AMBARI-19984. ambari-server upgrade is not idempotent (magyari_sandor)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/513b5275 Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/513b5275 Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/513b5275 Branch: refs/heads/branch-feature-AMBARI-12556 Commit: 513b527564cef89dff2154504ef4108d6eea5123 Parents: 11893d4 Author: Sandor Magyari <[email protected]> Authored: Wed Feb 15 13:46:29 2017 +0100 Committer: Sandor Magyari <[email protected]> Committed: Wed Feb 15 14:00:04 2017 +0100 ---------------------------------------------------------------------- .../server/orm/entities/PermissionEntity.java | 30 ++++++++-- .../internal/InternalAuthenticationToken.java | 24 +------- .../server/upgrade/AbstractUpgradeCatalog.java | 2 +- .../security/TestAuthenticationFactory.java | 44 ++++---------- .../authorization/AuthorizationHelperTest.java | 24 ++++---- .../server/upgrade/UpgradeCatalog242Test.java | 27 +++------ .../server/upgrade/UpgradeCatalog250Test.java | 61 ++++++++++++++------ 7 files changed, 104 insertions(+), 108 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java index fb01cca..a7a07f3 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/orm/entities/PermissionEntity.java @@ -20,6 +20,8 @@ package org.apache.ambari.server.orm.entities; import java.util.Collection; +import java.util.LinkedHashSet; +import java.util.Set; import javax.persistence.Column; import javax.persistence.Entity; @@ -37,6 +39,8 @@ import javax.persistence.OneToOne; import javax.persistence.Table; import javax.persistence.TableGenerator; +import org.apache.ambari.server.security.authorization.RoleAuthorization; + /** * Represents an admin permission. */ @@ -120,7 +124,7 @@ public class PermissionEntity { joinColumns = {@JoinColumn(name = "permission_id")}, inverseJoinColumns = {@JoinColumn(name = "authorization_id")} ) - private Collection<RoleAuthorizationEntity> authorizations; + private Set<RoleAuthorizationEntity> authorizations = new LinkedHashSet<>(); /** * The permission's explicit sort order @@ -230,12 +234,26 @@ public class PermissionEntity { } /** - * Sets the collection of granular authorizations for this PermissionEntity - * - * @param authorizations a collection of granular authorizations + * Add roleAuthorization if it's not already added + */ + public void addAuthorization(RoleAuthorizationEntity roleAuthorization) { + authorizations.add(roleAuthorization); + } + + /** + * Add multiple role authorizations */ - public void setAuthorizations(Collection<RoleAuthorizationEntity> authorizations) { - this.authorizations = authorizations; + public void addAuthorizations(Collection<RoleAuthorization> roleAuthorizations) { + for (RoleAuthorization roleAuthorization : roleAuthorizations) { + addAuthorization(createRoleAuthorizationEntity(roleAuthorization)); + } + } + + private static RoleAuthorizationEntity createRoleAuthorizationEntity(RoleAuthorization authorization) { + RoleAuthorizationEntity roleAuthorizationEntity = new RoleAuthorizationEntity(); + roleAuthorizationEntity.setAuthorizationId(authorization.getId()); + roleAuthorizationEntity.setAuthorizationName(authorization.name()); + return roleAuthorizationEntity; } /** http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java index 8e69004..920db7a 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/security/authorization/internal/InternalAuthenticationToken.java @@ -18,16 +18,14 @@ package org.apache.ambari.server.security.authorization.internal; -import java.util.ArrayList; import java.util.Collection; import java.util.Collections; -import java.util.List; +import java.util.EnumSet; import org.apache.ambari.server.orm.entities.PermissionEntity; import org.apache.ambari.server.orm.entities.PrivilegeEntity; import org.apache.ambari.server.orm.entities.ResourceEntity; import