You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ranger.apache.org by ve...@apache.org on 2017/01/10 21:58:41 UTC
incubator-ranger git commit: RANGER-1296: Renaming usersync unit
tests to follow the naming pattern as other unit tests
Repository: incubator-ranger
Updated Branches:
refs/heads/master 220298475 -> f303c1bd4
RANGER-1296: Renaming usersync unit tests to follow the naming pattern as other unit tests
Signed-off-by: Velmurugan Periasamy <ve...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/f303c1bd
Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/f303c1bd
Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/f303c1bd
Branch: refs/heads/master
Commit: f303c1bd419b457e7fb2190cd8c56c4d54d36d43
Parents: 2202984
Author: Sailaja Polavarapu <sp...@hortonworks.com>
Authored: Fri Jan 6 13:40:35 2017 -0800
Committer: Velmurugan Periasamy <ve...@apache.org>
Committed: Tue Jan 10 16:58:29 2017 -0500
----------------------------------------------------------------------
.../process/FileSourceUserGroupBuilderTest.java | 160 ------
.../process/TestFileSourceUserGroupBuilder.java | 160 ++++++
.../process/TestUnixUserGroupBuilder.java | 108 ++++
.../process/UnixUserGroupBuilderTest.java | 108 ----
.../ranger/usergroupsync/LdapUserGroupTest.java | 566 -------------------
.../apache/ranger/usergroupsync/RegExTest.java | 90 ---
.../ranger/usergroupsync/TestLdapUserGroup.java | 566 +++++++++++++++++++
.../apache/ranger/usergroupsync/TestRegEx.java | 90 +++
8 files changed, 924 insertions(+), 924 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java
deleted file mode 100644
index 65a339c..0000000
--- a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/FileSourceUserGroupBuilderTest.java
+++ /dev/null
@@ -1,160 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.ranger.unixusersync.process;
-
-import static org.junit.Assert.*;
-
-import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
-import org.apache.ranger.usergroupsync.PolicyMgrUserGroupBuilderTest;
-import org.junit.Test;
-
-public class FileSourceUserGroupBuilderTest {
-
- private UserGroupSyncConfig config = UserGroupSyncConfig.getInstance();
-
- @Test
- public void testUpdateSinkFromCsvFile() throws Throwable {
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.csv");
-
- FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
- fileBuilder.init();
-
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- fileBuilder.updateSink(sink);
-
- assertEquals(4, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
-
- assertTrue(sink.getAllUsers().contains("user1"));
- assertTrue(sink.getAllUsers().contains("user2"));
- assertTrue(sink.getAllUsers().contains("user3"));
- assertTrue(sink.getAllUsers().contains("user4"));
-
- assertTrue(sink.getAllGroups().contains("group1"));
- assertTrue(sink.getAllGroups().contains("group2"));
- }
-
- @Test
- public void testUpdateSinkFromCsvFileWithCustomDelimiter() throws Throwable {
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC,
- "src/test/resources/usergroups-other-delim.csv");
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITER, "|");
-
- FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
- fileBuilder.init();
-
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- fileBuilder.updateSink(sink);
-
- assertEquals(4, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
-
- assertTrue(sink.getAllUsers().contains("user1"));
- assertTrue(sink.getAllUsers().contains("user2"));
- assertTrue(sink.getAllUsers().contains("user3"));
- assertTrue(sink.getAllUsers().contains("user4"));
-
- assertTrue(sink.getAllGroups().contains("group1"));
- assertTrue(sink.getAllGroups().contains("group2"));
- }
-
- @Test
- public void testUpdateSinkFromCsvFileMisSpelledDelimiterProperty() throws Throwable {
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC,
- "src/test/resources/usergroups-other-delim.csv");
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|");
-
- FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
- fileBuilder.init();
-
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- fileBuilder.updateSink(sink);
-
- assertEquals(4, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
-
- assertTrue(sink.getAllUsers().contains("user1"));
- assertTrue(sink.getAllUsers().contains("user2"));
- assertTrue(sink.getAllUsers().contains("user3"));
- assertTrue(sink.getAllUsers().contains("user4"));
-
- assertTrue(sink.getAllGroups().contains("group1"));
- assertTrue(sink.getAllGroups().contains("group2"));
- }
-
- @Test
- public void testUpdateSinkFromJsonFile() throws Throwable {
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.json");
-
- FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
- fileBuilder.init();
-
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- fileBuilder.updateSink(sink);
-
- assertEquals(4, sink.getTotalUsers());
- assertEquals(7, sink.getTotalGroups());
-
- assertTrue(sink.getAllUsers().contains("user1"));
- assertTrue(sink.getAllUsers().contains("user2"));
- assertTrue(sink.getAllUsers().contains("user3"));
- assertTrue(sink.getAllUsers().contains("user4"));
-
- assertTrue(sink.getAllGroups().contains("group1"));
- assertTrue(sink.getAllGroups().contains("group2"));
- assertTrue(sink.getAllGroups().contains("group3"));
- assertTrue(sink.getAllGroups().contains("group4"));
