Commit e5a34977 authored by Rostislav Vatolin [SLB]'s avatar Rostislav Vatolin [SLB]
Browse files

Merge branch 'refactor-bootstrap-logic' into 'master'

Refactored bootstrapping logic of Initial Accounts

See merge request !78
parents 22df19d7 6b59966c
Pipeline #41034 failed with stages
in 16 minutes and 49 seconds
......@@ -32,6 +32,11 @@ public abstract class AppProperties {
*/
public abstract String getGroupsOfServicePrincipal();
/**
* @return a list containing paths of configuration files
*/
public abstract List<String> getGroupsOfInitialUsers();
/**
* Returns members which are protected from removal from their groups
*/
......
......@@ -17,7 +17,7 @@ public class InitApi {
@PreAuthorize("@authorizationFilter.hasAnyPermission()")
public ResponseEntity<Void> initiateTenant() {
tenantInitService.createDefaultGroups();
tenantInitService.bootstrapServicePrincipal();
tenantInitService.bootstrapInitialAccounts();
return ResponseEntity.ok().build();
}
}
......@@ -44,34 +44,38 @@ public class DefaultTenantInitServiceImpl implements TenantInitService {
}
@Override
public void customizedBootstrap() {
}
@Override
public void bootstrapServicePrincipal() {
public void bootstrapInitialAccounts() {
final Map<String, String> userEmails = createUserEmails();
final String fileContent = fileReaderService.readFile(appProperties.getGroupsOfServicePrincipal());
final JsonObject userElement = getUserJsonObject(fileContent);
final String emailKey = userElement.get("email").getAsString();
final String role = userElement.get("role").getAsString();
final List<String> groupNames = getGroupNamesForOwner(fileContent);
final AddMemberDto addMemberDto = AddMemberDto.builder()
.email(userEmails.get(emailKey))
.role(Role.valueOf(role.toUpperCase()))
.build();
String partitionId = requestInfo.getHeaders().getPartitionId();
String partitionDomain = requestInfoUtilService.getDomain(partitionId);
final String requesterId = requestInfoUtilService.getUserId(requestInfo.getHeaders());
groupNames.stream()
.map(name -> createEmail(name, partitionDomain))
.forEach(groupId -> {
AddMemberServiceDto addMemberServiceDto = AddMemberServiceDto.builder()
.groupEmail(groupId)
.partitionId(partitionId)
.requesterId(requesterId)
.build();
addMemberToGroup(addMemberDto, addMemberServiceDto);
});
List<String> fileNames = appProperties.getGroupsOfInitialUsers();
for (String fileName : fileNames) {
final String fileContent = fileReaderService.readFile(fileName);
final JsonObject userElement = getUserJsonObject(fileContent);
final String emailKey = userElement.get("email").getAsString();
final String role = userElement.get("role").getAsString();
final List<String> groupNames;
if ("OWNER".equalsIgnoreCase(role)) {
groupNames = getGroupNamesForOwner(fileContent);
} else {
groupNames = getGroupNamesForMember(fileContent);
}
final AddMemberDto addMemberDto = AddMemberDto.builder()
.email(userEmails.get(emailKey))
.role(Role.valueOf(role.toUpperCase()))
.build();
String partitionId = requestInfo.getHeaders().getPartitionId();
String partitionDomain = requestInfoUtilService.getDomain(partitionId);
final String requesterId = requestInfoUtilService.getUserId(requestInfo.getHeaders());
groupNames.stream()
.map(name -> createEmail(name, partitionDomain))
.forEach(groupId -> {
AddMemberServiceDto addMemberServiceDto = AddMemberServiceDto.builder()
.groupEmail(groupId)
.partitionId(partitionId)
.requesterId(requesterId)
.build();
addMemberToGroup(addMemberDto, addMemberServiceDto);
});
}
}
private void bootstrapGroups(final String fileName) {
......@@ -210,4 +214,14 @@ public class DefaultTenantInitServiceImpl implements TenantInitService {
array.forEach(element -> groupNames.add(element.getAsJsonObject().get("groupName").getAsString()));
return groupNames;
}
private List<String> getGroupNamesForMember(final String fileContent) {
final List<String> groupNames = new ArrayList<>();
final JsonArray array = JsonParser.parseString(fileContent)
.getAsJsonObject()
.get("membersOf")
.getAsJsonArray();
