Repository: ambari Updated Branches: refs/heads/trunk 1e3afa867 -> 66e42cbab
http://git-wip-us.apache.org/repos/asf/ambari/blob/66e42cba/ambari-server/src/test/java/org/apache/ambari/server/api/services/HostKerberosIdentityServiceTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/services/HostKerberosIdentityServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/services/HostKerberosIdentityServiceTest.java new file mode 100644 index 0000000..012272c --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/HostKerberosIdentityServiceTest.java @@ -0,0 +1,93 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + + +package org.apache.ambari.server.api.services; + + +import org.apache.ambari.server.api.resources.ResourceInstance; +import org.apache.ambari.server.api.services.parsers.RequestBodyParser; +import org.apache.ambari.server.api.services.serializers.ResultSerializer; + +import javax.ws.rs.core.HttpHeaders; +import javax.ws.rs.core.UriInfo; +import java.lang.reflect.Method; +import java.util.ArrayList; +import java.util.List; + +import static org.junit.Assert.assertEquals; + +/** + * Unit tests for HostKerberosIdentity. + */ +public class HostKerberosIdentityServiceTest extends BaseServiceTest { + + public List<ServiceTestInvocation> getTestInvocations() throws Exception { + List<ServiceTestInvocation> listInvocations = new ArrayList<ServiceTestInvocation>(); + + //getComponent + HostKerberosIdentityService service = new TestHostKerberosIdentityService("clusterName", "hostName", "identityId"); + Method m = service.getClass().getMethod("getKerberosIdentity", String.class, HttpHeaders.class, UriInfo.class, String.class, String.class); + Object[] args = new Object[] {null, getHttpHeaders(), getUriInfo(), "identityId", null}; + listInvocations.add(new ServiceTestInvocation(Request.Type.GET, service, m, args, null)); + + //getComponents + service = new TestHostKerberosIdentityService("clusterName", "hostName", null); + m = service.getClass().getMethod("getKerberosIdentities", String.class, HttpHeaders.class, UriInfo.class, String.class); + args = new Object[] {null, getHttpHeaders(), getUriInfo(), null}; + listInvocations.add(new ServiceTestInvocation(Request.Type.GET, service, m, args, null)); + + return listInvocations; + } + + private class TestHostKerberosIdentityService extends HostKerberosIdentityService { + private String clusterId; + private String hostId; + private String identityId; + + private TestHostKerberosIdentityService(String clusterId, String hostId, String identityId) { + super(clusterId, hostId); + this.clusterId = clusterId; + this.hostId = hostId; + this.identityId = identityId; + } + + @Override + ResourceInstance createResource(String clusterId, String hostId, String identityId) { + assertEquals(this.clusterId, clusterId); + assertEquals(this.hostId, hostId); + assertEquals(this.identityId, identityId); + return getTestResource(); + } + + @Override + RequestFactory getRequestFactory() { + return getTestRequestFactory(); + } + + @Override + protected RequestBodyParser getBodyParser() { + return getTestBodyParser(); + } + + @Override + protected ResultSerializer getResultSerializer() { + return getTestResultSerializer(); + } + } +} http://git-wip-us.apache.org/repos/asf/ambari/blob/66e42cba/ambari-server/src/test/java/org/apache/ambari/server/api/services/serializers/CsvSerializerTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/services/serializers/CsvSerializerTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/services/serializers/CsvSerializerTest.java new file mode 100644 index 0000000..4647899 --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/serializers/CsvSerializerTest.java @@ -0,0 +1,258 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.api.services.serializers; + +import org.apache.ambari.server.api.services.Result; +import org.apache.ambari.server.api.services.ResultImpl; +import org.apache.ambari.server.api.services.ResultStatus; +import org.apache.ambari.server.api.util.TreeNode; +import org.apache.ambari.server.controller.internal.ResourceImpl; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.commons.csv.CSVFormat; +import org.apache.commons.csv.CSVParser; +import org.apache.commons.csv.CSVRecord; +import org.easymock.EasyMockSupport; +import org.junit.Test; + +import java.io.StringReader; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.TreeMap; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertTrue; + +/** + * CsvSerializer unit tests + */ +public class CsvSerializerTest extends EasyMockSupport { + + @Test + public void testSerializeResources_NoColumnInfo() throws Exception { + Result result = new ResultImpl(true); + result.setResultStatus(new ResultStatus(ResultStatus.STATUS.OK)); + TreeNode<Resource> tree = result.getResultTree(); + + List<TreeMap<String, Object>> data = new ArrayList<TreeMap<String, Object>>() { + { + add(new TreeMap<String, Object>() { + { + put("property1", "value1a"); + put("property2", "value2a"); + put("property3", "value3a"); + put("property4", "value4a"); + } + }); + add(new TreeMap<String, Object>() { + { + put("property1", "value1'b"); + put("property2", "value2'b"); + put("property3", "value3'b"); + put("property4", "value4'b"); + } + }); + add(new TreeMap<String, Object>() { + { + put("property1", "value1,c"); + put("property2", "value2,c"); + put("property3", "value3,c"); + put("property4", "value4,c"); + } + }); + } + }; + + tree.setName("items"); + tree.setProperty("isCollection", "true"); + + addChildResource(tree, "resource", 0, data.get(0)); + addChildResource(tree, "resource", 1, data.get(1)); + addChildResource(tree, "resource", 2, data.get(2)); + + replayAll(); + + //execute test + Object o = new CsvSerializer().serialize(result).toString().replace("\r", ""); + + verifyAll(); + + assertNotNull(o); + + StringReader reader = new StringReader(o.toString()); + CSVParser csvParser = new CSVParser(reader, CSVFormat.DEFAULT); + List<CSVRecord> records = csvParser.getRecords(); + + assertNotNull(records); + assertEquals(3, records.size()); + + int i = 0; + for (CSVRecord record : records) { + TreeMap<String, Object> actualData = data.get(i++); + assertEquals(actualData.size(), record.size()); + + for (String item : record) { + assertTrue(actualData.containsValue(item)); + } + } + + csvParser.close(); + } + + @Test + public void testSerializeResources_HeaderInfo() throws Exception { + Result result = new ResultImpl(true); + result.setResultStatus(new ResultStatus(ResultStatus.STATUS.OK)); + TreeNode<Resource> tree = result.getResultTree(); + tree.setName("items"); + tree.setProperty("isCollection", "true"); + tree.setProperty(CsvSerializer.PROPERTY_COLUMN_MAP, new TreeMap<String, String>() {{ + put("propertyD", "Property D"); + put("propertyC", "Property C"); + put("propertyB", "Property B"); + put("propertyA", "Property A"); + }}); + + + List<Map<String, Object>> data = new ArrayList<Map<String, Object>>() { + { + add(new HashMap<String, Object>() { + { + put("propertyD", "value1a"); + put("propertyC", "value2a"); + put("propertyB", "value3a"); + put("propertyA", "value4a"); + } + }); + add(new HashMap<String, Object>() { + { + put("propertyD", "value1'b"); + put("propertyC", "value2'b"); + put("propertyB", "value3'b"); + put("propertyA", "value4'b"); + } + }); + add(new HashMap<String, Object>() { + { + put("propertyD", "value1,c"); + put("propertyC", "value2,c"); + put("propertyB", "value3,c"); + put("propertyA", "value4,c"); + } + }); + } + }; + + addChildResource(tree, "resource", 0, data.get(0)); + addChildResource(tree, "resource", 1, data.get(1)); + addChildResource(tree, "resource", 2, data.get(2)); + + replayAll(); + + //execute test + Object o = new CsvSerializer().serialize(result).toString().replace("\r", ""); + + verifyAll(); + + + String expected = "Property A,Property B,Property C,Property D\n" + + "value4a,value3a,value2a,value1a\n" + + "value4'b,value3'b,value2'b,value1'b\n" + + "\"value4,c\",\"value3,c\",\"value2,c\",\"value1,c\"\n"; + + assertEquals(expected, o); + + } + + @Test + public void testSerializeResources_HeaderOrderInfo() throws Exception { + Result result = new ResultImpl(true); + result.setResultStatus(new ResultStatus(ResultStatus.STATUS.OK)); + TreeNode<Resource> tree = result.getResultTree(); + tree.setName("items"); + tree.setProperty("isCollection", "true"); + tree.setProperty(CsvSerializer.PROPERTY_COLUMN_MAP, new HashMap<String, String>() {{ + put("property1", "Property 1"); + put("property2", "Property 2"); + put("property3", "Property 3"); + put("property4", "Property 4"); + }}); + tree.setProperty(CsvSerializer.PROPERTY_COLUMN_ORDER, Arrays.asList( + "property1", + "property2", + "property3", + "property4")); + + addChildResource(tree, "resource", 0, new HashMap<String, Object>() { + { + put("property1", "value1a"); + put("property2", "value2a"); + put("property3", "value3a"); + put("property4", "value4a"); + } + }); + addChildResource(tree, "resource", 1, new HashMap<String, Object>() { + { + put("property1", "value1'b"); + put("property2", "value2'b"); + put("property3", "value3'b"); + put("property4", "value4'b"); + } + }); + addChildResource(tree, "resource", 2, new HashMap<String, Object>() { + { + put("property1", "value1,c"); + put("property2", "value2,c"); + put("property3", "value3,c"); + put("property4", "value4,c"); + } + }); + + replayAll(); + + //execute test + Object o = new CsvSerializer().serialize(result).toString().replace("\r", ""); + + String expected = "Property 1,Property 2,Property 3,Property 4\n" + + "value1a,value2a,value3a,value4a\n" + + "value1'b,value2'b,value3'b,value4'b\n" + + "\"value1,c\",\"value2,c\",\"value3,c\",\"value4,c\"\n"; + + assertEquals(expected, o); + + verifyAll(); + } + + + private void addChildResource(TreeNode<Resource> parent, String name, int index, final Map<String, Object> data) { + Resource resource = new ResourceImpl(Resource.Type.Cluster); + + if (data != null) { + for (Map.Entry<String, Object> entry : data.entrySet()) { + resource.setProperty(entry.getKey(), entry.getValue()); + } + } + + parent.addChild(resource, String.format("%s:%d", name, index)); + } + +} http://git-wip-us.apache.org/repos/asf/ambari/blob/66e42cba/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java index 47f051d..614ee57 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/KerberosHelperTest.java @@ -415,6 +415,409 @@ public class KerberosHelperTest extends EasyMockSupport { testDeleteTestIdentity(new KerberosCredential("principal", "password", "keytab")); } + @Test(expected = IllegalArgumentException.class) + public void testGetActiveIdentities_MissingCluster() throws Exception { + testGetActiveIdentities(null, null, null, null, true); + } + + @Test + public void testGetActiveIdentities_All() throws Exception { + Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, null, true); + + Assert.assertNotNull(identities); + Assert.assertEquals(2, identities.size()); + + Collection<KerberosIdentityDescriptor> hostIdentities; + + hostIdentities = identities.get("host1"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(3, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity2", new HashMap<String, Object>() { + { + put("principal_name", "component2/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service2-site/component2.kerberos.principal"); + put("principal_local_username", "service2"); + put("keytab_file", "${keytab_dir}/service2.keytab"); + put("keytab_owner_name", "service2"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service2-site/component2.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + + hostIdentities = identities.get("host2"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(3, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity2", new HashMap<String, Object>() { + { + put("principal_name", "component2/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service2-site/component2.kerberos.principal"); + put("principal_local_username", "service2"); + put("keytab_file", "${keytab_dir}/service2.keytab"); + put("keytab_owner_name", "service2"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service2-site/component2.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + } + + @Test + public void testGetActiveIdentities_SingleHost() throws Exception { + Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host1", null, null, true); + + Assert.assertNotNull(identities); + Assert.assertEquals(1, identities.size()); + + Collection<KerberosIdentityDescriptor> hostIdentities; + + hostIdentities = identities.get("host1"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(3, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity2", new HashMap<String, Object>() { + { + put("principal_name", "component2/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service2-site/component2.kerberos.principal"); + put("principal_local_username", "service2"); + put("keytab_file", "${keytab_dir}/service2.keytab"); + put("keytab_owner_name", "service2"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service2-site/component2.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + } + + @Test + public void testGetActiveIdentities_SingleService() throws Exception { + Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, "SERVICE1", null, true); + + Assert.assertNotNull(identities); + Assert.assertEquals(2, identities.size()); + + Collection<KerberosIdentityDescriptor> hostIdentities; + + hostIdentities = identities.get("host1"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(2, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + + hostIdentities = identities.get("host2"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(2, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); } + + @Test + public void testGetActiveIdentities_SingleServiceSingleHost() throws Exception { + Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", "host2", "SERVICE1", null, true); + + Assert.assertNotNull(identities); + Assert.assertEquals(1, identities.size()); + + Collection<KerberosIdentityDescriptor> hostIdentities; + + hostIdentities = identities.get("host2"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(2, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity1", new HashMap<String, Object>() { + { + put("principal_name", "component1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/component1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/component1.keytab.file"); + put("keytab_cachable", false); + } + }); + + put("identity3", new HashMap<String, Object>() { + { + put("principal_name", "service1/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service1-site/service1.kerberos.principal"); + put("principal_local_username", "service1"); + put("keytab_file", "${keytab_dir}/service1.service.keytab"); + put("keytab_owner_name", "service1"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service1-site/service1.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + } + + @Test + public void testGetActiveIdentities_SingleComponent() throws Exception { + Map<String, Collection<KerberosIdentityDescriptor>> identities = testGetActiveIdentities("c1", null, null, "COMPONENT2", true); + + Assert.assertNotNull(identities); + Assert.assertEquals(2, identities.size()); + + Collection<KerberosIdentityDescriptor> hostIdentities; + + hostIdentities = identities.get("host1"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(1, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity2", new HashMap<String, Object>() { + { + put("principal_name", "component2/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service2-site/component2.kerberos.principal"); + put("principal_local_username", "service2"); + put("keytab_file", "${keytab_dir}/service2.keytab"); + put("keytab_owner_name", "service2"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service2-site/component2.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + + hostIdentities = identities.get("host2"); + Assert.assertNotNull(hostIdentities); + Assert.assertEquals(1, hostIdentities.size()); + + validateIdentities(hostIdentities, new HashMap<String, Map<String, Object>>() {{ + put("identity2", new HashMap<String, Object>() { + { + put("principal_name", "component2/ho...@example.com"); + put("principal_type", KerberosPrincipalType.SERVICE); + put("principal_configuration", "service2-site/component2.kerberos.principal"); + put("principal_local_username", "service2"); + put("keytab_file", "${keytab_dir}/service2.keytab"); + put("keytab_owner_name", "service2"); + put("keytab_owner_access", "rw"); + put("keytab_group_name", "hadoop"); + put("keytab_group_access", ""); + put("keytab_configuration", "service2-site/component2.keytab.file"); + put("keytab_cachable", false); + } + }); + }}); + } + + private void validateIdentities(Collection<KerberosIdentityDescriptor> identities, HashMap<String, Map<String, Object>> expectedDataMap) { + + Assert.assertEquals(expectedDataMap.size(), identities.size()); + + for(KerberosIdentityDescriptor identity: identities) { + Map<String, Object> expectedData = expectedDataMap.get(identity.getName()); + + Assert.assertNotNull(expectedData); + + KerberosPrincipalDescriptor principal = identity.getPrincipalDescriptor(); + Assert.assertNotNull(principal); + Assert.assertEquals(expectedData.get("principal_name"), principal.getName()); + Assert.assertEquals(expectedData.get("principal_type"), principal.getType()); + Assert.assertEquals(expectedData.get("principal_configuration"), principal.getConfiguration()); + Assert.assertEquals(expectedData.get("principal_local_username"), principal.getLocalUsername()); + + KerberosKeytabDescriptor keytab = identity.getKeytabDescriptor(); + Assert.assertNotNull(keytab); + Assert.assertEquals(expectedData.get("keytab_file"), keytab.getFile()); + Assert.assertEquals(expectedData.get("keytab_owner_name"), keytab.getOwnerName()); + Assert.assertEquals(expectedData.get("keytab_owner_access"), keytab.getOwnerAccess()); + Assert.assertEquals(expectedData.get("keytab_group_name"), keytab.getGroupName()); + Assert.assertEquals(expectedData.get("keytab_group_access"), keytab.getGroupAccess()); + Assert.assertEquals(expectedData.get("keytab_configuration"), keytab.getConfiguration()); + Assert.assertEquals(Boolean.TRUE.equals(expectedData.get("keytab_cachable")), keytab.isCachable()); + } + } + + private void testEnableKerberos(final KerberosCredential kerberosCredential, boolean getClusterDescriptor, boolean getStackDescriptor) throws Exception { @@ -2473,4 +2876,232 @@ public class KerberosHelperTest extends EasyMockSupport { verifyAll(); } + + private Map<String, Collection<KerberosIdentityDescriptor>> testGetActiveIdentities(String clusterName, String hostName, String serviceName, String compnentName, boolean replaceHostnames) throws Exception { + + KerberosHelper kerberosHelper = injector.getInstance(KerberosHelper.class); + + final ServiceComponentHost schKerberosClient1 = createMock(ServiceComponentHost.class); + expect(schKerberosClient1.getServiceName()).andReturn(Service.Type.KERBEROS.name()).anyTimes(); + expect(schKerberosClient1.getServiceComponentName()).andReturn(Role.KERBEROS_CLIENT.name()).anyTimes(); + + final ServiceComponentHost schKerberosClient2 = createMock(ServiceComponentHost.class); + expect(schKerberosClient2.getServiceName()).andReturn(Service.Type.KERBEROS.name()).anyTimes(); + expect(schKerberosClient2.getServiceComponentName()).andReturn(Role.KERBEROS_CLIENT.name()).anyTimes(); + + final ServiceComponentHost sch1a = createMock(ServiceComponentHost.class); + expect(sch1a.getServiceName()).andReturn("SERVICE1").anyTimes(); + expect(sch1a.getServiceComponentName()).andReturn("COMPONENT1").anyTimes(); + + final ServiceComponentHost sch1b = createMock(ServiceComponentHost.class); + expect(sch1b.getServiceName()).andReturn("SERVICE2").anyTimes(); + expect(sch1b.getServiceComponentName()).andReturn("COMPONENT2").anyTimes(); + + final ServiceComponentHost sch2a = createMock(ServiceComponentHost.class); + expect(sch2a.getServiceName()).andReturn("SERVICE1").anyTimes(); + expect(sch2a.getServiceComponentName()).andReturn("COMPONENT1").anyTimes(); + + final ServiceComponentHost sch2b = createMock(ServiceComponentHost.class); + expect(sch2b.getServiceName()).andReturn("SERVICE2").anyTimes(); + expect(sch2b.getServiceComponentName()).andReturn("COMPONENT2").anyTimes(); + + final Host host1 = createNiceMock(Host.class); + expect(host1.getHostName()).andReturn("host1").anyTimes(); + expect(host1.getState()).andReturn(HostState.HEALTHY).anyTimes(); + + final Host host2 = createNiceMock(Host.class); + expect(host2.getHostName()).andReturn("host2").anyTimes(); + expect(host2.getState()).andReturn(HostState.HEALTHY).anyTimes(); + + final ServiceComponent serviceComponentKerberosClient = createMock(ServiceComponent.class); + expect(serviceComponentKerberosClient.getName()).andReturn(Role.KERBEROS_CLIENT.name()).anyTimes(); + expect(serviceComponentKerberosClient.getServiceComponentHosts()).andReturn(Collections.singletonMap("host1", schKerberosClient1)).anyTimes(); + + final Service serviceKerberos = createStrictMock(Service.class); + expect(serviceKerberos.getName()).andReturn(Service.Type.KERBEROS.name()).anyTimes(); + expect(serviceKerberos.getServiceComponents()) + .andReturn(Collections.singletonMap(Role.KERBEROS_CLIENT.name(), serviceComponentKerberosClient)) + .anyTimes(); + + final Service service1 = createStrictMock(Service.class); + expect(service1.getName()).andReturn("SERVICE1").anyTimes(); + expect(service1.getServiceComponents()) + .andReturn(Collections.<String, ServiceComponent>emptyMap()) + .anyTimes(); + + final Service service2 = createStrictMock(Service.class); + expect(service2.getName()).andReturn("SERVICE2").anyTimes(); + expect(service2.getServiceComponents()) + .andReturn(Collections.<String, ServiceComponent>emptyMap()) + .anyTimes(); + + final Cluster cluster = createMock(Cluster.class); + expect(cluster.getSecurityType()).andReturn(SecurityType.KERBEROS).anyTimes(); + expect(cluster.getClusterName()).andReturn(clusterName).anyTimes(); + expect(cluster.getServiceComponentHosts("host1")) + .andReturn(new ArrayList<ServiceComponentHost>() { + { + add(schKerberosClient1); + add(sch1a); + add(sch1b); + } + }) + .anyTimes(); + expect(cluster.getServiceComponentHosts("host2")) + .andReturn(new ArrayList<ServiceComponentHost>() { + { + add(schKerberosClient2); + add(sch2a); + add(sch2b); + } + }) + .anyTimes(); + expect(cluster.getCurrentStackVersion()) + .andReturn(new StackId("HDP", "2.2")) + .anyTimes(); + expect(cluster.getServices()) + .andReturn(new HashMap<String, Service>() { + { + put(Service.Type.KERBEROS.name(), serviceKerberos); + put("SERVICE1", service1); + put("SERVICE2", service2); + } + }) + .anyTimes(); + + final Clusters clusters = injector.getInstance(Clusters.class); + expect(clusters.getCluster(clusterName)).andReturn(cluster).times(1); + + if(hostName == null) { + expect(clusters.getHostsForCluster(clusterName)) + .andReturn(new HashMap<String, Host>() { + { + put("host1", host1); + put("host2", host2); + } + }) + .once(); + } + + final AmbariManagementController ambariManagementController = injector.getInstance(AmbariManagementController.class); + expect(ambariManagementController.findConfigurationTagsWithOverrides(cluster, "host1")) + .andReturn(Collections.