- assertTrue(sink.getAllGroups().contains("group5"));
- assertTrue(sink.getAllGroups().contains("group6"));
- assertTrue(sink.getAllGroups().contains("group7"));
- }
-
- @Test
- public void testUpdateSinkWithUserAndGroupMapping() throws Throwable {
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups-dns.csv");
- config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|");
-
- config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g");
- config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME + ".1", "s/[,]//g");
-
- config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]//g");
-
- FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
- fileBuilder.init();
-
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- fileBuilder.updateSink(sink);
-
- assertEquals(4, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
-
- assertTrue(sink.getAllUsers().contains("CN_User1 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
- assertTrue(sink.getAllUsers().contains("CN_User2 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
- assertTrue(sink.getAllUsers().contains("CN_User3 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
- assertTrue(sink.getAllUsers().contains("CN_User4 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
-
- assertTrue(sink.getAllGroups().contains("group1"));
- assertTrue(sink.getAllGroups().contains("group2"));
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java
new file mode 100644
index 0000000..b29a1b0
--- /dev/null
+++ b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestFileSourceUserGroupBuilder.java
@@ -0,0 +1,160 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.ranger.unixusersync.process;
+
+import static org.junit.Assert.*;
+
+import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
+import org.apache.ranger.usergroupsync.PolicyMgrUserGroupBuilderTest;
+import org.junit.Test;
+
+public class TestFileSourceUserGroupBuilder {
+
+ private UserGroupSyncConfig config = UserGroupSyncConfig.getInstance();
+
+ @Test
+ public void testUpdateSinkFromCsvFile() throws Throwable {
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.csv");
+
+ FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
+ fileBuilder.init();
+
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ fileBuilder.updateSink(sink);
+
+ assertEquals(4, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+
+ assertTrue(sink.getAllUsers().contains("user1"));
+ assertTrue(sink.getAllUsers().contains("user2"));
+ assertTrue(sink.getAllUsers().contains("user3"));
+ assertTrue(sink.getAllUsers().contains("user4"));
+
+ assertTrue(sink.getAllGroups().contains("group1"));
+ assertTrue(sink.getAllGroups().contains("group2"));
+ }
+
+ @Test
+ public void testUpdateSinkFromCsvFileWithCustomDelimiter() throws Throwable {
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC,
+ "src/test/resources/usergroups-other-delim.csv");
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITER, "|");
+
+ FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
+ fileBuilder.init();
+
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ fileBuilder.updateSink(sink);
+
+ assertEquals(4, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+
+ assertTrue(sink.getAllUsers().contains("user1"));
+ assertTrue(sink.getAllUsers().contains("user2"));
+ assertTrue(sink.getAllUsers().contains("user3"));
+ assertTrue(sink.getAllUsers().contains("user4"));
+
+ assertTrue(sink.getAllGroups().contains("group1"));
+ assertTrue(sink.getAllGroups().contains("group2"));
+ }
+
+ @Test
+ public void testUpdateSinkFromCsvFileMisSpelledDelimiterProperty() throws Throwable {
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC,
+ "src/test/resources/usergroups-other-delim.csv");
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|");
+
+ FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
+ fileBuilder.init();
+
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ fileBuilder.updateSink(sink);
+
+ assertEquals(4, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+
+ assertTrue(sink.getAllUsers().contains("user1"));
+ assertTrue(sink.getAllUsers().contains("user2"));
+ assertTrue(sink.getAllUsers().contains("user3"));
+ assertTrue(sink.getAllUsers().contains("user4"));
+
+ assertTrue(sink.getAllGroups().contains("group1"));
+ assertTrue(sink.getAllGroups().contains("group2"));
+ }
+
+ @Test
+ public void testUpdateSinkFromJsonFile() throws Throwable {
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups.json");
+
+ FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
+ fileBuilder.init();
+
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ fileBuilder.updateSink(sink);
+
+ assertEquals(4, sink.getTotalUsers());
+ assertEquals(7, sink.getTotalGroups());
+
+ assertTrue(sink.getAllUsers().contains("user1"));
+ assertTrue(sink.getAllUsers().contains("user2"));
+ assertTrue(sink.getAllUsers().contains("user3"));
+ assertTrue(sink.getAllUsers().contains("user4"));
+
+ assertTrue(sink.getAllGroups().contains("group1"));
+ assertTrue(sink.getAllGroups().contains("group2"));
+ assertTrue(sink.getAllGroups().contains("group3"));
+ assertTrue(sink.getAllGroups().contains("group4"));
+ assertTrue(sink.getAllGroups().contains("group5"));
+ assertTrue(sink.getAllGroups().contains("group6"));
+ assertTrue(sink.getAllGroups().contains("group7"));
+ }
+
