You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@ambari.apache.org by nc...@apache.org on 2015/10/02 23:12:18 UTC
[14/32] ambari git commit: AMBARI-13214. Create a credentials
resource used to securely set, update,
and remove credentials used by Ambari (rlevas)
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/main/java/org/apache/ambari/server/security/encryption/InMemoryCredentialStoreService.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/encryption/InMemoryCredentialStoreService.java b/ambari-server/src/main/java/org/apache/ambari/server/security/encryption/InMemoryCredentialStoreService.java
deleted file mode 100644
index 08d84fc..0000000
--- a/ambari-server/src/main/java/org/apache/ambari/server/security/encryption/InMemoryCredentialStoreService.java
+++ /dev/null
@@ -1,143 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package org.apache.ambari.server.security.encryption;
-
-import com.google.common.cache.Cache;
-import com.google.common.cache.CacheBuilder;
-import org.apache.ambari.server.AmbariException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import java.security.KeyStore;
-import java.util.concurrent.Executors;
-import java.util.concurrent.ThreadFactory;
-import java.util.concurrent.TimeUnit;
-
-/**
- * InMemoryCredentialStoreService is a CredentialStoreService implementation that creates and manages
- * a JCEKS (Java Cryptography Extension KeyStore) in memory. The key store and its contents are
- * encrypted using the key from the supplied {@link MasterKeyService}.
- * <p/>
- * This class handles the details of the in-memory storage buffer and associated input and output
- * streams. Each credential is stored in its own KeyStore that may be be purged upon some
- * retention timeout - if specified.
- */
-public class InMemoryCredentialStoreService extends CredentialStoreServiceImpl {
- private static final Logger LOG = LoggerFactory.getLogger(InMemoryCredentialStoreService.class);
-
- /**
- * A cache containing the KeyStore data
- */
- private final Cache<String, KeyStore> cache;
-
- /**
- * Constructs a new InMemoryCredentialStoreService where credentials have no retention timeout
- */
- public InMemoryCredentialStoreService() {
- this(0, TimeUnit.MINUTES, false);
- }
-
- /**
- * Constructs a new InMemoryCredentialStoreService with a specified credential timeout
- *
- * @param retentionDuration the time in some units to keep stored credentials, from the time they are added
- * @param units the units for the retention duration (minutes, seconds, etc...)
- * @param activelyPurge true to actively purge credentials after the retention time has expired;
- * otherwise false, to passively purge credentials after the retention time has expired
- */
- public InMemoryCredentialStoreService(final long retentionDuration, final TimeUnit units, boolean activelyPurge) {
- CacheBuilder<Object, Object> builder = CacheBuilder.newBuilder();
-
- // If the retentionDuration is less the 1, then no retention policy is to be enforced
- if (retentionDuration > 0) {
- // If actively purging expired credentials, set up a timer to periodically clean the cache
- if (activelyPurge) {
- ThreadFactory threadFactory = new ThreadFactory() {
- @Override
- public Thread newThread(Runnable runnable) {
- Thread t = Executors.defaultThreadFactory().newThread(runnable);
- if (t != null) {
- t.setName(String.format("%s active cleanup timer", InMemoryCredentialStoreService.class.getSimpleName()));
- t.setDaemon(true);
- }
- return t;
- }
- };
- Runnable runnable = new Runnable() {
- @Override
- public void run() {
- if (LOG.isDebugEnabled()) {
- LOG.debug("Cleaning up cache due to retention timeout of {} milliseconds",
- units.toMillis(retentionDuration));
- }
- cache.cleanUp();
- }
- };
-
- Executors.newSingleThreadScheduledExecutor(threadFactory).schedule(runnable, 1, TimeUnit.MINUTES);
- }
-
- builder.expireAfterWrite(retentionDuration, units);
- }
-
- cache = builder.build();
- }
-
- @Override
- public void addCredential(String alias, char[] value) throws AmbariException {
- if ((alias == null) || alias.isEmpty()) {
- throw new IllegalArgumentException("Alias cannot be null or empty.");
- }
-
- KeyStore keyStore = loadKeyStore(null, DEFAULT_STORE_TYPE);
- addCredential(keyStore, alias, value);
- cache.put(alias, keyStore);
- }
-
- @Override
- public char[] getCredential(String alias) throws AmbariException {
- char[] credential = null;
-
- if ((alias != null) && !alias.isEmpty()) {
- KeyStore keyStore = cache.getIfPresent(alias);
- if (keyStore != null) {
- credential = getCredential(keyStore, alias);
- }
- }
-
- return credential;
- }
-
- @Override
- public void removeCredential(String alias) throws AmbariException {
- if (alias != null) {
- cache.invalidate(alias);
- }
- }
-
- @Override
- protected void persistCredentialStore(KeyStore keyStore) throws AmbariException {
- throw new UnsupportedOperationException();
- }
-
- @Override
- protected KeyStore loadCredentialStore() throws AmbariException {
- throw new UnsupportedOperationException();
- }
-}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/api/resources/CredentialResourceDefinitionTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/resources/CredentialResourceDefinitionTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/resources/CredentialResourceDefinitionTest.java
new file mode 100644
index 0000000..00f5611
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/resources/CredentialResourceDefinitionTest.java
@@ -0,0 +1,62 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.api.resources;
+
+import org.apache.ambari.server.controller.spi.Resource;
+import org.junit.Assert;
+import org.junit.Test;
+
+import java.util.Collection;
+
+/**
+ * CredentialResourceDefinitionTest tests.
