You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by nc...@apache.org on 2016/02/18 14:33:40 UTC
[21/33] ambari git commit: AMBARI-15036. Return privilege information
with results from GroupResourceProvider (rlevas)
AMBARI-15036. Return privilege information with results from GroupResourceProvider (rlevas)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo
Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/5a9bb715
Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/5a9bb715
Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/5a9bb715
Branch: refs/heads/branch-dev-patch-upgrade
Commit: 5a9bb715811f93104cc593215049a861c13d45d0
Parents: c282a0e
Author: Robert Levas <rl...@hortonworks.com>
Authored: Wed Feb 17 14:14:31 2016 -0500
Committer: Robert Levas <rl...@hortonworks.com>
Committed: Wed Feb 17 14:14:39 2016 -0500
----------------------------------------------------------------------
.../api/resources/GroupResourceDefinition.java | 1 +
.../resources/ResourceInstanceFactoryImpl.java | 4 +
.../api/services/GroupPrivilegeService.java | 76 ++++
.../server/api/services/GroupService.java | 11 +
.../internal/DefaultProviderModule.java | 2 +
.../GroupPrivilegeResourceProvider.java | 237 ++++++++++++
.../ambari/server/controller/spi/Resource.java | 2 +
.../api/services/GroupPrivilegeServiceTest.java | 109 ++++++
.../GroupPrivilegeResourceProviderTest.java | 362 +++++++++++++++++++
9 files changed, 804 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/api/resources/GroupResourceDefinition.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/resources/GroupResourceDefinition.java b/ambari-server/src/main/java/org/apache/ambari/server/api/resources/GroupResourceDefinition.java
index 783e04b..57e5e20 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/resources/GroupResourceDefinition.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/resources/GroupResourceDefinition.java
@@ -44,6 +44,7 @@ public class GroupResourceDefinition extends BaseResourceDefinition {
public Set<SubResourceDefinition> getSubResourceDefinitions() {
final Set<SubResourceDefinition> subResourceDefinitions = new HashSet<SubResourceDefinition>();
subResourceDefinitions.add(new SubResourceDefinition(Resource.Type.Member));
+ subResourceDefinitions.add(new SubResourceDefinition(Resource.Type.GroupPrivilege));
return subResourceDefinitions;
}
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java b/ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
index 4c12094..b0160b9 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/resources/ResourceInstanceFactoryImpl.java
@@ -297,6 +297,10 @@ public class ResourceInstanceFactoryImpl implements ResourceInstanceFactory {
resourceDefinition = new PrivilegeResourceDefinition(Resource.Type.UserPrivilege);
break;
+ case GroupPrivilege:
+ resourceDefinition = new PrivilegeResourceDefinition(Resource.Type.GroupPrivilege);
+ break;
+
case ViewPermission:
resourceDefinition = new ViewPermissionResourceDefinition();
break;
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupPrivilegeService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupPrivilegeService.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupPrivilegeService.java
new file mode 100644
index 0000000..290d488
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupPrivilegeService.java
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.api.services;
+
+import org.apache.ambari.server.api.resources.ResourceInstance;
+import org.apache.ambari.server.controller.spi.Resource;
+
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Service responsible for group privilege resource requests.
+ */
+public class GroupPrivilegeService extends PrivilegeService {
+
+ private final String groupName;
+
+ public GroupPrivilegeService(String groupName) {
+ this.groupName = groupName;
+ }
+
+ // ----- PrivilegeService --------------------------------------------------
+
+ @Override
+ public Response createPrivilege(String body, HttpHeaders headers, UriInfo ui) {
+ return Response.status(HttpServletResponse.SC_NOT_IMPLEMENTED).build();
+ }
+
+ @Override
+ public Response updatePrivilege(String body, HttpHeaders headers, UriInfo ui, String privilegeId) {
+ return Response.status(HttpServletResponse.SC_NOT_IMPLEMENTED).build();
+ }
+
+ @Override
+ public Response updatePrivileges(String body, HttpHeaders headers, UriInfo ui) {
+ return Response.status(HttpServletResponse.SC_NOT_IMPLEMENTED).build();
+ }
+
+ @Override
+ public Response deletePrivilege(HttpHeaders headers, UriInfo ui, String privilegeId) {
+ return Response.status(HttpServletResponse.SC_NOT_IMPLEMENTED).build();
+ }
+
+ @Override
+ public Response deletePrivileges(String body, HttpHeaders headers, UriInfo ui) {
+ return Response.status(HttpServletResponse.SC_NOT_IMPLEMENTED).build();
+ }
+
+ @Override
+ protected ResourceInstance createPrivilegeResource(String privilegeId) {
+ final Map<Resource.Type, String> mapIds = new HashMap<Resource.Type, String>();
+ mapIds.put(Resource.Type.Group, groupName);
+ mapIds.put(Resource.Type.GroupPrivilege, privilegeId);
+ return createResource(Resource.Type.GroupPrivilege, mapIds);
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupService.java b/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupService.java
index ee71719..7ecd87f 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupService.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/api/services/GroupService.java
@@ -131,6 +131,17 @@ public class GroupService extends BaseService {
}
/**
+ * Gets the group privilege service
+ */
+ @Path("{groupName}/privileges")
+ public PrivilegeService getPrivilegeService(@Context javax.ws.rs.core.Request request,
+ @PathParam ("groupName") String groupName) {
+
+ return new GroupPrivilegeService(groupName);
+ }
+
+
+ /**
* Create a group resource instance.