+ @Test
+ public void testUpdateSinkWithUserAndGroupMapping() throws Throwable {
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_PROC, "src/test/resources/usergroups-dns.csv");
+ config.setProperty(UserGroupSyncConfig.UGSYNC_SOURCE_FILE_DELIMITERER, "|");
+
+ config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g");
+ config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME + ".1", "s/[,]//g");
+
+ config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]//g");
+
+ FileSourceUserGroupBuilder fileBuilder = new FileSourceUserGroupBuilder();
+ fileBuilder.init();
+
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ fileBuilder.updateSink(sink);
+
+ assertEquals(4, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+
+ assertTrue(sink.getAllUsers().contains("CN_User1 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
+ assertTrue(sink.getAllUsers().contains("CN_User2 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
+ assertTrue(sink.getAllUsers().contains("CN_User3 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
+ assertTrue(sink.getAllUsers().contains("CN_User4 OU_Org1 O_Apache L_Santa Monica ST_CA C_US"));
+
+ assertTrue(sink.getAllGroups().contains("group1"));
+ assertTrue(sink.getAllGroups().contains("group2"));
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java
new file mode 100644
index 0000000..831e92d
--- /dev/null
+++ b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/TestUnixUserGroupBuilder.java
@@ -0,0 +1,108 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.unixusersync.process;
+
+import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
+import org.junit.Before;
+import org.junit.Test;
+
+import java.util.List;
+import java.util.Map;
+
+import static org.junit.Assert.*;
+import static org.hamcrest.Matchers.*;
+
+public class TestUnixUserGroupBuilder {
+ private UserGroupSyncConfig config;
+
+ @Before
+ public void setUp() throws Exception {
+ config = UserGroupSyncConfig.getInstance();
+ config.setProperty("ranger.usersync.unix.minUserId", "0");
+ config.setProperty("ranger.usersync.unix.minGroupId", "0");
+ }
+
+ @Test
+ public void testBuilderPasswd() throws Throwable {
+ config.setProperty("ranger.usersync.unix.backend", "passwd");
+
+ UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
+ builder.init();
+
+ Map<String, String> groups = builder.getGroupId2groupNameMap();
+ String name = groups.get("0");
+ assertThat(name, anyOf(equalTo("wheel"), equalTo("root")));
+
+ Map<String, List<String>> users = builder.getUser2GroupListMap();
+ List<String> usergroups = users.get("root");
+ assertNotNull(usergroups);
+ assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root")));
+
+ }
+
+ @Test
+ public void testBuilderNss() throws Throwable {
+ config.setProperty("ranger.usersync.unix.backend", "nss");
+
+ UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
+ builder.init();
+
+ Map<String, String> groups = builder.getGroupId2groupNameMap();
+ String name = groups.get("0");
+ assertThat(name, anyOf(equalTo("wheel"), equalTo("root")));
+
+ Map<String, List<String>> users = builder.getUser2GroupListMap();
+ List<String> usergroups = users.get("root");
+ assertNotNull(usergroups);
+ assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root")));
+ }
+
+ @Test
+ public void testBuilderExtraGroups() throws Throwable {
+ config.setProperty("ranger.usersync.unix.backend", "nss");
+ config.setProperty("ranger.usersync.group.enumerategroup", "root,wheel,daemon");
+
+ UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
+ builder.init();
+
+ // this is not a full test as it cannot be mocked sufficiently
+ Map<String, String> groups = builder.getGroupId2groupNameMap();
+ assertTrue(groups.containsValue("daemon"));
+ assertThat(groups, anyOf(hasValue("wheel"), hasValue("root")));
+ }
+
+ @Test
+ public void testMinUidGid() throws Throwable {
+ config.setProperty("ranger.usersync.unix.backend", "nss");
+ config.setProperty("ranger.usersync.unix.minUserId", "500");
+ config.setProperty("ranger.usersync.unix.minGroupId", "500");
+
+ UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
+ builder.init();
+
+ // this is not a full test as it cannot be mocked sufficiently
+ Map<String, String> groups = builder.getGroupId2groupNameMap();
+ assertFalse(groups.containsValue("wheel"));
+
+ Map<String, List<String>> users = builder.getUser2GroupListMap();
+ assertNull(users.get("root"));
+ }
+
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java b/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java
deleted file mode 100644
index e4d5456..0000000
--- a/ugsync/src/test/java/org/apache/ranger/unixusersync/process/UnixUserGroupBuilderTest.java
+++ /dev/null
@@ -1,108 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.unixusersync.process;
-
-import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
-import org.junit.Before;
-import org.junit.Test;
-
-import java.util.List;
-import java.util.Map;
-
-import static org.junit.Assert.*;
-import static org.hamcrest.Matchers.*;
-
-public class UnixUserGroupBuilderTest {
- private UserGroupSyncConfig config;
-
- @Before
- public void setUp() throws Exception {
- config = UserGroupSyncConfig.getInstance();
- config.setProperty("ranger.usersync.unix.minUserId", "0");
- config.setProperty("ranger.usersync.unix.minGroupId", "0");
- }
-
