def test_server_class_path_custom_jdbc_path(self, get_native_libs_path_mock, get_jdbc_driver_path_mock, get_conf_dir_mock): properties = Properties() properties.process_pair(JDBC_DRIVER_PATH_PROPERTY, "/ambari/properties/path/to/custom/jdbc.jar") get_jdbc_driver_path_mock.return_value = "/path/to/jdbc.jar" get_native_libs_path_mock.return_value = None get_conf_dir_mock.return_value = "/etc/ambari-server/conf" expected_classpath = "'/etc/ambari-server/conf:/usr/lib/ambari-server/*:/ambari/properties/path/to/custom/jdbc.jar:/path/to/jdbc.jar'" serverClassPath = ServerClassPath(properties, MagicMock()) actual_classpath = serverClassPath.get_full_ambari_classpath_escaped_for_shell() self.assertEquals(expected_classpath, actual_classpath)
def test_setup_sensitive_data_encryption_persist( self, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, update_properties_method, read_ambari_user_method, read_master_key_method, get_is_persisted_method, get_is_secure_method, exists_mock, save_passwd_for_alias_method): is_root_method.return_value = True p = Properties() FAKE_PWD_STRING = "fakepasswd" p.process_pair(JDBC_PASSWORD_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p search_file_message.return_value = "propertiesfile" master_key = "aaa" read_master_key_method.return_value = master_key get_YN_input_method.return_value = True read_ambari_user_method.return_value = None get_is_persisted_method.return_value = (True, "filepath") get_is_secure_method.return_value = False exists_mock.return_value = False save_passwd_for_alias_method.return_value = 0 options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) self.assertTrue(get_YN_input_method.called) self.assertTrue(read_master_key_method.called) self.assertTrue(read_ambari_user_method.called) self.assertTrue(update_properties_method.called) self.assertTrue(save_master_key_method.called) sensitive_data_encryption_metod.assert_called_with( options, "encryption") result_expected = { JDBC_PASSWORD_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), SECURITY_IS_ENCRYPTION_ENABLED: 'true', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'true' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass
def test_decrypt_missed_masterkey_not_persisted( self, get_original_master_key_mock, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock, get_is_secure_method, get_is_persisted_method): is_root_method.return_value = True search_file_message.return_value = False read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, get_alias_string(JDBC_RCA_PASSWORD_ALIAS)) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p get_YN_input_method.side_effect = [True, False] get_original_master_key_mock.return_value = None read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False get_is_secure_method.return_value = True get_is_persisted_method.return_value = (False, "filePath") options = self._create_empty_options_mock() self.assertTrue(setup_sensitive_data_encryption(options) == 1) self.assertFalse(save_master_key_method.called) self.assertTrue(get_YN_input_method.called) pass
def update_properties(propertyMap): conf_file = search_file(AMBARI_PROPERTIES_FILE, get_conf_dir()) backup_file_in_temp(conf_file) if propertyMap is not None and conf_file is not None: properties = Properties() try: with open(conf_file, 'r') as file: properties.load(file) except (Exception), e: print_error_msg('Could not read "%s": %s' % (conf_file, e)) return -1 for key in propertyMap.keys(): properties.removeOldProp(key) properties.process_pair(key, str(propertyMap[key])) for key in properties.keys(): if not propertyMap.has_key(key): properties.removeOldProp(key) with open(conf_file, 'w') as file: properties.store_ordered(file)
def update_properties(propertyMap): conf_file = search_file(AMBARI_PROPERTIES_FILE, get_conf_dir()) backup_file_in_temp(conf_file) if propertyMap is not None and conf_file is not None: properties = Properties() try: with open(conf_file, 'r') as file: properties.load(file) except (Exception), e: print_error_msg('Could not read "%s": %s' % (conf_file, e)) return -1 for key in propertyMap.keys(): properties.removeOldProp(key) properties.process_pair(key, str(propertyMap[key])) for key in properties.keys(): if not propertyMap.has_key(key): properties.removeOldProp(key) with open(conf_file, 'w') as file: properties.store_ordered(file)