*
* @param groupName group name
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
index da334b2..d1d3fe6 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/DefaultProviderModule.java
@@ -84,6 +84,8 @@ public class DefaultProviderModule extends AbstractProviderModule {
return new LdapSyncEventResourceProvider(managementController);
case UserPrivilege:
return new UserPrivilegeResourceProvider();
+ case GroupPrivilege:
+ return new GroupPrivilegeResourceProvider();
case Alert:
return new AlertResourceProvider(managementController);
case AlertDefinition:
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProvider.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProvider.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProvider.java
new file mode 100644
index 0000000..c853514
--- /dev/null
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProvider.java
@@ -0,0 +1,237 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.ambari.server.controller.internal;
+
+import com.google.inject.Inject;
+import org.apache.ambari.server.StaticallyInject;
+import org.apache.ambari.server.controller.spi.NoSuchParentResourceException;
+import org.apache.ambari.server.controller.spi.NoSuchResourceException;
+import org.apache.ambari.server.controller.spi.Predicate;
+import org.apache.ambari.server.controller.spi.Request;
+import org.apache.ambari.server.controller.spi.Resource;
+import org.apache.ambari.server.controller.spi.SystemException;
+import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
+import org.apache.ambari.server.orm.dao.ClusterDAO;
+import org.apache.ambari.server.orm.dao.GroupDAO;
+import org.apache.ambari.server.orm.dao.ViewInstanceDAO;
+import org.apache.ambari.server.orm.entities.ClusterEntity;
+import org.apache.ambari.server.orm.entities.GroupEntity;
+import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
+import org.apache.ambari.server.orm.entities.PrivilegeEntity;
+import org.apache.ambari.server.orm.entities.ViewEntity;
+import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
+import org.apache.ambari.server.security.authorization.AuthorizationException;
+import org.apache.ambari.server.security.authorization.AuthorizationHelper;
+import org.apache.ambari.server.security.authorization.ResourceType;
+import org.apache.ambari.server.security.authorization.RoleAuthorization;
+
+import java.util.EnumSet;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+/**
+ * Resource provider for group privilege resources.
+ */
+@StaticallyInject
+public class GroupPrivilegeResourceProvider extends ReadOnlyResourceProvider {
+
+ protected static final String PRIVILEGE_PRIVILEGE_ID_PROPERTY_ID = PrivilegeResourceProvider.PRIVILEGE_ID_PROPERTY_ID;
+ protected static final String PRIVILEGE_PERMISSION_NAME_PROPERTY_ID = PrivilegeResourceProvider.PERMISSION_NAME_PROPERTY_ID;
+ protected static final String PRIVILEGE_PERMISSION_LABEL_PROPERTY_ID = PrivilegeResourceProvider.PERMISSION_LABEL_PROPERTY_ID;
+ protected static final String PRIVILEGE_PRINCIPAL_NAME_PROPERTY_ID = PrivilegeResourceProvider.PRINCIPAL_NAME_PROPERTY_ID;
+ protected static final String PRIVILEGE_PRINCIPAL_TYPE_PROPERTY_ID = PrivilegeResourceProvider.PRINCIPAL_TYPE_PROPERTY_ID;
+ protected static final String PRIVILEGE_VIEW_NAME_PROPERTY_ID = ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_NAME_PROPERTY_ID;
+ protected static final String PRIVILEGE_VIEW_VERSION_PROPERTY_ID = ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_VERSION_PROPERTY_ID;
+ protected static final String PRIVILEGE_INSTANCE_NAME_PROPERTY_ID = ViewPrivilegeResourceProvider.PRIVILEGE_INSTANCE_NAME_PROPERTY_ID;
+ protected static final String PRIVILEGE_CLUSTER_NAME_PROPERTY_ID = ClusterPrivilegeResourceProvider.PRIVILEGE_CLUSTER_NAME_PROPERTY_ID;
+ protected static final String PRIVILEGE_TYPE_PROPERTY_ID = AmbariPrivilegeResourceProvider.PRIVILEGE_TYPE_PROPERTY_ID;
+ protected static final String PRIVILEGE_GROUP_NAME_PROPERTY_ID = "PrivilegeInfo/group_name";
+
+ /**
+ * Data access object used to obtain cluster entities.
+ */
+ @Inject
+ protected static ClusterDAO clusterDAO;
+
+ /**
+ * Data access object used to obtain group entities.
+ */
+ @Inject
+ protected static GroupDAO groupDAO;
+
+ /**
+ * Data access object used to obtain view instance entities.
+ */
+ @Inject
+ protected static ViewInstanceDAO viewInstanceDAO;
+
+ /**
+ * The property ids for a privilege resource.
+ */
+ private static Set<String> propertyIds = new HashSet<String>();
+
+ static {
+ propertyIds.add(PRIVILEGE_PRIVILEGE_ID_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_PERMISSION_NAME_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_PERMISSION_LABEL_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_PRINCIPAL_NAME_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_PRINCIPAL_TYPE_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_VIEW_NAME_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_VIEW_VERSION_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_INSTANCE_NAME_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_CLUSTER_NAME_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_TYPE_PROPERTY_ID);
+ propertyIds.add(PRIVILEGE_GROUP_NAME_PROPERTY_ID);
+ }
+
+ /**
+ * Static initialization.