- @Test
- public void testBuilderPasswd() throws Throwable {
- config.setProperty("ranger.usersync.unix.backend", "passwd");
-
- UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
- builder.init();
-
- Map<String, String> groups = builder.getGroupId2groupNameMap();
- String name = groups.get("0");
- assertThat(name, anyOf(equalTo("wheel"), equalTo("root")));
-
- Map<String, List<String>> users = builder.getUser2GroupListMap();
- List<String> usergroups = users.get("root");
- assertNotNull(usergroups);
- assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root")));
-
- }
-
- @Test
- public void testBuilderNss() throws Throwable {
- config.setProperty("ranger.usersync.unix.backend", "nss");
-
- UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
- builder.init();
-
- Map<String, String> groups = builder.getGroupId2groupNameMap();
- String name = groups.get("0");
- assertThat(name, anyOf(equalTo("wheel"), equalTo("root")));
-
- Map<String, List<String>> users = builder.getUser2GroupListMap();
- List<String> usergroups = users.get("root");
- assertNotNull(usergroups);
- assertThat(usergroups, anyOf(hasItem("wheel"), hasItem("root")));
- }
-
- @Test
- public void testBuilderExtraGroups() throws Throwable {
- config.setProperty("ranger.usersync.unix.backend", "nss");
- config.setProperty("ranger.usersync.group.enumerategroup", "root,wheel,daemon");
-
- UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
- builder.init();
-
- // this is not a full test as it cannot be mocked sufficiently
- Map<String, String> groups = builder.getGroupId2groupNameMap();
- assertTrue(groups.containsValue("daemon"));
- assertThat(groups, anyOf(hasValue("wheel"), hasValue("root")));
- }
-
- @Test
- public void testMinUidGid() throws Throwable {
- config.setProperty("ranger.usersync.unix.backend", "nss");
- config.setProperty("ranger.usersync.unix.minUserId", "500");
- config.setProperty("ranger.usersync.unix.minGroupId", "500");
-
- UnixUserGroupBuilder builder = new UnixUserGroupBuilder();
- builder.init();
-
- // this is not a full test as it cannot be mocked sufficiently
- Map<String, String> groups = builder.getGroupId2groupNameMap();
- assertFalse(groups.containsValue("wheel"));
-
- Map<String, List<String>> users = builder.getUser2GroupListMap();
- assertNull(users.get("root"));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java
deleted file mode 100644
index 86ce40e..0000000
--- a/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java
+++ /dev/null
@@ -1,566 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.usergroupsync;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-
-import org.apache.directory.server.annotations.CreateLdapConnectionPool;
-import org.apache.directory.server.core.annotations.ApplyLdifFiles;
-import org.apache.directory.server.core.annotations.ContextEntry;
-import org.apache.directory.server.core.annotations.CreateDS;
-import org.apache.directory.server.core.annotations.CreatePartition;
-import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
-import org.apache.directory.server.core.integ.FrameworkRunner;
-import org.apache.directory.server.ldap.LdapServer;
-import org.apache.directory.server.protocol.shared.transport.TcpTransport;
-import org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder;
-import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
-import org.junit.After;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-
-import org.apache.directory.server.core.annotations.CreateIndex;
-
-@RunWith(FrameworkRunner.class)
-@CreateDS(name = "classDS",
-partitions =
-{
- @CreatePartition(
- name = "AD",
- suffix = "DC=ranger,DC=qe,DC=hortonworks,DC=com",
- contextEntry = @ContextEntry(
- entryLdif =
- "dn: DC=ranger,DC=qe,DC=hortonworks,DC=com\n" +
- "objectClass: domain\n" +
- "objectClass: top\n" +
- "dc: example\n\n"
- ),
- indexes =
- {
- @CreateIndex(attribute = "objectClass"),
- @CreateIndex(attribute = "dc"),
- @CreateIndex(attribute = "ou")
- }
- )
-}
- )
-@CreateLdapConnectionPool(
- maxActive = 1,
- maxWait = 5000 )
-@ApplyLdifFiles( {
- "ADSchema.ldif"
-}
- )
-public class LdapUserGroupTest extends AbstractLdapTestUnit{
- private UserGroupSyncConfig config;
- private LdapUserGroupBuilder ldapBuilder;
-
- @Before
- public void setup() throws Exception {
- LdapServer ldapServer = new LdapServer();
- ldapServer.setSaslHost("127.0.0.1");
- ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com");
- String ldapPort = System.getProperty("ldap.port");
- Assert.assertNotNull("Property 'ldap.port' null", ldapPort);
- ldapServer.setTransports(new TcpTransport("127.0.0.1", Integer.parseInt(ldapPort)));
- ldapServer.setDirectoryService(getService());
- ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT );
- setLdapServer(ldapServer);
- getService().startup();
- getLdapServer().start();
- config = UserGroupSyncConfig.getInstance();
- ldapBuilder = new LdapUserGroupBuilder();
- }
-
- @Test
- public void testUpdateSinkTotalUsers() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setPagedResultsEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(109, sink.getTotalUsers());
- }
-
- @Test
- public void testUpdateSinkWithoutPagedResults() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setPagedResultsEnabled(false);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(109, sink.getTotalUsers());
- }
-
- @Test
- public void testUpdateSinkUserFilter() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- //config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))");
- config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(12, sink.getTotalUsers());
- }
-
- @Test
- public void testUpdateSinkTotalGroups() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(10, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkGroupFilter() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=Group19");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(1, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkGroupSearchDisable() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=Group19");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(11, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkMultipleOUs() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- assertEquals(1, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkMultipleOUsNoGroupSearch() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- assertEquals(12, sink.getTotalGroups());
- }
-
- @Test
- public void testMultipleOUGroupsNoGroupSearch() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- assertEquals(12, sink.getTotalGroups());
- }
-
- @Test
- public void testMultipleOUGroupsWithGroupSearch() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- assertEquals(11, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkMultipleOUGroups() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testGroupBasedAllUsers() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(2, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testGroupBasedWithUserFilter() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=User*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(1, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testGroupBasedWithNoUsers() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=Group2*");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(0, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testGroupBasedWithAllUsersAndGroups() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(100, sink.getTotalUsers());
- assertEquals(13, sink.getTotalGroups());
- }
-
- @Test
- public void testGroupBasedWithSingleOU() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(99, sink.getTotalUsers());
- assertEquals(12, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkWithEmptyUserSearchBase() throws Throwable {
- config.setUserSearchBase("");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(false);
- config.setPagedResultsEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(111, sink.getTotalUsers());
- }
-
- @Test
- public void testGBWithUserSearchDisabled() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=User*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(2, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testGBWithNoUsersAndUserSearchDisabled() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=Group2*");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(0, sink.getTotalUsers());
- assertEquals(2, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkShortUserName() throws Throwable {
- config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("uid=*");
- config.setUserObjectClass("posixAccount");
- config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- config.setUserGroupMemberAttributeName("memberuid");
- config.setGroupObjectClass("posixGroup");
- config.setUserSearchEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(1, sink.getTotalUsers());
- assertEquals(3, sink.getTotalGroups());
- }
-
- @Test
- public void testShortUserNameWithGroupBased() throws Throwable {
- config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("uid=*");
- config.setUserObjectClass("posixAccount");
- config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(true);
- config.setUserGroupMemberAttributeName("memberuid");
- config.setGroupObjectClass("posixGroup");
- config.setUserSearchEnabled(true);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(1, sink.getTotalUsers());
- assertEquals(3, sink.getTotalGroups());
- }
-
- @Test
- public void testUpdateSinkWithUserGroupMapping() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("");
- config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
-
- config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g");
- config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]/_/g");
-
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(10, sink.getTotalGroups());
-
- // no user should have an = character because of the mapping
- for (String user : sink.getAllUsers()) {
- assertFalse(user.contains("="));
- }
-
- // no group should have an = character because of the mapping
- for (String group : sink.getAllGroups()) {
- assertFalse(group.contains("="));
- }
- }
-
- @Test
- public void testGBWithInvalidOU() throws Throwable {
- config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
- config.setUserSearchFilter("cn=User*");
- config.setGroupSearchBase("OU=HdpGroup1,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*Group10");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchFirstEnabled(true);
- config.setUserSearchEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(1, sink.getTotalUsers());
- assertEquals(1, sink.getTotalGroups());
- }
-
- @Test
