private void exportProducts(File baseDir, Consumer consumer) throws IOException {
File productDir = new File(baseDir.getCanonicalPath(), "products");
productDir.mkdir();
Map<String, Product> products = new HashMap<String, Product>();
for (Entitlement entitlement : consumer.getEntitlements()) {
for (ProvidedProduct providedProduct : entitlement.getPool().getProvidedProducts()) {
// Don't want to call the adapter if not needed, it can be expensive.
if (!products.containsKey(providedProduct.getProductId())) {
products.put(
providedProduct.getProductId(),
productAdapter.getProductById(providedProduct.getProductId()));
}
}
// Don't forget the 'main' product!
String productId = entitlement.getPool().getProductId();
if (!products.containsKey(productId)) {
products.put(productId, productAdapter.getProductById(productId));
}
}
for (Product product : products.values()) {
String path = productDir.getCanonicalPath();
String productId = product.getId();
File file = new File(path, productId + ".json");
FileWriter writer = new FileWriter(file);
productExporter.export(mapper, writer, product);
writer.close();
// Real products have a numeric id.
if (StringUtils.isNumeric(product.getId())) {
ProductCertificate cert = productAdapter.getProductCertificate(product);
// XXX: not all product adapters implement getProductCertificate,
// so just skip over this if we get null back
// XXX: need to decide if the cert should always be in the export, or never.
if (cert != null) {
file = new File(productDir.getCanonicalPath(), product.getId() + ".pem");
writer = new FileWriter(file);
productCertExporter.export(writer, cert);
writer.close();
}
}
}
}
/**
* Checks if the given pool provides any product with a content set which modifies the given
* product ID.
*
* @param ent Entitlement to check.
* @param modifiedProductId Product ID we're looking for a modifier to.
* @return true if entitlement modifies the given product
*/
public boolean modifies(Entitlement ent, String modifiedProductId) {
Set<String> prodIdsToCheck = new HashSet<String>();
prodIdsToCheck.add(ent.getPool().getProductId());
for (ProvidedProduct pp : ent.getPool().getProvidedProducts()) {
prodIdsToCheck.add(pp.getProductId());
}
for (String prodId : prodIdsToCheck) {
Product p = productAdapter.getProductById(prodId);
if (null == p) {
String msg = i18n.tr("No product found for product ID {0}", prodId);
log.error("No product found for product id " + prodId);
throw new CuratorException(msg);
} else {
if (p.modifies(modifiedProductId)) {
return true;
}
}
}
return false;
}
private Set<Product> getProvidedProducts(Pool pool, Subscription sub) {
Set<Product> providedProducts = new HashSet<Product>();
// TODO: eliminate the use of subscription here by looking up products in a batch
// somehow, and we can eliminate all use of subscriptions during bind.
if (sub != null) {
// need to use the sub provided products if creating an
// entitlement for derived pool who's sub specifies a
// sub product.
boolean derived = pool.hasAttribute("pool_derived");
providedProducts =
derived && sub.getDerivedProduct() != null
? sub.getDerivedProvidedProducts()
: sub.getProvidedProducts();
} else {
// If this pool doesn't have a subscription associated with it, we need to
// lookup all the Product objects manually:
for (ProvidedProduct providedProduct : pool.getProvidedProducts()) {
providedProducts.add(productAdapter.getProductById(providedProduct.getProductId()));
}
}
return providedProducts;
}
@SuppressWarnings("unchecked")
@Test
public void exportProducts() throws Exception {
config.setProperty(ConfigProperties.SYNC_WORK_DIR, "/tmp/");
Consumer consumer = mock(Consumer.class);
Entitlement ent = mock(Entitlement.class);
ProvidedProduct pp = mock(ProvidedProduct.class);
Pool pool = mock(Pool.class);
Rules mrules = mock(Rules.class);
Principal principal = mock(Principal.class);
IdentityCertificate idcert = new IdentityCertificate();
Set<ProvidedProduct> ppset = new HashSet<ProvidedProduct>();
ppset.add(pp);
Set<Entitlement> entitlements = new HashSet<Entitlement>();
entitlements.add(ent);
Product prod = new Product("12345", "RHEL Product");
prod.setMultiplier(1L);
prod.setCreated(new Date());
prod.setUpdated(new Date());
prod.setHref("http://localhost");
prod.setAttributes(Collections.EMPTY_SET);