+ *
+ * @param clusterDAO the cluster data access object
+ * @param groupDAO the group data access object
+ * @param viewInstanceDAO the view instance data access object
+ */
+ public static void init(ClusterDAO clusterDAO, GroupDAO groupDAO,
+ ViewInstanceDAO viewInstanceDAO) {
+ GroupPrivilegeResourceProvider.clusterDAO = clusterDAO;
+ GroupPrivilegeResourceProvider.groupDAO = groupDAO;
+ GroupPrivilegeResourceProvider.viewInstanceDAO = viewInstanceDAO;
+ }
+
+ @SuppressWarnings("serial")
+ private static Set<String> pkPropertyIds = new HashSet<String>() {
+ {
+ add(PRIVILEGE_PRIVILEGE_ID_PROPERTY_ID);
+ }
+ };
+
+ /**
+ * The key property ids for a privilege resource.
+ */
+ private static Map<Resource.Type, String> keyPropertyIds = new HashMap<Resource.Type, String>();
+
+ static {
+ keyPropertyIds.put(Resource.Type.Group, PRIVILEGE_GROUP_NAME_PROPERTY_ID);
+ keyPropertyIds.put(Resource.Type.GroupPrivilege, PRIVILEGE_PRIVILEGE_ID_PROPERTY_ID);
+ }
+
+
+ /**
+ * Constructor.
+ */
+ public GroupPrivilegeResourceProvider() {
+ super(propertyIds, keyPropertyIds, null);
+
+ EnumSet<RoleAuthorization> requiredAuthorizations = EnumSet.of(RoleAuthorization.AMBARI_ASSIGN_ROLES);
+ setRequiredCreateAuthorizations(requiredAuthorizations);
+ setRequiredDeleteAuthorizations(requiredAuthorizations);
+ setRequiredGetAuthorizations(requiredAuthorizations);
+ setRequiredUpdateAuthorizations(requiredAuthorizations);
+ }
+
+ // ----- PrivilegeResourceProvider -----------------------------------------
+
+ @Override
+ protected Set<String> getPKPropertyIds() {
+ return pkPropertyIds;
+ }
+
+ @Override
+ public Set<Resource> getResources(Request request, Predicate predicate)
+ throws SystemException, UnsupportedPropertyException,
+ NoSuchResourceException, NoSuchParentResourceException {
+ final Set<Resource> resources = new HashSet<Resource>();
+ final Set<String> requestedIds = getRequestPropertyIds(request, predicate);
+
+ // Ensure that the authenticated user has authorization to get this information
+ if (!AuthorizationHelper.isAuthorized(ResourceType.AMBARI, null, RoleAuthorization.AMBARI_MANAGE_GROUPS)) {
+ throw new AuthorizationException();
+ }
+
+ for (Map<String, Object> propertyMap : getPropertyMaps(predicate)) {
+ final String groupName = (String) propertyMap.get(PRIVILEGE_GROUP_NAME_PROPERTY_ID);
+
+ if (groupName != null) {
+ GroupEntity groupEntity = groupDAO.findGroupByName(groupName);
+
+ if (groupEntity == null) {
+ throw new SystemException("Group " + groupName + " was not found");
+ }
+
+ final Set<PrivilegeEntity> privileges = groupEntity.getPrincipal().getPrivileges();
+ for (PrivilegeEntity privilegeEntity : privileges) {
+ resources.add(toResource(privilegeEntity, groupName, requestedIds));
+ }
+ }
+ }
+
+ return resources;
+ }
+
+ /**
+ * Translate the found data into a Resource
+ *
+ * @param privilegeEntity the privilege data
+ * @param groupName the group name
+ * @param requestedIds the relevant request ids
+ * @return a resource
+ */
+ protected Resource toResource(PrivilegeEntity privilegeEntity, Object groupName, Set<String> requestedIds) {
+ final ResourceImpl resource = new ResourceImpl(Resource.Type.GroupPrivilege);
+
+ setResourceProperty(resource, PRIVILEGE_GROUP_NAME_PROPERTY_ID, groupName, requestedIds);
+ setResourceProperty(resource, PRIVILEGE_PRIVILEGE_ID_PROPERTY_ID, privilegeEntity.getId(), requestedIds);
+ setResourceProperty(resource, PRIVILEGE_PERMISSION_NAME_PROPERTY_ID, privilegeEntity.getPermission().getPermissionName(), requestedIds);
+ setResourceProperty(resource, PRIVILEGE_PERMISSION_LABEL_PROPERTY_ID, privilegeEntity.getPermission().getPermissionLabel(), requestedIds);
+ setResourceProperty(resource, PRIVILEGE_PRINCIPAL_TYPE_PROPERTY_ID, privilegeEntity.getPrincipal().getPrincipalType().getName(), requestedIds);
+
+ final String principalTypeName = privilegeEntity.getPrincipal().getPrincipalType().getName();
+ if (principalTypeName.equals(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE_NAME)) {
+ final GroupEntity groupEntity = groupDAO.findGroupByPrincipal(privilegeEntity.getPrincipal());
+ setResourceProperty(resource, PRIVILEGE_PRINCIPAL_NAME_PROPERTY_ID, groupEntity.getGroupName(), requestedIds);
+ }
+
+ String typeName = privilegeEntity.getResource().getResourceType().getName();
+ ResourceType resourceType = ResourceType.translate(typeName);
+ if (resourceType != null) {
+ switch (resourceType) {
+ case AMBARI:
+ // there is nothing special to add for this case
+ break;
+ case CLUSTER:
+ final ClusterEntity clusterEntity = clusterDAO.findByResourceId(privilegeEntity.getResource().getId());