- public void testMultipleOUInvalidOU() throws Throwable {
- config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers1,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setUserSearchFilter("cn=*");
- config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups1,DC=ranger,DC=qe,DC=hortonworks,DC=com");
- config.setGroupSearchFilter("cn=*");
- config.setUserGroupMemberAttributeName("member");
- config.setUserObjectClass("organizationalPerson");
- config.setGroupObjectClass("groupOfNames");
- config.setGroupSearchEnabled(true);
- config.setGroupSearchFirstEnabled(false);
- ldapBuilder.init();
- PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
- sink.init();
- ldapBuilder.updateSink(sink);
- assertEquals(110, sink.getTotalUsers());
- assertEquals(0, sink.getTotalGroups());
- }
-
- @After
- public void shutdown() throws Exception {
- if (getService().isStarted()) {
- getService().shutdown();
- }
- if (getLdapServer().isStarted()) {
- getLdapServer().stop();
- }
- }
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java
deleted file mode 100644
index a93cfe7..0000000
--- a/ugsync/src/test/java/org/apache/ranger/usergroupsync/RegExTest.java
+++ /dev/null
@@ -1,90 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-
-package org.apache.ranger.usergroupsync;
-
-import static org.junit.Assert.*;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.junit.Before;
-import org.junit.Test;
-
-public class RegExTest {
- protected String userNameBaseProperty = "ranger.usersync.mapping.username.regex";
- protected String groupNameBaseProperty = "ranger.usersync.mapping.groupname.regex";
- protected RegEx userNameRegEx = null;
- protected RegEx groupNameRegEx = null;
- List<String> userRegexPatterns = null;
- List<String> groupRegexPatterns = null;
-
- @Before
- public void setUp() throws Exception {
- userNameRegEx = new RegEx();
- //userNameRegEx.init(userNameBaseProperty);
- userRegexPatterns = new ArrayList<String>();
- groupNameRegEx = new RegEx();
- //groupNameRegEx.init(groupNameBaseProperty);
- groupRegexPatterns = new ArrayList<String>();
- }
-
- @Test
- public void testUserNameTransform() throws Throwable {
- userRegexPatterns.add("s/\\s/_/");
- userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
- assertEquals("test_user", userNameRegEx.transform("test user"));
- }
-
- @Test
- public void testGroupNameTransform() throws Throwable {
- groupRegexPatterns.add("s/\\s/_/g");
- groupRegexPatterns.add("s/_/\\$/g");
- groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns);
- assertEquals("ldap$grp", groupNameRegEx.transform("ldap grp"));
- }
-
- @Test
- public void testEmptyTransform() {
- assertEquals("test user", userNameRegEx.transform("test user"));
- assertEquals("ldap grp", groupNameRegEx.transform("ldap grp"));
- }
-
- @Test
- public void testTransform() throws Throwable {
- userRegexPatterns.add("s/\\s/_/g");
- userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
- assertEquals("test_user", userNameRegEx.transform("test user"));
- assertEquals("ldap grp", groupNameRegEx.transform("ldap grp"));
- }
-
- @Test
- public void testTransform1() throws Throwable {
- userRegexPatterns.add("s/\\\\/ /g");
- userRegexPatterns.add("s//_/g");
- userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
- groupRegexPatterns.add("s/\\s/\\$/g");
- groupRegexPatterns.add("s/\\s");
- groupRegexPatterns.add("s/\\$//g");
- groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns);
- assertEquals("test user", userNameRegEx.transform("test\\user"));
- assertEquals("ldapgrp", groupNameRegEx.transform("ldap grp"));
- }
-
-}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
new file mode 100644
index 0000000..81d952e
--- /dev/null
+++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestLdapUserGroup.java
@@ -0,0 +1,566 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.usergroupsync;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+
+import org.apache.directory.server.annotations.CreateLdapConnectionPool;
+import org.apache.directory.server.core.annotations.ApplyLdifFiles;
+import org.apache.directory.server.core.annotations.ContextEntry;
+import org.apache.directory.server.core.annotations.CreateDS;
+import org.apache.directory.server.core.annotations.CreatePartition;
+import org.apache.directory.server.core.integ.AbstractLdapTestUnit;
+import org.apache.directory.server.core.integ.FrameworkRunner;
+import org.apache.directory.server.ldap.LdapServer;
+import org.apache.directory.server.protocol.shared.transport.TcpTransport;
+import org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder;
+import org.apache.ranger.unixusersync.config.UserGroupSyncConfig;
+import org.junit.After;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import org.apache.directory.server.core.annotations.CreateIndex;
+
+@RunWith(FrameworkRunner.class)
+@CreateDS(name = "classDS",
+partitions =
+{
+ @CreatePartition(
+ name = "AD",
+ suffix = "DC=ranger,DC=qe,DC=hortonworks,DC=com",
+ contextEntry = @ContextEntry(
+ entryLdif =
+ "dn: DC=ranger,DC=qe,DC=hortonworks,DC=com\n" +
+ "objectClass: domain\n" +
+ "objectClass: top\n" +
+ "dc: example\n\n"
+ ),
+ indexes =
+ {
+ @CreateIndex(attribute = "objectClass"),
+ @CreateIndex(attribute = "dc"),
+ @CreateIndex(attribute = "ou")
+ }
+ )
+}
+ )
+@CreateLdapConnectionPool(
+ maxActive = 1,