+ */
+public class CredentialResourceDefinitionTest {
+
+ @Test
+ public void testGetType() throws Exception {
+ CredentialResourceDefinition definition = new CredentialResourceDefinition();
+ Assert.assertEquals(Resource.Type.Credential, definition.getType());
+ }
+
+ @Test
+ public void testGetPluralName() throws Exception {
+ CredentialResourceDefinition definition = new CredentialResourceDefinition();
+ Assert.assertEquals("credentials", definition.getPluralName());
+ }
+
+ @Test
+ public void testGetSingularName() throws Exception {
+ CredentialResourceDefinition definition = new CredentialResourceDefinition();
+ Assert.assertEquals("credential", definition.getSingularName());
+ }
+
+ @Test
+ public void testGetSubResourceDefinitions() {
+ CredentialResourceDefinition definition = new CredentialResourceDefinition();
+ Assert.assertTrue(definition.getSubResourceDefinitions().isEmpty());
+ }
+
+ @Test
+ public void testGetCreateDirectives() {
+ CredentialResourceDefinition definition = new CredentialResourceDefinition();
+ Collection<String> directives = definition.getCreateDirectives();
+ Assert.assertEquals(0, directives.size());
+ }
+}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/api/services/CredentialServiceTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/api/services/CredentialServiceTest.java b/ambari-server/src/test/java/org/apache/ambari/server/api/services/CredentialServiceTest.java
new file mode 100644
index 0000000..3d218fb
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/api/services/CredentialServiceTest.java
@@ -0,0 +1,99 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.api.services;
+
+import org.apache.ambari.server.api.resources.ResourceInstance;
+import org.apache.ambari.server.api.services.parsers.RequestBodyParser;
+import org.apache.ambari.server.api.services.serializers.ResultSerializer;
+
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.UriInfo;
+import java.lang.reflect.Method;
+import java.util.ArrayList;
+import java.util.List;
+
+import static org.junit.Assert.assertEquals;
+
+/**
+ * Unit tests for CredentialService.
+ */
+public class CredentialServiceTest extends BaseServiceTest {
+
+
+ public List<ServiceTestInvocation> getTestInvocations() throws Exception {
+ List<ServiceTestInvocation> listInvocations = new ArrayList<ServiceTestInvocation>();
+
+ //getCredential
+ CredentialService CredentialService = new TestCredentialService("alias");
+ Method m = CredentialService.getClass().getMethod("getCredential", HttpHeaders.class, UriInfo.class, String.class);
+ Object[] args = new Object[]{getHttpHeaders(), getUriInfo(), "alias"};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.GET, CredentialService, m, args, null));
+
+ //getCredentials
+ CredentialService = new TestCredentialService(null);
+ m = CredentialService.getClass().getMethod("getCredentials", HttpHeaders.class, UriInfo.class);
+ args = new Object[]{getHttpHeaders(), getUriInfo()};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.GET, CredentialService, m, args, null));
+
+ //createCredential
+ CredentialService = new TestCredentialService("alias");
+ m = CredentialService.getClass().getMethod("createCredential", String.class, HttpHeaders.class, UriInfo.class, String.class);
+ args = new Object[]{"body", getHttpHeaders(), getUriInfo(), "alias"};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.POST, CredentialService, m, args, "body"));
+
+ //deleteCredential
+ CredentialService = new TestCredentialService("alias");
+ m = CredentialService.getClass().getMethod("deleteCredential", HttpHeaders.class, UriInfo.class, String.class);
+ args = new Object[]{getHttpHeaders(), getUriInfo(), "alias"};
+ listInvocations.add(new ServiceTestInvocation(Request.Type.DELETE, CredentialService, m, args, null));
+
+ return listInvocations;
+ }
+
+
+ private class TestCredentialService extends CredentialService {
+ private String alias;
+
+ private TestCredentialService(String alias) {
+ super("C1");
+ this.alias = alias;
+ }
+
+ @Override
+ ResourceInstance createCredentialResource(String alias) {
+ assertEquals(this.alias, alias);
+ return getTestResource();
+ }
+
+ @Override
+ RequestFactory getRequestFactory() {
+ return getTestRequestFactory();
+ }
+
+ @Override
+ protected RequestBodyParser getBodyParser() {
+ return getTestBodyParser();
+ }
+
+ @Override
+ protected ResultSerializer getResultSerializer() {
+ return getTestResultSerializer();
+ }
+ }
+}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java b/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
index bd02749..573c02f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/configuration/ConfigurationTest.java
@@ -32,10 +32,11 @@ import java.lang.reflect.Method;
import java.util.Map;
import java.util.Properties;
+import junit.framework.Assert;
+
import org.apache.ambari.server.AmbariException;
import org.apache.ambari.server.configuration.Configuration.ConnectionPoolType;
import org.apache.ambari.server.configuration.Configuration.DatabaseType;
-import org.apache.ambari.server.orm.InMemoryDefaultTestModule;
import org.apache.ambari.server.security.authorization.LdapServerProperties;
import org.apache.commons.io.FileUtils;
import org.apache.commons.lang.RandomStringUtils;
@@ -52,26 +53,14 @@ import org.powermock.core.classloader.annotations.PowerMockIgnore;
import org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
-import com.google.inject.Guice;
-import com.google.inject.Inject;
-import com.google.inject.Injector;
-
-import junit.framework.Assert;
-
@RunWith(PowerMockRunner.class)
@PrepareForTest({ Configuration.class })
@PowerMockIgnore( {"javax.management.*", "javax.crypto.*"})
public class ConfigurationTest {
public TemporaryFolder temp = new TemporaryFolder();
- private Injector injector;
-
- @Inject
- private Configuration config;
@Before
public void setup() throws Exception {
- injector = Guice.createInjector(new InMemoryDefaultTestModule());
- injector.injectMembers(this);
temp.create();
}
@@ -86,7 +75,7 @@ public class ConfigurationTest {
*/
@Test
public void testDefaultTwoWayAuthNotSet() throws Exception {
- Assert.assertFalse(config.getTwoWaySsl());
+ Assert.assertFalse(new Configuration().getTwoWaySsl());
}
/**
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
index 23ce914..dd80f46 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/AmbariManagementControllerImplTest.java
@@ -44,6 +44,8 @@ import org.apache.ambari.server.orm.entities.ClusterVersionEntity;
import org.apache.ambari.server.orm.entities.LdapSyncSpecEntity;
import org.apache.ambari.server.orm.entities.RepositoryVersionEntity;
import org.apache.ambari.server.security.authorization.Users;
+import org.apache.ambari.server.security.encryption.CredentialStoreService;
+import org.apache.ambari.server.security.encryption.CredentialStoreType;
import org.apache.ambari.server.security.ldap.AmbariLdapDataPopulator;
import org.apache.ambari.server.security.ldap.LdapBatchDto;
import org.apache.ambari.server.state.Cluster;