+ setResourceProperty(resource, PRIVILEGE_CLUSTER_NAME_PROPERTY_ID, clusterEntity.getClusterName(), requestedIds);
+ break;
+ case VIEW:
+ final ViewInstanceEntity viewInstanceEntity = viewInstanceDAO.findByResourceId(privilegeEntity.getResource().getId());
+ final ViewEntity viewEntity = viewInstanceEntity.getViewEntity();
+
+ setResourceProperty(resource, PRIVILEGE_VIEW_NAME_PROPERTY_ID, viewEntity.getCommonName(), requestedIds);
+ setResourceProperty(resource, PRIVILEGE_VIEW_VERSION_PROPERTY_ID, viewEntity.getVersion(), requestedIds);
+ setResourceProperty(resource, PRIVILEGE_INSTANCE_NAME_PROPERTY_ID, viewInstanceEntity.getName(), requestedIds);
+ break;
+ }
+
+ setResourceProperty(resource, PRIVILEGE_TYPE_PROPERTY_ID, resourceType.name(), requestedIds);
+ }
+
+ return resource;
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java
index f5fa5f1..db41f10 100644
--- a/ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java
+++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/spi/Resource.java
@@ -130,6 +130,7 @@ public interface Resource {
StackLevelConfiguration,
LdapSyncEvent,
UserPrivilege,
+ GroupPrivilege,
RepositoryVersion,
CompatibleRepositoryVersion,
ClusterStackVersion,
@@ -241,6 +242,7 @@ public interface Resource {
public static final Type StackLevelConfiguration = InternalType.StackLevelConfiguration.getType();
public static final Type LdapSyncEvent = InternalType.LdapSyncEvent.getType();
public static final Type UserPrivilege = InternalType.UserPrivilege.getType();
+ public static final Type GroupPrivilege = InternalType.GroupPrivilege.getType();
public static final Type RepositoryVersion = InternalType.RepositoryVersion.getType();
public static final Type CompatibleRepositoryVersion = InternalType.CompatibleRepositoryVersion.getType();
public static final Type ClusterStackVersion = InternalType.ClusterStackVersion.getType();
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/test/java/org/apache/ambari/server/api/services/GroupPrivilegeServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/services/GroupPrivilegeServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/services/GroupPrivilegeServiceTest.java
new file mode 100644
index 0000000..7d2188f
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/GroupPrivilegeServiceTest.java
@@ -0,0 +1,109 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.api.services;
+
+import junit.framework.Assert;
+import org.apache.ambari.server.api.resources.ResourceInstance;
+import org.apache.ambari.server.api.services.parsers.RequestBodyParser;
+import org.apache.ambari.server.api.services.serializers.ResultSerializer;
+import org.apache.ambari.server.controller.spi.Resource.Type;
+import org.easymock.EasyMock;
+import org.junit.Test;
+
+import javax.servlet.http.HttpServletResponse;
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+import javax.ws.rs.core.UriInfo;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * Unit tests for GroupService.
+ */
+public class GroupPrivilegeServiceTest extends BaseServiceTest {
+
+ public List<ServiceTestInvocation> getTestInvocations() throws Exception {
+ List<ServiceTestInvocation> listInvocations = new ArrayList<ServiceTestInvocation>();
+
+ GroupPrivilegeService groupPrivilegeService;
+ Method m;
+ Object[] args;
+
+ //getPrivilege
+ groupPrivilegeService = new TestGroupPrivilegeService();
+ m = groupPrivilegeService.getClass().getMethod("getPrivilege", HttpHeaders.class, UriInfo.class, String.class);
+ args = new Object[] {getHttpHeaders(), getUriInfo(), "id"};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.GET, groupPrivilegeService, m, args, null));
+
+ //getPrivileges
+ groupPrivilegeService = new TestGroupPrivilegeService();
+ m = groupPrivilegeService.getClass().getMethod("getPrivileges", HttpHeaders.class, UriInfo.class);
+ args = new Object[] {getHttpHeaders(), getUriInfo()};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.GET, groupPrivilegeService, m, args, null));
+
+ return listInvocations;
+ }
+
+ @Test
+ public void testDisabledMethods() {
+ final HttpHeaders headers = EasyMock.createNiceMock(HttpHeaders.class);
+ final UriInfo uriInfo = EasyMock.createNiceMock(UriInfo.class);
+ final GroupPrivilegeService service = new TestGroupPrivilegeService();
+
+ final List<Response> disabledMethods = new ArrayList<Response>();
+ disabledMethods.add(service.createPrivilege("test", headers, uriInfo));
+ disabledMethods.add(service.updatePrivilege("test", headers, uriInfo, "test"));
+ disabledMethods.add(service.updatePrivileges("test", headers, uriInfo));
+ disabledMethods.add(service.deletePrivilege(headers, uriInfo, "test"));
