudera.thunderhead.service.usermanagement.UserManagementProto) Map(java.util.Map) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) Optional(java.util.Optional) WorkloadCredentialConverter(com.sequenceiq.freeipa.service.freeipa.user.conversion.WorkloadCredentialConverter) EnvironmentAccessRights(com.sequenceiq.freeipa.service.freeipa.user.model.EnvironmentAccessRights) EnvironmentAccessRights(com.sequenceiq.freeipa.service.freeipa.user.model.EnvironmentAccessRights) UserManagementProto(com.cloudera.thunderhead.service.usermanagement.UserManagementProto) Collection(java.util.Collection) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)

Example 2 with WorkloadCredential

use of com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential in project cloudbreak by hortonworks.

the class UserSyncService method getCredentialUpdate.

private WorkloadCredentialUpdate getCredentialUpdate(String username, UmsUsersState umsUsersState) {
    UserMetadata userMetadata = requireNonNull(umsUsersState.getUsersState().getUserMetadataMap().get(username), "userMetadata must not be null");
    WorkloadCredential workloadCredential = requireNonNull(umsUsersState.getUsersWorkloadCredentialMap().get(username), "workloadCredential must not be null");
    return new WorkloadCredentialUpdate(username, userMetadata.getCrn(), workloadCredential);
}
Also used : UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)

Example 3 with WorkloadCredential

use of com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential in project cloudbreak by hortonworks.

the class UserSyncStateApplierTest method testApplyDifferenceWithPasswordHashSupport.

@Test
public void testApplyDifferenceWithPasswordHashSupport() throws FreeIpaClientException, TimeoutException {
    UsersState usersState = UsersState.newBuilder().addUserMetadata("userToUpdate1", new UserMetadata("userToUpdate1Crn", 1L)).addUserMetadata("userToUpdate2", new UserMetadata("userToUpdate2Crn", 2L)).build();
    WorkloadCredential workloadCredential1 = mock(WorkloadCredential.class);
    WorkloadCredential workloadCredential2 = mock(WorkloadCredential.class);
    UmsUsersState umsUsersState = UmsUsersState.newBuilder().setUsersState(usersState).addWorkloadCredentials("userToUpdate1", workloadCredential1).addWorkloadCredentials("userToUpdate2", workloadCredential2).build();
    UserSyncOptions userSyncOptions = mock(UserSyncOptions.class);
    UsersStateDifference usersStateDifference = createStateDiff();
    Multimap<String, String> warnings = ArrayListMultimap.create();
    when(userSyncOptions.isFmsToFreeIpaBatchCallEnabled()).thenReturn(Boolean.TRUE);
    Config config = new Config();
    config.setIpauserobjectclasses(Set.of("cdpUserAttr"));
    when(freeIpaClient.getConfig()).thenReturn(config);
    underTest.applyDifference(umsUsersState, ENV_CRN, warnings, usersStateDifference, userSyncOptions, freeIpaClient);
    ArgumentCaptor<Set<WorkloadCredentialUpdate>> credentialUpdateCaptor = ArgumentCaptor.forClass(Set.class);
    verify(workloadCredentialService).setWorkloadCredentials(eq(userSyncOptions), eq(freeIpaClient), credentialUpdateCaptor.capture(), any());
    Set<WorkloadCredentialUpdate> workloadCredentialUpdates = credentialUpdateCaptor.getValue();
    assertThat(workloadCredentialUpdates, allOf(hasItem(allOf(hasProperty("username", is("userToUpdate1")), hasProperty("userCrn", is("userToUpdate1Crn")), hasProperty("workloadCredential", is(workloadCredential1)))), hasItem(allOf(hasProperty("username", is("userToUpdate2")), hasProperty("userCrn", is("userToUpdate2Crn")), hasProperty("workloadCredential", is(workloadCredential2))))));
}
Also used : ImmutableSet(com.google.common.collect.ImmutableSet) Set(java.util.Set) Config(com.sequenceiq.freeipa.client.model.Config) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) UserMetadata(com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata) UsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UsersState) UmsUsersState(com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) UserSyncOptions(com.sequenceiq.freeipa.service.freeipa.user.model.UserSyncOptions) WorkloadCredentialUpdate(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate) UsersStateDifference(com.sequenceiq.freeipa.service.freeipa.user.model.UsersStateDifference) Test(org.junit.jupiter.api.Test)

Example 4 with WorkloadCredential

use of com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential in project cloudbreak by hortonworks.

the class UmsCredentialProviderTest method testGetCredentialsNoExpiration.