@@ -103,7 +105,7 @@ public class AmbariManagementControllerImplTest {
@Before
public void before() throws Exception {
- reset(ldapDataPopulator, clusters,actionDBAccessor, ambariMetaInfo, users, sessionManager);
+ reset(ldapDataPopulator, clusters, actionDBAccessor, ambariMetaInfo, users, sessionManager);
}
@Test
@@ -124,39 +126,39 @@ public class AmbariManagementControllerImplTest {
AmbariManagementControllerImpl controller = new AmbariManagementControllerImpl(null, null, injector);
- class AmbariConfigsSetter{
- public void setConfigs(AmbariManagementController controller, String masterProtocol, String masterHostname, Integer masterPort) throws Exception{
- // masterProtocol
- Class<?> c = controller.getClass();
- Field f = c.getDeclaredField("masterProtocol");
- f.setAccessible(true);
+ class AmbariConfigsSetter {
+ public void setConfigs(AmbariManagementController controller, String masterProtocol, String masterHostname, Integer masterPort) throws Exception {
+ // masterProtocol
+ Class<?> c = controller.getClass();
+ Field f = c.getDeclaredField("masterProtocol");
+ f.setAccessible(true);
- Field modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
+ Field modifiersField = Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+ modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
- f.set(controller, masterProtocol);
+ f.set(controller, masterProtocol);
- // masterHostname
- f = c.getDeclaredField("masterHostname");
- f.setAccessible(true);
+ // masterHostname
+ f = c.getDeclaredField("masterHostname");
+ f.setAccessible(true);
- modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
+ modifiersField = Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+ modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
- f.set(controller, masterHostname);
+ f.set(controller, masterHostname);
- // masterPort
- f = c.getDeclaredField("masterPort");
- f.setAccessible(true);
+ // masterPort
+ f = c.getDeclaredField("masterPort");
+ f.setAccessible(true);
- modifiersField = Field.class.getDeclaredField("modifiers");
- modifiersField.setAccessible(true);
- modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
+ modifiersField = Field.class.getDeclaredField("modifiers");
+ modifiersField.setAccessible(true);
+ modifiersField.setInt(f, f.getModifiers() & ~Modifier.FINAL);
- f.set(controller, masterPort);
- }
+ f.set(controller, masterPort);
+ }
}
AmbariConfigsSetter ambariConfigsSetter = new AmbariConfigsSetter();
@@ -200,18 +202,26 @@ public class AmbariManagementControllerImplTest {
expect(clusters.getCluster("cluster1")).andReturn(cluster);
expect(cluster.convertToResponse()).andReturn(response);
+ CredentialStoreService credentialStoreService = createNiceMock(CredentialStoreService.class);
+ expect(credentialStoreService.isInitialized(anyObject(CredentialStoreType.class))).andReturn(true).anyTimes();
+
// replay mocks
- replay(injector, clusters, cluster, response);
+ replay(injector, clusters, cluster, response, credentialStoreService);
// test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
+
+ Field f = controller.getClass().getDeclaredField("credentialStoreService");
+ f.setAccessible(true);
+ f.set(controller, credentialStoreService);
+
Set<ClusterResponse> setResponses = controller.getClusters(setRequests);
// assert and verify
assertEquals(1, setResponses.size());
assertTrue(setResponses.contains(response));
- verify(injector, clusters, cluster, response);
+ verify(injector, clusters, cluster, response, credentialStoreService);
}
@Test
@@ -474,11 +484,20 @@ public class AmbariManagementControllerImplTest {
expect(cluster.convertToResponse()).andReturn(response);
expect(cluster2.convertToResponse()).andReturn(response2);
+
+ CredentialStoreService credentialStoreService = createNiceMock(CredentialStoreService.class);
+ expect(credentialStoreService.isInitialized(anyObject(CredentialStoreType.class))).andReturn(true).anyTimes();
+
// replay mocks
- replay(injector, clusters, cluster, cluster2, response, response2);
+ replay(injector, clusters, cluster, cluster2, response, response2, credentialStoreService);
//test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
+
+ Field f = controller.getClass().getDeclaredField("credentialStoreService");
+ f.setAccessible(true);
+ f.set(controller, credentialStoreService);
+
Set<ClusterResponse> setResponses = controller.getClusters(setRequests);
// assert and verify
@@ -487,7 +506,7 @@ public class AmbariManagementControllerImplTest {
assertTrue(setResponses.contains(response));
assertTrue(setResponses.contains(response2));
- verify(injector, clusters, cluster, cluster2, response, response2);
+ verify(injector, clusters, cluster, cluster2, response, response2, credentialStoreService);
}
/**
@@ -770,8 +789,7 @@ public class AmbariManagementControllerImplTest {
try {
controller.updateClusters(setRequests, null);
Assert.fail("IllegalArgumentException not thrown");
- }
- catch(IllegalArgumentException e) {
+ } catch (IllegalArgumentException e) {
// This is expected
}
@@ -860,7 +878,9 @@ public class AmbariManagementControllerImplTest {
expect(clusters.getCluster("cluster1")).andReturn(cluster);
expect(clusters.getClustersForHost("host1")).andReturn(Collections.singleton(cluster));
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{ put("host1", host); }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
expect(cluster.getDesiredStackVersion()).andReturn(stack);
expect(stack.getStackName()).andReturn("stackName");
@@ -871,16 +891,16 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component1")).andReturn(component);
expect(component.getName()).andReturn("component1");
expect(component.getServiceComponentHosts()).andReturn(
- new HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost);
- }});
+ new HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost);
+ }});
expect(componentHost.convertToResponse()).andReturn(response);
expect(componentHost.getHostName()).andReturn("host1").anyTimes();
expect(maintHelper.getEffectiveState(componentHost, host)).andReturn(MaintenanceState.OFF);
// replay mocks
replay(maintHelper, injector, clusters, cluster, host, response, stack,
- ambariMetaInfo, service, component, componentHost);
+ ambariMetaInfo, service, component, componentHost);
//test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
@@ -940,7 +960,7 @@ public class AmbariManagementControllerImplTest {
// replay mocks
replay(maintHelper, injector, clusters, cluster, host, stack, ambariMetaInfo,
- service, component);
+ service, component);
//test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
@@ -975,7 +995,7 @@ public class AmbariManagementControllerImplTest {
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
- "cluster1", null, "component1", "host1", null);
+ "cluster1", null, "component1", "host1", null);
request1.setState("INSTALLED");
@@ -989,16 +1009,16 @@ public class AmbariManagementControllerImplTest {
expect(injector.getInstance(MaintenanceStateHelper.class)).andReturn(maintHelper);