+ disabledMethods.add(service.deletePrivileges("test", headers, uriInfo));
+
+ for (Response response: disabledMethods) {
+ Assert.assertEquals(HttpServletResponse.SC_NOT_IMPLEMENTED, response.getStatus());
+ }
+ }
+
+ private class TestGroupPrivilegeService extends GroupPrivilegeService {
+
+ public TestGroupPrivilegeService() {
+ super("group");
+ }
+
+ @Override
+ protected ResourceInstance createResource(Type type, Map<Type, String> mapIds) {
+ return getTestResource();
+ }
+
+ @Override
+ RequestFactory getRequestFactory() {
+ return getTestRequestFactory();
+ }
+
+ @Override
+ protected RequestBodyParser getBodyParser() {
+ return getTestBodyParser();
+ }
+
+ @Override
+ protected ResultSerializer getResultSerializer() {
+ return getTestResultSerializer();
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/5a9bb715/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProviderTest.java
new file mode 100644
index 0000000..205f467
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/GroupPrivilegeResourceProviderTest.java
@@ -0,0 +1,362 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.controller.internal;
+
+import junit.framework.Assert;
+import org.apache.ambari.server.controller.spi.Predicate;
+import org.apache.ambari.server.controller.spi.Request;
+import org.apache.ambari.server.controller.spi.Resource;
+import org.apache.ambari.server.controller.spi.SystemException;
+import org.apache.ambari.server.controller.utilities.PredicateBuilder;
+import org.apache.ambari.server.controller.utilities.PropertyHelper;
+import org.apache.ambari.server.orm.dao.ClusterDAO;
+import org.apache.ambari.server.orm.dao.GroupDAO;
+import org.apache.ambari.server.orm.dao.ViewInstanceDAO;
+import org.apache.ambari.server.orm.entities.ClusterEntity;
+import org.apache.ambari.server.orm.entities.MemberEntity;
+import org.apache.ambari.server.orm.entities.PermissionEntity;
+import org.apache.ambari.server.orm.entities.PrincipalEntity;
+import org.apache.ambari.server.orm.entities.PrincipalTypeEntity;
+import org.apache.ambari.server.orm.entities.PrivilegeEntity;
+import org.apache.ambari.server.orm.entities.ResourceEntity;
+import org.apache.ambari.server.orm.entities.ResourceTypeEntity;
+import org.apache.ambari.server.orm.entities.GroupEntity;
+import org.apache.ambari.server.orm.entities.ViewEntity;
+import org.apache.ambari.server.orm.entities.ViewInstanceEntity;
+import org.apache.ambari.server.security.TestAuthenticationFactory;
+import org.apache.ambari.server.security.authorization.AuthorizationException;
+import org.apache.ambari.server.security.authorization.ResourceType;
+import org.easymock.EasyMockSupport;
+import org.junit.Test;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+import static org.easymock.EasyMock.anyObject;
+import static org.easymock.EasyMock.expect;
+
+/**
+ * GroupPrivilegeResourceProvider tests.
+ */
+public class GroupPrivilegeResourceProviderTest extends EasyMockSupport {
+
+ @Test(expected = SystemException.class)
+ public void testCreateResources() throws Exception {
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
+ GroupPrivilegeResourceProvider resourceProvider = new GroupPrivilegeResourceProvider();
+ resourceProvider.createResources(createNiceMock(Request.class));
+ }
+
+ @Test
+ public void testGetResources_Administrator() throws Exception {
+ getResourcesTest(TestAuthenticationFactory.createAdministrator("admin"), "Group1");
+ }
+
+ @Test(expected = AuthorizationException.class)
+ public void testGetResources_NonAdministrator() throws Exception {
+ getResourcesTest(TestAuthenticationFactory.createClusterAdministrator("user1", 2L), "Group1");
+ }
+
+ @Test(expected = SystemException.class)
+ public void testUpdateResources() throws Exception {
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
+ GroupPrivilegeResourceProvider resourceProvider = new GroupPrivilegeResourceProvider();
+ resourceProvider.updateResources(createNiceMock(Request.class), createNiceMock(Predicate.class));
+ }
+
+ @Test(expected = SystemException.class)
+ public void testDeleteResources() throws Exception {
+ SecurityContextHolder.getContext().setAuthentication(TestAuthenticationFactory.createClusterAdministrator("user1", 2L));
+ GroupPrivilegeResourceProvider resourceProvider = new GroupPrivilegeResourceProvider();
+ resourceProvider.deleteResources(createNiceMock(Predicate.class));
+ }
+
+ @Test
+ public void testToResource_AMBARI() {
+ PermissionEntity permissionEntity = createMock(PermissionEntity.class);
+ expect(permissionEntity.getPermissionName()).andReturn("ADMINISTRATOR").atLeastOnce();
+ expect(permissionEntity.getPermissionLabel()).andReturn("Administrator").atLeastOnce();
