use of com.sequenceiq.it.cloudbreak.dto.environment.EnvironmentTestDto in project cloudbreak by hortonworks.
the class GcpCloudProvider method environment.
@Override
public EnvironmentTestDto environment(EnvironmentTestDto environment) {
SecurityAccessRequest securityAccessRequest = new SecurityAccessRequest();
EnvironmentTestDto result = super.environment(environment);
if (StringUtils.isNotBlank(gcpProperties.getSecurityAccess().getDefaultSecurityGroup())) {
securityAccessRequest.setDefaultSecurityGroupId(gcpProperties.getSecurityAccess().getDefaultSecurityGroup());
result.withSecurityAccess(securityAccessRequest);
}
if (StringUtils.isNotBlank(gcpProperties.getSecurityAccess().getKnoxSecurityGroup())) {
securityAccessRequest.setSecurityGroupIdForKnox(gcpProperties.getSecurityAccess().getKnoxSecurityGroup());
result.withSecurityAccess(securityAccessRequest);
}
return result;
}
use of com.sequenceiq.it.cloudbreak.dto.environment.EnvironmentTestDto in project cloudbreak by hortonworks.
the class CreateDhWithDatahubCreator method testCreateEnvironmentWithDh.
@Test(dataProvider = TEST_CONTEXT_WITH_MOCK)
@Description(given = "there is a running env service", when = "valid create environment request is sent and then datahub is created", then = "environment should be created but unauthorized users should not be able to access it")
public void testCreateEnvironmentWithDh(TestContext testContext) {
useRealUmsUser(testContext, AuthUserKeys.ENV_CREATOR_A);
testContext.given(CredentialTestDto.class).when(credentialTestClient.create()).given(EnvironmentTestDto.class).withCreateFreeIpa(false).when(environmentTestClient.create()).await(EnvironmentStatus.AVAILABLE).whenException(environmentTestClient.describe(), ForbiddenException.class, expectedMessage("Doesn't have 'environments/describeEnvironment' right on environment " + environmentPattern(testContext)).withWho(cloudbreakActor.useRealUmsUser(AuthUserKeys.ENV_CREATOR_B))).whenException(environmentTestClient.describe(), ForbiddenException.class, expectedMessage("Doesn't have 'environments/describeEnvironment' right on environment " + environmentPattern(testContext)).withWho(cloudbreakActor.useRealUmsUser(AuthUserKeys.ZERO_RIGHTS))).validate();
useRealUmsUser(testContext, AuthUserKeys.ENV_CREATOR_A);
EnvironmentTestDto environment = testContext.get(EnvironmentTestDto.class);
resourceCreator.createNewFreeIpa(testContext, environment);
createDatalake(testContext);
String recipe1Name = testContext.given(RecipeTestDto.class).valid().when(recipeTestClient.createV4(), RunningParameter.who(cloudbreakActor.useRealUmsUser(AuthUserKeys.ACCOUNT_ADMIN))).getResponse().getName();
String recipe2Name = testContext.given(RecipeTestDto.class).valid().when(recipeTestClient.createV4(), RunningParameter.who(cloudbreakActor.useRealUmsUser(AuthUserKeys.ENV_CREATOR_B))).getResponse().getName();
testContext.given(EnvironmentTestDto.class).given(UmsTestDto.class).assignTarget(EnvironmentTestDto.class.getSimpleName()).withDatahubCreator().when(umsTestClient.assignResourceRole(AuthUserKeys.ENV_CREATOR_B, regionAwareInternalCrnGeneratorFactory)).withEnvironmentUser().when(umsTestClient.assignResourceRole(AuthUserKeys.ENV_CREATOR_B, regionAwareInternalCrnGeneratorFactory)).given(EnvironmentTestDto.class).given(DistroXTestDto.class).withRecipe(recipe1Name).whenException(distroXClient.create(), ForbiddenException.class, expectedMessage("Doesn't have 'environments/useSharedResource' right on" + " recipe " + datahubRecipePattern(recipe1Name)).withWho(cloudbreakActor.useRealUmsUser(AuthUserKeys.ENV_CREATOR_B))).withRecipe(recipe2Name).when(distroXClient.create(), RunningParameter.who(cloudbreakActor.useRealUmsUser(AuthUserKeys.ENV_CREATOR_B))).await(STACK_AVAILABLE, RunningParameter.who(cloudbreakActor.useRealUmsUser(AuthUserKeys.ACCOUNT_ADMIN))).given(RenewDistroXCertificateTestDto.class).whenException(distroXClient.renewDistroXCertificateV4(), ForbiddenException.class, expectedMessage("Doesn't have 'datahub/repairDatahub'" + " right on any of the " + environmentDatahubPattern(testContext) + " or on " + datahubPattern(testContext)).withWho(cloudbreakActor.useRealUmsUser(AuthUserKeys.ZERO_RIGHTS))).validate();
testCheckRightUtil(testContext, testContext.given(DistroXTestDto.class).getCrn());
}
use of com.sequenceiq.it.cloudbreak.dto.environment.EnvironmentTestDto in project cloudbreak by hortonworks.
the class DataLakeListFilteringTest method testDataLakeListFiltering.
@Test(dataProvider = TEST_CONTEXT_WITH_MOCK)
@Description(given = "there are datalakes", when = "users share with each other", then = "they see the other's datalake in the list")
public void testDataLakeListFiltering(TestContext testContext) {
useRealUmsUser(testContext, AuthUserKeys.USER_ENV_CREATOR_A);
resourceCreator.createDefaultCredential(testContext);
resourceCreator.createDefaultEnvironment(testContext);
SdxInternalTestDto dataLakeA = resourceCreator.createDefaultDataLake(testContext);
useRealUmsUser(testContext, AuthUserKeys.USER_ENV_CREATOR_B);
CredentialTestDto credential = resourceCreator.createNewCredential(testContext);
EnvironmentTestDto environmentB = resourceCreator.createNewEnvironment(testContext, credential);
SdxInternalTestDto dataLakeB = resourceCreator.createNewDataLake(testContext, environmentB);
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_A, dataLakeA.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_B, dataLakeB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN, dataLakeA.getName(), dataLakeB.getName());
assertUserDoesNotSeeAnyOf(testContext, AuthUserKeys.USER_ENV_CREATOR_A, dataLakeB.getName());
assertUserDoesNotSeeAnyOf(testContext, AuthUserKeys.USER_ENV_CREATOR_B, dataLakeA.getName());
testContext.given(UmsTestDto.class).assignTarget(EnvironmentTestDto.class.getSimpleName()).withEnvironmentAdmin().when(umsTestClient.assignResourceRole(AuthUserKeys.USER_ENV_CREATOR_B, regionAwareInternalCrnGeneratorFactory)).validate();
testContext.given(UmsTestDto.class).assignTarget(environmentB.getName()).withEnvironmentUser().when(umsTestClient.assignResourceRole(AuthUserKeys.USER_ENV_CREATOR_A, regionAwareInternalCrnGeneratorFactory)).validate();
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_A, dataLakeA.getName(), dataLakeB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_B, dataLakeA.getName(), dataLakeB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN, dataLakeA.getName(), dataLakeB.getName());
useRealUmsUser(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN);
}
use of com.sequenceiq.it.cloudbreak.dto.environment.EnvironmentTestDto in project cloudbreak by hortonworks.
the class EnvironmentListFilteringTest method testEnvironmentListFiltering.
@Test(dataProvider = TEST_CONTEXT_WITH_MOCK)
@Description(given = "there are environments", when = "users share with each other", then = "they see the other's environment in the list")
public void testEnvironmentListFiltering(TestContext testContext) {
useRealUmsUser(testContext, AuthUserKeys.USER_ENV_CREATOR_A);
resourceCreator.createDefaultCredential(testContext);
EnvironmentTestDto environmentA = resourceCreator.createDefaultEnvironment(testContext);
useRealUmsUser(testContext, AuthUserKeys.USER_ENV_CREATOR_B);
CredentialTestDto credential = resourceCreator.createNewCredential(testContext);
EnvironmentTestDto environmentB = resourceCreator.createNewEnvironment(testContext, credential);
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_A, environmentA.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_B, environmentB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN, environmentA.getName(), environmentB.getName());
assertUserDoesNotSeeAnyOf(testContext, AuthUserKeys.USER_ENV_CREATOR_A, environmentB.getName());
assertUserDoesNotSeeAnyOf(testContext, AuthUserKeys.USER_ENV_CREATOR_B, environmentA.getName());
testContext.given(UmsTestDto.class).assignTarget(EnvironmentTestDto.class.getSimpleName()).withEnvironmentAdmin().when(umsTestClient.assignResourceRole(AuthUserKeys.USER_ENV_CREATOR_B, regionAwareInternalCrnGeneratorFactory)).validate();
testContext.given(UmsTestDto.class).assignTarget(environmentB.getName()).withEnvironmentUser().when(umsTestClient.assignResourceRole(AuthUserKeys.USER_ENV_CREATOR_A, regionAwareInternalCrnGeneratorFactory)).validate();
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_A, environmentA.getName(), environmentB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ENV_CREATOR_B, environmentA.getName(), environmentB.getName());
assertUserSeesAll(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN, environmentA.getName(), environmentB.getName());
useRealUmsUser(testContext, AuthUserKeys.USER_ACCOUNT_ADMIN);
}
Aggregations