expect(injector.getInstance(KerberosHelper.class)).andReturn(createNiceMock(KerberosHelper.class));
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// getHostComponent
expect(clusters.getCluster("cluster1")).andReturn(cluster);
expect(clusters.getClustersForHost("host1")).andReturn(Collections.singleton(cluster));
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", host);
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
expect(cluster.getDesiredStackVersion()).andReturn(stack);
expect(cluster.getClusterName()).andReturn("cl1");
@@ -1019,7 +1039,7 @@ public class AmbariManagementControllerImplTest {
// replay mocks
replay(maintHelper, injector, clusters, cluster, host, stack, ambariMetaInfo,
- service, component, componentHost1, response1);
+ service, component, componentHost1, response1);
//test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
@@ -1053,13 +1073,13 @@ public class AmbariManagementControllerImplTest {
ServiceComponentHostResponse response2 = createNiceMock(ServiceComponentHostResponse.class);
MaintenanceStateHelper stateHelper = createNiceMock(MaintenanceStateHelper.class);
expect(stateHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", host);
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1098,9 +1118,9 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component1")).andReturn(component);
expect(component.getName()).andReturn("component1");
expect(component.getServiceComponentHosts()).andReturn(
- new HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost1);
- }});
+ new HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost1);
+ }});
expect(componentHost1.convertToResponse()).andReturn(response1);
expect(componentHost1.getHostName()).andReturn("host1");
@@ -1114,9 +1134,9 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component3")).andReturn(component3);
expect(component3.getName()).andReturn("component3");
expect(component3.getServiceComponentHosts()).andReturn(
- new HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost2);
- }});
+ new HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost2);
+ }});
expect(componentHost2.convertToResponse()).andReturn(response2);
// replay mocks
@@ -1160,8 +1180,8 @@ public class AmbariManagementControllerImplTest {
ServiceComponentHostResponse response2 = createNiceMock(ServiceComponentHostResponse.class);
MaintenanceStateHelper maintHelper = createNiceMock(MaintenanceStateHelper.class);
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1193,18 +1213,18 @@ public class AmbariManagementControllerImplTest {
expect(stack.getStackName()).andReturn("stackName").anyTimes();
expect(stack.getStackVersion()).andReturn("stackVersion").anyTimes();
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", host);
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
expect(ambariMetaInfo.getComponentToService("stackName", "stackVersion", "component1")).andReturn("service1");
expect(cluster.getService("service1")).andReturn(service);
expect(service.getServiceComponent("component1")).andReturn(component);
expect(component.getName()).andReturn("component1");
expect(component.getServiceComponentHosts()).andReturn(new
- HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost1);
- }});
+ HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost1);
+ }});
expect(componentHost1.convertToResponse()).andReturn(response1);
expect(componentHost1.getHostName()).andReturn("host1");
@@ -1216,9 +1236,9 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component3")).andReturn(component3);
expect(component3.getName()).andReturn("component3");
expect(component3.getServiceComponentHosts()).andReturn(new
- HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost2);
- }});
+ HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost2);
+ }});
expect(componentHost2.convertToResponse()).andReturn(response2);
expect(componentHost2.getHostName()).andReturn("host1");
@@ -1265,8 +1285,8 @@ public class AmbariManagementControllerImplTest {
MaintenanceStateHelper maintHelper = createNiceMock(MaintenanceStateHelper.class);
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1295,9 +1315,9 @@ public class AmbariManagementControllerImplTest {
expect(clusters.getCluster("cluster1")).andReturn(cluster).times(3);
expect(clusters.getClustersForHost("host1")).andReturn(Collections.singleton(cluster)).anyTimes();
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", host);
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
expect(cluster.getDesiredStackVersion()).andReturn(stack).anyTimes();
expect(stack.getStackName()).andReturn("stackName").anyTimes();
expect(stack.getStackVersion()).andReturn("stackVersion").anyTimes();
@@ -1308,9 +1328,9 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component1")).andReturn(component);
expect(component.getName()).andReturn("component1");
expect(component.getServiceComponentHosts()).andReturn(
- new HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost1);
- }});
+ new HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost1);
+ }});
expect(componentHost1.convertToResponse()).andReturn(response1);
expect(componentHost1.getHostName()).andReturn("host1");
@@ -1324,16 +1344,16 @@ public class AmbariManagementControllerImplTest {
expect(service.getServiceComponent("component3")).andReturn(component3);
expect(component3.getName()).andReturn("component3");
expect(component3.getServiceComponentHosts()).andReturn(
- new HashMap<String, ServiceComponentHost>() {{
- put("host1", componentHost2);
- }});
+ new HashMap<String, ServiceComponentHost>() {{
+ put("host1", componentHost2);
+ }});
expect(componentHost2.convertToResponse()).andReturn(response2);
expect(componentHost2.getHostName()).andReturn("host1");
// replay mocks
replay(maintHelper, injector, clusters, cluster, host, stack, ambariMetaInfo,
- service, service2, component, component2, component3, componentHost1,
- componentHost2, response1, response2);
+ service, service2, component, component2, component3, componentHost1,
+ componentHost2, response1, response2);
//test
AmbariManagementController controller = new AmbariManagementControllerImpl(null, clusters, injector);
@@ -1372,8 +1392,8 @@ public class AmbariManagementControllerImplTest {
ServiceComponentHostResponse response2 = createNiceMock(ServiceComponentHostResponse.class);
MaintenanceStateHelper maintHelper = createNiceMock(MaintenanceStateHelper.class);
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1401,9 +1421,9 @@ public class AmbariManagementControllerImplTest {
// getHostComponent
expect(clusters.getCluster("cluster1")).andReturn(cluster).times(3);
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", host);
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", host);
+ }}).anyTimes();
expect(cluster.getDesiredStackVersion()).andReturn(stack).anyTimes();
expect(stack.getStackName()).andReturn("stackName").anyTimes();
@@ -1557,7 +1577,7 @@ public class AmbariManagementControllerImplTest {
// assert and verify
assertSame(controller, controllerCapture.getValue());
