def ldap_outbound_listener():
"""Initialize LDAP delta outbound sync with Active Directory."""
LOGGER.info("Starting LDAP outbound sync listener...")
while True:
try:
queue_entry = peek_at_queue("outbound_queue", LDAP_DC)
while queue_entry is None:
queue_entry = peek_at_queue("outbound_queue", LDAP_DC)
time.sleep(LISTENER_POLLING_DELAY)
LOGGER.info(
"Received queue entry %s from outbound queue...", queue_entry["id"]
)
data_type = queue_entry["data_type"]
LOGGER.debug("Putting %s into ad...", data_type)
try:
LOGGER.debug(
"Processing LDAP outbound_queue entry: %s", str(queue_entry)
)
ldap_connection = ldap_connector.await_connection(
LDAP_SERVER, LDAP_USER, LDAP_PASS
)
successful_ldap_write = process_outbound_entry(
queue_entry, ldap_connection
)
ldap_connection.unbind()
if successful_ldap_write:
update_outbound_entry_status(queue_entry["id"])
LOGGER.debug("Putting queue entry into changelog...")
put_entry_changelog(queue_entry, "outbound")
else:
LOGGER.error(
"No changes were made in AD - deleting entry from outbound queue..."
)
delete_entry_queue(queue_entry["id"], "outbound_queue")
except ValidationException as err:
LOGGER.warning(
"Outbound payload failed validation, deleting entry from outbound queue..."
)
LOGGER.warning(err)
delete_entry_queue(queue_entry["id"], "outbound_queue")
except LDAPSessionTerminatedByServerError:
LOGGER.warning(
"Ldap connection was terminated by the server. Attempting to reconnect..."
)
ldap_connection = ldap_connector.await_connection(
LDAP_SERVER, LDAP_USER, LDAP_PASS
)
def ldap_outbound_listener():
"""Initialize LDAP delta outbound sync with Active Directory."""
LOGGER.info("Starting outbound sync listener...")
LOGGER.info("Connecting to RethinkDb...")
connect_to_db()
LOGGER.info("..connected to RethinkDb")
ldap_connection = ldap_connector.await_connection(LDAP_SERVER, LDAP_USER, LDAP_PASS)
while True:
try:
queue_entry = peek_at_queue("outbound_queue", LDAP_DC)
while queue_entry is None:
queue_entry = peek_at_queue("outbound_queue", LDAP_DC)
time.sleep(LISTENER_POLLING_DELAY)
LOGGER.info(
"Received queue entry %s from outbound queue...", queue_entry["id"]
)
LOGGER.debug("Putting queue entry into changelog...")
put_entry_changelog(queue_entry, "outbound")
data_type = queue_entry["data_type"]
LOGGER.debug("Putting %s into ad...", data_type)
try:
if is_entry_in_ad(queue_entry, ldap_connection):
update_entry_ldap(queue_entry, ldap_connection)
else:
create_entry_ldap(queue_entry, ldap_connection)
except ValidationException as err:
LOGGER.warning("Outbound payload failed validation")
LOGGER.warning(err)
LOGGER.debug("Deleting queue entry from outbound queue...")
delete_entry_queue(queue_entry["id"], "outbound_queue")
except LDAPSessionTerminatedByServerError:
LOGGER.warning(
"Ldap connection was terminated by the server. Attempting to reconnect..."
)
ldap_connection = ldap_connector.await_connection(
LDAP_SERVER, LDAP_USER, LDAP_PASS
)
def outbound_sync_listener():
"""Initialize a delta outbound sync with Azure Active Directory."""
LOGGER.info("Starting outbound sync listener...")
while True:
try:
queue_entry = peek_at_queue("outbound_queue", TENANT_ID)
LOGGER.info("Received queue entry %s from outbound queue...",
queue_entry["id"])
data_type = queue_entry["data_type"]
LOGGER.info("Putting %s into aad...", data_type)
if is_entry_in_aad(queue_entry):
update_entry_aad(queue_entry)
else:
create_entry_aad(queue_entry)
LOGGER.info("Putting queue entry into changelog...")
put_entry_changelog(queue_entry, "outbound")
LOGGER.info("Deleting queue entry from outbound queue...")
entry_id = queue_entry["id"]
delete_entry_queue(entry_id, "outbound_queue")
except ExpectedError as err:
LOGGER.debug((
"%s Repolling after %s seconds...",
err.__str__,
LISTENER_POLLING_DELAY,
))
time.sleep(LISTENER_POLLING_DELAY)
except Exception as err:
LOGGER.exception(err)
raise err
def test_role_outq_insertion():
""" Test the insertion of a new fake role resource which is unique
into the outbound_queue table.
