Ranger-734: Add unit tests for Urser sync module in Ranger Signed-off-by: Velmurugan Periasamy <[email protected]>
Project: http://git-wip-us.apache.org/repos/asf/incubator-ranger/repo Commit: http://git-wip-us.apache.org/repos/asf/incubator-ranger/commit/2c89cf51 Tree: http://git-wip-us.apache.org/repos/asf/incubator-ranger/tree/2c89cf51 Diff: http://git-wip-us.apache.org/repos/asf/incubator-ranger/diff/2c89cf51 Branch: refs/heads/master Commit: 2c89cf5107d6f1316bd6a72f8ccebbbc4c20ebe9 Parents: c62aef1 Author: Sailaja Polavarapu <[email protected]> Authored: Tue Feb 2 15:56:49 2016 -0800 Committer: Velmurugan Periasamy <[email protected]> Committed: Wed Feb 3 11:37:35 2016 -0500 ---------------------------------------------------------------------- ugsync/pom.xml | 29 + .../config/UserGroupSyncConfig.java | 20 + .../ranger/usergroupsync/LdapUserGroupTest.java | 171 ++ .../PolicyMgrUserGroupBuilderTest.java | 55 + ugsync/src/test/resources/ADSchema.ldif | 2399 ++++++++++++++++++ .../src/test/resources/ranger-ugsync-site.xml | 155 ++ 6 files changed, 2829 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c89cf51/ugsync/pom.xml ---------------------------------------------------------------------- diff --git a/ugsync/pom.xml b/ugsync/pom.xml index d7ab9e7..4744f5b 100644 --- a/ugsync/pom.xml +++ b/ugsync/pom.xml @@ -112,5 +112,34 @@ <artifactId>commons-codec</artifactId> <version>${commons.codec.version}</version> </dependency> + <dependency> + <groupId>org.apache.directory.server</groupId> + <artifactId>apacheds-all</artifactId> + <version>2.0.0-M20</version> + <exclusions> + <exclusion> + <groupId>org.apache.directory.api</groupId> + <artifactId>api-ldap-schema-data</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.directory.shared</groupId> + <artifactId>shared-ldap-schema-data</artifactId> + </exclusion> + <exclusion> + <groupId>org.apache.directory.shared</groupId> + <artifactId>shared-ldap-schema</artifactId> + </exclusion> + </exclusions> + </dependency> + <dependency> + <groupId>org.apache.directory.api</groupId> + <artifactId>api-ldap-model</artifactId> + <version>1.0.0-M20</version> + </dependency> + <dependency> + <groupId>commons-io</groupId> + <artifactId>commons-io</artifactId> + <version>1.4</version> + </dependency> </dependencies> </project> http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c89cf51/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java ---------------------------------------------------------------------- diff --git a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java index 792a05a..e46b469 100644 --- a/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java +++ b/ugsync/src/main/java/org/apache/ranger/unixusersync/config/UserGroupSyncConfig.java @@ -789,4 +789,24 @@ public class UserGroupSyncConfig { } return val; } + + /* Used only for unit testing */ + public void setUserSearchFilter(String filter) { + prop.setProperty(LGSYNC_USER_SEARCH_FILTER, filter); + } + + /* Used only for unit testing */ + public void setGroupSearchFilter(String filter) { + prop.setProperty(LGSYNC_GROUP_SEARCH_FILTER, filter); + } + + /* Used only for unit testing */ + public void setGroupSearchEnabled(boolean groupSearchEnabled) { + prop.setProperty(LGSYNC_GROUP_SEARCH_ENABLED, String.valueOf(groupSearchEnabled)); + } + + /* Used only for unit testing */ + public void setPagedResultsEnabled(boolean pagedResultsEnabled) { + prop.setProperty(LGSYNC_PAGED_RESULTS_ENABLED, String.valueOf(pagedResultsEnabled)); + } } http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c89cf51/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java new file mode 100644 index 0000000..ae87aee --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/LdapUserGroupTest.java @@ -0,0 +1,171 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.usergroupsync; + +import static org.junit.Assert.assertEquals; + +import org.apache.directory.server.annotations.CreateLdapConnectionPool; +import org.apache.directory.server.annotations.CreateLdapServer; +import org.apache.directory.server.annotations.CreateTransport; +import org.apache.directory.server.core.annotations.ApplyLdifFiles; +import org.apache.directory.server.core.annotations.ContextEntry; +import org.apache.directory.server.core.annotations.CreateDS; +import org.apache.directory.server.core.annotations.CreatePartition; +import org.apache.directory.server.core.integ.AbstractLdapTestUnit; +import org.apache.directory.server.core.integ.FrameworkRunner; +import org.apache.directory.server.ldap.LdapServer; +import org.apache.directory.server.protocol.shared.transport.TcpTransport; +import org.apache.ranger.ldapusersync.process.LdapUserGroupBuilder; +import org.apache.ranger.unixusersync.config.UserGroupSyncConfig; +import org.junit.After; +import org.junit.Before; +import org.junit.BeforeClass; +import org.junit.Test; +import org.junit.runner.RunWith; + +import org.apache.directory.server.core.annotations.CreateIndex; +import