array.forEach(element -> groupNames.add(element.getAsJsonObject().get("groupName").getAsString()));
return groupNames;
}
}
......@@ -5,7 +5,5 @@ public interface TenantInitService {
void createDefaultGroups();
void bootstrapServicePrincipal();
void customizedBootstrap();
void bootstrapInitialAccounts();
}
......@@ -22,6 +22,11 @@ public class AppPropertiesTestConfiguration {
return null;
}
@Override
public List<String> getGroupsOfInitialUsers() {
return null;
}
@Override
public List<String> getProtectedMembers() {
return null;
......
......@@ -54,6 +54,23 @@ public class DefaultTenantInitServiceImplTests {
" ]\n" +
"}";
private final String MEMBERS = "{\n" +
" \"users\": [\n" +
" {\n" +
" \"email\": \"SERVICE_PRINCIPAL\",\n" +
" \"role\": \"MEMBER\"\n" +
" }\n" +
" ],\n" +
" \"membersOf\": [\n" +
" {\n" +
" \"groupName\": \"groupId1\"\n" +
" },\n" +
" {\n" +
" \"groupName\": \"groupId2\"\n" +
" }\n" +
" ]\n" +
"}";
private final String GROUPS_WITH_NO_MEMBERS = "{\n" +
" \"groups\": [\n" +
" {\n" +
......@@ -120,8 +137,10 @@ public class DefaultTenantInitServiceImplTests {
list.add("/provisioning/groups/datalake_user_groups.json");
list.add("/provisioning/groups/datalake_service_groups.json");
list.add("/provisioning/groups/data_groups.json");
final List<String> fileNames = new ArrayList<>();
fileNames.add("groups_of_service_principal.json");
when(appProperties.getInitialGroups()).thenReturn(list);
when(appProperties.getGroupsOfServicePrincipal()).thenReturn("groups_of_service_principal.json");
when(appProperties.getGroupsOfInitialUsers()).thenReturn(fileNames);
}
@Test
......@@ -231,7 +250,23 @@ public class DefaultTenantInitServiceImplTests {
AddMemberServiceDto addMemberServiceDto2 = AddMemberServiceDto.builder().groupEmail("groupid2@dp.domain.com").requesterId("desId")
.partitionId("dp").build();
tenantInitService.bootstrapServicePrincipal();
tenantInitService.bootstrapInitialAccounts();
verify(addMemberService).run(addMemberDto, addMemberServiceDto1);
verify(addMemberService).run(addMemberDto, addMemberServiceDto2);
verifyNoMoreInteractions(log);
}
@Test
public void shouldSuccessfullyLoadInitialAccounts() {
when(fileReaderService.readFile("groups_of_service_principal.json")).thenReturn(MEMBERS);
AddMemberDto addMemberDto = AddMemberDto.builder().email("service_principal_username").role(Role.MEMBER).build();
AddMemberServiceDto addMemberServiceDto1 = AddMemberServiceDto.builder().groupEmail("groupid1@dp.domain.com").requesterId("desId")
.partitionId("dp").build();
AddMemberServiceDto addMemberServiceDto2 = AddMemberServiceDto.builder().groupEmail("groupid2@dp.domain.com").requesterId("desId")
.partitionId("dp").build();
tenantInitService.bootstrapInitialAccounts();
verify(addMemberService).run(addMemberDto, addMemberServiceDto1);
verify(addMemberService).run(addMemberDto, addMemberServiceDto2);
......
......@@ -97,4 +97,11 @@ public class AwsAppProperties extends AppProperties {
filePaths.add("/provisioning/groups/datalake_service_groups.json");
return filePaths;
}
@Override
public List<String> getGroupsOfInitialUsers() {
List<String> groupsOfInitialUsers = new ArrayList<>();
groupsOfInitialUsers.add(getGroupsOfServicePrincipal());
return groupsOfInitialUsers;
}
}
......@@ -45,6 +45,13 @@ public class AzureAppProperties extends AppProperties {
return initialGroups;
}
@Override
public List<String> getGroupsOfInitialUsers() {
List<String> groupsOfInitialUsers = new ArrayList<>();
groupsOfInitialUsers.add(getGroupsOfServicePrincipal());
return groupsOfInitialUsers;
}
@Override
public String getGroupsOfServicePrincipal() {
return "/provisioning/accounts/groups_of_service_principal.json";
......
......@@ -146,4 +146,11 @@ public class GcpAppProperties extends AppProperties {
filePaths.add("/provisioning/groups/datalake_service_groups.json");
return filePaths;
}
@Override
public List<String> getGroupsOfInitialUsers() {
List<String> groupsOfInitialUsers = new ArrayList<>();
groupsOfInitialUsers.add(getGroupsOfServicePrincipal());
return groupsOfInitialUsers;
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment