def test_get_ambari_admin_credentials_from_cli_options(self): user_name = "admin" password = "******" options = MagicMock() options.ambari_admin_username = user_name options.ambari_admin_password = password user, pw = get_ambari_admin_username_password_pair(options) self.assertEquals(user, user_name) self.assertEquals(pw, password)
def update_ldap_configuration(options, properties, ldap_property_value_map): admin_login, admin_password = get_ambari_admin_username_password_pair(options) request_data = { "Configuration": { "category": "ldap-configuration", "properties": { } } } request_data['Configuration']['properties'] = ldap_property_value_map perform_changes_via_rest_api(properties, admin_login, admin_password, SETUP_LDAP_CONFIG_URL, 'PUT', request_data)
def setup_sso(options): print_info_msg("Setup SSO.") server_status, pid = is_server_runing() if not server_status: err = 'Ambari Server is not running.' raise FatalException(1, err) if not get_silent(): validate_options(options) ambari_properties = get_ambari_properties() admin_login, admin_password = get_ambari_admin_username_password_pair(options) properties = get_sso_properties(ambari_properties, admin_login, admin_password) if not options.sso_enabled: sso_enabled = get_value_from_dictionary(properties, SSO_MANAGE_SERVICES, None) if sso_enabled: sso_status = "enabled" if sso_enabled == "true" else "disabled" else: sso_status = "not configured" sys.stdout.write("\nSSO is currently %s\n" % sso_status) if sso_status == "enabled": enable_sso = not get_YN_input("Do you want to disable SSO authentication [y/n] (n)? ", False) else: if get_YN_input("Do you want to configure SSO authentication [y/n] (y)? ", True): enable_sso = True else: return False else: enable_sso = options.sso_enabled == 'true' services = None if enable_sso: populate_sso_provider_url(options, properties) populate_sso_public_cert(options, properties) populate_jwt_cookie_name(options, properties) populate_jwt_audiences(options, properties) services = get_services_requires_sso(options, ambari_properties, admin_login, admin_password) enable_jwt_auth = services and (WILDCARD_FOR_ALL_SERVICES in services or SERVICE_NAME_AMBARI in services) properties[AMBARI_JWT_AUTH_ENBABLED] = "true" if enable_jwt_auth else "false" properties[SSO_MANAGE_SERVICES] = "true" if enable_sso else "false" properties[SSO_ENABLED_SERVICES] = ','.join(services) if services else "" update_sso_conf(ambari_properties, properties, admin_login, admin_password) pass else: warning = "setup-sso is not enabled in silent mode." raise NonFatalException(warning) pass
def test_get_ambari_admin_credentials_from_user_input(self, get_validated_string_input_mock): user_name = "admin" password = "******" options = MagicMock() options.ambari_admin_username = None options.ambari_admin_password = None def valid_input_side_effect(*args, **kwargs): return user_name if 'Ambari Admin login' in args[0] else password get_validated_string_input_mock.side_effect = valid_input_side_effect user, pw = get_ambari_admin_username_password_pair(options) self.assertEquals(user, user_name) self.assertEquals(pw, password)
def setup_sso(options): logger.info("Setup SSO.") if not is_root(): raise FatalException( 4, 'ambari-server setup-sso should be run with root-level privileges') server_status, pid = is_server_runing() if not server_status: err = 'Ambari Server is not running.' raise FatalException(1, err) if not get_silent(): validate_options(options) properties = get_ambari_properties() admin_login, admin_password = get_ambari_admin_username_password_pair( options) if not options.sso_enabled: sso_enabled_from_db = get_sso_property_from_db( properties, admin_login, admin_password, SSO_MANAGE_SERVICES) sso_enabled = sso_enabled_from_db == None or sso_enabled_from_db in [ 'true' ] print_info_msg( "SSO is currently {0}".format( "not configured" if sso_enabled_from_db == None else ( "enabled" if sso_enabled else "disabled")), True) if sso_enabled: enable_sso = not get_YN_input( "Do you want to disable SSO authentication [y/n] (n)? ", False) else: if get_YN_input( "Do you want to configure SSO authentication [y/n] (y)? ", True): enable_sso = True else: return False else: enable_sso = options.sso_enabled == 'true' services = '' if enable_sso: populate_sso_provider_url(options, properties) populate_sso_public_cert(options, properties) populate_jwt_cookie_name(options, properties) populate_jwt_audiences(options, properties) services = get_services_requires_sso(options, properties, admin_login, admin_password) update_sso_conf(properties, enable_sso, services, admin_login, admin_password) enable_jwt_auth = WILDCARD_FOR_ALL_SERVICES == services or SERVICE_NAME_AMBARI in services properties.process_pair(JWT_AUTH_ENBABLED, "true" if enable_jwt_auth else "false") update_properties(properties) pass else: warning = "setup-sso is not enabled in silent mode." raise NonFatalException(warning) pass
def setup_sso(options): print_info_msg("Setup SSO.") server_status, pid = is_server_runing() if not server_status: err = 'Ambari Server is not running.' raise FatalException(1, err) if not get_silent(): validate_options(options) ambari_properties = get_ambari_properties() admin_login, admin_password = get_ambari_admin_username_password_pair( options) properties = get_sso_properties(ambari_properties, admin_login, admin_password) if not options.sso_enabled: ambari_auth_enabled = get_value_from_dictionary( properties, AMBARI_SSO_AUTH_ENABLED) manage_services = get_value_from_dictionary( properties, SSO_MANAGE_SERVICES) if ambari_auth_enabled or manage_services: if (ambari_auth_enabled and 'true' == ambari_auth_enabled) or \ (manage_services and 'true' == manage_services): sso_status = "enabled" else: sso_status = "disabled" else: sso_status = "not configured" sys.stdout.write("\nSSO is currently %s\n" % sso_status) if sso_status == "enabled": enable_sso = not get_YN_input( "Do you want to disable SSO authentication [y/n] (n)? ", False) elif get_YN_input( "Do you want to configure SSO authentication [y/n] (y)? ", True): enable_sso = True else: return False else: enable_sso = options.sso_enabled == 'true' if enable_sso: populate_sso_provider_url(options, properties) populate_sso_public_cert(options, properties) populate_ambari_requires_sso(options, properties) populate_service_management(options, properties, ambari_properties, admin_login, admin_password) populate_jwt_cookie_name(options, properties) populate_jwt_audiences(options, properties) update_sso_conf(ambari_properties, properties, admin_login, admin_password) else: remove_sso_conf(ambari_properties, admin_login, admin_password) else: warning = "setup-sso is not enabled in silent mode." raise NonFatalException(warning) pass
def setup_trusted_proxy(options): print_info_msg("Setup Trusted Proxy") server_status, pid = is_server_runing() if not server_status: err = 'Ambari Server is not running.' raise FatalException(1, err) if not get_silent(): validate_options(options) ambari_properties = get_ambari_properties() admin_login, admin_password = get_ambari_admin_username_password_pair( options) properties = get_trusted_proxy_properties(ambari_properties, admin_login, admin_password) if not options.tproxy_enabled: tproxy_support_enabled = get_value_from_dictionary( properties, TPROXY_SUPPORT_ENABLED) if tproxy_support_enabled: if 'true' == tproxy_support_enabled: tproxy_status = "enabled" else: tproxy_status = "disabled" else: tproxy_status = "not configured" print_info_msg("\nTrusted Proxy support is currently %s\n" % tproxy_status) if tproxy_status == "enabled": enable_tproxy = not get_YN_input( "Do you want to disable Trusted Proxy support [y/n] (n)? ", False) elif get_YN_input( "Do you want to configure Trusted Proxy Support [y/n] (y)? ", True): enable_tproxy = True else: return False else: enable_tproxy = options.tproxy_enabled == 'true' if enable_tproxy: properties[TPROXY_SUPPORT_ENABLED] = "true" if not options.tproxy_configuration_file_path: add_new_trusted_proxy = add_new_trusted_proxy_config( properties) while add_new_trusted_proxy: add_new_trusted_proxy = add_new_trusted_proxy_config( properties) else: parse_trusted_configuration_file( options.tproxy_configuration_file_path, properties) update_tproxy_conf(ambari_properties, properties, admin_login, admin_password) else: remove_tproxy_conf(ambari_properties, admin_login, admin_password) else: warning = "setup-trusted-proxy is not enabled in silent mode." raise NonFatalException(warning) pass