- verify(injector, clusters,stack, ambariMetaInfo);
+ verify(injector, clusters, stack, ambariMetaInfo);
}
@Test
@@ -1576,8 +1596,8 @@ public class AmbariManagementControllerImplTest {
ServiceComponentHostResponse response2 = createNiceMock(ServiceComponentHostResponse.class);
MaintenanceStateHelper maintHelper = createNiceMock(MaintenanceStateHelper.class);
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1602,9 +1622,9 @@ public class AmbariManagementControllerImplTest {
// getHostComponent
expect(clusters.getCluster("cluster1")).andReturn(cluster);
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", createNiceMock(Host.class));
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", createNiceMock(Host.class));
+ }}).anyTimes();
expect(cluster.getDesiredStackVersion()).andReturn(stack);
expect(stack.getStackName()).andReturn("stackName");
expect(stack.getStackVersion()).andReturn("stackVersion");
@@ -1659,8 +1679,8 @@ public class AmbariManagementControllerImplTest {
ServiceComponentHostResponse response3 = createNiceMock(ServiceComponentHostResponse.class);
MaintenanceStateHelper maintHelper = createNiceMock(MaintenanceStateHelper.class);
expect(maintHelper.getEffectiveState(
- anyObject(ServiceComponentHost.class),
- anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
+ anyObject(ServiceComponentHost.class),
+ anyObject(Host.class))).andReturn(MaintenanceState.OFF).anyTimes();
// requests
ServiceComponentHostRequest request1 = new ServiceComponentHostRequest(
@@ -1689,9 +1709,9 @@ public class AmbariManagementControllerImplTest {
// getHostComponent
expect(clusters.getCluster("cluster1")).andReturn(cluster);
expect(clusters.getHostsForCluster((String) anyObject())).andReturn(
- new HashMap<String, Host>() {{
- put("host1", createNiceMock(Host.class));
- }}).anyTimes();
+ new HashMap<String, Host>() {{
+ put("host1", createNiceMock(Host.class));
+ }}).anyTimes();
expect(cluster.getServices()).andReturn(mapServices);
expect(service1.getServiceComponents()).andReturn(Collections.singletonMap("foo", component1));
@@ -1774,7 +1794,7 @@ public class AmbariManagementControllerImplTest {
replay(maintHelper, injector, clusters, serviceInfo);
AmbariManagementControllerImplTest.NestedTestClass nestedTestClass = this.new NestedTestClass(null, clusters,
- injector);
+ injector);
ServiceOsSpecific serviceOsSpecific = nestedTestClass.populateServicePackagesInfo(serviceInfo, hostParams, osFamily);
@@ -1821,12 +1841,12 @@ public class AmbariManagementControllerImplTest {
replay(manager, clusters, cluster, injector, stackId, configuration, clusterVersionDAO, clusterVersionEntity, repositoryVersionEntity);
AmbariManagementControllerImpl ambariManagementControllerImpl =
- createMockBuilder(AmbariManagementControllerImpl.class)
+ createMockBuilder(AmbariManagementControllerImpl.class)
.addMockedMethod("getRcaParameters")
.withConstructor(manager, clusters, injector).createNiceMock();
expect(ambariManagementControllerImpl.
- getRcaParameters()).andReturn(new HashMap<String, String>());
+ getRcaParameters()).andReturn(new HashMap<String, String>());
replay(ambariManagementControllerImpl);
// Inject configuration manually
@@ -1895,17 +1915,17 @@ public class AmbariManagementControllerImplTest {
AmbariManagementControllerImpl controller = injector.getInstance(AmbariManagementControllerImpl.class);
- LdapSyncRequest userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.ALL);
+ LdapSyncRequest userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.ALL);
LdapSyncRequest groupRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.ALL);
controller.synchronizeLdapUsersAndGroups(userRequest, groupRequest);
- userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.EXISTING);
+ userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.EXISTING);
groupRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.EXISTING);
controller.synchronizeLdapUsersAndGroups(userRequest, groupRequest);
- userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.SPECIFIC, userSet);
+ userRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.SPECIFIC, userSet);
groupRequest = new LdapSyncRequest(LdapSyncSpecEntity.SyncType.SPECIFIC, groupSet);
controller.synchronizeLdapUsersAndGroups(userRequest, groupRequest);
@@ -1988,10 +2008,10 @@ public class AmbariManagementControllerImplTest {
requests.add(request);
// A wrong file path is passed and IllegalArgumentException is expected
- try{
+ try {
controller.verifyRepositories(requests);
Assert.fail("IllegalArgumentException is expected");
- }catch(IllegalArgumentException e){
+ } catch (IllegalArgumentException e) {
Assert.assertEquals("Could not access base url . file:///some/repo/repodata/repomd.xml . ", e.getMessage());
}
@@ -2039,7 +2059,7 @@ public class AmbariManagementControllerImplTest {
expect(ambariMetaInfo.getRackSensitiveServicesNames(null, null)).andReturn(services);
- Map<String, Service> serviceMap = new HashMap<String, Service>();
+ Map<String, Service> serviceMap = new HashMap<String, Service>();
serviceMap.put("HDFS", service);
expect(cluster.getServices()).andReturn(serviceMap).anyTimes();
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
new file mode 100644
index 0000000..04ce22a
--- /dev/null
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/CredentialResourceProviderTest.java
@@ -0,0 +1,683 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.ambari.server.controller.internal;
+
+import com.google.inject.AbstractModule;
+import com.google.inject.Guice;
+import com.google.inject.Injector;
+import junit.framework.Assert;
+import org.apache.ambari.server.configuration.Configuration;
+import org.apache.ambari.server.controller.AmbariManagementController;
+import org.apache.ambari.server.controller.ResourceProviderFactory;
+import org.apache.ambari.server.controller.predicate.AndPredicate;
+import org.apache.ambari.server.controller.spi.NoSuchResourceException;
+import org.apache.ambari.server.controller.spi.Predicate;
+import org.apache.ambari.server.controller.spi.Request;
+import org.apache.ambari.server.controller.spi.Resource;
+import org.apache.ambari.server.controller.spi.ResourceProvider;
+import org.apache.ambari.server.controller.utilities.PredicateBuilder;
+import org.apache.ambari.server.controller.utilities.PropertyHelper;
+import org.apache.ambari.server.security.SecurePasswordHelper;
+import org.apache.ambari.server.security.encryption.CredentialStoreService;
+import org.apache.ambari.server.security.encryption.CredentialStoreServiceImpl;
+import org.apache.ambari.server.security.encryption.CredentialStoreType;
+import org.apache.ambari.server.security.encryption.MasterKeyServiceImpl;
+import org.apache.ambari.server.state.stack.OsFamily;
+import org.junit.After;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.TemporaryFolder;
+
+import java.io.File;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Properties;
+import java.util.Set;
+
+import static org.easymock.EasyMock.*;
+
+
+/**
+ * CredentialResourceProviderTest unit tests.