org.apache.ambari.server.orm.entities.ResourceTypeEntity; -import org.apache.ambari.server.orm.entities.RoleAuthorizationEntity; import org.apache.ambari.server.security.authorization.AmbariGrantedAuthority; import org.apache.ambari.server.security.authorization.ResourceType; import org.apache.ambari.server.security.authorization.RoleAuthorization; @@ -60,7 +58,7 @@ public class InternalAuthenticationToken implements Authentication { PermissionEntity pe = new PermissionEntity(); pe.setId(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION); pe.setPermissionName(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION_NAME); - pe.setAuthorizations(createAdminAuthorizations()); + pe.addAuthorizations(EnumSet.allOf(RoleAuthorization.class)); entity.setPermission(pe); ResourceEntity resource = new ResourceEntity(); @@ -73,24 +71,6 @@ public class InternalAuthenticationToken implements Authentication { entity.setResource(resource); } - /** - * Creates the collection of RoleAuthorizationEntity objects that an administrative user would have. - * - * @return a collection of RoleAuthorizationEntity objects - */ - private static Collection<RoleAuthorizationEntity> createAdminAuthorizations() { - List<RoleAuthorizationEntity> authorizations = new ArrayList<RoleAuthorizationEntity>(); - - for (RoleAuthorization roleAuthorization : RoleAuthorization.values()) { - RoleAuthorizationEntity re = new RoleAuthorizationEntity(); - re.setAuthorizationId(roleAuthorization.getId()); - re.setAuthorizationName(roleAuthorization.name()); - authorizations.add(re); - } - - return authorizations; - } - public InternalAuthenticationToken(String tokenString) { this.token = tokenString; } http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java index 4b33bcd..20280fb 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/upgrade/AbstractUpgradeCatalog.java @@ -884,7 +884,7 @@ public abstract class AbstractUpgradeCatalog implements UpgradeCatalog { PermissionEntity role = permissionDAO.findPermissionByNameAndType(roleName, resourceTypeDAO.findByName(resourceType)); if (role != null) { - role.getAuthorizations().add(roleAuthorization); + role.addAuthorization(roleAuthorization); permissionDAO.merge(role); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java b/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java index 1e68f9d..39b3d47 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/TestAuthenticationFactory.java @@ -18,17 +18,14 @@ package org.apache.ambari.server.security; -import java.util.ArrayList; import java.util.Collection; import java.util.Collections; import java.util.EnumSet; -import java.util.Set; import org.apache.ambari.server.orm.entities.PermissionEntity; import org.apache.ambari.server.orm.entities.PrivilegeEntity; import org.apache.ambari.server.orm.entities.ResourceEntity; import org.apache.ambari.server.orm.entities.ResourceTypeEntity; -import org.apache.ambari.server.orm.entities.RoleAuthorizationEntity; import org.apache.ambari.server.security.authorization.AmbariGrantedAuthority; import org.apache.ambari.server.security.authorization.ResourceType; import org.apache.ambari.server.security.authorization.RoleAuthorization; @@ -173,7 +170,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(PermissionEntity.AMBARI_ADMINISTRATOR_PERMISSION); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.AMBARI)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.allOf(RoleAuthorization.class))); + permissionEntity.addAuthorizations(EnumSet.allOf(RoleAuthorization.class)); return permissionEntity; } @@ -181,7 +178,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(PermissionEntity.CLUSTER_ADMINISTRATOR_PERMISSION); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( + permissionEntity.addAuthorizations(EnumSet.of( RoleAuthorization.CLUSTER_MANAGE_CREDENTIALS, RoleAuthorization.CLUSTER_MODIFY_CONFIGS, RoleAuthorization.CLUSTER_MANAGE_CONFIG_GROUPS, @@ -220,7 +217,7 @@ public class TestAuthenticationFactory { RoleAuthorization.CLUSTER_RUN_CUSTOM_COMMAND, RoleAuthorization.SERVICE_MANAGE_AUTO_START, RoleAuthorization.CLUSTER_MANAGE_AUTO_START, - RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))); + RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA)); return permissionEntity; } @@ -228,7 +225,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(5); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( + permissionEntity.addAuthorizations(EnumSet.of( RoleAuthorization.HOST_VIEW_CONFIGS, RoleAuthorization.HOST_ADD_DELETE_COMPONENTS, RoleAuthorization.HOST_VIEW_METRICS, @@ -261,7 +258,7 @@ public class TestAuthenticationFactory { RoleAuthorization.SERVICE_VIEW_OPERATIONAL_LOGS, RoleAuthorization.SERVICE_MANAGE_AUTO_START, RoleAuthorization.CLUSTER_MANAGE_AUTO_START, - RoleAuthorization.CLUSTER_MANAGE_CREDENTIALS))); + RoleAuthorization.CLUSTER_MANAGE_CREDENTIALS)); return permissionEntity; } @@ -269,7 +266,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(5); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( + permissionEntity.addAuthorizations(EnumSet.of( RoleAuthorization.CLUSTER_VIEW_ALERTS, RoleAuthorization.CLUSTER_VIEW_CONFIGS, RoleAuthorization.CLUSTER_VIEW_METRICS, @@ -296,7 +293,7 @@ public class TestAuthenticationFactory { RoleAuthorization.SERVICE_VIEW_STATUS_INFO, RoleAuthorization.SERVICE_VIEW_OPERATIONAL_LOGS, RoleAuthorization.SERVICE_MANAGE_AUTO_START, - RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA))); + RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA)); return permissionEntity; } @@ -304,7 +301,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(6); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( + permissionEntity.addAuthorizations(EnumSet.of( RoleAuthorization.SERVICE_VIEW_CONFIGS, RoleAuthorization.SERVICE_VIEW_METRICS, RoleAuthorization.SERVICE_VIEW_STATUS_INFO, @@ -322,7 +319,7 @@ public class TestAuthenticationFactory { RoleAuthorization.CLUSTER_VIEW_STACK_DETAILS, RoleAuthorization.CLUSTER_VIEW_STATUS_INFO, RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA - ))); + )); return permissionEntity; } @@ -330,7 +327,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(PermissionEntity.CLUSTER_USER_PERMISSION); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( + permissionEntity.addAuthorizations(EnumSet.of( RoleAuthorization.SERVICE_VIEW_CONFIGS, RoleAuthorization.SERVICE_VIEW_METRICS, RoleAuthorization.SERVICE_VIEW_STATUS_INFO, @@ -344,7 +341,7 @@ public class TestAuthenticationFactory { RoleAuthorization.CLUSTER_VIEW_STACK_DETAILS, RoleAuthorization.CLUSTER_VIEW_STATUS_INFO, RoleAuthorization.CLUSTER_MANAGE_USER_PERSISTED_DATA - ))); + )); return permissionEntity; } @@ -352,9 +349,7 @@ public class TestAuthenticationFactory { PermissionEntity permissionEntity = new PermissionEntity(); permissionEntity.setId(PermissionEntity.VIEW_USER_PERMISSION); permissionEntity.setResourceType(createResourceTypeEntity(ResourceType.CLUSTER)); - permissionEntity.setAuthorizations(createAuthorizations(EnumSet.of( - RoleAuthorization.VIEW_USE - ))); + permissionEntity.addAuthorizations(EnumSet.of(RoleAuthorization.VIEW_USE)); return permissionEntity; } @@ -396,21 +391,6 @@ public class TestAuthenticationFactory { return resourceTypeEntity; } - private static RoleAuthorizationEntity createRoleAuthorizationEntity(RoleAuthorization authorization) { - RoleAuthorizationEntity roleAuthorizationEntity = new RoleAuthorizationEntity(); - roleAuthorizationEntity.setAuthorizationId(authorization.getId()); - roleAuthorizationEntity.setAuthorizationName(authorization.name()); - return roleAuthorizationEntity; - } - - private static