Product prod1 = new Product("MKT-prod", "RHEL Product");
prod1.setMultiplier(1L);
prod1.setCreated(new Date());
prod1.setUpdated(new Date());
prod1.setHref("http://localhost");
prod1.setAttributes(Collections.EMPTY_SET);
ProductCertificate pcert = new ProductCertificate();
pcert.setKey("euh0876puhapodifbvj094");
pcert.setCert("hpj-08ha-w4gpoknpon*)&^%#");
pcert.setCreated(new Date());
pcert.setUpdated(new Date());
when(pp.getProductId()).thenReturn("12345");
when(pool.getProvidedProducts()).thenReturn(ppset);
when(pool.getProductId()).thenReturn("MKT-prod");
when(ent.getPool()).thenReturn(pool);
when(mrules.getRules()).thenReturn("foobar");
when(pki.getSHA256WithRSAHash(any(InputStream.class))).thenReturn("signature".getBytes());
when(rc.getRules()).thenReturn(mrules);
when(consumer.getEntitlements()).thenReturn(entitlements);
when(psa.getProductById("12345")).thenReturn(prod);
when(psa.getProductById("MKT-prod")).thenReturn(prod1);
when(psa.getProductCertificate(any(Product.class))).thenReturn(pcert);
when(pprov.get()).thenReturn(principal);
when(principal.getUsername()).thenReturn("testUser");
idcert.setSerial(new CertificateSerial(10L, new Date()));
idcert.setKey("euh0876puhapodifbvj094");
idcert.setCert("hpj-08ha-w4gpoknpon*)&^%#");
idcert.setCreated(new Date());
idcert.setUpdated(new Date());
when(consumer.getIdCert()).thenReturn(idcert);
KeyPair keyPair = createKeyPair();
when(consumer.getKeyPair()).thenReturn(keyPair);
when(pki.getPemEncoded(keyPair.getPrivateKey())).thenReturn("privateKey".getBytes());
when(pki.getPemEncoded(keyPair.getPublicKey())).thenReturn("publicKey".getBytes());
// FINALLY test this badboy
Exporter e =
new Exporter(
ctc, me, ce, cte, re, ece, ecsa, pe, psa, pce, ec, ee, pki, config, exportRules, pprov);
File export = e.getFullExport(consumer);
// VERIFY
assertNotNull(export);
verifyContent(export, "export/products/12345.pem", new VerifyProductCert("12345.pem"));
assertFalse(verifyHasEntry(export, "export/products/MKT-prod.pem"));
FileUtils.deleteDirectory(export.getParentFile());
assertTrue(new File("/tmp/consumer_export.zip").delete());
assertTrue(new File("/tmp/12345.pem").delete());
}
public Set<X509ExtensionWrapper> prepareV1Extensions(
Set<Product> products,
Entitlement ent,
String contentPrefix,
Map<String, EnvironmentContent> promotedContent) {
Set<X509ExtensionWrapper> result = new LinkedHashSet<X509ExtensionWrapper>();
Set<String> entitledProductIds =
entCurator.listEntitledProductIds(
ent.getConsumer(), ent.getPool().getStartDate(), ent.getPool().getEndDate());
int contentCounter = 0;
boolean enableEnvironmentFiltering = config.getBoolean(ConfigProperties.ENV_CONTENT_FILTERING);
Product skuProd = productAdapter.getProductById(ent.getPool().getProductId());
for (Product prod : Collections2.filter(products, X509Util.PROD_FILTER_PREDICATE)) {
result.addAll(extensionUtil.productExtensions(prod));
Set<ProductContent> filteredContent =
extensionUtil.filterProductContent(
prod,
ent,
entCurator,
promotedContent,
enableEnvironmentFiltering,
entitledProductIds);
filteredContent =
extensionUtil.filterContentByContentArch(filteredContent, ent.getConsumer(), prod);
// Keep track of the number of content sets that are being added.
contentCounter += filteredContent.size();
result.addAll(
extensionUtil.contentExtensions(
filteredContent, contentPrefix, promotedContent, ent.getConsumer(), skuProd));
}
// For V1 certificates we're going to error out if we exceed a limit which is
// likely going to generate a certificate too large for the CDN, and return an
// informative error message to the user.
if (contentCounter > X509ExtensionUtil.V1_CONTENT_LIMIT) {
String cause =
i18n.tr(
"Too many content sets for certificate {0}. A newer "
+ "client may be available to address this problem. "
+ "See kbase https://access.redhat.com/knowledge/node/129003 for more "
+ "information.",
ent.getPool().getProductName());
throw new CertificateSizeException(cause);
}
result.addAll(extensionUtil.subscriptionExtensions(ent));
result.addAll(extensionUtil.entitlementExtensions(ent));
result.addAll(extensionUtil.consumerExtensions(ent.getConsumer()));
if (log.isDebugEnabled()) {
for (X509ExtensionWrapper eWrapper : result) {
log.debug(
String.format("Extension %s with value %s", eWrapper.getOid(), eWrapper.getValue()));
}
}
return result;
}
