Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 3360F200BF6 for ; Tue, 10 Jan 2017 22:59:02 +0100 (CET) Received: by cust-asf.ponee.io (Postfix) id 31CF3160B3D; Tue, 10 Jan 2017 21:59:02 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id 3B566160B2C for ; Tue, 10 Jan 2017 22:59:00 +0100 (CET) Received: (qmail 80450 invoked by uid 500); 10 Jan 2017 21:58:59 -0000 Mailing-List: contact commits-help@ranger.incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@ranger.incubator.apache.org Delivered-To: mailing list commits@ranger.incubator.apache.org Received: (qmail 80438 invoked by uid 99); 10 Jan 2017 21:58:59 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd3-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Jan 2017 21:58:59 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd3-us-west.apache.org (ASF Mail Server at spamd3-us-west.apache.org) with ESMTP id A4943180031 for ; Tue, 10 Jan 2017 21:58:58 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd3-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -6.218 X-Spam-Level: X-Spam-Status: No, score=-6.218 tagged_above=-999 required=6.31 tests=[KAM_ASCII_DIVIDERS=0.8, KAM_LAZY_DOMAIN_SECURITY=1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RP_MATCHES_RCVD=-2.999, URIBL_BLOCKED=0.001] autolearn=disabled Received: from mx1-lw-eu.apache.org ([10.40.0.8]) by localhost (spamd3-us-west.apache.org [10.40.0.10]) (amavisd-new, port 10024) with ESMTP id S2Fe-ndUUOan for ; Tue, 10 Jan 2017 21:58:44 +0000 (UTC) Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with SMTP id B34205F30F for ; Tue, 10 Jan 2017 21:58:42 +0000 (UTC) Received: (qmail 80402 invoked by uid 99); 10 Jan 2017 21:58:41 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 10 Jan 2017 21:58:41 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id C1211DFA0E; Tue, 10 Jan 2017 21:58:41 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: vel@apache.org To: commits@ranger.incubator.apache.org Message-Id: <8077941ce16f40e8869ce3a9040a2d38@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: incubator-ranger git commit: RANGER-1296: Renaming usersync unit tests to follow the naming pattern as other unit tests Date: Tue, 10 Jan 2017 21:58:41 +0000 (UTC) archived-at: Tue, 10 Jan 2017 21:59:02 -0000 Repository: incubator-ranger Updated Branches: refs/heads/master 220298475 -> f303c1bd4 RANGER-1296: Renaming usersync unit tests to follow the naming pattern as other unit tests Signed-off-by: Velmurugan Periasamy Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/f303c1bd Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/f303c1bd Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/f303c1bd Branch: refs/heads/master Commit: f303c1bd419b457e7fb2190cd8c56c4d54d36d43 Parents: 2202984 Author: Sailaja Polavarapu Authored: Fri Jan 6 13:40:35 2017 -0800 Committer: Velmurugan Periasamy Committed: Tue Jan 10 16:58:29 2017 -0500 ---------------------------------------------------------------------- .../process/FileSourceUserGroupBuilderTest.java | 160 ------ .../process/TestFileSourceUserGroupBuilder.java | 160 ++++++ .../process/TestUnixUserGroupBuilder.java | 108 ++++ .../process/UnixUserGroupBuilderTest.java | 108 ---- .../ranger/usergroupsync/LdapUserGroupTest.java | 566 ------------------- .../apache/ranger/usergroupsync/RegExTest.java | 90 --- .../ranger/usergroupsync/TestLdapUserGroup.java | 566 +++++++++++++++++++ .../apache/ranger/usergroupsync/TestRegEx.java | 90 +++ 8 files changed, 924 insertions(+), 924 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java deleted file mode 100644 index 65a339c..0000000 --- a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.ranger.unixusersync.process; - -import static org.junit.Assert.*; - -import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; -import org.apache.ranger.usergroupsync.PolicyMgrUserGroupBuilderTest; -import org.junit.Test; - -public class FileSourceUserGroupBuilderTest { - - private UserGroupSyncConfig config = UserGroupSyncConfig.getInstance(); - - @Test - public void testUpdateSinkFromCsvFile() throws Throwable { - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.csv"); - - FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); - fileBuilder.init(); - - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - fileBuilder.updateSink(sink); - - assertEquals(4, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - - assertTrue(sink.getAllUsers().contains("user1")); - assertTrue(sink.getAllUsers().contains("user2")); - assertTrue(sink.getAllUsers().contains("user3")); - assertTrue(sink.getAllUsers().contains("user4")); - - assertTrue(sink.getAllGroups().contains("group1")); - assertTrue(sink.getAllGroups().contains("group2")); - } - - @Test - public void testUpdateSinkFromCsvFileWithCustomDelimiter() throws Throwable { - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, - "src/test/resources/usergroups-other-delim.csv"); - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITER, "|"); - - FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); - fileBuilder.init(); - - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - fileBuilder.updateSink(sink); - - assertEquals(4, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - - assertTrue(sink.getAllUsers().contains("user1")); - assertTrue(sink.getAllUsers().contains("user2")); - assertTrue(sink.getAllUsers().contains("user3")); - assertTrue(sink.getAllUsers().contains("user4")); - - assertTrue(sink.getAllGroups().contains("group1")); - assertTrue(sink.getAllGroups().contains("group2")); - } - - @Test - public void testUpdateSinkFromCsvFileMisSpelledDelimiterProperty() throws Throwable { - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, - "src/test/resources/usergroups-other-delim.csv"); - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|"); - - FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); - fileBuilder.init(); - - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - fileBuilder.updateSink(sink); - - assertEquals(4, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - - assertTrue(sink.getAllUsers().contains("user1")); - assertTrue(sink.getAllUsers().contains("user2")); - assertTrue(sink.getAllUsers().contains("user3")); - assertTrue(sink.getAllUsers().contains("user4")); - - assertTrue(sink.getAllGroups().contains("group1")); - assertTrue(sink.getAllGroups().contains("group2")); - } - - @Test - public void testUpdateSinkFromJsonFile() throws Throwable { - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.json"); - - FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); - fileBuilder.init(); - - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - fileBuilder.updateSink(sink); - - assertEquals(4, sink.getTotalUsers()); - assertEquals(7, sink.getTotalGroups()); - - assertTrue(sink.getAllUsers().contains("user1")); - assertTrue(sink.getAllUsers().contains("user2")); - assertTrue(sink.getAllUsers().contains("user3")); - assertTrue(sink.getAllUsers().contains("user4")); - - assertTrue(sink.getAllGroups().contains("group1")); - assertTrue(sink.getAllGroups().contains("group2")); - assertTrue(sink.getAllGroups().contains("group3")); - assertTrue(sink.getAllGroups().contains("group4")); - assertTrue(sink.getAllGroups().contains("group5")); - assertTrue(sink.getAllGroups().contains("group6")); - assertTrue(sink.getAllGroups().contains("group7")); - } - - @Test - public void testUpdateSinkWithUserAndGroupMapping() throws Throwable { - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups-dns.csv"); - config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|"); - - config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g"); - config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME + ".1", "s/[,]//g"); - - config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]//g"); - - FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); - fileBuilder.init(); - - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - fileBuilder.updateSink(sink); - - assertEquals(4, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - - assertTrue(sink.getAllUsers().contains("CN_User1 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); - assertTrue(sink.getAllUsers().contains("CN_User2 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); - assertTrue(sink.getAllUsers().contains("CN_User3 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); - assertTrue(sink.getAllUsers().contains("CN_User4 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); - - assertTrue(sink.getAllGroups().contains("group1")); - assertTrue(sink.getAllGroups().contains("group2")); - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java new file mode 100644 index 0000000..b29a1b0 --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java @@ -0,0 +1,160 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.ranger.unixusersync.process; + +import static org.junit.Assert.*; + +import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; +import org.apache.ranger.usergroupsync.PolicyMgrUserGroupBuilderTest; +import org.junit.Test; + +public class TestFileSourceUserGroupBuilder { + + private UserGroupSyncConfig config = UserGroupSyncConfig.getInstance(); + + @Test + public void testUpdateSinkFromCsvFile() throws Throwable { + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.csv"); + + FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); + fileBuilder.init(); + + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + fileBuilder.updateSink(sink); + + assertEquals(4, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + + assertTrue(sink.getAllUsers().contains("user1")); + assertTrue(sink.getAllUsers().contains("user2")); + assertTrue(sink.getAllUsers().contains("user3")); + assertTrue(sink.getAllUsers().contains("user4")); + + assertTrue(sink.getAllGroups().contains("group1")); + assertTrue(sink.getAllGroups().contains("group2")); + } + + @Test + public void testUpdateSinkFromCsvFileWithCustomDelimiter() throws Throwable { + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, + "src/test/resources/usergroups-other-delim.csv"); + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITER, "|"); + + FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); + fileBuilder.init(); + + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + fileBuilder.updateSink(sink); + + assertEquals(4, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + + assertTrue(sink.getAllUsers().contains("user1")); + assertTrue(sink.getAllUsers().contains("user2")); + assertTrue(sink.getAllUsers().contains("user3")); + assertTrue(sink.getAllUsers().contains("user4")); + + assertTrue(sink.getAllGroups().contains("group1")); + assertTrue(sink.getAllGroups().contains("group2")); + } + + @Test + public void testUpdateSinkFromCsvFileMisSpelledDelimiterProperty() throws Throwable { + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, + "src/test/resources/usergroups-other-delim.csv"); + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|"); + + FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); + fileBuilder.init(); + + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + fileBuilder.updateSink(sink); + + assertEquals(4, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + + assertTrue(sink.getAllUsers().contains("user1")); + assertTrue(sink.getAllUsers().contains("user2")); + assertTrue(sink.getAllUsers().contains("user3")); + assertTrue(sink.getAllUsers().contains("user4")); + + assertTrue(sink.getAllGroups().contains("group1")); + assertTrue(sink.getAllGroups().contains("group2")); + } + + @Test + public void testUpdateSinkFromJsonFile() throws Throwable { + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.json"); + + FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); + fileBuilder.init(); + + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + fileBuilder.updateSink(sink); + + assertEquals(4, sink.getTotalUsers()); + assertEquals(7, sink.getTotalGroups()); + + assertTrue(sink.getAllUsers().contains("user1")); + assertTrue(sink.getAllUsers().contains("user2")); + assertTrue(sink.getAllUsers().contains("user3")); + assertTrue(sink.getAllUsers().contains("user4")); + + assertTrue(sink.getAllGroups().contains("group1")); + assertTrue(sink.getAllGroups().contains("group2")); + assertTrue(sink.getAllGroups().contains("group3")); + assertTrue(sink.getAllGroups().contains("group4")); + assertTrue(sink.getAllGroups().contains("group5")); + assertTrue(sink.getAllGroups().contains("group6")); + assertTrue(sink.getAllGroups().contains("group7")); + } + + @Test + public void testUpdateSinkWithUserAndGroupMapping() throws Throwable { + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups-dns.csv"); + config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|"); + + config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g"); + config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME + ".1", "s/[,]//g"); + + config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]//g"); + + FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder(); + fileBuilder.init(); + + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + fileBuilder.updateSink(sink); + + assertEquals(4, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + + assertTrue(sink.getAllUsers().contains("CN_User1 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); + assertTrue(sink.getAllUsers().contains("CN_User2 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); + assertTrue(sink.getAllUsers().contains("CN_User3 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); + assertTrue(sink.getAllUsers().contains("CN_User4 OU_Org1 O_Apache L_Santa Monica ST_CA C_US")); + + assertTrue(sink.getAllGroups().contains("group1")); + assertTrue(sink.getAllGroups().contains("group2")); + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java new file mode 100644 index 0000000..831e92d --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java @@ -0,0 +1,108 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.unixusersync.process; + +import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; +import org.junit.Before; +import org.junit.Test; + +import java.util.List; +import java.util.Map; + +import static org.junit.Assert.*; +import static org.hamcrest.Matchers.*; + +public class TestUnixUserGroupBuilder { + private UserGroupSyncConfig config; + + @Before + public void setUp() throws Exception { + config = UserGroupSyncConfig.getInstance(); + config.setProperty("ranger.usersync.unix.minUserId", "0"); + config.setProperty("ranger.usersync.unix.minGroupId", "0"); + } + + @Test + public void testBuilderPasswd() throws Throwable { + config.setProperty("ranger.usersync.unix.backend", "passwd"); + + UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); + builder.init(); + + Map groups = builder.getGroupId2groupNameMap(); + String name = groups.get("0"); + assertThat(name, anyOf(equalTo("wheel"), equalTo("root"))); + + Map> users = builder.getUser2GroupListMap(); + List usergroups = users.get("root"); + assertNotNull(usergroups); + assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root"))); + + } + + @Test + public void testBuilderNss() throws Throwable { + config.setProperty("ranger.usersync.unix.backend", "nss"); + + UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); + builder.init(); + + Map groups = builder.getGroupId2groupNameMap(); + String name = groups.get("0"); + assertThat(name, anyOf(equalTo("wheel"), equalTo("root"))); + + Map> users = builder.getUser2GroupListMap(); + List usergroups = users.get("root"); + assertNotNull(usergroups); + assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root"))); + } + + @Test + public void testBuilderExtraGroups() throws Throwable { + config.setProperty("ranger.usersync.unix.backend", "nss"); + config.setProperty("ranger.usersync.group.enumerategroup", "root,wheel,daemon"); + + UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); + builder.init(); + + // this is not a full test as it cannot be mocked sufficiently + Map groups = builder.getGroupId2groupNameMap(); + assertTrue(groups.containsValue("daemon")); + assertThat(groups, anyOf(hasValue("wheel"), hasValue("root"))); + } + + @Test + public void testMinUidGid() throws Throwable { + config.setProperty("ranger.usersync.unix.backend", "nss"); + config.setProperty("ranger.usersync.unix.minUserId", "500"); + config.setProperty("ranger.usersync.unix.minGroupId", "500"); + + UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); + builder.init(); + + // this is not a full test as it cannot be mocked sufficiently + Map groups = builder.getGroupId2groupNameMap(); + assertFalse(groups.containsValue("wheel")); + + Map> users = builder.getUser2GroupListMap(); + assertNull(users.get("root")); + } + +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java deleted file mode 100644 index e4d5456..0000000 --- a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.unixusersync.process; - -import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; -import org.junit.Before; -import org.junit.Test; - -import java.util.List; -import java.util.Map; - -import static org.junit.Assert.*; -import static org.hamcrest.Matchers.*; - -public class UnixUserGroupBuilderTest { - private UserGroupSyncConfig config; - - @Before - public void setUp() throws Exception { - config = UserGroupSyncConfig.getInstance(); - config.setProperty("ranger.usersync.unix.minUserId", "0"); - config.setProperty("ranger.usersync.unix.minGroupId", "0"); - } - - @Test - public void testBuilderPasswd() throws Throwable { - config.setProperty("ranger.usersync.unix.backend", "passwd"); - - UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); - builder.init(); - - Map groups = builder.getGroupId2groupNameMap(); - String name = groups.get("0"); - assertThat(name, anyOf(equalTo("wheel"), equalTo("root"))); - - Map> users = builder.getUser2GroupListMap(); - List usergroups = users.get("root"); - assertNotNull(usergroups); - assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root"))); - - } - - @Test - public void testBuilderNss() throws Throwable { - config.setProperty("ranger.usersync.unix.backend", "nss"); - - UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); - builder.init(); - - Map groups = builder.getGroupId2groupNameMap(); - String name = groups.get("0"); - assertThat(name, anyOf(equalTo("wheel"), equalTo("root"))); - - Map> users = builder.getUser2GroupListMap(); - List usergroups = users.get("root"); - assertNotNull(usergroups); - assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root"))); - } - - @Test - public void testBuilderExtraGroups() throws Throwable { - config.setProperty("ranger.usersync.unix.backend", "nss"); - config.setProperty("ranger.usersync.group.enumerategroup", "root,wheel,daemon"); - - UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); - builder.init(); - - // this is not a full test as it cannot be mocked sufficiently - Map groups = builder.getGroupId2groupNameMap(); - assertTrue(groups.containsValue("daemon")); - assertThat(groups, anyOf(hasValue("wheel"), hasValue("root"))); - } - - @Test - public void testMinUidGid() throws Throwable { - config.setProperty("ranger.usersync.unix.backend", "nss"); - config.setProperty("ranger.usersync.unix.minUserId", "500"); - config.setProperty("ranger.usersync.unix.minGroupId", "500"); - - UnixUserGroupBuilder builder = new UnixUserGroupBuilder(); - builder.init(); - - // this is not a full test as it cannot be mocked sufficiently - Map groups = builder.getGroupId2groupNameMap(); - assertFalse(groups.containsValue("wheel")); - - Map> users = builder.getUser2GroupListMap(); - assertNull(users.get("root")); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java deleted file mode 100644 index 86ce40e..0000000 --- a/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java +++ /dev/null @@ -1,566 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.usergroupsync; - -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; - -import org.apache.directory.server.annotations.CreateLdapConnectionPool; -import org.apache.directory.server.core.annotations.ApplyLdifFiles; -import org.apache.directory.server.core.annotations.ContextEntry; -import org.apache.directory.server.core.annotations.CreateDS; -import org.apache.directory.server.core.annotations.CreatePartition; -import org.apache.directory.server.core.integ.AbstractLdapTestUnit; -import org.apache.directory.server.core.integ.FrameworkRunner; -import org.apache.directory.server.ldap.LdapServer; -import org.apache.directory.server.protocol.shared.transport.TcpTransport; -import org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder; -import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; -import org.junit.After; -import org.junit.Assert; -import org.junit.Before; -import org.junit.Test; -import org.junit.runner.RunWith; - -import org.apache.directory.server.core.annotations.CreateIndex; - -@RunWith(FrameworkRunner.class) -@CreateDS(name = "classDS", -partitions = -{ - @CreatePartition( - name = "AD", - suffix = "DC=ranger,DC=qe,DC=hortonworks,DC=com", - contextEntry = @ContextEntry( - entryLdif = - "dn: DC=ranger,DC=qe,DC=hortonworks,DC=com\n" + - "objectClass: domain\n" + - "objectClass: top\n" + - "dc: example\n\n" - ), - indexes = - { - @CreateIndex(attribute = "objectClass"), - @CreateIndex(attribute = "dc"), - @CreateIndex(attribute = "ou") - } - ) -} - ) -@CreateLdapConnectionPool( - maxActive = 1, - maxWait = 5000 ) -@ApplyLdifFiles( { - "ADSchema.ldif" -} - ) -public class LdapUserGroupTest extends AbstractLdapTestUnit{ - private UserGroupSyncConfig config; - private LdapUserGroupBuilder ldapBuilder; - - @Before - public void setup() throws Exception { - LdapServer ldapServer = new LdapServer(); - ldapServer.setSaslHost("127.0.0.1"); - ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com"); - String ldapPort = System.getProperty("ldap.port"); - Assert.assertNotNull("Property 'ldap.port' null", ldapPort); - ldapServer.setTransports(new TcpTransport("127.0.0.1", Integer.parseInt(ldapPort))); - ldapServer.setDirectoryService(getService()); - ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT ); - setLdapServer(ldapServer); - getService().startup(); - getLdapServer().start(); - config = UserGroupSyncConfig.getInstance(); - ldapBuilder = new LdapUserGroupBuilder(); - } - - @Test - public void testUpdateSinkTotalUsers() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setPagedResultsEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(109, sink.getTotalUsers()); - } - - @Test - public void testUpdateSinkWithoutPagedResults() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setPagedResultsEnabled(false); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(109, sink.getTotalUsers()); - } - - @Test - public void testUpdateSinkUserFilter() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - //config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))"); - config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))"); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(12, sink.getTotalUsers()); - } - - @Test - public void testUpdateSinkTotalGroups() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter(""); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(10, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkGroupFilter() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=Group19"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(1, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkGroupSearchDisable() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=Group19"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(11, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkMultipleOUs() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - assertEquals(1, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkMultipleOUsNoGroupSearch() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - assertEquals(12, sink.getTotalGroups()); - } - - @Test - public void testMultipleOUGroupsNoGroupSearch() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - assertEquals(12, sink.getTotalGroups()); - } - - @Test - public void testMultipleOUGroupsWithGroupSearch() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - assertEquals(11, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkMultipleOUGroups() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testGroupBasedAllUsers() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(2, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testGroupBasedWithUserFilter() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=User*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(1, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testGroupBasedWithNoUsers() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=Group2*"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(0, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testGroupBasedWithAllUsersAndGroups() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(100, sink.getTotalUsers()); - assertEquals(13, sink.getTotalGroups()); - } - - @Test - public void testGroupBasedWithSingleOU() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(99, sink.getTotalUsers()); - assertEquals(12, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkWithEmptyUserSearchBase() throws Throwable { - config.setUserSearchBase(""); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(false); - config.setPagedResultsEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(111, sink.getTotalUsers()); - } - - @Test - public void testGBWithUserSearchDisabled() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=User*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(2, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testGBWithNoUsersAndUserSearchDisabled() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=Group2*"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(0, sink.getTotalUsers()); - assertEquals(2, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkShortUserName() throws Throwable { - config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("uid=*"); - config.setUserObjectClass("posixAccount"); - config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - config.setUserGroupMemberAttributeName("memberuid"); - config.setGroupObjectClass("posixGroup"); - config.setUserSearchEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(1, sink.getTotalUsers()); - assertEquals(3, sink.getTotalGroups()); - } - - @Test - public void testShortUserNameWithGroupBased() throws Throwable { - config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("uid=*"); - config.setUserObjectClass("posixAccount"); - config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(true); - config.setUserGroupMemberAttributeName("memberuid"); - config.setGroupObjectClass("posixGroup"); - config.setUserSearchEnabled(true); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(1, sink.getTotalUsers()); - assertEquals(3, sink.getTotalGroups()); - } - - @Test - public void testUpdateSinkWithUserGroupMapping() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter(""); - config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter(""); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - - config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g"); - config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]/_/g"); - - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(10, sink.getTotalGroups()); - - // no user should have an = character because of the mapping - for (String user : sink.getAllUsers()) { - assertFalse(user.contains("=")); - } - - // no group should have an = character because of the mapping - for (String group : sink.getAllGroups()) { - assertFalse(group.contains("=")); - } - } - - @Test - public void testGBWithInvalidOU() throws Throwable { - config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); - config.setUserSearchFilter("cn=User*"); - config.setGroupSearchBase("OU=HdpGroup1,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*Group10"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchFirstEnabled(true); - config.setUserSearchEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(1, sink.getTotalUsers()); - assertEquals(1, sink.getTotalGroups()); - } - - @Test - public void testMultipleOUInvalidOU() throws Throwable { - config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers1,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setUserSearchFilter("cn=*"); - config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups1,DC=ranger,DC=qe,DC=hortonworks,DC=com"); - config.setGroupSearchFilter("cn=*"); - config.setUserGroupMemberAttributeName("member"); - config.setUserObjectClass("organizationalPerson"); - config.setGroupObjectClass("groupOfNames"); - config.setGroupSearchEnabled(true); - config.setGroupSearchFirstEnabled(false); - ldapBuilder.init(); - PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); - sink.init(); - ldapBuilder.updateSink(sink); - assertEquals(110, sink.getTotalUsers()); - assertEquals(0, sink.getTotalGroups()); - } - - @After - public void shutdown() throws Exception { - if (getService().isStarted()) { - getService().shutdown(); - } - if (getLdapServer().isStarted()) { - getLdapServer().stop(); - } - } -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java deleted file mode 100644 index a93cfe7..0000000 --- a/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ - -package org.apache.ranger.usergroupsync; - -import static org.junit.Assert.*; - -import java.util.ArrayList; -import java.util.List; - -import org.junit.Before; -import org.junit.Test; - -public class RegExTest { - protected String userNameBaseProperty = "ranger.usersync.mapping.username.regex"; - protected String groupNameBaseProperty = "ranger.usersync.mapping.groupname.regex"; - protected RegEx userNameRegEx = null; - protected RegEx groupNameRegEx = null; - List userRegexPatterns = null; - List groupRegexPatterns = null; - - @Before - public void setUp() throws Exception { - userNameRegEx = new RegEx(); - //userNameRegEx.init(userNameBaseProperty); - userRegexPatterns = new ArrayList(); - groupNameRegEx = new RegEx(); - //groupNameRegEx.init(groupNameBaseProperty); - groupRegexPatterns = new ArrayList(); - } - - @Test - public void testUserNameTransform() throws Throwable { - userRegexPatterns.add("s/\\s/_/"); - userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); - assertEquals("test_user", userNameRegEx.transform("test user")); - } - - @Test - public void testGroupNameTransform() throws Throwable { - groupRegexPatterns.add("s/\\s/_/g"); - groupRegexPatterns.add("s/_/\\$/g"); - groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns); - assertEquals("ldap$grp", groupNameRegEx.transform("ldap grp")); - } - - @Test - public void testEmptyTransform() { - assertEquals("test user", userNameRegEx.transform("test user")); - assertEquals("ldap grp", groupNameRegEx.transform("ldap grp")); - } - - @Test - public void testTransform() throws Throwable { - userRegexPatterns.add("s/\\s/_/g"); - userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); - assertEquals("test_user", userNameRegEx.transform("test user")); - assertEquals("ldap grp", groupNameRegEx.transform("ldap grp")); - } - - @Test - public void testTransform1() throws Throwable { - userRegexPatterns.add("s/\\\\/ /g"); - userRegexPatterns.add("s//_/g"); - userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); - groupRegexPatterns.add("s/\\s/\\$/g"); - groupRegexPatterns.add("s/\\s"); - groupRegexPatterns.add("s/\\$//g"); - groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns); - assertEquals("test user", userNameRegEx.transform("test\\user")); - assertEquals("ldapgrp", groupNameRegEx.transform("ldap grp")); - } - -} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java new file mode 100644 index 0000000..81d952e --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java @@ -0,0 +1,566 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.usergroupsync; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; + +import org.apache.directory.server.annotations.CreateLdapConnectionPool; +import org.apache.directory.server.core.annotations.ApplyLdifFiles; +import org.apache.directory.server.core.annotations.ContextEntry; +import org.apache.directory.server.core.annotations.CreateDS; +import org.apache.directory.server.core.annotations.CreatePartition; +import org.apache.directory.server.core.integ.AbstractLdapTestUnit; +import org.apache.directory.server.core.integ.FrameworkRunner; +import org.apache.directory.server.ldap.LdapServer; +import org.apache.directory.server.protocol.shared.transport.TcpTransport; +import org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder; +import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; +import org.junit.After; +import org.junit.Assert; +import org.junit.Before; +import org.junit.Test; +import org.junit.runner.RunWith; + +import org.apache.directory.server.core.annotations.CreateIndex; + +@RunWith(FrameworkRunner.class) +@CreateDS(name = "classDS", +partitions = +{ + @CreatePartition( + name = "AD", + suffix = "DC=ranger,DC=qe,DC=hortonworks,DC=com", + contextEntry = @ContextEntry( + entryLdif = + "dn: DC=ranger,DC=qe,DC=hortonworks,DC=com\n" + + "objectClass: domain\n" + + "objectClass: top\n" + + "dc: example\n\n" + ), + indexes = + { + @CreateIndex(attribute = "objectClass"), + @CreateIndex(attribute = "dc"), + @CreateIndex(attribute = "ou") + } + ) +} + ) +@CreateLdapConnectionPool( + maxActive = 1, + maxWait = 5000 ) +@ApplyLdifFiles( { + "ADSchema.ldif" +} + ) +public class TestLdapUserGroup extends AbstractLdapTestUnit{ + private UserGroupSyncConfig config; + private LdapUserGroupBuilder ldapBuilder; + + @Before + public void setup() throws Exception { + LdapServer ldapServer = new LdapServer(); + ldapServer.setSaslHost("127.0.0.1"); + ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com"); + String ldapPort = System.getProperty("ldap.port"); + Assert.assertNotNull("Property 'ldap.port' null", ldapPort); + ldapServer.setTransports(new TcpTransport("127.0.0.1", Integer.parseInt(ldapPort))); + ldapServer.setDirectoryService(getService()); + ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT ); + setLdapServer(ldapServer); + getService().startup(); + getLdapServer().start(); + config = UserGroupSyncConfig.getInstance(); + ldapBuilder = new LdapUserGroupBuilder(); + } + + @Test + public void testUpdateSinkTotalUsers() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setPagedResultsEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(109, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkWithoutPagedResults() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setPagedResultsEnabled(false); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(109, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkUserFilter() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + //config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))"); + config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))"); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(12, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkTotalGroups() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter(""); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(10, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkGroupFilter() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=Group19"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkGroupSearchDisable() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=Group19"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(11, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkMultipleOUs() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + assertEquals(1, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkMultipleOUsNoGroupSearch() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + assertEquals(12, sink.getTotalGroups()); + } + + @Test + public void testMultipleOUGroupsNoGroupSearch() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + assertEquals(12, sink.getTotalGroups()); + } + + @Test + public void testMultipleOUGroupsWithGroupSearch() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + assertEquals(11, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkMultipleOUGroups() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testGroupBasedAllUsers() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(2, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testGroupBasedWithUserFilter() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=User*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testGroupBasedWithNoUsers() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=Group2*"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(0, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testGroupBasedWithAllUsersAndGroups() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(100, sink.getTotalUsers()); + assertEquals(13, sink.getTotalGroups()); + } + + @Test + public void testGroupBasedWithSingleOU() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(99, sink.getTotalUsers()); + assertEquals(12, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkWithEmptyUserSearchBase() throws Throwable { + config.setUserSearchBase(""); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(false); + config.setPagedResultsEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(111, sink.getTotalUsers()); + } + + @Test + public void testGBWithUserSearchDisabled() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=User*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(2, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testGBWithNoUsersAndUserSearchDisabled() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=Group2*"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(0, sink.getTotalUsers()); + assertEquals(2, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkShortUserName() throws Throwable { + config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("uid=*"); + config.setUserObjectClass("posixAccount"); + config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + config.setUserGroupMemberAttributeName("memberuid"); + config.setGroupObjectClass("posixGroup"); + config.setUserSearchEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalUsers()); + assertEquals(3, sink.getTotalGroups()); + } + + @Test + public void testShortUserNameWithGroupBased() throws Throwable { + config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("uid=*"); + config.setUserObjectClass("posixAccount"); + config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(true); + config.setUserGroupMemberAttributeName("memberuid"); + config.setGroupObjectClass("posixGroup"); + config.setUserSearchEnabled(true); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalUsers()); + assertEquals(3, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkWithUserGroupMapping() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter(""); + config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter(""); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + + config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g"); + config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]/_/g"); + + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(10, sink.getTotalGroups()); + + // no user should have an = character because of the mapping + for (String user : sink.getAllUsers()) { + assertFalse(user.contains("=")); + } + + // no group should have an = character because of the mapping + for (String group : sink.getAllGroups()) { + assertFalse(group.contains("=")); + } + } + + @Test + public void testGBWithInvalidOU() throws Throwable { + config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;"); + config.setUserSearchFilter("cn=User*"); + config.setGroupSearchBase("OU=HdpGroup1,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*Group10"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchFirstEnabled(true); + config.setUserSearchEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalUsers()); + assertEquals(1, sink.getTotalGroups()); + } + + @Test + public void testMultipleOUInvalidOU() throws Throwable { + config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers1,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setUserSearchFilter("cn=*"); + config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups1,DC=ranger,DC=qe,DC=hortonworks,DC=com"); + config.setGroupSearchFilter("cn=*"); + config.setUserGroupMemberAttributeName("member"); + config.setUserObjectClass("organizationalPerson"); + config.setGroupObjectClass("groupOfNames"); + config.setGroupSearchEnabled(true); + config.setGroupSearchFirstEnabled(false); + ldapBuilder.init(); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(110, sink.getTotalUsers()); + assertEquals(0, sink.getTotalGroups()); + } + + @After + public void shutdown() throws Exception { + if (getService().isStarted()) { + getService().shutdown(); + } + if (getLdapServer().isStarted()) { + getLdapServer().stop(); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java new file mode 100644 index 0000000..cf61d22 --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java @@ -0,0 +1,90 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.usergroupsync; + +import static org.junit.Assert.*; + +import java.util.ArrayList; +import java.util.List; + +import org.junit.Before; +import org.junit.Test; + +public class TestRegEx { + protected String userNameBaseProperty = "ranger.usersync.mapping.username.regex"; + protected String groupNameBaseProperty = "ranger.usersync.mapping.groupname.regex"; + protected RegEx userNameRegEx = null; + protected RegEx groupNameRegEx = null; + List userRegexPatterns = null; + List groupRegexPatterns = null; + + @Before + public void setUp() throws Exception { + userNameRegEx = new RegEx(); + //userNameRegEx.init(userNameBaseProperty); + userRegexPatterns = new ArrayList(); + groupNameRegEx = new RegEx(); + //groupNameRegEx.init(groupNameBaseProperty); + groupRegexPatterns = new ArrayList(); + } + + @Test + public void testUserNameTransform() throws Throwable { + userRegexPatterns.add("s/\\s/_/"); + userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); + assertEquals("test_user", userNameRegEx.transform("test user")); + } + + @Test + public void testGroupNameTransform() throws Throwable { + groupRegexPatterns.add("s/\\s/_/g"); + groupRegexPatterns.add("s/_/\\$/g"); + groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns); + assertEquals("ldap$grp", groupNameRegEx.transform("ldap grp")); + } + + @Test + public void testEmptyTransform() { + assertEquals("test user", userNameRegEx.transform("test user")); + assertEquals("ldap grp", groupNameRegEx.transform("ldap grp")); + } + + @Test + public void testTransform() throws Throwable { + userRegexPatterns.add("s/\\s/_/g"); + userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); + assertEquals("test_user", userNameRegEx.transform("test user")); + assertEquals("ldap grp", groupNameRegEx.transform("ldap grp")); + } + + @Test + public void testTransform1() throws Throwable { + userRegexPatterns.add("s/\\\\/ /g"); + userRegexPatterns.add("s//_/g"); + userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns); + groupRegexPatterns.add("s/\\s/\\$/g"); + groupRegexPatterns.add("s/\\s"); + groupRegexPatterns.add("s/\\$//g"); + groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns); + assertEquals("test user", userNameRegEx.transform("test\\user")); + assertEquals("ldapgrp", groupNameRegEx.transform("ldap grp")); + } + +}