Collection<RoleAuthorizationEntity> createAuthorizations(Set<RoleAuthorization> roleAuthorizations) { - Collection<RoleAuthorizationEntity> roleAuthorizationEntities = new ArrayList<RoleAuthorizationEntity>(); - for (RoleAuthorization roleAuthorization : roleAuthorizations) { - roleAuthorizationEntities.add(createRoleAuthorizationEntity(roleAuthorization)); - } - return roleAuthorizationEntities; - } - private static class TestAuthorization implements Authentication { private final String name; private final Collection<? extends GrantedAuthority> authorities; http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java index 7fb8867..26eb8fb 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/security/authorization/AuthorizationHelperTest.java @@ -260,16 +260,16 @@ public class AuthorizationHelperTest extends EasyMockSupport { cluster2ResourceEntity.setId(2L); PermissionEntity readOnlyPermissionEntity = new PermissionEntity(); - readOnlyPermissionEntity.setAuthorizations(Collections.singleton(readOnlyRoleAuthorizationEntity)); + readOnlyPermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); PermissionEntity privilegedPermissionEntity = new PermissionEntity(); - privilegedPermissionEntity.setAuthorizations(Arrays.asList(readOnlyRoleAuthorizationEntity, - privilegedRoleAuthorizationEntity)); + privilegedPermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); + privilegedPermissionEntity.addAuthorization(privilegedRoleAuthorizationEntity); PermissionEntity administratorPermissionEntity = new PermissionEntity(); - administratorPermissionEntity.setAuthorizations(Arrays.asList(readOnlyRoleAuthorizationEntity, - privilegedRoleAuthorizationEntity, - administratorRoleAuthorizationEntity)); + administratorPermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); + administratorPermissionEntity.addAuthorization(privilegedRoleAuthorizationEntity); + administratorPermissionEntity.addAuthorization(administratorRoleAuthorizationEntity); PrivilegeEntity readOnlyPrivilegeEntity = new PrivilegeEntity(); readOnlyPrivilegeEntity.setPermission(readOnlyPermissionEntity); @@ -395,16 +395,16 @@ public class AuthorizationHelperTest extends EasyMockSupport { viewResourceEntity.setId(53L); PermissionEntity readOnlyPermissionEntity = new PermissionEntity(); - readOnlyPermissionEntity.setAuthorizations(Collections.singleton(readOnlyRoleAuthorizationEntity)); + readOnlyPermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); PermissionEntity viewUsePermissionEntity = new PermissionEntity(); - viewUsePermissionEntity.setAuthorizations(Arrays.asList(readOnlyRoleAuthorizationEntity, - viewUseRoleAuthorizationEntity)); + viewUsePermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); + viewUsePermissionEntity.addAuthorization(viewUseRoleAuthorizationEntity); PermissionEntity administratorPermissionEntity = new PermissionEntity(); - administratorPermissionEntity.setAuthorizations(Arrays.asList(readOnlyRoleAuthorizationEntity, - viewUseRoleAuthorizationEntity, - administratorRoleAuthorizationEntity)); + administratorPermissionEntity.addAuthorization(readOnlyRoleAuthorizationEntity); + administratorPermissionEntity.addAuthorization(viewUseRoleAuthorizationEntity); + administratorPermissionEntity.addAuthorization(administratorRoleAuthorizationEntity); PrivilegeEntity readOnlyPrivilegeEntity = new PrivilegeEntity(); readOnlyPrivilegeEntity.setPermission(readOnlyPermissionEntity); http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog242Test.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog242Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog242Test.java index 0cd4f12f..2d0064f 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog242Test.