ambari-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lpus...@apache.org
Subject [40/50] [abbrv] ambari git commit: AMBARI-21307 Groups for the test user returned to the caller
Date Tue, 05 Sep 2017 09:41:35 GMT
AMBARI-21307 Groups for the test user returned to the caller


Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/374f0975
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/374f0975
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/374f0975

Branch: refs/heads/feature-branch-AMBARI-21307
Commit: 374f09754b7bfe50c8db7c05e49e8bf02cca3e65
Parents: 998a042
Author: lpuskas <lpuskas@apache.org>
Authored: Tue Aug 8 15:50:29 2017 +0200
Committer: lpuskas <lpuskas@apache.org>
Committed: Tue Sep 5 11:39:22 2017 +0200

----------------------------------------------------------------------
 .../api/services/ldap/LdapRestService.java      | 16 +++++-
 .../server/ldap/AmbariLdapConfiguration.java    |  2 +-
 .../apache/ambari/server/ldap/LdapModule.java   |  3 +
 .../server/ldap/service/AmbariLdapFacade.java   |  3 +-
 .../ambari/server/ldap/service/LdapFacade.java  |  3 +-
 ...efaultLdapConfigurationValidatorService.java | 25 ++++++---
 .../ad/DefaultLdapConnectionService.java        |  2 +-
 ...ltLdapConfigurationValidatorServiceTest.java | 59 +++-----------------
 8 files changed, 49 insertions(+), 64 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/api/services/ldap/LdapRestService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/ldap/LdapRestService.java
b/ambari-server/src/main/java/org/apache/ambari/server/api/services/ldap/LdapRestService.java
index 33b10fa..8578204 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/ldap/LdapRestService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/ldap/LdapRestService.java
@@ -28,6 +28,8 @@
 
 package org.apache.ambari.server.api.services.ldap;
 
+import java.util.Set;
+
 import javax.inject.Inject;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.POST;
@@ -41,12 +43,16 @@ import org.apache.ambari.server.api.services.BaseService;
 import org.apache.ambari.server.api.services.Result;
 import org.apache.ambari.server.api.services.ResultImpl;
 import org.apache.ambari.server.api.services.ResultStatus;
+import org.apache.ambari.server.controller.internal.ResourceImpl;
+import org.apache.ambari.server.controller.spi.Resource;
 import org.apache.ambari.server.ldap.AmbariLdapConfiguration;
 import org.apache.ambari.server.ldap.LdapConfigurationFactory;
 import org.apache.ambari.server.ldap.service.LdapFacade;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
+import com.google.common.collect.Sets;
+
 /**
  * Endpoint designated to LDAP specific operations.
  */
@@ -68,6 +74,8 @@ public class LdapRestService extends BaseService {
   @Consumes(MediaType.APPLICATION_JSON)
   public Response validateConfiguration(LdapCheckConfigurationRequest ldapCheckConfigurationRequest)
{
 
+    Set<String> groups = Sets.newHashSet();
+
     Result result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.OK));
     try {
 
@@ -86,7 +94,11 @@ public class LdapRestService extends BaseService {
         case "test-attributes":
 
           LOGGER.info("Testing LDAP attributes ....");
-          ldapFacade.checkLdapAttibutes(ldapCheckConfigurationRequest.getRequestInfo().getParameters(),
ambariLdapConfiguration);
+          groups = ldapFacade.checkLdapAttibutes(ldapCheckConfigurationRequest.getRequestInfo().getParameters(),
ambariLdapConfiguration);
+          // todo factor out the resource creation, design better the structure in the response
+          Resource resource = new ResourceImpl(Resource.Type.AmbariConfiguration);
+          resource.setProperty("groups", groups);
+          result.getResultTree().addChild(resource, "payload");
 
           break;
         case "detect-attributes":
@@ -101,7 +113,7 @@ public class LdapRestService extends BaseService {
       }
 
     } catch (Exception e) {
-      result = new ResultImpl(new ResultStatus(ResultStatus.STATUS.BAD_REQUEST, e));
+      result.setResultStatus(new ResultStatus(ResultStatus.STATUS.BAD_REQUEST, e));
     }
 
     return Response.status(result.getStatus().getStatusCode()).entity(getResultSerializer().serialize(result)).build();

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
index a6ff80b..8ab587b 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/AmbariLdapConfiguration.java
@@ -48,7 +48,7 @@ public class AmbariLdapConfiguration {
     MANAGER_PASSWORD("ambari.ldap.managerpassword"),
     USER_OBJECT_CLASS("ambari.ldap.user.object.class"),
     USER_NAME_ATTRIBUTE("ambari.ldap.user.name.attribute"),
-    USER_SEARCH_BASE("ambari.ldap.user.search.Base"),
+    USER_SEARCH_BASE("ambari.ldap.user.search.base"),
 
