Beispiel #1
0
  private void exportProducts(File baseDir, Consumer consumer) throws IOException {
    File productDir = new File(baseDir.getCanonicalPath(), "products");
    productDir.mkdir();

    Map<String, Product> products = new HashMap<String, Product>();
    for (Entitlement entitlement : consumer.getEntitlements()) {

      for (ProvidedProduct providedProduct : entitlement.getPool().getProvidedProducts()) {
        // Don't want to call the adapter if not needed, it can be expensive.
        if (!products.containsKey(providedProduct.getProductId())) {
          products.put(
              providedProduct.getProductId(),
              productAdapter.getProductById(providedProduct.getProductId()));
        }
      }

      // Don't forget the 'main' product!
      String productId = entitlement.getPool().getProductId();
      if (!products.containsKey(productId)) {
        products.put(productId, productAdapter.getProductById(productId));
      }
    }

    for (Product product : products.values()) {
      String path = productDir.getCanonicalPath();
      String productId = product.getId();
      File file = new File(path, productId + ".json");
      FileWriter writer = new FileWriter(file);
      productExporter.export(mapper, writer, product);
      writer.close();

      // Real products have a numeric id.
      if (StringUtils.isNumeric(product.getId())) {
        ProductCertificate cert = productAdapter.getProductCertificate(product);
        // XXX: not all product adapters implement getProductCertificate,
        // so just skip over this if we get null back
        // XXX: need to decide if the cert should always be in the export, or never.
        if (cert != null) {
          file = new File(productDir.getCanonicalPath(), product.getId() + ".pem");
          writer = new FileWriter(file);
          productCertExporter.export(writer, cert);
          writer.close();
        }
      }
    }
  }
  /**
   * Checks if the given pool provides any product with a content set which modifies the given
   * product ID.
   *
   * @param ent Entitlement to check.
   * @param modifiedProductId Product ID we're looking for a modifier to.
   * @return true if entitlement modifies the given product
   */
  public boolean modifies(Entitlement ent, String modifiedProductId) {
    Set<String> prodIdsToCheck = new HashSet<String>();
    prodIdsToCheck.add(ent.getPool().getProductId());
    for (ProvidedProduct pp : ent.getPool().getProvidedProducts()) {
      prodIdsToCheck.add(pp.getProductId());
    }

    for (String prodId : prodIdsToCheck) {
      Product p = productAdapter.getProductById(prodId);
      if (null == p) {
        String msg = i18n.tr("No product found for product ID {0}", prodId);
        log.error("No product found for product id " + prodId);
        throw new CuratorException(msg);
      } else {
        if (p.modifies(modifiedProductId)) {
          return true;
        }
      }
    }
    return false;
  }
 private Set<Product> getProvidedProducts(Pool pool, Subscription sub) {
   Set<Product> providedProducts = new HashSet<Product>();
   // TODO: eliminate the use of subscription here by looking up products in a batch
   // somehow, and we can eliminate all use of subscriptions during bind.
   if (sub != null) {
     // need to use the sub provided products if creating an
     // entitlement for derived pool who's sub specifies a
     // sub product.
     boolean derived = pool.hasAttribute("pool_derived");
     providedProducts =
         derived && sub.getDerivedProduct() != null
             ? sub.getDerivedProvidedProducts()
             : sub.getProvidedProducts();
   } else {
     // If this pool doesn't have a subscription associated with it, we need to
     // lookup all the Product objects manually:
     for (ProvidedProduct providedProduct : pool.getProvidedProducts()) {
       providedProducts.add(productAdapter.getProductById(providedProduct.getProductId()));
     }
   }
   return providedProducts;
 }
Beispiel #4
0
  @SuppressWarnings("unchecked")
  @Test
  public void exportProducts() throws Exception {
    config.setProperty(ConfigProperties.SYNC_WORK_DIR, "/tmp/");
    Consumer consumer = mock(Consumer.class);
    Entitlement ent = mock(Entitlement.class);
    ProvidedProduct pp = mock(ProvidedProduct.class);
    Pool pool = mock(Pool.class);
    Rules mrules = mock(Rules.class);
    Principal principal = mock(Principal.class);
    IdentityCertificate idcert = new IdentityCertificate();

    Set<ProvidedProduct> ppset = new HashSet<ProvidedProduct>();
    ppset.add(pp);

    Set<Entitlement> entitlements = new HashSet<Entitlement>();
    entitlements.add(ent);

    Product prod = new Product("12345", "RHEL Product");
    prod.setMultiplier(1L);
    prod.setCreated(new Date());
    prod.setUpdated(new Date());
    prod.setHref("http://localhost");
    prod.setAttributes(Collections.EMPTY_SET);

    Product prod1 = new Product("MKT-prod", "RHEL Product");
    prod1.setMultiplier(1L);
    prod1.setCreated(new Date());
    prod1.setUpdated(new Date());
    prod1.setHref("http://localhost");
    prod1.setAttributes(Collections.EMPTY_SET);