"""
user1_payload = {
"name": "Test Unique User",
"username": "******",
"password": "******",
"email": "*****@*****.**",
}
with requests.Session() as session:
expected_result = True
user_response1 = create_test_user(session, user1_payload)
user1_result = assert_api_success(user_response1)
user1_id = user1_result["data"]["user"]["id"]
role_payload = {
"name": "TestUniqueRole0501201903",
"owners": user1_id,
"administrators": user1_id,
"description": "Test Unique Role 1",
}
role_response = create_test_role(session, role_payload)
role_result = assert_api_success(role_response)
role_name = role_result["data"]["name"]
inserted_queue_item = peek_at_queue("outbound_queue", LDAP_DC)
LOGGER.info("Received queue entry %s from outbound queue...",
inserted_queue_item["id"])
successful_insert = bool(inserted_queue_item)
assert expected_result == successful_insert
delete_role_by_name("TestUniqueRole0501201903")
delete_user_by_username("testuniqueuser0501201901")
def inbound_sync_listener():
"""Initialize a delta inbound sync between the inbound queue and sawtooth."""
LOGGER.info("Starting inbound sync listener...")
LOGGER.info("Connecting to RethinkDB...")
connect_to_db()
LOGGER.info("Successfully connected to RethinkDB!")
while True:
try:
queue_entry = peek_at_queue(INBOUND_QUEUE)
LOGGER.info("Received queue entry %s from outbound queue...",
queue_entry["id"])
data_type = queue_entry["data_type"]
LOGGER.info("Putting %s into Sawtooth...", data_type)
# TODO: Validate queue_entry.
# TODO: Transform or reject invalid entries.
# TODO: Get queue_entry object from NEXT state table.
# TODO: Update object or create if it doesn't exist.
LOGGER.debug(queue_entry)
LOGGER.info("Putting queue entry into changelog...")
put_entry_changelog(queue_entry, DIRECTION)
LOGGER.info("Deleting queue entry from outbound queue...")
entry_id = queue_entry["id"]
delete_entry_queue(entry_id, INBOUND_QUEUE)
except ExpectedError as err:
time.sleep(DELAY)
except Exception as err:
LOGGER.exception(err)
raise err
def ldap_outbound_listener():
"""Initialize LDAP delta outbound sync with Active Directory."""
LOGGER.info("Starting outbound sync listener...")
LOGGER.info("Connecting to RethinkDB...")
connect_to_db()
LOGGER.info("Successfully connected to RethinkDB!")
LOGGER.info("Connecting to LDAP...")
ldap_conn = connect_to_ldap()
LOGGER.info("Successfully connected to LDAP!")
while True:
try:
queue_entry = peek_at_queue("outbound_queue", LDAP_DC)
LOGGER.info("Received queue entry %s from outbound queue...",
queue_entry["id"])
data_type = queue_entry["data_type"]
LOGGER.info("Putting %s into ad...", data_type)
if is_entry_in_ad(queue_entry, ldap_conn):
update_entry_ldap(queue_entry, ldap_conn)
else:
create_entry_ldap(queue_entry, ldap_conn)
LOGGER.info("Putting queue entry into changelog...")
put_entry_changelog(queue_entry, "outbound")
LOGGER.info("Deleting queue entry from outbound queue...")
entry_id = queue_entry["id"]
delete_entry_queue(entry_id, "outbound_queue")
except ValidationException as err:
LOGGER.info(err)
LOGGER.info("No oubound payload possible. Deleting entry %s",
queue_entry)
delete_entry_queue(queue_entry["id"], "outbound_queue")
except ExpectedError as err:
LOGGER.debug((
"%s Repolling after %s seconds...",
err.__str__,
"LISTENER_POLLING_DELAY",
))
time.sleep(LISTENER_POLLING_DELAY)
except Exception as err:
LOGGER.exception(err)
raise err
def test_get_unconfirmed_entries(outbound_entry, expected_entry):
""" Checks peek_at_queue function to ensure that it only reads
outbound_queue entries with the status of "UNCONFIRMED" and
not "CONFIRMED".
Args:
outbound_entry: (dict): Outbound entry to be inserted into outbound_queue.
Dict should consist of the following keys: data, data_type, timestamp,
provider_id, status, and action.
The mandatory keys in the dict are:
{
"data": (dict containing current state of role/user)
"data_type": (str)
"timestamp": (datetime)
"provider_id": (str)
"status": (str)
"action": (str)
}
expected_entry: (dict or None) Result of calling peek_at_queue(). Value could
either be an entry from outbound_queue entry or None if no entry matches
the provider_field "test_provider" and has the status of "UNCONFIRMED"
"""
conn = connect_to_db()
insert_result = r.table("outbound_queue").insert(outbound_entry).run(conn)
# Collect id of entry for test cleanup
queue_entry_id = insert_result["generated_keys"][0]
queue_entry = peek_at_queue("outbound_queue", "test_provider")
if queue_entry:
queue_entry.pop("id")
assert queue_entry == expected_entry
if queue_entry_id:
r.table("outbound_queue").get(queue_entry_id).delete().run(conn)
conn.close()