+
+ PrincipalTypeEntity principalTypeEntity = createMock(PrincipalTypeEntity.class);
+ expect(principalTypeEntity.getName()).andReturn("GROUP").atLeastOnce();
+
+ PrincipalEntity principalEntity = createMock(PrincipalEntity.class);
+ expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).atLeastOnce();
+
+ ResourceTypeEntity resourceTypeEntity = createMock(ResourceTypeEntity.class);
+ expect(resourceTypeEntity.getName()).andReturn("AMBARI").atLeastOnce();
+
+ ResourceEntity resourceEntity = createMock(ResourceEntity.class);
+ expect(resourceEntity.getResourceType()).andReturn(resourceTypeEntity).atLeastOnce();
+
+ PrivilegeEntity privilegeEntity = createMock(PrivilegeEntity.class);
+ expect(privilegeEntity.getId()).andReturn(1).atLeastOnce();
+ expect(privilegeEntity.getPermission()).andReturn(permissionEntity).atLeastOnce();
+ expect(privilegeEntity.getPrincipal()).andReturn(principalEntity).atLeastOnce();
+ expect(privilegeEntity.getResource()).andReturn(resourceEntity).atLeastOnce();
+
+ GroupEntity groupEntity = createMock(GroupEntity.class);
+ expect(groupEntity.getGroupName()).andReturn("group1").atLeastOnce();
+
+ GroupDAO groupDAO = createMock(GroupDAO.class);
+ expect(groupDAO.findGroupByPrincipal(anyObject(PrincipalEntity.class))).andReturn(groupEntity).anyTimes();
+
+ ClusterDAO clusterDAO = createMock(ClusterDAO.class);
+ ViewInstanceDAO viewInstanceDAO = createMock(ViewInstanceDAO.class);
+
+ replayAll();
+
+ GroupPrivilegeResourceProvider.init(clusterDAO, groupDAO, viewInstanceDAO);
+ GroupPrivilegeResourceProvider provider = new GroupPrivilegeResourceProvider();
+ Resource resource = provider.toResource(privilegeEntity, "group1", provider.getPropertyIds());
+
+ Assert.assertEquals(ResourceType.AMBARI.name(), resource.getPropertyValue(GroupPrivilegeResourceProvider.PRIVILEGE_TYPE_PROPERTY_ID));
+
+ verifyAll();
+ }
+
+ @Test
+ public void testToResource_CLUSTER() {
+ PermissionEntity permissionEntity = createMock(PermissionEntity.class);
+ expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.ADMINISTRATOR").atLeastOnce();
+ expect(permissionEntity.getPermissionLabel()).andReturn("Cluster Administrator").atLeastOnce();
+
+ PrincipalTypeEntity principalTypeEntity = createMock(PrincipalTypeEntity.class);
+ expect(principalTypeEntity.getName()).andReturn("GROUP").atLeastOnce();
+
+ PrincipalEntity principalEntity = createMock(PrincipalEntity.class);
+ expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).atLeastOnce();
+
+ ClusterEntity clusterEntity = createMock(ClusterEntity.class);
+ expect(clusterEntity.getClusterName()).andReturn("TestCluster").atLeastOnce();
+
+ ResourceTypeEntity resourceTypeEntity = createMock(ResourceTypeEntity.class);
+ expect(resourceTypeEntity.getName()).andReturn("CLUSTER").atLeastOnce();
+
+ ResourceEntity resourceEntity = createMock(ResourceEntity.class);
+ expect(resourceEntity.getId()).andReturn(1L).atLeastOnce();
+ expect(resourceEntity.getResourceType()).andReturn(resourceTypeEntity).atLeastOnce();
+
+ PrivilegeEntity privilegeEntity = createMock(PrivilegeEntity.class);
+ expect(privilegeEntity.getId()).andReturn(1).atLeastOnce();
+ expect(privilegeEntity.getPermission()).andReturn(permissionEntity).atLeastOnce();
+ expect(privilegeEntity.getPrincipal()).andReturn(principalEntity).atLeastOnce();
+ expect(privilegeEntity.getResource()).andReturn(resourceEntity).atLeastOnce();
+
+ GroupEntity groupEntity = createMock(GroupEntity.class);
+ expect(groupEntity.getGroupName()).andReturn("group1").atLeastOnce();
+
+ ClusterDAO clusterDAO = createMock(ClusterDAO.class);
+ expect(clusterDAO.findByResourceId(1L)).andReturn(clusterEntity).atLeastOnce();
+
+ ViewInstanceDAO viewInstanceDAO = createMock(ViewInstanceDAO.class);
+
+ GroupDAO groupDAO = createMock(GroupDAO.class);
+ expect(groupDAO.findGroupByPrincipal(anyObject(PrincipalEntity.class))).andReturn(groupEntity).anyTimes();
+
+ replayAll();
+
+ GroupPrivilegeResourceProvider.init(clusterDAO, groupDAO, viewInstanceDAO);
+ GroupPrivilegeResourceProvider provider = new GroupPrivilegeResourceProvider();
+ Resource resource = provider.toResource(privilegeEntity, "group1", provider.getPropertyIds());
+
+ Assert.assertEquals("TestCluster", resource.getPropertyValue(ClusterPrivilegeResourceProvider.PRIVILEGE_CLUSTER_NAME_PROPERTY_ID));
+ Assert.assertEquals(ResourceType.CLUSTER.name(), resource.getPropertyValue(GroupPrivilegeResourceProvider.PRIVILEGE_TYPE_PROPERTY_ID));
+
+ verifyAll();
+ }
+
+ @Test
+ public void testToResource_VIEW() {
+ PermissionEntity permissionEntity = createMock(PermissionEntity.class);
+ expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.ADMINISTRATOR").atLeastOnce();
+ expect(permissionEntity.getPermissionLabel()).andReturn("Cluster Administrator").atLeastOnce();
+
+ PrincipalTypeEntity principalTypeEntity = createMock(PrincipalTypeEntity.class);
+ expect(principalTypeEntity.getName()).andReturn("GROUP").atLeastOnce();
+
+ PrincipalEntity principalEntity = createMock(PrincipalEntity.class);
+ expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).atLeastOnce();
+
+ ViewEntity viewEntity = createMock(ViewEntity.class);
+ expect(viewEntity.getCommonName()).andReturn("TestView").atLeastOnce();
+ expect(viewEntity.getVersion()).andReturn("1.2.3.4").atLeastOnce();
+
+ ViewInstanceEntity viewInstanceEntity = createMock(ViewInstanceEntity.class);
+ expect(viewInstanceEntity.getViewEntity()).andReturn(viewEntity).atLeastOnce();
+ expect(viewInstanceEntity.getName()).andReturn("Test View").atLeastOnce();
+
+ ResourceTypeEntity resourceTypeEntity = createMock(ResourceTypeEntity.class);
+ expect(resourceTypeEntity.getName()).andReturn("VIEW").atLeastOnce();
+
+ ResourceEntity resourceEntity = createMock(ResourceEntity.class);
+ expect(resourceEntity.getId()).andReturn(1L).atLeastOnce();
+ expect(resourceEntity.getResourceType()).andReturn(resourceTypeEntity).atLeastOnce();
+
+ PrivilegeEntity privilegeEntity = createMock(PrivilegeEntity.class);
+ expect(privilegeEntity.getId()).andReturn(1).atLeastOnce();
+ expect(privilegeEntity.getPermission()).andReturn(permissionEntity).atLeastOnce();
+ expect(privilegeEntity.getPrincipal()).andReturn(principalEntity).atLeastOnce();
+ expect(privilegeEntity.getResource()).andReturn(resourceEntity).atLeastOnce();
+
+ GroupEntity groupEntity = createMock(GroupEntity.class);
+ expect(groupEntity.getGroupName()).andReturn("group1").atLeastOnce();
+
+ ClusterDAO clusterDAO = createMock(ClusterDAO.class);
+
+ ViewInstanceDAO viewInstanceDAO = createMock(ViewInstanceDAO.class);
+ expect(viewInstanceDAO.findByResourceId(1L)).andReturn(viewInstanceEntity).atLeastOnce();
+
+ GroupDAO groupDAO = createMock(GroupDAO.class);
+ expect(groupDAO.findGroupByPrincipal(anyObject(PrincipalEntity.class))).andReturn(groupEntity).anyTimes();
+
+ replayAll();
+
+ GroupPrivilegeResourceProvider.init(clusterDAO, groupDAO, viewInstanceDAO);
+ GroupPrivilegeResourceProvider provider = new GroupPrivilegeResourceProvider();
+ Resource resource = provider.toResource(privilegeEntity, "group1", provider.getPropertyIds());
+
+ Assert.assertEquals("Test View", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_INSTANCE_NAME_PROPERTY_ID));
+ Assert.assertEquals("TestView", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_NAME_PROPERTY_ID));
+ Assert.assertEquals("1.2.3.4", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_VERSION_PROPERTY_ID));
+ Assert.assertEquals(ResourceType.VIEW.name(), resource.getPropertyValue(GroupPrivilegeResourceProvider.PRIVILEGE_TYPE_PROPERTY_ID));
+
+ verifyAll();
+ }
+
+ @Test
+ public void testToResource_SpecificVIEW() {
+ PermissionEntity permissionEntity = createMock(PermissionEntity.class);
+ expect(permissionEntity.getPermissionName()).andReturn("CLUSTER.ADMINISTRATOR").atLeastOnce();
+ expect(permissionEntity.getPermissionLabel()).andReturn("Cluster Administrator").atLeastOnce();
+
+ PrincipalTypeEntity principalTypeEntity = createMock(PrincipalTypeEntity.class);
+ expect(principalTypeEntity.getName()).andReturn("GROUP").atLeastOnce();
+
+ PrincipalEntity principalEntity = createMock(PrincipalEntity.class);
+ expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).atLeastOnce();
+
+ ViewEntity viewEntity = createMock(ViewEntity.class);
+ expect(viewEntity.getCommonName()).andReturn("TestView").atLeastOnce();
+ expect(viewEntity.getVersion()).andReturn("1.2.3.4").atLeastOnce();
+
+ ViewInstanceEntity viewInstanceEntity = createMock(ViewInstanceEntity.class);
+ expect(viewInstanceEntity.getViewEntity()).andReturn(viewEntity).atLeastOnce();
+ expect(viewInstanceEntity.getName()).andReturn("Test View").atLeastOnce();
+
+ ResourceTypeEntity resourceTypeEntity = createMock(ResourceTypeEntity.class);
+ expect(resourceTypeEntity.getName()).andReturn("TestView{1.2.3.4}").atLeastOnce();
+
+ ResourceEntity resourceEntity = createMock(ResourceEntity.class);
+ expect(resourceEntity.getId()).andReturn(1L).atLeastOnce();
+ expect(resourceEntity.getResourceType()).andReturn(resourceTypeEntity).atLeastOnce();
+
+ PrivilegeEntity privilegeEntity = createMock(PrivilegeEntity.class);
+ expect(privilegeEntity.getId()).andReturn(1).atLeastOnce();
+ expect(privilegeEntity.getPermission()).andReturn(permissionEntity).atLeastOnce();
+ expect(privilegeEntity.getPrincipal()).andReturn(principalEntity).atLeastOnce();
+ expect(privilegeEntity.getResource()).andReturn(resourceEntity).atLeastOnce();
+
+ GroupEntity groupEntity = createMock(GroupEntity.class);
+ expect(groupEntity.getGroupName()).andReturn("group1").atLeastOnce();
+
+ ClusterDAO clusterDAO = createMock(ClusterDAO.class);
+
+ ViewInstanceDAO viewInstanceDAO = createMock(ViewInstanceDAO.class);
+ expect(viewInstanceDAO.findByResourceId(1L)).andReturn(viewInstanceEntity).atLeastOnce();
+
+ GroupDAO groupDAO = createMock(GroupDAO.class);
+ expect(groupDAO.findGroupByPrincipal(anyObject(PrincipalEntity.class))).andReturn(groupEntity).anyTimes();
+
+ replayAll();
+
+ GroupPrivilegeResourceProvider.init(clusterDAO, groupDAO, viewInstanceDAO);
+ GroupPrivilegeResourceProvider provider = new GroupPrivilegeResourceProvider();
+ Resource resource = provider.toResource(privilegeEntity, "group1", provider.getPropertyIds());
+
+ Assert.assertEquals("Test View", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_INSTANCE_NAME_PROPERTY_ID));
+ Assert.assertEquals("TestView", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_NAME_PROPERTY_ID));
+ Assert.assertEquals("1.2.3.4", resource.getPropertyValue(ViewPrivilegeResourceProvider.PRIVILEGE_VIEW_VERSION_PROPERTY_ID));
+ Assert.assertEquals(ResourceType.VIEW.name(), resource.getPropertyValue(GroupPrivilegeResourceProvider.PRIVILEGE_TYPE_PROPERTY_ID));
+
+ verifyAll();
+ }
+
+ private void getResourcesTest(Authentication authentication, String requestedGroupName) throws Exception {
+ final GroupPrivilegeResourceProvider resourceProvider = new GroupPrivilegeResourceProvider();
+ final GroupDAO groupDAO = createNiceMock(GroupDAO.class);
+ final ClusterDAO clusterDAO = createNiceMock(ClusterDAO.class);
+ final ViewInstanceDAO viewInstanceDAO = createNiceMock(ViewInstanceDAO.class);
+ final GroupEntity groupEntity = createNiceMock(GroupEntity.class);
+ final PrincipalEntity principalEntity = createNiceMock(PrincipalEntity.class);
+ final PrivilegeEntity privilegeEntity = createNiceMock(PrivilegeEntity.class);
+ final PermissionEntity permissionEntity = createNiceMock(PermissionEntity.class);
+ final PrincipalTypeEntity principalTypeEntity = createNiceMock(PrincipalTypeEntity.class);
+ final ResourceEntity resourceEntity = createNiceMock(ResourceEntity.class);
+ final ResourceTypeEntity resourceTypeEntity = createNiceMock(ResourceTypeEntity.class);
+
+ expect(groupDAO.findGroupByName(requestedGroupName)).andReturn(groupEntity).anyTimes();
+ expect(groupEntity.getPrincipal()).andReturn(principalEntity).anyTimes();
+ expect(groupEntity.getMemberEntities()).andReturn(Collections.<MemberEntity>emptySet()).anyTimes();
+ expect(privilegeEntity.getPermission()).andReturn(permissionEntity).anyTimes();
+ expect(privilegeEntity.getPrincipal()).andReturn(principalEntity).anyTimes();
+ expect(principalEntity.getPrincipalType()).andReturn(principalTypeEntity).anyTimes();
+ expect(principalTypeEntity.getName()).andReturn(PrincipalTypeEntity.GROUP_PRINCIPAL_TYPE_NAME).anyTimes();
+ expect(principalEntity.getPrivileges()).andReturn(new HashSet<PrivilegeEntity>() {
+ {
+ add(privilegeEntity);
+ }
+ }).anyTimes();
+ expect(groupDAO.findGroupByPrincipal(anyObject(PrincipalEntity.class))).andReturn(groupEntity).anyTimes();
+ expect(groupEntity.getGroupName()).andReturn(requestedGroupName).anyTimes();
+ expect(privilegeEntity.getResource()).andReturn(resourceEntity).anyTimes();
+ expect(resourceEntity.getResourceType()).andReturn(resourceTypeEntity).anyTimes();
+ expect(resourceTypeEntity.getName()).andReturn(ResourceType.AMBARI.name());
+
+ replayAll();
+
+ GroupPrivilegeResourceProvider.init(clusterDAO, groupDAO, viewInstanceDAO);
+
+ final Set<String> propertyIds = new HashSet<String>();
+ propertyIds.add(GroupPrivilegeResourceProvider.PRIVILEGE_GROUP_NAME_PROPERTY_ID);
+
+ final Predicate predicate = new PredicateBuilder()
+ .property(GroupPrivilegeResourceProvider.PRIVILEGE_GROUP_NAME_PROPERTY_ID)
+ .equals(requestedGroupName)
+ .toPredicate();
+ Request request = PropertyHelper.getReadRequest(propertyIds);
+
+ // Set the authenticated group to a administrator
+ SecurityContextHolder.getContext().setAuthentication(authentication);
+
+ Set<Resource> resources = resourceProvider.getResources(request, predicate);
+
+ Assert.assertEquals(1, resources.size());
+ for (Resource resource : resources) {
+ String groupName = (String) resource.getPropertyValue(GroupPrivilegeResourceProvider.PRIVILEGE_GROUP_NAME_PROPERTY_ID);
+ Assert.assertEquals(requestedGroupName, groupName);
+ }
+
+ verifyAll();
+ }
+
+}