@Test
void testGetCredentialsNoExpiration() {
    GetActorWorkloadCredentialsResponse response = GetActorWorkloadCredentialsResponse.newBuilder().setPasswordHash(PASSWORD_HASH).addAllKerberosKeys(ACTOR_KERBEROS_KEY_LIST).setPasswordHashExpirationDate(0).setWorkloadCredentialsVersion(WORKLOAD_CREDENTIALS_VERSION).build();
    when(grpcUmsClient.getActorWorkloadCredentials(eq("user"), any(), any())).thenReturn(response);
    WorkloadCredential credential = underTest.getCredentials("user", Optional.empty());
    assertEquals(credential.getExpirationDate(), Optional.empty());
    assertEquals(WORKLOAD_CREDENTIALS_VERSION, credential.getVersion());
}
Also used : GetActorWorkloadCredentialsResponse(com.cloudera.thunderhead.service.usermanagement.UserManagementProto.GetActorWorkloadCredentialsResponse) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) Test(org.junit.jupiter.api.Test)

Example 5 with WorkloadCredential

use of com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential in project cloudbreak by hortonworks.

the class WorkloadCredentialConverterTest method testGetActorWorkloadCredentialsResponseToWorkloadCredentialNoExpiration.

@Test
public void testGetActorWorkloadCredentialsResponseToWorkloadCredentialNoExpiration() {
    String passwordHash = "password-hash";
    List<UserManagementProto.ActorKerberosKey> kerberosKeys = List.of(UserManagementProto.ActorKerberosKey.newBuilder().build());
    long passwordExpiration = 0;
    List<UserManagementProto.SshPublicKey> sshPublicKeys = List.of(UserManagementProto.SshPublicKey.newBuilder().build());
    long workloadCredentialsVersion = 123L;
    Optional<Instant> expectedPasswordExpiration = Optional.empty();
    UserManagementProto.GetActorWorkloadCredentialsResponse actorWorkloadCredentials = UserManagementProto.GetActorWorkloadCredentialsResponse.newBuilder().setPasswordHash(passwordHash).setPasswordHashExpirationDate(passwordExpiration).addAllKerberosKeys(kerberosKeys).addAllSshPublicKey(sshPublicKeys).setWorkloadCredentialsVersion(workloadCredentialsVersion).build();
    WorkloadCredential workloadCredential = underTest.toWorkloadCredential(actorWorkloadCredentials);
    assertEquals(passwordHash, workloadCredential.getHashedPassword());
    assertEquals(expectedPasswordExpiration, workloadCredential.getExpirationDate());
    assertIterableEquals(kerberosKeys, workloadCredential.getKeys());
    assertIterableEquals(sshPublicKeys, workloadCredential.getSshPublicKeys());
    assertEquals(workloadCredentialsVersion, workloadCredential.getVersion());
}
Also used : Instant(java.time.Instant) UserManagementProto(com.cloudera.thunderhead.service.usermanagement.UserManagementProto) WorkloadCredential(com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential) Test(org.junit.jupiter.api.Test)

Aggregations

WorkloadCredential (com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredential)16 Test (org.junit.jupiter.api.Test)8 UserManagementProto (com.cloudera.thunderhead.service.usermanagement.UserManagementProto)7 Set (java.util.Set)5 UmsUsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UmsUsersState)4 UserMetadata (com.sequenceiq.freeipa.service.freeipa.user.model.UserMetadata)4 UsersState (com.sequenceiq.freeipa.service.freeipa.user.model.UsersState)4 WorkloadCredentialUpdate (com.sequenceiq.freeipa.service.freeipa.user.model.WorkloadCredentialUpdate)4 Collection (java.util.Collection)4 List (java.util.List)4 Map (java.util.Map)4 EnvironmentAccessRights (com.sequenceiq.freeipa.service.freeipa.user.model.EnvironmentAccessRights)3 FmsGroup (com.sequenceiq.freeipa.service.freeipa.user.model.FmsGroup)3 Instant (java.time.Instant)3 Optional (java.util.Optional)3 Supplier (java.util.function.Supplier)3 Collectors (java.util.stream.Collectors)3 GetActorWorkloadCredentialsResponse (com.cloudera.thunderhead.service.usermanagement.UserManagementProto.GetActorWorkloadCredentialsResponse)2 ImmutableSet (com.google.common.collect.ImmutableSet)2 Maps (com.google.common.collect.Maps)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial