Search in sources :

Example 1 with AuthorizerConfigurationContext

use of org.apache.nifi.authorization.AuthorizerConfigurationContext in project nifi by apache.

the class LdapUserGroupProviderTest method testUserSearchBaseSpecifiedButNoUserObjectClass.

@Test(expected = AuthorizerCreationException.class)
public void testUserSearchBaseSpecifiedButNoUserObjectClass() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(USER_SEARCH_BASE, null);
    when(configurationContext.getProperty(PROP_USER_OBJECT_CLASS)).thenReturn(new StandardPropertyValue(null, null));
    ldapUserGroupProvider.onConfigured(configurationContext);
}
Also used : StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 2 with AuthorizerConfigurationContext

use of org.apache.nifi.authorization.AuthorizerConfigurationContext in project nifi by apache.

the class LdapUserGroupProviderTest method testInvalidGroupSearchScope.

@Test(expected = AuthorizerCreationException.class)
public void testInvalidGroupSearchScope() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(null, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_GROUP_SEARCH_SCOPE)).thenReturn(new StandardPropertyValue("not-valid", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
}
Also used : StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 3 with AuthorizerConfigurationContext

use of org.apache.nifi.authorization.AuthorizerConfigurationContext in project nifi by apache.

the class LdapUserGroupProviderTest method getBaseConfiguration.

private AuthorizerConfigurationContext getBaseConfiguration(final String userSearchBase, final String groupSearchBase) {
    final AuthorizerConfigurationContext configurationContext = mock(AuthorizerConfigurationContext.class);
    when(configurationContext.getProperty(PROP_URL)).thenReturn(new StandardPropertyValue("ldap://127.0.0.1:" + getLdapServer().getPort(), null));
    when(configurationContext.getProperty(PROP_CONNECT_TIMEOUT)).thenReturn(new StandardPropertyValue("30 secs", null));
    when(configurationContext.getProperty(PROP_READ_TIMEOUT)).thenReturn(new StandardPropertyValue("30 secs", null));
    when(configurationContext.getProperty(PROP_REFERRAL_STRATEGY)).thenReturn(new StandardPropertyValue(ReferralStrategy.FOLLOW.name(), null));
    when(configurationContext.getProperty(PROP_PAGE_SIZE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_SYNC_INTERVAL)).thenReturn(new StandardPropertyValue("30 mins", null));
    when(configurationContext.getProperty(PROP_AUTHENTICATION_STRATEGY)).thenReturn(new StandardPropertyValue(LdapAuthenticationStrategy.SIMPLE.name(), null));
    when(configurationContext.getProperty(PROP_MANAGER_DN)).thenReturn(new StandardPropertyValue("uid=admin,ou=system", null));
    when(configurationContext.getProperty(PROP_MANAGER_PASSWORD)).thenReturn(new StandardPropertyValue("secret", null));
    when(configurationContext.getProperty(PROP_USER_SEARCH_BASE)).thenReturn(new StandardPropertyValue(userSearchBase, null));
    when(configurationContext.getProperty(PROP_USER_OBJECT_CLASS)).thenReturn(new StandardPropertyValue("person", null));
    when(configurationContext.getProperty(PROP_USER_SEARCH_SCOPE)).thenReturn(new StandardPropertyValue(SearchScope.ONE_LEVEL.name(), null));
    when(configurationContext.getProperty(PROP_USER_SEARCH_FILTER)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_USER_GROUP_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_USER_GROUP_REFERENCED_GROUP_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_GROUP_SEARCH_BASE)).thenReturn(new StandardPropertyValue(groupSearchBase, null));
    when(configurationContext.getProperty(PROP_GROUP_OBJECT_CLASS)).thenReturn(new StandardPropertyValue("groupOfNames", null));
    when(configurationContext.getProperty(PROP_GROUP_SEARCH_SCOPE)).thenReturn(new StandardPropertyValue(SearchScope.ONE_LEVEL.name(), null));
    when(configurationContext.getProperty(PROP_GROUP_SEARCH_FILTER)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_GROUP_NAME_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_REFERENCED_USER_ATTRIBUTE)).thenReturn(new StandardPropertyValue(null, null));
    return configurationContext;
}
Also used : StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext)

Example 4 with AuthorizerConfigurationContext

use of org.apache.nifi.authorization.AuthorizerConfigurationContext in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchUsersWithUidIdentityAttribute.

@Test
public void testSearchUsersWithUidIdentityAttribute() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(USER_SEARCH_BASE, null);
    when(configurationContext.getProperty(PROP_USER_IDENTITY_ATTRIBUTE)).thenReturn(new StandardPropertyValue("uid", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    assertEquals(8, ldapUserGroupProvider.getUsers().size());
    assertNotNull(ldapUserGroupProvider.getUserByIdentity("user1"));
    assertTrue(ldapUserGroupProvider.getGroups().isEmpty());
}
Also used : StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Example 5 with AuthorizerConfigurationContext

use of org.apache.nifi.authorization.AuthorizerConfigurationContext in project nifi by apache.

the class LdapUserGroupProviderTest method testSearchGroupsWithFilter.

@Test
public void testSearchGroupsWithFilter() throws Exception {
    final AuthorizerConfigurationContext configurationContext = getBaseConfiguration(null, GROUP_SEARCH_BASE);
    when(configurationContext.getProperty(PROP_GROUP_MEMBER_ATTRIBUTE)).thenReturn(new StandardPropertyValue("member", null));
    when(configurationContext.getProperty(PROP_GROUP_SEARCH_FILTER)).thenReturn(new StandardPropertyValue("(cn=admins)", null));
    ldapUserGroupProvider.onConfigured(configurationContext);
    final Set<Group> groups = ldapUserGroupProvider.getGroups();
    assertEquals(1, groups.size());
    assertEquals(1, groups.stream().filter(group -> "cn=admins,ou=groups,o=nifi".equals(group.getName())).count());
}
Also used : Group(org.apache.nifi.authorization.Group) StandardPropertyValue(org.apache.nifi.attribute.expression.language.StandardPropertyValue) AuthorizerConfigurationContext(org.apache.nifi.authorization.AuthorizerConfigurationContext) Test(org.junit.Test)

Aggregations

AuthorizerConfigurationContext (org.apache.nifi.authorization.AuthorizerConfigurationContext)42 Test (org.junit.Test)38 StandardPropertyValue (org.apache.nifi.attribute.expression.language.StandardPropertyValue)33 Group (org.apache.nifi.authorization.Group)14 UserAndGroups (org.apache.nifi.authorization.UserAndGroups)11 Properties (java.util.Properties)9 UserGroupProviderInitializationContext (org.apache.nifi.authorization.UserGroupProviderInitializationContext)9 AuthorizerCreationException (org.apache.nifi.authorization.exception.AuthorizerCreationException)9 Set (java.util.Set)8 CreateLdapServer (org.apache.directory.server.annotations.CreateLdapServer)8 CreateTransport (org.apache.directory.server.annotations.CreateTransport)8 ApplyLdifFiles (org.apache.directory.server.core.annotations.ApplyLdifFiles)8 CreateDS (org.apache.directory.server.core.annotations.CreateDS)8 CreatePartition (org.apache.directory.server.core.annotations.CreatePartition)8 AbstractLdapTestUnit (org.apache.directory.server.core.integ.AbstractLdapTestUnit)8 FrameworkRunner (org.apache.directory.server.core.integ.FrameworkRunner)8 LdapAuthenticationStrategy (org.apache.nifi.ldap.LdapAuthenticationStrategy)8 ReferralStrategy (org.apache.nifi.ldap.ReferralStrategy)8 PROP_AUTHENTICATION_STRATEGY (org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_AUTHENTICATION_STRATEGY)8 PROP_CONNECT_TIMEOUT (org.apache.nifi.ldap.tenants.LdapUserGroupProvider.PROP_CONNECT_TIMEOUT)8