def test_decrypt_sensitive_data_persister( self, get_is_persisted_method, get_is_secure_method, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, update_properties_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock): # Testing call under root is_root_method.return_value = True search_file_message.return_value = "filepath" read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p get_is_persisted_method.return_value = (True, "filepath") get_is_secure_method.return_value = True get_YN_input_method.side_effect = [True, False] read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) calls = [call(options, "decryption")] sensitive_data_encryption_metod.assert_has_calls(calls) self.assertTrue(get_YN_input_method.called) self.assertTrue(update_properties_method.called) self.assertTrue(read_passwd_for_alias_method.called) self.assertTrue(2, read_passwd_for_alias_method.call_count) self.assertTrue(2, save_passwd_for_alias_method.call_count) result_expected = { JDBC_PASSWORD_PROPERTY: "fakepassword", JDBC_RCA_PASSWORD_FILE_PROPERTY: "fakepassword", SSL_TRUSTSTORE_PASSWORD_PROPERTY: "fakepassword", SECURITY_IS_ENCRYPTION_ENABLED: 'false', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'false' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass
try: old_properties = Properties() old_properties.load(hfOld) except Exception, e: print 'Could not read "%s": %s' % (prev_conf_file, e) return -1 try: new_properties = Properties() with open(conf_file) as hfNew: new_properties.load(hfNew) for prop_key, prop_value in old_properties.getPropertyDict().items(): if "agent.fqdn.service.url" == prop_key: # BUG-7179 what is agent.fqdn property in ambari.props? new_properties.process_pair(GET_FQDN_SERVICE_URL, prop_value) elif "server.os_type" == prop_key: new_properties.process_pair(OS_TYPE_PROPERTY, OS_FAMILY + OS_VERSION) else: new_properties.process_pair(prop_key, prop_value) # Adding custom user name property if it is absent # In previous versions without custom user support server was started as # "root" anyway so it's a reasonable default if NR_USER_PROPERTY not in new_properties.keys(): new_properties.process_pair(NR_USER_PROPERTY, "root") if OS_FAMILY_PROPERTY not in new_properties.keys(): new_properties.process_pair(OS_FAMILY_PROPERTY, OS_FAMILY + OS_VERSION) with open(conf_file, 'w') as hfW:
try: old_properties = Properties() old_properties.load(open(prev_conf_file)) except Exception, e: print 'Could not read "%s": %s' % (prev_conf_file, e) return -1 try: new_properties = Properties() new_properties.load(open(conf_file)) for prop_key, prop_value in old_properties.getPropertyDict().items(): if ("agent.fqdn.service.url" == prop_key): #BUG-7179 what is agent.fqdn property in ambari.props? new_properties.process_pair(GET_FQDN_SERVICE_URL, prop_value) elif ("server.os_type" == prop_key): new_properties.process_pair(OS_TYPE_PROPERTY, OS_FAMILY + OS_VERSION) else: new_properties.process_pair(prop_key, prop_value) # Adding custom user name property if it is absent # In previous versions without custom user support server was started as # "root" anyway so it's a reasonable default if not NR_USER_PROPERTY in new_properties.keys(): new_properties.process_pair(NR_USER_PROPERTY, "root") isJDK16Installed = new_properties.get_property( JAVA_HOME_PROPERTY) == DEFAULT_JDK16_LOCATION if not JDK_NAME_PROPERTY in new_properties.keys() and isJDK16Installed:
try: old_properties = Properties() old_properties.load(hfOld) except Exception, e: print 'Could not read "%s": %s' % (prev_conf_file, e) return -1 try: new_properties = Properties() with open(conf_file) as hfNew: new_properties.load(hfNew) for prop_key, prop_value in old_properties.getPropertyDict().items(): if "agent.fqdn.service.url" == prop_key: # BUG-7179 what is agent.fqdn property in ambari.props? new_properties.process_pair(GET_FQDN_SERVICE_URL, prop_value) elif "server.os_type" == prop_key: new_properties.process_pair(OS_TYPE_PROPERTY, OS_FAMILY + OS_VERSION) else: new_properties.process_pair(prop_key, prop_value) # Adding custom user name property if it is absent # In previous versions without custom user support server was started as # "root" anyway so it's a reasonable default if NR_USER_PROPERTY not in new_properties.keys(): new_properties.process_pair(NR_USER_PROPERTY, "root") if OS_FAMILY_PROPERTY not in new_properties.keys(): new_properties.process_pair(OS_FAMILY_PROPERTY, OS_FAMILY + OS_VERSION) with open(conf_file, 'w') as hfW:
try: old_properties = Properties() old_properties.load(open(prev_conf_file)) except Exception, e: print 'Could not read "%s": %s' % (prev_conf_file, e) return -1 try: new_properties = Properties() new_properties.load(open(conf_file)) for prop_key, prop_value in old_properties.getPropertyDict().items(): if ("agent.fqdn.service.url" == prop_key): #BUG-7179 what is agent.fqdn property in tbds.props? new_properties.process_pair(GET_FQDN_SERVICE_URL, prop_value) elif ("server.os_type" == prop_key): new_properties.process_pair(OS_TYPE_PROPERTY, OS_FAMILY + OS_VERSION) else: new_properties.process_pair(prop_key, prop_value) # Adding custom user name property if it is absent # In previous versions without custom user support server was started as # "root" anyway so it's a reasonable default if not NR_USER_PROPERTY in new_properties.keys(): new_properties.process_pair(NR_USER_PROPERTY, "root") isJDK16Installed = new_properties.get_property(JAVA_HOME_PROPERTY) == DEFAULT_JDK16_LOCATION if not JDK_NAME_PROPERTY in new_properties.keys() and isJDK16Installed: new_properties.process_pair(JDK_NAME_PROPERTY, JDK_NAMES[1])
def test_encrypt_part_not_persisted( self, get_original_master_key_mock, sensitive_data_encryption_metod, is_root_method, get_ambari_properties_method, search_file_message, get_YN_input_method, save_master_key_method, update_properties_method, read_passwd_for_alias_method, save_passwd_for_alias_method, read_ambari_user_method, exists_mock, get_is_secure_method, get_is_persisted_method): is_root_method.return_value = True search_file_message.return_value = False read_ambari_user_method.return_value = None p = Properties() FAKE_PWD_STRING = '${alias=fakealias}' p.process_pair(JDBC_PASSWORD_PROPERTY, get_alias_string(JDBC_RCA_PASSWORD_ALIAS)) p.process_pair(SSL_TRUSTSTORE_PASSWORD_PROPERTY, FAKE_PWD_STRING) p.process_pair(JDBC_RCA_PASSWORD_FILE_PROPERTY, FAKE_PWD_STRING) get_ambari_properties_method.return_value = p master_key = "aaa" get_YN_input_method.side_effect = [False, False, False] get_original_master_key_mock.return_value = master_key read_passwd_for_alias_method.return_value = "fakepassword" save_passwd_for_alias_method.return_value = 0 exists_mock.return_value = False get_is_secure_method.return_value = True get_is_persisted_method.return_value = (False, "filePath") options = self._create_empty_options_mock() setup_sensitive_data_encryption(options) calls = [call(options, "encryption", master_key)] sensitive_data_encryption_metod.assert_has_calls(calls) self.assertFalse(save_master_key_method.called) self.assertTrue(get_YN_input_method.called) self.assertTrue(get_original_master_key_mock.called) self.assertTrue(update_properties_method.called) self.assertTrue(read_passwd_for_alias_method.called) self.assertTrue(2, read_passwd_for_alias_method.call_count) self.assertTrue(2, save_passwd_for_alias_method.call_count) self.assertFalse(save_master_key_method.called) result_expected = { JDBC_PASSWORD_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), JDBC_RCA_PASSWORD_FILE_PROPERTY: get_alias_string(JDBC_RCA_PASSWORD_ALIAS), SSL_TRUSTSTORE_PASSWORD_PROPERTY: get_alias_string(SSL_TRUSTSTORE_PASSWORD_ALIAS), SECURITY_IS_ENCRYPTION_ENABLED: 'true', SECURITY_SENSITIVE_DATA_ENCRYPTON_ENABLED: 'true' } sorted_x = sorted(result_expected.iteritems(), key=operator.itemgetter(0)) sorted_y = sorted(update_properties_method.call_args[0][1].iteritems(), key=operator.itemgetter(0)) self.assertEquals(sorted_x, sorted_y) pass