<String, Map<String, String>>emptyMap()) + .anyTimes(); + expect(ambariManagementController.findConfigurationTagsWithOverrides(cluster, "host2")) + .andReturn(Collections.<String, Map<String, String>>emptyMap()) + .anyTimes(); + expect(ambariManagementController.findConfigurationTagsWithOverrides(cluster, null)) + .andReturn(Collections.<String, Map<String, String>>emptyMap()) + .anyTimes(); + + final ConfigHelper configHelper = injector.getInstance(ConfigHelper.class); + expect(configHelper.getEffectiveConfigProperties(anyObject(Cluster.class), anyObject(Map.class))) + .andReturn(new HashMap<String, Map<String, String>>() { + { + put("cluster-env", new HashMap<String, String>() {{ + put("kerberos_domain", "FOOBAR.COM"); + }}); + } + }) + .anyTimes(); + + final KerberosPrincipalDescriptor principalDescriptor1 = createMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptor1.getValue()).andReturn("component1/_HOST@${realm}").anyTimes(); + expect(principalDescriptor1.getType()).andReturn(KerberosPrincipalType.SERVICE).anyTimes(); + expect(principalDescriptor1.getConfiguration()).andReturn("service1-site/component1.kerberos.principal").anyTimes(); + expect(principalDescriptor1.getLocalUsername()).andReturn("service1").anyTimes(); + + final KerberosPrincipalDescriptor principalDescriptor2 = createMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptor2.getValue()).andReturn("component2/${host}@${realm}").anyTimes(); + expect(principalDescriptor2.getType()).andReturn(KerberosPrincipalType.SERVICE).anyTimes(); + expect(principalDescriptor2.getConfiguration()).andReturn("service2-site/component2.kerberos.principal").anyTimes(); + expect(principalDescriptor2.getLocalUsername()).andReturn("service2").anyTimes(); + + final KerberosPrincipalDescriptor principalDescriptorService1 = createMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptorService1.getValue()).andReturn("service1/_HOST@${realm}").anyTimes(); + expect(principalDescriptorService1.getType()).andReturn(KerberosPrincipalType.SERVICE).anyTimes(); + expect(principalDescriptorService1.getConfiguration()).andReturn("service1-site/service1.kerberos.principal").anyTimes(); + expect(principalDescriptorService1.getLocalUsername()).andReturn("service1").anyTimes(); + + final KerberosKeytabDescriptor keytabDescriptor1 = createMock(KerberosKeytabDescriptor.class); + expect(keytabDescriptor1.getFile()).andReturn("${keytab_dir}/service1.keytab").anyTimes(); + expect(keytabDescriptor1.getOwnerName()).andReturn("service1").anyTimes(); + expect(keytabDescriptor1.getOwnerAccess()).andReturn("rw").anyTimes(); + expect(keytabDescriptor1.getGroupName()).andReturn("hadoop").anyTimes(); + expect(keytabDescriptor1.getGroupAccess()).andReturn("").anyTimes(); + expect(keytabDescriptor1.getConfiguration()).andReturn("service1-site/component1.keytab.file").anyTimes(); + expect(keytabDescriptor1.isCachable()).andReturn(false).anyTimes(); + + final KerberosKeytabDescriptor keytabDescriptor2 = createMock(KerberosKeytabDescriptor.class); + expect(keytabDescriptor2.getFile()).andReturn("${keytab_dir}/service2.keytab").anyTimes(); + expect(keytabDescriptor2.getOwnerName()).andReturn("service2").anyTimes(); + expect(keytabDescriptor2.getOwnerAccess()).andReturn("rw").anyTimes(); + expect(keytabDescriptor2.getGroupName()).andReturn("hadoop").anyTimes(); + expect(keytabDescriptor2.getGroupAccess()).andReturn("").anyTimes(); + expect(keytabDescriptor2.getConfiguration()).andReturn("service2-site/component2.keytab.file").anyTimes(); + expect(keytabDescriptor2.isCachable()).andReturn(false).anyTimes(); + + final KerberosKeytabDescriptor keytabDescriptorService1 = createMock(KerberosKeytabDescriptor.class); + expect(keytabDescriptorService1.getFile()).andReturn("${keytab_dir}/service1.service.keytab").anyTimes(); + expect(keytabDescriptorService1.getOwnerName()).andReturn("service1").anyTimes(); + expect(keytabDescriptorService1.getOwnerAccess()).andReturn("rw").anyTimes(); + expect(keytabDescriptorService1.getGroupName()).andReturn("hadoop").anyTimes(); + expect(keytabDescriptorService1.getGroupAccess()).andReturn("").anyTimes(); + expect(keytabDescriptorService1.getConfiguration()).andReturn("service1-site/service1.keytab.file").anyTimes(); + expect(keytabDescriptorService1.isCachable()).andReturn(false).anyTimes(); + + final KerberosIdentityDescriptor identityDescriptor1 = createMock(KerberosIdentityDescriptor.class); + expect(identityDescriptor1.getName()).andReturn("identity1").anyTimes(); + expect(identityDescriptor1.getPrincipalDescriptor()).andReturn(principalDescriptor1).anyTimes(); + expect(identityDescriptor1.getKeytabDescriptor()).andReturn(keytabDescriptor1).anyTimes(); + + final KerberosIdentityDescriptor identityDescriptor2 = createMock(KerberosIdentityDescriptor.class); + expect(identityDescriptor2.getName()).andReturn("identity2").anyTimes(); + expect(identityDescriptor2.getPrincipalDescriptor()).andReturn(principalDescriptor2).anyTimes(); + expect(identityDescriptor2.getKeytabDescriptor()).andReturn(keytabDescriptor2).anyTimes(); + + final KerberosIdentityDescriptor identityDescriptorService1 = createMock(KerberosIdentityDescriptor.class); + expect(identityDescriptorService1.getName()).andReturn("identity3").anyTimes(); + expect(identityDescriptorService1.getPrincipalDescriptor()).andReturn(principalDescriptorService1).anyTimes(); + expect(identityDescriptorService1.getKeytabDescriptor()).andReturn(keytabDescriptorService1).anyTimes(); + + final KerberosComponentDescriptor componentDescriptor1 = createMock(KerberosComponentDescriptor.class); + expect(componentDescriptor1.getIdentities(true)).andReturn(Collections.singletonList(identityDescriptor1)).anyTimes(); + + final