+ */
+@SuppressWarnings("unchecked")
+public class CredentialResourceProviderTest {
+
+ @Rule
+ public TemporaryFolder tmpFolder = new TemporaryFolder();
+
+ private Injector injector;
+
+ @Before
+ public void setUp() throws Exception {
+ tmpFolder.create();
+ final File masterKeyFile = tmpFolder.newFile(Configuration.MASTER_KEY_FILENAME_DEFAULT);
+ Assert.assertTrue(MasterKeyServiceImpl.initializeMasterKeyFile(masterKeyFile, "secret"));
+
+ injector = Guice.createInjector(new AbstractModule() {
+ @Override
+ protected void configure() {
+ Properties properties = new Properties();
+
+ properties.setProperty(Configuration.MASTER_KEY_LOCATION, tmpFolder.getRoot().getAbsolutePath());
+ properties.setProperty(Configuration.MASTER_KEYSTORE_LOCATION, tmpFolder.getRoot().getAbsolutePath());
+
+ bind(CredentialStoreService.class).to(CredentialStoreServiceImpl.class);
+
+ bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class));
+ bind(SecurePasswordHelper.class).toInstance(new SecurePasswordHelper());
+ bind(Configuration.class).toInstance(new Configuration(properties));
+ }
+ });
+ }
+
+ @After
+ public void tearDown() throws Exception {
+ tmpFolder.delete();
+ }
+
+ @Test
+ public void testCreateResources() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ Set<Map<String, Object>> setProperties = getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY);
+
+ // set expectations
+ expect(request.getProperties()).andReturn(setProperties);
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ AbstractResourceProviderTest.TestObserver observer = new AbstractResourceProviderTest.TestObserver();
+ ((ObservableResourceProvider) provider).addObserver(observer);
+
+ provider.createResources(request);
+
+ ResourceProviderEvent lastEvent = observer.getLastEvent();
+ Assert.assertNotNull(lastEvent);
+ Assert.assertEquals(Resource.Type.Credential, lastEvent.getResourceType());
+ Assert.assertEquals(ResourceProviderEvent.Type.Create, lastEvent.getType());
+ Assert.assertEquals(request, lastEvent.getRequest());
+ Assert.assertNull(lastEvent.getPredicate());
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testCreateResources_FailMissingAlias() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ Set<Map<String, Object>> setProperties = getCredentialTestProperties("c1", null, "username1", "password1", CredentialStoreType.TEMPORARY);
+
+ // set expectations
+ expect(request.getProperties()).andReturn(setProperties);
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ try {
+ provider.createResources(request);
+ Assert.fail("Expected exception due to missing alias");
+ } catch (IllegalArgumentException e) {
+ // expected
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testCreateResources_FailMissingPrincipal() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ Set<Map<String, Object>> setProperties = getCredentialTestProperties("c1", "alias1", null, "password1", CredentialStoreType.TEMPORARY);
+
+ // set expectations
+ expect(request.getProperties()).andReturn(setProperties);
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ try {
+ provider.createResources(request);
+ Assert.fail("Expected exception due to missing alias");
+ } catch (IllegalArgumentException e) {
+ // expected
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testCreateResources_NotInitialized() throws Exception {
+
+ // Create injector where the Configuration object does not have the persisted CredentialStore
+ // details set.
+ Injector injector = Guice.createInjector(new AbstractModule() {
+ @Override
+ protected void configure() {
+ Properties properties = new Properties();
+
+ bind(CredentialStoreService.class).to(CredentialStoreServiceImpl.class);
+
+ bind(OsFamily.class).toInstance(createNiceMock(OsFamily.class));
+ bind(SecurePasswordHelper.class).toInstance(new SecurePasswordHelper());
+ bind(Configuration.class).toInstance(new Configuration(properties));
+ }
+ });
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.PERSISTED)).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).anyTimes();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+
+ // The temporary store should always be initialized.... this should succeed.