+ maxWait = 5000 )
+@ApplyLdifFiles( {
+ "ADSchema.ldif"
+}
+ )
+public class TestLdapUserGroup extends AbstractLdapTestUnit{
+ private UserGroupSyncConfig config;
+ private LdapUserGroupBuilder ldapBuilder;
+
+ @Before
+ public void setup() throws Exception {
+ LdapServer ldapServer = new LdapServer();
+ ldapServer.setSaslHost("127.0.0.1");
+ ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ String ldapPort = System.getProperty("ldap.port");
+ Assert.assertNotNull("Property 'ldap.port' null", ldapPort);
+ ldapServer.setTransports(new TcpTransport("127.0.0.1", Integer.parseInt(ldapPort)));
+ ldapServer.setDirectoryService(getService());
+ ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT );
+ setLdapServer(ldapServer);
+ getService().startup();
+ getLdapServer().start();
+ config = UserGroupSyncConfig.getInstance();
+ ldapBuilder = new LdapUserGroupBuilder();
+ }
+
+ @Test
+ public void testUpdateSinkTotalUsers() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setPagedResultsEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(109, sink.getTotalUsers());
+ }
+
+ @Test
+ public void testUpdateSinkWithoutPagedResults() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setPagedResultsEnabled(false);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(109, sink.getTotalUsers());
+ }
+
+ @Test
+ public void testUpdateSinkUserFilter() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ //config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))");
+ config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(12, sink.getTotalUsers());
+ }
+
+ @Test
+ public void testUpdateSinkTotalGroups() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(10, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkGroupFilter() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=Group19");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(1, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkGroupSearchDisable() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=Group19");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(11, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkMultipleOUs() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ assertEquals(1, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkMultipleOUsNoGroupSearch() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ assertEquals(12, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testMultipleOUGroupsNoGroupSearch() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ assertEquals(12, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testMultipleOUGroupsWithGroupSearch() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ assertEquals(11, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkMultipleOUGroups() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGroupBasedAllUsers() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(2, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGroupBasedWithUserFilter() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=User*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(1, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGroupBasedWithNoUsers() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=Group2*");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(0, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGroupBasedWithAllUsersAndGroups() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(100, sink.getTotalUsers());
+ assertEquals(13, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGroupBasedWithSingleOU() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(99, sink.getTotalUsers());
+ assertEquals(12, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkWithEmptyUserSearchBase() throws Throwable {
+ config.setUserSearchBase("");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(false);
+ config.setPagedResultsEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(111, sink.getTotalUsers());
+ }
+
+ @Test
+ public void testGBWithUserSearchDisabled() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=User*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(2, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testGBWithNoUsersAndUserSearchDisabled() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=Group2*");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(0, sink.getTotalUsers());
+ assertEquals(2, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkShortUserName() throws Throwable {
+ config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("uid=*");
+ config.setUserObjectClass("posixAccount");
+ config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ config.setUserGroupMemberAttributeName("memberuid");
+ config.setGroupObjectClass("posixGroup");
+ config.setUserSearchEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(1, sink.getTotalUsers());
+ assertEquals(3, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testShortUserNameWithGroupBased() throws Throwable {
+ config.setUserSearchBase("ou=people,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("uid=*");
+ config.setUserObjectClass("posixAccount");
+ config.setGroupSearchBase("OU=pGroups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserGroupMemberAttributeName("memberuid");
+ config.setGroupObjectClass("posixGroup");
+ config.setUserSearchEnabled(true);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(1, sink.getTotalUsers());