org.apache.ranger.usergroupsync.PolicyMgrUserGroupBuilderTest; + +@RunWith(FrameworkRunner.class) +@CreateDS(name = "classDS", +partitions = +{ + @CreatePartition( + name = "AD", + suffix = "DC=ranger,DC=qe,DC=hortonworks,DC=com", + contextEntry = @ContextEntry( + entryLdif = + "dn: DC=ranger,DC=qe,DC=hortonworks,DC=com\n" + + "objectClass: domain\n" + + "objectClass: top\n" + + "dc: example\n\n" + ), + indexes = + { + @CreateIndex(attribute = "objectClass"), + @CreateIndex(attribute = "dc"), + @CreateIndex(attribute = "ou") + } + ) +} +) +@CreateLdapConnectionPool( + maxActive = 1, + maxWait = 5000 ) +@ApplyLdifFiles( { + "ADSchema.ldif" + } + ) +public class LdapUserGroupTest extends AbstractLdapTestUnit{ + private UserGroupSyncConfig config; + private LdapUserGroupBuilder ldapBuilder; + + @Before + public void setup() throws Exception { + LdapServer ldapServer = new LdapServer(); + ldapServer.setSaslHost("127.0.0.1"); + ldapServer.setSearchBaseDn("DC=ranger,DC=qe,DC=hortonworks,DC=com"); + ldapServer.setTransports(new TcpTransport("127.0.0.1", 10389)); + ldapServer.setDirectoryService(getService()); + ldapServer.setMaxSizeLimit( LdapServer.NO_SIZE_LIMIT ); + setLdapServer(ldapServer); + getService().startup(); + getLdapServer().start(); + config = UserGroupSyncConfig.getInstance(); + ldapBuilder = new LdapUserGroupBuilder(); + ldapBuilder.init(); + } + + @Test + public void testUpdateSinkTotalUsers() throws Throwable { + config.setUserSearchFilter(""); + config.setGroupSearchEnabled(false); + config.setPagedResultsEnabled(true); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(109, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkWithoutPagedResults() throws Throwable { + config.setUserSearchFilter(""); + config.setGroupSearchEnabled(false); + config.setPagedResultsEnabled(false); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(109, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkUserFilter() throws Throwable { + //config.setUserSearchFilter("(|(memberof=cn=usersGroup9,ou=Group,dc=openstacklocal)(memberof=cn=usersGroup4,ou=Group,dc=openstacklocal))"); + config.setUserSearchFilter("(|(memberof=CN=Group10,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com)(memberof=CN=Group11,OU=Groups,DC=ranger,DC=qe,DC=hortonworks,DC=com))"); + config.setGroupSearchEnabled(false); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(12, sink.getTotalUsers()); + } + + @Test + public void testUpdateSinkTotalGroups() throws Throwable { + config.setUserSearchFilter(""); + config.setGroupSearchFilter(""); + config.setGroupSearchEnabled(true); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(10, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkGroupFilter() throws Throwable { + config.setUserSearchFilter(""); + config.setGroupSearchFilter("cn=Group19"); + config.setGroupSearchEnabled(true); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(1, sink.getTotalGroups()); + } + + @Test + public void testUpdateSinkGroupSearchDisable() throws Throwable { + config.setUserSearchFilter(""); + config.setGroupSearchFilter("cn=Group19"); + config.setGroupSearchEnabled(false); + PolicyMgrUserGroupBuilderTest sink = new PolicyMgrUserGroupBuilderTest(); + sink.init(); + ldapBuilder.updateSink(sink); + assertEquals(11, sink.getTotalGroups()); + } + + @After + public void shutdown() throws Exception { + if (getService().isStarted()) { + getService().shutdown(); + } + if (getLdapServer().isStarted()) { + getLdapServer().stop(); + } + } +} http://git-wip-us.apache.org/repos/asf/incubator-ranger/blob/2c89cf51/ugsync/src/test/java/org/apache/ranger/usergroupsync/PolicyMgrUserGroupBuilderTest.java ---------------------------------------------------------------------- diff --git a/ugsync/src/test/java/org/apache/ranger/usergroupsync/PolicyMgrUserGroupBuilderTest.java b/ugsync/src/test/java/org/apache/ranger/usergroupsync/PolicyMgrUserGroupBuilderTest.java new file mode 100644 index 0000000..e106e9c --- /dev/null +++ b/ugsync/src/test/java/org/apache/ranger/usergroupsync/PolicyMgrUserGroupBuilderTest.java @@ -0,0 +1,55 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.ranger.usergroupsync; + +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.apache.ranger.unixusersync.process.PolicyMgrUserGroupBuilder; + +public class PolicyMgrUserGroupBuilderTest extends PolicyMgrUserGroupBuilder { + private static int totalUsers = 0; + private Set<String> allGroups; + + @Override + public void init() throws Throwable { + // TODO Auto-generated method stub + totalUsers = 0; + allGroups = new HashSet<>(); + } + + @Override + public void addOrUpdateUser(String user, List<String> groups) { + totalUsers++; + allGroups.addAll(groups); + //System.out.println("Username: " + user + " and associated groups: " + groups); + } + + public int getTotalUsers() { + return totalUsers; + } + + public int getTotalGroups() { + //System.out.println("Groups = " + allGroups); + return allGroups.size(); + } + +} \ No newline at end of file
