Repository: ambari Updated Branches: refs/heads/branch-1.7.0 ee27729d8 -> 779877909
AMBARI-7760 - ldap sync: require --all option Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/77987790 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/77987790 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/77987790 Branch: refs/heads/branch-1.7.0 Commit: 7798779093b3de5e97b747a90ff74b47750a685f Parents: ee27729 Author: tbeerbower <[email protected]> Authored: Mon Oct 13 23:44:20 2014 -0400 Committer: tbeerbower <[email protected]> Committed: Mon Oct 13 23:45:09 2014 -0400 ---------------------------------------------------------------------- ambari-server/src/main/python/ambari-server.py | 43 ++++++++----- .../src/test/python/TestAmbariServer.py | 68 +++++++++++++++++++- 2 files changed, 92 insertions(+), 19 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/77987790/ambari-server/src/main/python/ambari-server.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/python/ambari-server.py b/ambari-server/src/main/python/ambari-server.py index 5480399..4988708 100755 --- a/ambari-server/src/main/python/ambari-server.py +++ b/ambari-server/src/main/python/ambari-server.py @@ -52,6 +52,7 @@ SILENT = False SERVER_START_DEBUG = False # ldap settings +LDAP_SYNC_ALL = False LDAP_SYNC_EXISTING = False LDAP_SYNC_USERS = None LDAP_SYNC_GROUPS = None @@ -3068,6 +3069,10 @@ def sync_ldap(): err = "LDAP is not configured. Run 'ambari-server setup-ldap' first." raise FatalException(1, err) + if not LDAP_SYNC_ALL and not LDAP_SYNC_EXISTING and LDAP_SYNC_USERS is None and LDAP_SYNC_GROUPS is None: + err = 'Must specify a sync option. Please see help for more information.' + raise FatalException(1, err) + admin_login = get_validated_string_input(prompt="Enter Ambari Admin login: ", default=None, pattern=None, description=None, is_pass=False, allowEmpty=False) @@ -3081,26 +3086,25 @@ def sync_ldap(): request.add_header('Authorization', 'Basic %s' % admin_auth) request.add_header('X-Requested-By', 'ambari') - if LDAP_SYNC_EXISTING: + if LDAP_SYNC_ALL: + sys.stdout.write('Syncing all.') + bodies = [{"Event":{"specs":[{"principal_type":"users","sync_type":"all"},{"principal_type":"groups","sync_type":"all"}]}}] + elif LDAP_SYNC_EXISTING: sys.stdout.write('Syncing existing.') bodies = [{"Event":{"specs":[{"principal_type":"users","sync_type":"existing"},{"principal_type":"groups","sync_type":"existing"}]}}] else: - if LDAP_SYNC_USERS is None and LDAP_SYNC_GROUPS is None: - sys.stdout.write('Syncing all.') - bodies = [{"Event":{"specs":[{"principal_type":"users","sync_type":"all"},{"principal_type":"groups","sync_type":"all"}]}}] - else: - sys.stdout.write('Syncing specified users and groups.') - bodies = [{"Event":{"specs":[]}}] - body = bodies[0] - events = body['Event'] - specs = events['specs'] - - if LDAP_SYNC_USERS is not None: - new_specs = [{"principal_type":"users","sync_type":"specific","names":""}] - get_ldap_event_spec_names(LDAP_SYNC_USERS, specs, new_specs) - if LDAP_SYNC_GROUPS is not None: - new_specs = [{"principal_type":"groups","sync_type":"specific","names":""}] - get_ldap_event_spec_names(LDAP_SYNC_GROUPS, specs, new_specs) + sys.stdout.write('Syncing specified users and groups.') + bodies = [{"Event":{"specs":[]}}] + body = bodies[0] + events = body['Event'] + specs = events['specs'] + + if LDAP_SYNC_USERS is not None: + new_specs = [{"principal_type":"users","sync_type":"specific","names":""}] + get_ldap_event_spec_names(LDAP_SYNC_USERS, specs, new_specs) + if LDAP_SYNC_GROUPS is not None: + new_specs = [{"principal_type":"groups","sync_type":"specific","names":""}] + get_ldap_event_spec_names(LDAP_SYNC_GROUPS, specs, new_specs) if VERBOSE: sys.stdout.write('\nCalling API ' + SERVER_API_LDAP_URL + ' : ' + str(bodies) + '\n') @@ -4398,6 +4402,7 @@ def main(): parser.add_option('-g', '--debug', action="store_true", dest='debug', default=False, help="Start ambari-server in debug mode") + parser.add_option('--all', action="store_true", default=False, help="LDAP sync all Ambari users and groups", dest="ldap_sync_all") parser.add_option('--existing', action="store_true", default=False, help="LDAP sync existing Ambari users and groups only", dest="ldap_sync_existing") parser.add_option('--users', default=None, help="Specifies the path to the LDAP sync users CSV file.", dest="ldap_sync_users") parser.add_option('--groups', default=None, help="Specifies the path to the LDAP sync groups CSV file.", dest="ldap_sync_groups") @@ -4432,6 +4437,10 @@ def main(): global SERVER_DEBUG_MODE SERVER_DEBUG_MODE = options.debug + # set ldap_sync_all + global LDAP_SYNC_ALL + LDAP_SYNC_ALL = options.ldap_sync_all + # set ldap_sync_existing global LDAP_SYNC_EXISTING LDAP_SYNC_EXISTING = options.ldap_sync_existing http://git-wip-us.apache.org/repos/asf/ambari/blob/77987790/ambari-server/src/test/python/TestAmbariServer.py ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/python/TestAmbariServer.py b/ambari-server/src/test/python/TestAmbariServer.py index 49bfb3d..450b385 100644 --- a/ambari-server/src/test/python/TestAmbariServer.py +++ b/ambari-server/src/test/python/TestAmbariServer.py @@ -4821,7 +4821,7 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV @patch.object(ambari_server, "get_ambari_properties") @patch.object(ambari_server, "is_server_runing") @patch.object(ambari_server, "is_root") - def test_ldap_sync(self, is_root_method, is_server_runing_mock, get_ambari_properties_mock, + def test_ldap_sync_all(self, is_root_method, is_server_runing_mock, get_ambari_properties_mock, get_validated_string_input_mock, urlopen_mock): is_root_method.return_value = True @@ -4839,11 +4839,75 @@ MIIFHjCCAwYCCQDpHKOBI+Lt0zANBgkqhkiG9w0BAQUFADBRMQswCQYDVQQGEwJV urlopen_mock.return_value = response + ambari_server.LDAP_SYNC_ALL = True + ambari_server.sync_ldap() + ambari_server.LDAP_SYNC_ALL = False + self.assertTrue(response.getcode.called) self.assertTrue(response.read.called) - pass + + @patch("urllib2.urlopen") + @patch.object(ambari_server, "get_validated_string_input") + @patch.object(ambari_server, "get_ambari_properties") + @patch.object(ambari_server, "is_server_runing") + @patch.object(ambari_server, "is_root") + def test_ldap_sync_existing(self, is_root_method, is_server_runing_mock, get_ambari_properties_mock, + get_validated_string_input_mock, urlopen_mock): + + is_root_method.return_value = True + is_server_runing_mock.return_value = (True, 0) + properties = ambari_server.Properties() + properties.process_pair(ambari_server.IS_LDAP_CONFIGURED, 'true') + get_ambari_properties_mock.return_value = properties + get_validated_string_input_mock.side_effect = ['admin', 'admin'] + + response = MagicMock() + response.getcode.side_effect = [201, 200, 200] + response.read.side_effect = ['{"resources" : [{"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap_sync_events/16","Event"; : {"id" : 16}}]}', + '{"Event":{"status" : "RUNNING","summary" : {"groups" : {"created" : 0,"removed" : 0,"updated" : 0},"memberships" : {"created" : 0,"removed" : 0},"users" : {"created" : 0,"removed" : 0,"updated" : 0}}}}', + '{"Event":{"status" : "COMPLETE","summary" : {"groups" : {"created" : 1,"removed" : 0,"updated" : 0},"memberships" : {"created" : 5,"removed" : 0},"users" : {"created" : 5,"removed" : 0,"updated" : 0}}}}'] + + urlopen_mock.return_value = response + + ambari_server.LDAP_SYNC_EXISTING = True + + ambari_server.sync_ldap() + + ambari_server.LDAP_SYNC_EXISTING = False + + self.assertTrue(response.getcode.called) + self.assertTrue(response.read.called) + + @patch("urllib2.urlopen") + @patch.object(ambari_server, "get_validated_string_input") + @patch.object(ambari_server, "get_ambari_properties") + @patch.object(ambari_server, "is_server_runing") + @patch.object(ambari_server, "is_root") + def test_ldap_sync_no_sync_mode(self, is_root_method, is_server_runing_mock, get_ambari_properties_mock, + get_validated_string_input_mock, urlopen_mock): + + is_root_method.return_value = True + is_server_runing_mock.return_value = (True, 0) + properties = ambari_server.Properties() + properties.process_pair(ambari_server.IS_LDAP_CONFIGURED, 'true') + get_ambari_properties_mock.return_value = properties + get_validated_string_input_mock.side_effect = ['admin', 'admin'] + + response = MagicMock() + response.getcode.side_effect = [201, 200, 200] + response.read.side_effect = ['{"resources" : [{"href" : "http://c6401.ambari.apache.org:8080/api/v1/ldap_sync_events/16","Event"; : {"id" : 16}}]}', + '{"Event":{"status" : "RUNNING","summary" : {"groups" : {"created" : 0,"removed" : 0,"updated" : 0},"memberships" : {"created" : 0,"removed" : 0},"users" : {"created" : 0,"removed" : 0,"updated" : 0}}}}', + '{"Event":{"status" : "COMPLETE","summary" : {"groups" : {"created" : 1,"removed" : 0,"updated" : 0},"memberships" : {"created" : 5,"removed" : 0},"users" : {"created" : 5,"removed" : 0,"updated" : 0}}}}'] + + urlopen_mock.return_value = response + + try: + ambari_server.sync_ldap() + self.fail("Should fail with exception") + except FatalException as e: + pass @patch("urllib2.urlopen") @patch.object(ambari_server, "get_validated_string_input")