+ assertEquals(3, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testUpdateSinkWithUserGroupMapping() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("");
+ config.setGroupSearchBase("OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+
+ config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_USERNAME, "s/[=]/_/g");
+ config.setProperty(UserGroupSyncConfig.SYNC_MAPPING_GROUPNAME, "s/[=]/_/g");
+
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(10, sink.getTotalGroups());
+
+ // no user should have an = character because of the mapping
+ for (String user : sink.getAllUsers()) {
+ assertFalse(user.contains("="));
+ }
+
+ // no group should have an = character because of the mapping
+ for (String group : sink.getAllGroups()) {
+ assertFalse(group.contains("="));
+ }
+ }
+
+ @Test
+ public void testGBWithInvalidOU() throws Throwable {
+ config.setUserSearchBase("DC=ranger,DC=qe,DC=hortonworks,DC=com;");
+ config.setUserSearchFilter("cn=User*");
+ config.setGroupSearchBase("OU=HdpGroup1,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*Group10");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchFirstEnabled(true);
+ config.setUserSearchEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(1, sink.getTotalUsers());
+ assertEquals(1, sink.getTotalGroups());
+ }
+
+ @Test
+ public void testMultipleOUInvalidOU() throws Throwable {
+ config.setUserSearchBase("cn=users,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=HadoopUsers1,DC=ranger,DC=qe,DC=hortonworks,DC=com;ou=BusinessUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setUserSearchFilter("cn=*");
+ config.setGroupSearchBase("OU=HdpGroups,OU=HadoopUsers,DC=ranger,DC=qe,DC=hortonworks,DC=com;OU=Groups1,DC=ranger,DC=qe,DC=hortonworks,DC=com");
+ config.setGroupSearchFilter("cn=*");
+ config.setUserGroupMemberAttributeName("member");
+ config.setUserObjectClass("organizationalPerson");
+ config.setGroupObjectClass("groupOfNames");
+ config.setGroupSearchEnabled(true);
+ config.setGroupSearchFirstEnabled(false);
+ ldapBuilder.init();
+ PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest();
+ sink.init();
+ ldapBuilder.updateSink(sink);
+ assertEquals(110, sink.getTotalUsers());
+ assertEquals(0, sink.getTotalGroups());
+ }
+
+ @After
+ public void shutdown() throws Exception {
+ if (getService().isStarted()) {
+ getService().shutdown();
+ }
+ if (getLdapServer().isStarted()) {
+ getLdapServer().stop();
+ }
+ }
+}
http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/f303c1bd/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java
----------------------------------------------------------------------
diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java
new file mode 100644
index 0000000..cf61d22
--- /dev/null
+++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/TestRegEx.java
@@ -0,0 +1,90 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.ranger.usergroupsync;
+
+import static org.junit.Assert.*;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.junit.Before;
+import org.junit.Test;
+
+public class TestRegEx {
+ protected String userNameBaseProperty = "ranger.usersync.mapping.username.regex";
+ protected String groupNameBaseProperty = "ranger.usersync.mapping.groupname.regex";
+ protected RegEx userNameRegEx = null;
+ protected RegEx groupNameRegEx = null;
+ List<String> userRegexPatterns = null;
+ List<String> groupRegexPatterns = null;
+
+ @Before
+ public void setUp() throws Exception {
+ userNameRegEx = new RegEx();
+ //userNameRegEx.init(userNameBaseProperty);
+ userRegexPatterns = new ArrayList<String>();
+ groupNameRegEx = new RegEx();
+ //groupNameRegEx.init(groupNameBaseProperty);
+ groupRegexPatterns = new ArrayList<String>();
+ }
+
+ @Test
+ public void testUserNameTransform() throws Throwable {
+ userRegexPatterns.add("s/\\s/_/");
+ userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
+ assertEquals("test_user", userNameRegEx.transform("test user"));
+ }
+
+ @Test
+ public void testGroupNameTransform() throws Throwable {
+ groupRegexPatterns.add("s/\\s/_/g");
+ groupRegexPatterns.add("s/_/\\$/g");
+ groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns);
+ assertEquals("ldap$grp", groupNameRegEx.transform("ldap grp"));
+ }
+
+ @Test
+ public void testEmptyTransform() {
+ assertEquals("test user", userNameRegEx.transform("test user"));
+ assertEquals("ldap grp", groupNameRegEx.transform("ldap grp"));
+ }
+
+ @Test
+ public void testTransform() throws Throwable {
+ userRegexPatterns.add("s/\\s/_/g");
+ userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
+ assertEquals("test_user", userNameRegEx.transform("test user"));
+ assertEquals("ldap grp", groupNameRegEx.transform("ldap grp"));
+ }
+
+ @Test
+ public void testTransform1() throws Throwable {
+ userRegexPatterns.add("s/\\\\/ /g");
+ userRegexPatterns.add("s//_/g");
+ userNameRegEx.populateReplacementPatterns(userNameBaseProperty, userRegexPatterns);
+ groupRegexPatterns.add("s/\\s/\\$/g");
+ groupRegexPatterns.add("s/\\s");
+ groupRegexPatterns.add("s/\\$//g");
+ groupNameRegEx.populateReplacementPatterns(userNameBaseProperty, groupRegexPatterns);
+ assertEquals("test user", userNameRegEx.transform("test\\user"));
+ assertEquals("ldapgrp", groupNameRegEx.transform("ldap grp"));
+ }
+
+}