+ provider.createResources(request);
+
+ try {
+ provider.createResources(request);
+ Assert.fail("Expected IllegalArgumentException thrown");
+ } catch (IllegalArgumentException e) {
+ Assert.assertEquals("Credentials cannot be stored in Ambari's persistent secure credential " +
+ "store since secure persistent storage has not yet be configured. Use ambari-server " +
+ "setup-security to enable this feature.", e.getLocalizedMessage()
+ );
+ }
+
+ verify(request, factory, managementController);
+ }
+
+
+ @Test
+ public void testGetResources() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.PERSISTED)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY)).once();
+
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).once();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+ provider.createResources(request);
+ provider.createResources(request);
+
+ Predicate predicate = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+
+ Set<Resource> results = provider.getResources(request, predicate);
+ Assert.assertEquals(3, results.size());
+
+ for (Resource result : results) {
+ Object alias = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID);
+ Object type = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID);
+
+ if ("alias1".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.TEMPORARY.name().toLowerCase(), type);
+ } else if ("alias2".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.PERSISTED.name().toLowerCase(), type);
+ } else if ("alias3".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.TEMPORARY.name().toLowerCase(), type);
+ } else {
+ Assert.fail("Unexpected alias in list: " + alias.toString());
+ }
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testGetResources_WithPredicate() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.PERSISTED)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY)).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).once();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+ provider.createResources(request);
+ provider.createResources(request);
+
+ Predicate predicate1 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+ Predicate predicate2 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID).equals("alias1")
+ .toPredicate();
+ Predicate predicate = new AndPredicate(predicate1, predicate2);
+
+
+ Set<Resource> results = provider.getResources(request, predicate);
+ Assert.assertEquals(1, results.size());
+
+ for (Resource result : results) {
+ Object alias = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID);
+ Object type = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID);
+
+ if ("alias1".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.TEMPORARY.name().toLowerCase(), type);
+ } else {
+ Assert.fail("Unexpected alias in list: " + alias.toString());
+ }
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testGetResources_WithPredicateNoResults() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.PERSISTED)).once();
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY)).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).once();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+ provider.createResources(request);
+ provider.createResources(request);
+
+ Predicate predicate1 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+ Predicate predicate2 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID).equals("alias4")
+ .toPredicate();
+ Predicate predicate = new AndPredicate(predicate1, predicate2);
+
+ try {
+ provider.getResources(request, predicate);
+ Assert.fail("Expected NoSuchResourceException not thrown");
+ } catch (NoSuchResourceException e) {
+ // expected
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testUpdateResources() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ Set<Map<String, Object>> properties = new HashSet<Map<String, Object>>();
+ properties.addAll(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY));
+ expect(request.getProperties()).andReturn(properties).once();
+
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", null, "username1", "password1", CredentialStoreType.PERSISTED)).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).anyTimes();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+
+ Predicate predicate1 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+ Predicate predicate2 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID).equals("alias1")
+ .toPredicate();
+ Predicate predicate = new AndPredicate(predicate1, predicate2);
+
+ Set<Resource> results = provider.getResources(request, predicate);
+ Assert.assertEquals(1, results.size());
+
+ for (Resource result : results) {
+ Object alias = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID);
+ Object type = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID);
+
+ if ("alias1".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.TEMPORARY.name().toLowerCase(), type);
+ } else {
+ Assert.fail("Unexpected alias in list: " + alias.toString());
+ }
+ }
+
+ provider.updateResources(request, predicate);
+
+ results = provider.getResources(request, predicate);
+ Assert.assertEquals(1, results.size());
+
+ for (Resource result : results) {
+ Object alias = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID);
+ Object type = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID);
+
+ if ("alias1".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.PERSISTED.name().toLowerCase(), type);
+ } else {
+ Assert.fail("Unexpected alias in list: " + alias.toString());
+ }
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testUpdateResources_ResourceNotFound() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ Set<Map<String, Object>> properties = new HashSet<Map<String, Object>>();
+ properties.addAll(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY));
+ expect(request.getProperties()).andReturn(properties).once();
+
+ expect(request.getProperties()).andReturn(getCredentialTestProperties("c1", null, "username1", "password1", CredentialStoreType.PERSISTED)).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).anyTimes();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+
+ Predicate predicate1 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+ Predicate predicate2 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID).equals("alias4")
+ .toPredicate();
+ Predicate predicate = new AndPredicate(predicate1, predicate2);
+
+ try {
+ provider.updateResources(request, predicate);
+ Assert.fail("Expected NoSuchResourceException thrown");
+ } catch (NoSuchResourceException e) {
+ // expected
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ @Test
+ public void testDeleteResources() throws Exception {
+
+ AmbariManagementController managementController = createMock(AmbariManagementController.class);
+ Request request = createMock(Request.class);
+
+ CredentialResourceProvider credentialResourceProvider = new CredentialResourceProvider(managementController);
+ injector.injectMembers(credentialResourceProvider);
+
+ // Create resources requests
+ Set<Map<String, Object>> properties = new HashSet<Map<String, Object>>();
+ properties.addAll(getCredentialTestProperties("c1", "alias1", "username1", "password1", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias2", "username2", "password2", CredentialStoreType.TEMPORARY));
+ properties.addAll(getCredentialTestProperties("c1", "alias3", "username3", "password3", CredentialStoreType.TEMPORARY));
+ expect(request.getProperties()).andReturn(properties).once();
+
+ // Get resources request
+ expect(request.getPropertyIds()).andReturn(null).anyTimes();
+
+ ResourceProviderFactory factory = createMock(ResourceProviderFactory.class);
+ expect(factory.getCredentialResourceProvider(anyObject(AmbariManagementController.class))).andReturn(credentialResourceProvider);
+
+ replay(request, factory, managementController);
+ // end expectations
+
+ AbstractControllerResourceProvider.init(factory);
+
+ ResourceProvider provider = AbstractControllerResourceProvider.getResourceProvider(
+ Resource.Type.Credential,
+ PropertyHelper.getPropertyIds(Resource.Type.Credential),
+ PropertyHelper.getKeyPropertyIds(Resource.Type.Credential),
+ managementController);
+
+ provider.createResources(request);
+
+ Predicate predicate1 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID).equals("c1")
+ .toPredicate();
+ Predicate predicate2 = new PredicateBuilder()
+ .property(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID).equals("alias1")