KerberosComponentDescriptor componentDescriptor2 = createMock(KerberosComponentDescriptor.class); + expect(componentDescriptor2.getIdentities(true)).andReturn(Collections.singletonList(identityDescriptor2)).anyTimes(); + + final KerberosServiceDescriptor serviceDescriptor1 = createMock(KerberosServiceDescriptor.class); + expect(serviceDescriptor1.getComponent("COMPONENT1")).andReturn(componentDescriptor1).anyTimes(); + expect(serviceDescriptor1.getIdentities(true)).andReturn(Collections.singletonList(identityDescriptorService1)).anyTimes(); + + final KerberosServiceDescriptor serviceDescriptor2 = createMock(KerberosServiceDescriptor.class); + expect(serviceDescriptor2.getComponent("COMPONENT2")).andReturn(componentDescriptor2).anyTimes(); + expect(serviceDescriptor2.getIdentities(true)).andReturn(null).anyTimes(); + + final KerberosDescriptor kerberosDescriptor = createMock(KerberosDescriptor.class); + expect(kerberosDescriptor.getProperties()).andReturn(new HashMap<String, String>(){ + { + put("realm", "EXAMPLE.COM"); + } + }).anyTimes(); + expect(kerberosDescriptor.getService("KERBEROS")).andReturn(null).anyTimes(); + expect(kerberosDescriptor.getService("SERVICE1")).andReturn(serviceDescriptor1).anyTimes(); + expect(kerberosDescriptor.getService("SERVICE2")).andReturn(serviceDescriptor2).anyTimes(); + + setupGetDescriptorFromCluster(kerberosDescriptor); + + replayAll(); + + // Needed by infrastructure + metaInfo.init(); + + Map<String, Collection<KerberosIdentityDescriptor>> identities; + identities = kerberosHelper.getActiveIdentities(clusterName, hostName, serviceName, compnentName, replaceHostnames); + + verifyAll(); + + return identities; + } + } http://git-wip-us.apache.org/repos/asf/ambari/blob/66e42cba/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProviderTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProviderTest.java new file mode 100644 index 0000000..1b1b4ac --- /dev/null +++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/HostKerberosIdentityResourceProviderTest.java @@ -0,0 +1,362 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.ambari.server.controller.internal; + +import org.apache.ambari.server.controller.AmbariManagementController; +import org.apache.ambari.server.controller.KerberosHelper; +import org.apache.ambari.server.controller.spi.Predicate; +import org.apache.ambari.server.controller.spi.Request; +import org.apache.ambari.server.controller.spi.Resource; +import org.apache.ambari.server.controller.spi.ResourceProvider; +import org.apache.ambari.server.controller.utilities.PredicateBuilder; +import org.apache.ambari.server.controller.utilities.PropertyHelper; +import org.apache.ambari.server.orm.dao.HostDAO; +import org.apache.ambari.server.orm.dao.KerberosPrincipalDAO; +import org.apache.ambari.server.orm.dao.KerberosPrincipalHostDAO; +import org.apache.ambari.server.orm.entities.HostEntity; +import org.apache.ambari.server.state.kerberos.KerberosIdentityDescriptor; +import org.apache.ambari.server.state.kerberos.KerberosKeytabDescriptor; +import org.apache.ambari.server.state.kerberos.KerberosPrincipalDescriptor; +import org.apache.ambari.server.state.kerberos.KerberosPrincipalType; +import org.easymock.EasyMockSupport; +import org.junit.Assert; +import org.junit.Test; + +import java.lang.reflect.Field; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Collections; +import java.util.HashMap; +import java.util.HashSet; +import java.util.LinkedHashMap; +import java.util.Map; +import java.util.Set; + +import static org.easymock.EasyMock.expect; + + +/** + * Tests for the host Kerberos identity resource provider. + */ +public class HostKerberosIdentityResourceProviderTest extends EasyMockSupport { + @Test(expected = org.apache.ambari.server.controller.spi.SystemException.class) + public void testCreateResources() throws Exception { + AmbariManagementController managementController = createMock(AmbariManagementController.class); + + ResourceProvider provider = new HostKerberosIdentityResourceProvider(managementController); + + // Create a property set of an single empty map. It shouldn't make a difference what this is + // since this HostKerberosIdentityResourceProvider is a read-only provider and should throw + // a org.apache.ambari.server.controller.spi.SystemException exception + Set<Map<String, Object>> propertySet = Collections.singleton(Collections.<String, Object>emptyMap()); + + Request request = PropertyHelper.getCreateRequest(propertySet, null); + + provider.createResources(request); + } + + @Test(expected = org.apache.ambari.server.controller.spi.SystemException.class) + public void testUpdateResources() throws Exception { + + AmbariManagementController managementController = createMock(AmbariManagementController.class); + + Map<String, String> mapRequestProps = new HashMap<String, String>(); + mapRequestProps.put("context", "Called from a test"); + + ResourceProvider provider = new HostKerberosIdentityResourceProvider(managementController); + + Map<String, Object> properties = new LinkedHashMap<String, Object>(); + + properties.put(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID, "Cluster100"); + properties.put(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID, "Host100"); + properties.put(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID, "principal@REALM"); + properties.put(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID, "userA"); + + // create the request + Request request = PropertyHelper.getUpdateRequest(properties, mapRequestProps); + + Predicate predicate = new PredicateBuilder() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID) + .equals("Cluster100") + .and() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID) + .equals("Host100") + .and() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID) + .equals("principal@REALM").toPredicate(); + + provider.updateResources(request, predicate); + } + + @Test(expected = org.apache.ambari.server.controller.spi.SystemException.class) + public void testDeleteResources() throws Exception { + AmbariManagementController managementController = createMock(AmbariManagementController.class); + + ResourceProvider provider = new HostKerberosIdentityResourceProvider(managementController); + + AbstractResourceProviderTest.TestObserver observer = new AbstractResourceProviderTest.TestObserver(); + + ((ObservableResourceProvider) provider).addObserver(observer); + + Predicate predicate = new PredicateBuilder() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID) + .equals("Cluster100") + .and() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID) + .equals("Host100") + .and() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID) + .equals("principal@REALM").toPredicate(); + + provider.deleteResources(predicate); + } + + + @Test + public void testGetResources() throws Exception { + + AmbariManagementController managementController = createMock(AmbariManagementController.class); + + KerberosPrincipalDescriptor principalDescriptor1 = createStrictMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptor1.getValue()).andReturn("princip...@example.com"); + expect(principalDescriptor1.getType()).andReturn(KerberosPrincipalType.USER).times(1); + expect(principalDescriptor1.getLocalUsername()).andReturn("principal1"); + + KerberosKeytabDescriptor keytabDescriptor1 = createStrictMock(KerberosKeytabDescriptor.class); + expect(keytabDescriptor1.getOwnerAccess()).andReturn("rw").times(1); + expect(keytabDescriptor1.getGroupAccess()).andReturn("r").times(1); + expect(keytabDescriptor1.getFile()).andReturn("/etc/security/keytabs/principal1.headless.keytab").times(1); + expect(keytabDescriptor1.getOwnerName()).andReturn("principal1").times(1); + expect(keytabDescriptor1.getGroupName()).andReturn("principal1").times(1); + + KerberosIdentityDescriptor identity1 = createStrictMock(KerberosIdentityDescriptor.class); + expect(identity1.getPrincipalDescriptor()).andReturn(principalDescriptor1).times(1); + expect(identity1.getKeytabDescriptor()).andReturn(keytabDescriptor1).times(1); + expect(identity1.getName()).andReturn("identity1").times(1); + + KerberosPrincipalDescriptor principalDescriptor2 = createStrictMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptor2.getValue()).andReturn("principal2/host...@example.com"); + expect(principalDescriptor2.getType()).andReturn(KerberosPrincipalType.SERVICE).times(1); + expect(principalDescriptor2.getLocalUsername()).andReturn("principal2"); + + KerberosIdentityDescriptor identity2 = createStrictMock(KerberosIdentityDescriptor.class); + expect(identity2.getPrincipalDescriptor()).andReturn(principalDescriptor2).times(1); + expect(identity2.getKeytabDescriptor()).andReturn(null).times(1); + expect(identity2.getName()).andReturn("identity2").times(1); + + KerberosIdentityDescriptor identity3 = createStrictMock(KerberosIdentityDescriptor.class); + expect(identity3.getPrincipalDescriptor()).andReturn(null).times(1); + + KerberosIdentityDescriptor identity4 = createStrictMock(KerberosIdentityDescriptor.class); + expect(identity4.getPrincipalDescriptor()).andReturn(null).times(1); + + KerberosPrincipalDescriptor principalDescriptor5 = createStrictMock(KerberosPrincipalDescriptor.class); + expect(principalDescriptor5.getValue()).andReturn("princip...@example.com"); + expect(principalDescriptor5.getType()).andReturn(KerberosPrincipalType.USER).times(1); + expect(principalDescriptor5.getLocalUsername()).andReturn("principal5"); + + KerberosKeytabDescriptor keytabDescriptor5 = createStrictMock(KerberosKeytabDescriptor.class); + expect(keytabDescriptor5.getOwnerAccess()).andReturn("r").times(1); + expect(keytabDescriptor5.getGroupAccess()).andReturn("r").times(1); + expect(keytabDescriptor5.getFile()).andReturn("/etc/security/keytabs/principal5.headless.keytab").times(1); + expect(keytabDescriptor5.getOwnerName()).andReturn("principal5").times(1); + expect(keytabDescriptor5.getGroupName()).andReturn("hadoop").times(1); + + KerberosIdentityDescriptor identity5 = createStrictMock(KerberosIdentityDescriptor.class); + expect(identity5.getPrincipalDescriptor()).andReturn(principalDescriptor5).times(1); + expect(identity5.getKeytabDescriptor()).andReturn(keytabDescriptor5).times(1); + expect(identity5.getName()).andReturn("identity5").times(1); + + KerberosPrincipalDAO kerberosPrincipalDAO = createStrictMock(KerberosPrincipalDAO.class); + expect(kerberosPrincipalDAO.exists("princip...@example.com")).andReturn(true).times(1); + expect(kerberosPrincipalDAO.exists("principal2/host...@example.com")).andReturn(true).times(1); + expect(kerberosPrincipalDAO.exists("princip...@example.com")).andReturn(false).times(1); + + KerberosPrincipalHostDAO kerberosPrincipalHostDAO = createStrictMock(KerberosPrincipalHostDAO.class); + expect(kerberosPrincipalHostDAO.exists("princip...@example.com", 100L)).andReturn(true).times(1); + expect(kerberosPrincipalHostDAO.exists("principal2/host...