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog242Test.java @@ -35,7 +35,6 @@ import static org.easymock.EasyMock.verify; import java.lang.reflect.Method; import java.sql.SQLException; import java.util.ArrayList; -import java.util.Collection; import java.util.HashSet; import java.util.List; import java.util.Set; @@ -388,18 +387,10 @@ public class UpgradeCatalog242Test { ResourceTypeEntity clusterResourceTypeEntity = easyMockSupport.createMock(ResourceTypeEntity.class); - Collection<RoleAuthorizationEntity> ambariAdministratorAuthorizations = new ArrayList<RoleAuthorizationEntity>(); - Collection<RoleAuthorizationEntity> clusterAdministratorAuthorizations = new ArrayList<RoleAuthorizationEntity>(); - - PermissionEntity clusterAdministratorPermissionEntity = easyMockSupport.createMock(PermissionEntity.class); - expect(clusterAdministratorPermissionEntity.getAuthorizations()) - .andReturn(clusterAdministratorAuthorizations) - .times(1); - - PermissionEntity ambariAdministratorPermissionEntity = easyMockSupport.createMock(PermissionEntity.class); - expect(ambariAdministratorPermissionEntity.getAuthorizations()) - .andReturn(ambariAdministratorAuthorizations) - .times(2); + PermissionEntity clusterAdministratorPermissionEntity = new PermissionEntity(); + clusterAdministratorPermissionEntity.setId(1); + PermissionEntity ambariAdministratorPermissionEntity = new PermissionEntity(); + ambariAdministratorPermissionEntity.setId(2); PermissionDAO permissionDAO = easyMockSupport.createMock(PermissionDAO.class); expect(permissionDAO.findPermissionByNameAndType("AMBARI.ADMINISTRATOR", ambariResourceTypeEntity)) @@ -449,11 +440,11 @@ public class UpgradeCatalog242Test { Assert.assertEquals("CLUSTER.RUN_CUSTOM_COMMAND", clusterRunCustomCommandEntity.getAuthorizationId()); Assert.assertEquals("Perform custom cluster-level actions", clusterRunCustomCommandEntity.getAuthorizationName()); - Assert.assertEquals(2, ambariAdministratorAuthorizations.size()); - Assert.assertTrue(ambariAdministratorAuthorizations.contains(clusterRunCustomCommandEntity)); - Assert.assertTrue(ambariAdministratorAuthorizations.contains(ambariRunCustomCommandEntity)); + Assert.assertEquals(2, ambariAdministratorPermissionEntity.getAuthorizations().size()); + Assert.assertTrue(ambariAdministratorPermissionEntity.getAuthorizations().contains(clusterRunCustomCommandEntity)); + Assert.assertTrue(ambariAdministratorPermissionEntity.getAuthorizations().contains(ambariRunCustomCommandEntity)); - Assert.assertEquals(1, clusterAdministratorAuthorizations.size()); - Assert.assertTrue(clusterAdministratorAuthorizations.contains(clusterRunCustomCommandEntity)); + Assert.assertEquals(1, clusterAdministratorPermissionEntity.getAuthorizations().size()); + Assert.assertTrue(clusterAdministratorPermissionEntity.getAuthorizations().contains(clusterRunCustomCommandEntity)); } } http://git-wip-us.apache.org/repos/asf/ambari/blob/513b5275/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java index 2836858..f4212d6 100644 --- a/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java +++ b/ambari-server/src/test/java/org/apache/ambari/server/upgrade/UpgradeCatalog250Test.java @@ -37,8 +37,6 @@ import java.sql.Connection; import java.sql.ResultSet; import java.sql.SQLException; import java.sql.Statement; -import java.util.ArrayList; -import java.util.Collection; import java.util.HashMap; import java.util.HashSet; import java.util.List; @@ -1580,16 +1578,10 @@ public class UpgradeCatalog250Test { ResourceTypeEntity clusterResourceTypeEntity = easyMockSupport.createMock(ResourceTypeEntity.class); - Collection<RoleAuthorizationEntity> ambariAdministratorAuthorizations = new ArrayList<RoleAuthorizationEntity>(); - Collection<RoleAuthorizationEntity> clusterAdministratorAuthorizations = new ArrayList<RoleAuthorizationEntity>(); - - PermissionEntity clusterAdministratorPermissionEntity = easyMockSupport.createMock(PermissionEntity.class); - expect(clusterAdministratorPermissionEntity.getAuthorizations()) - .andReturn(clusterAdministratorAuthorizations).atLeastOnce(); - - PermissionEntity ambariAdministratorPermissionEntity = easyMockSupport.createMock(PermissionEntity.class); - expect(ambariAdministratorPermissionEntity.getAuthorizations()) - .andReturn(ambariAdministratorAuthorizations).atLeastOnce(); + PermissionEntity clusterAdministratorPermissionEntity = new PermissionEntity(); + clusterAdministratorPermissionEntity.setId(1); + PermissionEntity ambariAdministratorPermissionEntity = new PermissionEntity(); + ambariAdministratorPermissionEntity.setId(2); PermissionDAO permissionDAO = easyMockSupport.createMock(PermissionDAO.class); expect(permissionDAO.findPermissionByNameAndType("AMBARI.ADMINISTRATOR", ambariResourceTypeEntity)) @@ -1635,12 +1627,47 @@ public class UpgradeCatalog250Test { Assert.assertEquals("CLUSTER.RUN_CUSTOM_COMMAND", clusterRunCustomCommandEntity.getAuthorizationId()); Assert.assertEquals("Perform custom cluster-level actions", clusterRunCustomCommandEntity.getAuthorizationName()); - Assert.assertEquals(2, ambariAdministratorAuthorizations.size()); - Assert.assertTrue(ambariAdministratorAuthorizations.contains(clusterRunCustomCommandEntity)); - Assert.assertTrue(ambariAdministratorAuthorizations.contains(ambariRunCustomCommandEntity)); + Assert.assertEquals(2, ambariAdministratorPermissionEntity.getAuthorizations().size()); + Assert.assertTrue(ambariAdministratorPermissionEntity.getAuthorizations().contains(clusterRunCustomCommandEntity)); + Assert.assertTrue(ambariAdministratorPermissionEntity.getAuthorizations().contains(ambariRunCustomCommandEntity)); + + Assert.assertEquals(1, clusterAdministratorPermissionEntity.getAuthorizations().size()); + Assert.assertTrue(clusterAdministratorPermissionEntity.getAuthorizations().contains(clusterRunCustomCommandEntity)); + } + + @Test + public void testAddingRoleAuthorizationIsIdempotent() throws Exception { + EasyMockSupport easyMockSupport = new EasyMockSupport(); + ResourceTypeEntity ambariResourceTypeEntity = new ResourceTypeEntity(); + PermissionEntity ambariAdministratorPermissionEntity = new PermissionEntity(); + + final PermissionDAO permissionDAO = easyMockSupport.createNiceMock(PermissionDAO.class); + expect(permissionDAO.findPermissionByNameAndType("AMBARI.ADMINISTRATOR", ambariResourceTypeEntity)) + .andReturn(ambariAdministratorPermissionEntity) + .anyTimes(); + + final ResourceTypeDAO resourceTypeDAO = easyMockSupport.createNiceMock(ResourceTypeDAO.class); + expect(resourceTypeDAO.findByName("AMBARI")).andReturn(ambariResourceTypeEntity).anyTimes(); + + final RoleAuthorizationDAO roleAuthorizationDAO = easyMockSupport.createNiceMock(RoleAuthorizationDAO.class); + expect(roleAuthorizationDAO.findById("CLUSTER.RUN_CUSTOM_COMMAND")).andReturn(null).anyTimes(); + + Capture<RoleAuthorizationEntity> captureAmbariRunCustomCommandEntity = newCapture(); + roleAuthorizationDAO.create(capture(captureAmbariRunCustomCommandEntity)); + expectLastCall().times(2); + + Injector injector = easyMockSupport.createNiceMock(Injector.class); + expect(injector.getInstance(RoleAuthorizationDAO.class)).andReturn(roleAuthorizationDAO).atLeastOnce(); + expect(injector.getInstance(PermissionDAO.class)).andReturn(permissionDAO).atLeastOnce(); + expect(injector.getInstance(ResourceTypeDAO.class)).andReturn(resourceTypeDAO).atLeastOnce(); + + easyMockSupport.replayAll(); + + new UpgradeCatalog242(injector).createRoleAuthorizations(); + new UpgradeCatalog242(injector).createRoleAuthorizations(); + easyMockSupport.verifyAll(); - Assert.assertEquals(1, clusterAdministratorAuthorizations.size()); - Assert.assertTrue(clusterAdministratorAuthorizations.contains(clusterRunCustomCommandEntity)); + Assert.assertEquals(2, ambariAdministratorPermissionEntity.getAuthorizations().size()); } @Test