     GROUP_OBJECT_CLASS("ambari.ldap.group.object.class"),
     GROUP_NAME_ATTRIBUTE("ambari.ldap.group.name.attribute"),

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/LdapModule.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/LdapModule.java b/ambari-server/src/main/java/org/apache/ambari/server/ldap/LdapModule.java
index 545f220..1b49159 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/LdapModule.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/LdapModule.java
@@ -16,8 +16,10 @@
 package org.apache.ambari.server.ldap;
 
 import org.apache.ambari.server.ldap.service.AmbariLdapFacade;
+import org.apache.ambari.server.ldap.service.LdapConnectionService;
 import org.apache.ambari.server.ldap.service.LdapFacade;
 import org.apache.ambari.server.ldap.service.ad.DefaultLdapConfigurationValidatorService;
+import org.apache.ambari.server.ldap.service.ad.DefaultLdapConnectionService;
 
 import com.google.inject.AbstractModule;
 import com.google.inject.assistedinject.FactoryModuleBuilder;
@@ -31,6 +33,7 @@ public class LdapModule extends AbstractModule {
   protected void configure() {
     bind(LdapFacade.class).to(AmbariLdapFacade.class);
     bind(LdapConfigurationValidatorService.class).to(DefaultLdapConfigurationValidatorService.class);
+    bind(LdapConnectionService.class).to(DefaultLdapConnectionService.class);
 
     install(new FactoryModuleBuilder().build(LdapConfigurationFactory.class));
   }

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java
b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java
index abb464b..eec47ce 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/AmbariLdapFacade.java
@@ -79,7 +79,7 @@ public class AmbariLdapFacade implements LdapFacade {
   }
 
   @Override
-  public void checkLdapAttibutes(Map<String, Object> parameters, AmbariLdapConfiguration
ldapConfiguration) throws AmbariLdapException {
+  public Set<String> checkLdapAttibutes(Map<String, Object> parameters, AmbariLdapConfiguration
ldapConfiguration) throws AmbariLdapException {
     String userName = getTestUserNameFromParameters(parameters);
     String testUserPass = getTestUserPasswordFromParameters(parameters);
 
@@ -95,6 +95,7 @@ public class AmbariLdapFacade implements LdapFacade {
     LOGGER.info("Testing LDAP group attributes with test user dn: {}", userDn);
     Set<String> groups = ldapConfigurationValidatorService.checkGroupAttributes(ldapConnection,
userDn, ldapConfiguration);
 
+    return groups;
   }
 
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java
b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java
index 7bb1198..eadff7d 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/LdapFacade.java
@@ -15,6 +15,7 @@
 package org.apache.ambari.server.ldap.service;
 
 import java.util.Map;
+import java.util.Set;
 
 import org.apache.ambari.server.ldap.AmbariLdapConfiguration;
 
@@ -47,5 +48,5 @@ public interface LdapFacade {
    * @param ambariLdapConfiguration configutration instance with available attributes
    * @throws AmbariLdapException if the attribute checking fails
    */
-  void checkLdapAttibutes(Map<String, Object> parameters, AmbariLdapConfiguration ambariLdapConfiguration)
throws AmbariLdapException;
+  Set<String> checkLdapAttibutes(Map<String, Object> parameters, AmbariLdapConfiguration
ambariLdapConfiguration) throws AmbariLdapException;
 }

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorService.java
b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorService.java
index 838ef4c..a8503ca 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorService.java
@@ -37,7 +37,6 @@ import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
 import org.apache.directory.api.ldap.model.message.SearchScope;
 import org.apache.directory.api.ldap.model.name.Dn;
 import org.apache.directory.ldap.client.api.LdapConnection;
-import org.apache.directory.ldap.client.api.LdapNetworkConnection;
 import org.apache.directory.ldap.client.api.search.FilterBuilder;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
 import org.slf4j.Logger;
@@ -84,18 +83,18 @@ public class DefaultLdapConfigurationValidatorService implements LdapConfigurati
    * @param testUserName            the test username
    * @param testPassword            the test password
    * @param ambariLdapConfiguration configuration instance holding ldap configuration details
+   * @return the DN of the test user
    * @throws AmbariException if the attributes are not valid or any errors occurs
    */
   @Override
   public String checkUserAttributes(LdapConnection ldapConnection, String testUserName, String
testPassword, AmbariLdapConfiguration ambariLdapConfiguration) throws AmbariLdapException
{
-    LdapNetworkConnection connection = null;
     SearchCursor searchCursor = null;
     String userDn = null;
     try {
       LOGGER.info("Checking user attributes for user {} r ...", testUserName);
 
       // bind anonimously or with manager data
-      bind(ambariLdapConfiguration, connection);
+      bind(ambariLdapConfiguration, ldapConnection);
 
       // set up a filter based on the provided attributes
       String filter = FilterBuilder.and(
@@ -104,7 +103,7 @@ public class DefaultLdapConfigurationValidatorService implements LdapConfigurati
         .toString();
 
       LOGGER.info("Searching for the user: {} using the search filter: {}", testUserName,
filter);
-      EntryCursor entryCursor = connection.search(new Dn(ambariLdapConfiguration.userSearchBase()),
filter, SearchScope.SUBTREE);
+      EntryCursor entryCursor = ldapConnection.search(new Dn(ambariLdapConfiguration.userSearchBase()),
filter, SearchScope.SUBTREE);
 
       // collecting search result entries
       List<Entry> users = Lists.newArrayList();
@@ -128,7 +127,7 @@ public class DefaultLdapConfigurationValidatorService implements LdapConfigurati
       throw new AmbariLdapException(e.getMessage(), e);
 
     } finally {
-      closeResources(connection, searchCursor);
+      closeResources(ldapConnection, searchCursor);
     }
     return userDn;
   }
@@ -172,14 +171,19 @@ public class DefaultLdapConfigurationValidatorService implements LdapConfigurati
       throw new AmbariLdapException(e.getMessage(), e);
 
     } finally {
-
       closeResources(ldapConnection, searchCursor);
-
     }
 
     return processGroupResults(groupResponses, ambariLdapConfiguration);
   }
 
+  /**
+   * Binds to the LDAP server (anonimously or wit manager credentials)
+   *
+   * @param ambariLdapConfiguration configuration instance
+   * @param connection              connection instance
+   * @throws LdapException if the bind operation fails
+   */
   private void bind(AmbariLdapConfiguration ambariLdapConfiguration, LdapConnection connection)
throws LdapException {
     LOGGER.info("Connecting to LDAP ....");
     if (!ambariLdapConfiguration.bindAnonimously()) {
@@ -198,6 +202,13 @@ public class DefaultLdapConfigurationValidatorService implements LdapConfigurati
   }
 
 
+  /**
+   * Extracts meaningful values from the search result.
+   *
+   * @param groupResponses          the result entries returned by the search
+   * @param ambariLdapConfiguration holds the keys of the meaningful attributes
+   * @return a set with the group names the test user belongs to
+   */
   private Set<String> processGroupResults(Set<Response> groupResponses, AmbariLdapConfiguration
ambariLdapConfiguration) {
     Set<String> groupStrSet = Sets.newHashSet();
     for (Response response : groupResponses) {

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConnectionService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConnectionService.java
b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConnectionService.java
index b5559d9..25dc1f2 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConnectionService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConnectionService.java
@@ -56,7 +56,7 @@ public class DefaultLdapConnectionService implements LdapConnectionService
{
     ldapConnectionConfig.setLdapPort(ambariAmbariLdapConfiguration.ldapServerPort());
     ldapConnectionConfig.setUseSsl(ambariAmbariLdapConfiguration.useSSL());
 
-    //todo set the other values as required
+    // todo set the other values as required
     return ldapConnectionConfig;
   }
 

http://git-wip-us.apache.org/repos/asf/ambari/blob/374f0975/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorServiceTest.java
b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorServiceTest.java
index 5c9d304..663ea12 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorServiceTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/ldap/service/ad/DefaultLdapConfigurationValidatorServiceTest.java
@@ -18,23 +18,15 @@ import static org.junit.Assert.assertNotNull;
 
 import java.util.Map;
 
-import org.apache.ambari.server.AmbariException;
 import org.apache.ambari.server.ldap.AmbariLdapConfiguration;
 import org.apache.ambari.server.ldap.LdapConfigurationValidatorService;
 import org.apache.ambari.server.ldap.service.LdapConnectionService;
 import org.apache.directory.api.ldap.model.cursor.EntryCursor;
-import org.apache.directory.api.ldap.model.cursor.SearchCursor;
 import org.apache.directory.api.ldap.model.entry.Entry;
-import org.apache.directory.api.ldap.model.message.Response;
-import org.apache.directory.api.ldap.model.message.SearchRequest;
-import org.apache.directory.api.ldap.model.message.SearchRequestImpl;
-import org.apache.directory.api.ldap.model.message.SearchResultEntry;
 import org.apache.directory.api.ldap.model.message.SearchScope;
-import org.apache.directory.api.ldap.model.name.Dn;
 import org.apache.directory.ldap.client.api.LdapConnection;
 import org.apache.directory.ldap.client.api.LdapConnectionConfig;
 import org.apache.directory.ldap.client.api.LdapNetworkConnection;
-import org.apache.directory.ldap.client.api.search.FilterBuilder;
 import org.apache.directory.shared.ldap.constants.SchemaConstants;
 import org.junit.Test;
 import org.slf4j.Logger;
@@ -75,57 +67,24 @@ public class DefaultLdapConfigurationValidatorServiceTest {
 
   @Test
   public void testCheckUserAttributes() throws Exception {
+    // GIVEN
     Map<String, Object> ldapPropsMap = Maps.newHashMap();
 
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BIND_ANONIMOUSLY.propertyName(),
false);
+    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BIND_ANONIMOUSLY.propertyName(),
"true");
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_HOST.propertyName(),
"ldap.forumsys.com");
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_PORT.propertyName(),
"389");
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BASE_DN.propertyName(), "dc=example,dc=com");
+
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_OBJECT_CLASS.propertyName(),
SchemaConstants.PERSON_OC);
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_OBJECT_CLASS.propertyName(),
SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC);
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_NAME_ATTRIBUTE.propertyName(),
SchemaConstants.CN_AT);
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_MEMBER_ATTRIBUTE.propertyName(),
SchemaConstants.UNIQUE_MEMBER_AT);
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_NAME_ATTRIBUTE.propertyName(),
SchemaConstants.UID_AT);
+    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_SEARCH_BASE.propertyName(),
"dc=example,dc=com");
 
-    AmbariLdapConfiguration ambariLdapConfiguration = new AmbariLdapConfiguration(ldapPropsMap);
-
-
-    try {
-      LOGGER.info("Authenticating user {} against the LDAP server ...", TEST_USER);
-      LdapConnectionService connectionService = new DefaultLdapConnectionService();
-      LdapNetworkConnection connection = connectionService.createLdapConnection(ambariLdapConfiguration);
-
-      String filter = FilterBuilder.and(
-        FilterBuilder.equal(SchemaConstants.OBJECT_CLASS_AT, ambariLdapConfiguration.userObjectClass()),
-        FilterBuilder.equal(ambariLdapConfiguration.userNameAttribute(), TEST_USER))
-        .toString();
-
-      SearchRequest searchRequest = new SearchRequestImpl();
-      searchRequest.setBase(new Dn(ambariLdapConfiguration.baseDn()));
-      searchRequest.setFilter(filter);
-      searchRequest.setScope(SearchScope.SUBTREE);
 
-      LOGGER.info("loking up user: {} based on the filtr: {}", TEST_USER, filter);
-
-      connection.bind();
-      SearchCursor searchCursor = connection.search(searchRequest);
-
-      while (searchCursor.next()) {
-        Response response = searchCursor.get();
-
-        // process the SearchResultEntry
-        if (response instanceof SearchResultEntry) {
-          Entry resultEntry = ((SearchResultEntry) response).getEntry();
-          System.out.println(resultEntry);
-        }
-      }
-
-      searchCursor.close();
-
-    } catch (Exception e) {
-      throw new AmbariException("Error during user authentication check", e);
-    }
+    AmbariLdapConfiguration ambariLdapConfiguration = new AmbariLdapConfiguration(ldapPropsMap);
+    LdapConnectionService connectionService = new DefaultLdapConnectionService();
+    LdapNetworkConnection ldapConnection = connectionService.createLdapConnection(ambariLdapConfiguration);
 
+    ldapConfigurationValidatorService.checkUserAttributes(ldapConnection, "einstein", "",
ambariLdapConfiguration);
   }
 
   @Test
@@ -138,8 +97,6 @@ public class DefaultLdapConfigurationValidatorServiceTest {
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.LDAP_SERVER_PORT.propertyName(),
"389");
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.BASE_DN.propertyName(), "dc=example,dc=com");
 
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_OBJECT_CLASS.propertyName(),
SchemaConstants.PERSON_OC);
-    ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.USER_NAME_ATTRIBUTE.propertyName(),
SchemaConstants.UID_AT);
 
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_OBJECT_CLASS.propertyName(),
SchemaConstants.GROUP_OF_UNIQUE_NAMES_OC);
     ldapPropsMap.put(AmbariLdapConfiguration.LdapConfigProperty.GROUP_NAME_ATTRIBUTE.propertyName(),
SchemaConstants.CN_AT);


Mime
View raw message