@example.com", 100L)).andReturn(false).times(1); + + HostEntity host100 = createStrictMock(HostEntity.class); + expect(host100.getHostId()).andReturn(100L).times(1); + + HostDAO hostDAO = createStrictMock(HostDAO.class); + expect(hostDAO.findByName("Host100")).andReturn(host100).times(1); + + Collection<KerberosIdentityDescriptor> identities = new ArrayList<KerberosIdentityDescriptor>(); + identities.add(identity1); + identities.add(identity2); + identities.add(identity3); + identities.add(identity4); + identities.add(identity5); + + Map<String, Collection<KerberosIdentityDescriptor>> activeIdentities = new HashMap<String, Collection<KerberosIdentityDescriptor>>(); + activeIdentities.put("Host100", identities); + + KerberosHelper kerberosHelper = createStrictMock(KerberosHelper.class); + expect(kerberosHelper.getActiveIdentities("Cluster100", "Host100", null, null, true)) + .andReturn(activeIdentities) + .times(1); + + // replay + replayAll(); + + ResourceProvider provider = new HostKerberosIdentityResourceProvider(managementController); + + // Set injected values... + Field field; + field = HostKerberosIdentityResourceProvider.class.getDeclaredField("kerberosHelper"); + field.setAccessible(true); + field.set(provider, kerberosHelper); + + field = HostKerberosIdentityResourceProvider.class.getDeclaredField("kerberosPrincipalDAO"); + field.setAccessible(true); + field.set(provider, kerberosPrincipalDAO); + + field = HostKerberosIdentityResourceProvider.class.getDeclaredField("kerberosPrincipalHostDAO"); + field.setAccessible(true); + field.set(provider, kerberosPrincipalHostDAO); + + field = HostKerberosIdentityResourceProvider.class.getDeclaredField("hostDAO"); + field.setAccessible(true); + field.set(provider, hostDAO); + + Set<String> propertyIds = new HashSet<String>(); + + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_DESCRIPTION_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_PATH_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_ACCESS_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_ACCESS_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_MODE_PROPERTY_ID); + propertyIds.add(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_INSTALLED_PROPERTY_ID); + + Predicate predicate = new PredicateBuilder() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID) + .equals("Cluster100") + .and() + .property(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID) + .equals("Host100").toPredicate(); + + Request request = PropertyHelper.getReadRequest(propertyIds); + Set<Resource> resources = provider.getResources(request, predicate); + + Assert.assertEquals(3, resources.size()); + + for (Resource resource : resources) { + Assert.assertEquals("Cluster100", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_CLUSTER_NAME_PROPERTY_ID)); + Assert.assertEquals("Host100", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_HOST_NAME_PROPERTY_ID)); + + String principal = (String) resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_NAME_PROPERTY_ID); + + if ("princip...@example.com".equals(principal)) { + Assert.assertEquals("identity1", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_DESCRIPTION_PROPERTY_ID)); + + Assert.assertEquals(KerberosPrincipalType.USER, + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID)); + + Assert.assertEquals("principal1", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID)); + + Assert.assertEquals("/etc/security/keytabs/principal1.headless.keytab", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_PATH_PROPERTY_ID)); + + Assert.assertEquals("principal1", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_PROPERTY_ID)); + + Assert.assertEquals("rw", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_ACCESS_PROPERTY_ID)); + + Assert.assertEquals("principal1", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_PROPERTY_ID)); + + Assert.assertEquals("r", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_ACCESS_PROPERTY_ID)); + + Assert.assertEquals("640", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_MODE_PROPERTY_ID)); + + Assert.assertEquals("true", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_INSTALLED_PROPERTY_ID)); + } else if ("principal2/host...@example.com".equals(principal)) { + Assert.assertEquals("identity2", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_DESCRIPTION_PROPERTY_ID)); + + Assert.assertEquals(KerberosPrincipalType.SERVICE, + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID)); + + Assert.assertEquals("principal2", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID)); + + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_PATH_PROPERTY_ID)); + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_PROPERTY_ID)); + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_ACCESS_PROPERTY_ID)); + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_PROPERTY_ID)); + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_ACCESS_PROPERTY_ID)); + Assert.assertNull(resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_MODE_PROPERTY_ID)); + + Assert.assertEquals("false", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_INSTALLED_PROPERTY_ID)); + } else if ("princip...@example.com".equals(principal)) { + Assert.assertEquals("identity5", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_DESCRIPTION_PROPERTY_ID)); + + Assert.assertEquals(KerberosPrincipalType.USER, + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_TYPE_PROPERTY_ID)); + + Assert.assertEquals("principal5", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_PRINCIPAL_LOCAL_USERNAME_PROPERTY_ID)); + + Assert.assertEquals("/etc/security/keytabs/principal5.headless.keytab", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_PATH_PROPERTY_ID)); + + Assert.assertEquals("principal5", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_PROPERTY_ID)); + + Assert.assertEquals("r", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_OWNER_ACCESS_PROPERTY_ID)); + + Assert.assertEquals("hadoop", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_PROPERTY_ID)); + + Assert.assertEquals("r", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_GROUP_ACCESS_PROPERTY_ID)); + + Assert.assertEquals("440", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_MODE_PROPERTY_ID)); + + Assert.assertEquals("unknown", + resource.getPropertyValue(HostKerberosIdentityResourceProvider.KERBEROS_IDENTITY_KEYTAB_FILE_INSTALLED_PROPERTY_ID)); + } else { + Assert.fail("Unexpected principal: " + principal); + } + } + + // verify + verifyAll(); + } +}