+ .toPredicate();
+ Predicate predicate = new AndPredicate(predicate1, predicate2);
+
+ Set<Resource> results = provider.getResources(request, predicate);
+ Assert.assertEquals(1, results.size());
+
+ for (Resource result : results) {
+ Object alias = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID);
+ Object type = result.getPropertyValue(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID);
+
+ if ("alias1".equals(alias)) {
+ Assert.assertEquals(CredentialStoreType.TEMPORARY.name().toLowerCase(), type);
+ } else {
+ Assert.fail("Unexpected alias in list: " + alias.toString());
+ }
+ }
+
+ provider.deleteResources(predicate);
+
+ try {
+ provider.getResources(request, predicate);
+ Assert.fail("Expected NoSuchResourceException thrown");
+ } catch (NoSuchResourceException e) {
+ // expected
+ }
+
+ verify(request, factory, managementController);
+ }
+
+ private Set<Map<String, Object>> getCredentialTestProperties(String clusterName, String alias, String principal, String password, CredentialStoreType credentialStoreType) {
+ Map<String, Object> mapProperties = new HashMap<String, Object>();
+
+ if (clusterName != null) {
+ mapProperties.put(CredentialResourceProvider.CREDENTIAL_CLUSTER_NAME_PROPERTY_ID, clusterName);
+ }
+
+ if (alias != null) {
+ mapProperties.put(CredentialResourceProvider.CREDENTIAL_ALIAS_PROPERTY_ID, alias);
+ }
+
+ if (password != null) {
+ mapProperties.put(CredentialResourceProvider.CREDENTIAL_KEY_PROPERTY_ID, password);
+ }
+
+ if (principal != null) {
+ mapProperties.put(CredentialResourceProvider.CREDENTIAL_PRINCIPAL_PROPERTY_ID, principal);
+ }
+
+ if (credentialStoreType != null) {
+ mapProperties.put(CredentialResourceProvider.CREDENTIAL_TYPE_PROPERTY_ID, credentialStoreType.name().toLowerCase());
+ }
+
+ return Collections.singleton(mapProperties);
+ }
+}
+
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
index b0e1018..a84cc3f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/controller/internal/UserResourceProviderTest.java
@@ -46,6 +46,8 @@ import org.apache.ambari.server.security.SecurityHelper;
import org.apache.ambari.server.security.authorization.AmbariGrantedAuthority;
import org.apache.ambari.server.security.authorization.User;
import org.apache.ambari.server.security.authorization.Users;
+import org.apache.ambari.server.security.encryption.CredentialStoreService;
+import org.apache.ambari.server.security.encryption.CredentialStoreServiceImpl;
import org.apache.ambari.server.stack.StackManagerFactory;
import org.apache.ambari.server.stageplanner.RoleGraphFactory;
import org.apache.ambari.server.stageplanner.RoleGraphFactoryImpl;
@@ -536,6 +538,7 @@ public class UserResourceProviderTest {
bind(Users.class).toInstance(createMock(Users.class));
bind(AmbariManagementController.class).to(AmbariManagementControllerImpl.class);
+ bind(CredentialStoreService.class).to(CredentialStoreServiceImpl.class);
}
});
}
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
index 1824486..251692f 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AmbariAuthorizationFilterTest.java
@@ -136,7 +136,7 @@ public class AmbariAuthorizationFilterTest {
expect(securityContext.getAuthentication()).andReturn(authentication);
- expect(request.getMethod()).andReturn("POST");
+ expect(request.getMethod()).andReturn("POST").anyTimes();
expect(permission.getId()).andReturn(PermissionEntity.VIEW_USE_PERMISSION);
// expect permission denial
@@ -163,6 +163,14 @@ public class AmbariAuthorizationFilterTest {
urlTests.put("/api/v1/views", "POST", true);
urlTests.put("/api/v1/persist/SomeValue", "GET", true);
urlTests.put("/api/v1/persist/SomeValue", "POST", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "POST", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "PUT", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "GET", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "DELETE", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "POST", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true);
urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", true);
@@ -188,6 +196,14 @@ public class AmbariAuthorizationFilterTest {
urlTests.put("/api/v1/views", "POST", false);
urlTests.put("/api/v1/persist/SomeValue", "GET", true);
urlTests.put("/api/v1/persist/SomeValue", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "DELETE", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", false);
urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", false);
@@ -213,6 +229,14 @@ public class AmbariAuthorizationFilterTest {
urlTests.put("/api/v1/views", "POST", false);
urlTests.put("/api/v1/persist/SomeValue", "GET", true);
urlTests.put("/api/v1/persist/SomeValue", "POST", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "GET", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "DELETE", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "POST", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", true);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", true);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", false);
urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", false);
@@ -238,6 +262,14 @@ public class AmbariAuthorizationFilterTest {
urlTests.put("/api/v1/views", "POST", true);
urlTests.put("/api/v1/persist/SomeValue", "GET", true);
urlTests.put("/api/v1/persist/SomeValue", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "DELETE", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", true);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", true);
urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", false);
@@ -263,6 +295,14 @@ public class AmbariAuthorizationFilterTest {
urlTests.put("/api/v1/views", "POST", false);
urlTests.put("/api/v1/persist/SomeValue", "GET", true);
urlTests.put("/api/v1/persist/SomeValue", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/ambari.credential", "DELETE", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "POST", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "PUT", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "GET", false);
+ urlTests.put("/api/v1/clusters/c1/credentials/cluster.credential", "DELETE", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "GET", false);
urlTests.put("/views/AllowedView/SomeVersion/SomeInstance", "POST", false);
urlTests.put("/views/DeniedView/AnotherVersion/AnotherInstance", "GET", false);
http://git-wip-us.apache.org/repos/asf/ambari/blob/3b411744/ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java
----------------------------------------------------------------------
diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java
index ef1a9c8..884cffa 100644
--- a/ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java
+++ b/ambari-server/src/test/java/org/apache/ambari/server/security/encryption/CredentialProviderTest.java
@@ -50,20 +50,22 @@ public class CredentialProviderTest {
public void testInitialization() throws Exception {
CredentialProvider cr;
File msFile = tmpFolder.newFile(Configuration.MASTER_KEY_FILENAME_DEFAULT);
+ File mksFile = tmpFolder.newFile(Configuration.MASTER_KEYSTORE_FILENAME_DEFAULT);
try {
- new CredentialProvider(null, null, true);
+ new CredentialProvider(null, null, true, null);
Assert.fail("Expected an exception");
} catch (Throwable t) {
Assert.assertTrue(t instanceof IllegalArgumentException);
}
// Without master key persisted
- cr = new CredentialProvider("blahblah!", msFile.getAbsolutePath(), false);
+ cr = new CredentialProvider("blahblah!", msFile, false, mksFile);
Assert.assertNotNull(cr);
Assert.assertNotNull(cr.getKeystoreService());
// With master key persisted
msFile.delete();
+ mksFile.delete();
createMasterKey();
- cr = new CredentialProvider(null, msFile.getAbsolutePath(), true);
+ cr = new CredentialProvider(null, msFile, true, mksFile);
Assert.assertNotNull(cr);
Assert.assertNotNull(cr.getKeystoreService());
}
@@ -87,10 +89,11 @@ public class CredentialProviderTest {
@Test
public void testCredentialStore() throws Exception {
File msFile = tmpFolder.newFile(Configuration.MASTER_KEY_FILENAME_DEFAULT);
+ File mksFile = tmpFolder.newFile(Configuration.MASTER_KEYSTORE_FILENAME_DEFAULT);
// With master key persisted
createMasterKey();
- CredentialProvider cr = new CredentialProvider(null, msFile.getAbsolutePath(), true);
+ CredentialProvider cr = new CredentialProvider(null, msFile, true, mksFile);
Assert.assertNotNull(cr);
Assert.assertNotNull(cr.getKeystoreService());