Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package org.apache.ambari.funtest.server.tests; import com.google.gson.JsonElement; import org.apache.ambari.funtest.server.AmbariUserRole; import org.apache.ambari.funtest.server.ClusterConfigParams; import org.apache.ambari.funtest.server.ConnectionParams; import org.apache.ambari.funtest.server.WebRequest; import org.apache.ambari.funtest.server.WebResponse; import org.apache.ambari.funtest.server.api.cluster.CreateClusterWebRequest; import org.apache.ambari.funtest.server.api.cluster.CreateConfigurationWebRequest; import org.apache.ambari.funtest.server.api.cluster.DeleteClusterWebRequest; import org.apache.ambari.funtest.server.api.cluster.GetAllClustersWebRequest; import org.apache.ambari.funtest.server.api.user.DeleteUserWebRequest; import org.apache.ambari.funtest.server.utils.ClusterUtils; import org.apache.ambari.funtest.server.utils.RestApiUtils; import org.apache.commons.httpclient.HttpStatus; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.junit.Test; import java.util.HashMap; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertEquals; /** * Tests operations with users with different levels of privileges */ public class RoleBasedAccessControlBasicTest extends ServerTestBase { private String clusterName = "c1"; private String hostName = "host1"; private String clusterVersion = "HDP-2.2.0"; private static Log LOG = LogFactory.getLog(RoleBasedAccessControlBasicTest.class); @Override public void setup() throws Exception { super.setup(); setupCluster(); } @Override public void teardown() throws Exception { teardownCluster(); super.teardown(); } /** * Creates an anonymous user (user with no role). Attempts to get the list of clusters * * @throws Exception */ @Test public void testGetClustersAsAnonUser() throws Exception { JsonElement jsonResponse; ConnectionParams adminConnectionParams = createAdminConnectionParams(); String anonUserName = "nothing"; String anonUserPwd = "nothing"; /** * Create a new user (non-admin) */ ClusterUtils.createUser(adminConnectionParams, clusterName, anonUserName, anonUserPwd, AmbariUserRole.NONE); /** * Attempt to query all the clusters using this user's privilege. Right now we should be * able to get the list of clusters, though this user should not be able to. But this is * required for UI to display the clusters. * * todo: Fix this when UI is fixed. */ ConnectionParams anonUserParams = createConnectionParams(anonUserName, anonUserPwd); jsonResponse = RestApiUtils.executeRequest(new GetAllClustersWebRequest(anonUserParams)); assertFalse(jsonResponse.isJsonNull()); /** * Delete the user */ jsonResponse = RestApiUtils.executeRequest(new DeleteUserWebRequest(adminConnectionParams, anonUserName)); LOG.info(jsonResponse); } /** * Creates an anonymous user and uses the user to add a cluster configuration. * * @throws Exception */ @Test public void testAddClusterConfigAsAnonUser() throws Exception { ConnectionParams adminConnectionParams = createAdminConnectionParams(); String anonUserName = "nothing"; String anonUserPwd = "nothing"; /** * Create a new user (non-admin) */ ClusterUtils.createUser(adminConnectionParams, clusterName, anonUserName, anonUserPwd, AmbariUserRole.NONE); /** * Create and add a configuration to our cluster using the new user's privilege */ String configType = "test-hadoop-env"; String configTag = "version1"; ClusterConfigParams configParams = new ClusterConfigParams(); configParams.setClusterName(clusterName); configParams.setConfigType(configType); configParams.setConfigTag(configTag); configParams.setProperties(new HashMap<String, String>() { { put("fs.default.name", "localhost:9995"); } }); /** * Attempting to create the configuration should fail with 403 */ ConnectionParams anonUserParams = createConnectionParams(anonUserName, anonUserPwd); WebRequest webRequest = new CreateConfigurationWebRequest(anonUserParams, configParams); WebResponse webResponse = webRequest.getResponse(); assertEquals(HttpStatus.SC_FORBIDDEN, webResponse.getStatusCode()); /** * Delete the user */ JsonElement jsonResponse = RestApiUtils .executeRequest(new DeleteUserWebRequest(adminConnectionParams, "nothing")); LOG.info(jsonResponse); } /** * Creates a user with cluster administrator privilege and adds a cluster configuration. * * @throws Exception */ @Test public void testAddClusterConfigAsClusterAdmin() throws Exception { ConnectionParams adminConnectionParams = createAdminConnectionParams(); String clusterAdminName = "clusterAdmin"; String clusterAdminPwd = "clusterAdmin"; /** * Create a user with cluster admin role */ ClusterUtils.createUserClusterAdministrator(adminConnectionParams, clusterName, clusterAdminName, clusterAdminPwd); /** * Create and add a configuration to our cluster using the new user's privilege */ String configType = "test-hadoop-env"; String configTag = "version1"; ClusterConfigParams configParams = new ClusterConfigParams(); configParams.setClusterName(clusterName); configParams.setConfigType(configType); configParams.setConfigTag(configTag); configParams.setProperties(new HashMap<String, String>() { { put("fs.default.name", "localhost:9995"); } }); /** * This user has enough privilege to create the cluster configuration. Should succeed with 201. */ ConnectionParams userConnectionParams = createConnectionParams(clusterAdminName, clusterAdminPwd); WebRequest webRequest = new CreateConfigurationWebRequest(userConnectionParams, configParams); WebResponse webResponse = webRequest.getResponse(); assertEquals(HttpStatus.SC_CREATED, webResponse.getStatusCode()); /** * Delete the user */ RestApiUtils.executeRequest(new DeleteUserWebRequest(adminConnectionParams, clusterAdminName)); } /** * Create a cluster with name "c1". Does not have any hosts. * * @throws Exception */ private void setupCluster() throws Exception { JsonElement jsonResponse; ConnectionParams params = createAdminConnectionParams(); /** * Create a cluster as admin:admin */ jsonResponse = RestApiUtils .executeRequest(new CreateClusterWebRequest(params, clusterName, clusterVersion)); LOG.info(jsonResponse); } private void teardownCluster() throws Exception { JsonElement jsonResponse; ConnectionParams params = createAdminConnectionParams(); jsonResponse = RestApiUtils.executeRequest(new DeleteClusterWebRequest(params, clusterName)); LOG.info(jsonResponse); } /** * Helper method to create administrator connection parameters to the server. * * @return */ private ConnectionParams createAdminConnectionParams() { return createConnectionParams(getAdminUserName(), getAdminPassword()); } /** * Helper method to create connection parameters to the server based on the * specified user credentials. * * @param userName * @param password * @return */ private ConnectionParams createConnectionParams(String userName, String password) { ConnectionParams params = new ConnectionParams(); params.setServerName("localhost"); params.setServerApiPort(serverPort); params.setServerAgentPort(serverAgentPort); params.setUserName(userName); params.setPassword(password); return params; } }