    ProductCertificate pcert = new ProductCertificate();
    pcert.setKey("euh0876puhapodifbvj094");
    pcert.setCert("hpj-08ha-w4gpoknpon*)&^%#");
    pcert.setCreated(new Date());
    pcert.setUpdated(new Date());

    when(pp.getProductId()).thenReturn("12345");
    when(pool.getProvidedProducts()).thenReturn(ppset);
    when(pool.getProductId()).thenReturn("MKT-prod");
    when(ent.getPool()).thenReturn(pool);
    when(mrules.getRules()).thenReturn("foobar");
    when(pki.getSHA256WithRSAHash(any(InputStream.class))).thenReturn("signature".getBytes());
    when(rc.getRules()).thenReturn(mrules);
    when(consumer.getEntitlements()).thenReturn(entitlements);
    when(psa.getProductById("12345")).thenReturn(prod);
    when(psa.getProductById("MKT-prod")).thenReturn(prod1);
    when(psa.getProductCertificate(any(Product.class))).thenReturn(pcert);
    when(pprov.get()).thenReturn(principal);
    when(principal.getUsername()).thenReturn("testUser");
    idcert.setSerial(new CertificateSerial(10L, new Date()));
    idcert.setKey("euh0876puhapodifbvj094");
    idcert.setCert("hpj-08ha-w4gpoknpon*)&^%#");
    idcert.setCreated(new Date());
    idcert.setUpdated(new Date());
    when(consumer.getIdCert()).thenReturn(idcert);

    KeyPair keyPair = createKeyPair();
    when(consumer.getKeyPair()).thenReturn(keyPair);
    when(pki.getPemEncoded(keyPair.getPrivateKey())).thenReturn("privateKey".getBytes());
    when(pki.getPemEncoded(keyPair.getPublicKey())).thenReturn("publicKey".getBytes());

    // FINALLY test this badboy
    Exporter e =
        new Exporter(
            ctc, me, ce, cte, re, ece, ecsa, pe, psa, pce, ec, ee, pki, config, exportRules, pprov);

    File export = e.getFullExport(consumer);

    // VERIFY
    assertNotNull(export);
    verifyContent(export, "export/products/12345.pem", new VerifyProductCert("12345.pem"));
    assertFalse(verifyHasEntry(export, "export/products/MKT-prod.pem"));
    FileUtils.deleteDirectory(export.getParentFile());
    assertTrue(new File("/tmp/consumer_export.zip").delete());
    assertTrue(new File("/tmp/12345.pem").delete());
  }
  public Set<X509ExtensionWrapper> prepareV1Extensions(
      Set<Product> products,
      Entitlement ent,
      String contentPrefix,
      Map<String, EnvironmentContent> promotedContent) {
    Set<X509ExtensionWrapper> result = new LinkedHashSet<X509ExtensionWrapper>();

    Set<String> entitledProductIds =
        entCurator.listEntitledProductIds(
            ent.getConsumer(), ent.getPool().getStartDate(), ent.getPool().getEndDate());

    int contentCounter = 0;
    boolean enableEnvironmentFiltering = config.getBoolean(ConfigProperties.ENV_CONTENT_FILTERING);

    Product skuProd = productAdapter.getProductById(ent.getPool().getProductId());

    for (Product prod : Collections2.filter(products, X509Util.PROD_FILTER_PREDICATE)) {
      result.addAll(extensionUtil.productExtensions(prod));
      Set<ProductContent> filteredContent =
          extensionUtil.filterProductContent(
              prod,
              ent,
              entCurator,
              promotedContent,
              enableEnvironmentFiltering,
              entitledProductIds);

      filteredContent =
          extensionUtil.filterContentByContentArch(filteredContent, ent.getConsumer(), prod);

      // Keep track of the number of content sets that are being added.
      contentCounter += filteredContent.size();

      result.addAll(
          extensionUtil.contentExtensions(
              filteredContent, contentPrefix, promotedContent, ent.getConsumer(), skuProd));
    }

    // For V1 certificates we're going to error out if we exceed a limit which is
    // likely going to generate a certificate too large for the CDN, and return an
    // informative error message to the user.
    if (contentCounter > X509ExtensionUtil.V1_CONTENT_LIMIT) {
      String cause =
          i18n.tr(
              "Too many content sets for certificate {0}. A newer "
                  + "client may be available to address this problem. "
                  + "See kbase https://access.redhat.com/knowledge/node/129003 for more "
                  + "information.",
              ent.getPool().getProductName());
      throw new CertificateSizeException(cause);
    }

    result.addAll(extensionUtil.subscriptionExtensions(ent));

    result.addAll(extensionUtil.entitlementExtensions(ent));
    result.addAll(extensionUtil.consumerExtensions(ent.getConsumer()));

    if (log.isDebugEnabled()) {
      for (X509ExtensionWrapper eWrapper : result) {
        log.debug(
            String.format("Extension %s with value %s", eWrapper.getOid(), eWrapper.getValue()));
      }
    }
    return result;
  }