Example 16 with AuthnCreateParam
use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.
the class ApiTest method addBadADConfig.
// right now, this only test one particular bad parameter (search filter).
// We can enhance this to test out all the precheckConditions present in the AuthnConfigurationService
private void addBadADConfig() throws NoSuchAlgorithmException {
// Test that a config without a proper filter (key=%u) results in 400
AuthnCreateParam param = new AuthnCreateParam();
param.setLabel("ad apitest config bad");
param.setDescription("ad configuration created by ApiTest.java");
param.setDisable(false);
param.getDomains().add("sanity2.local");
param.setGroupAttribute("CN");
param.setGroupWhitelistValues(new HashSet<String>());
param.getGroupWhitelistValues().add("*Admins*");
param.getGroupWhitelistValues().add("*Test*");
param.getGroupWhitelistValues().add("*Users*");
param.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
param.setManagerPassword(AD_PASS_WORD);
param.setSearchBase("CN=Users,DC=sanity,DC=local");
// %u is there but not on the right side of the "=". Adding this config should fail
param.setSearchFilter("%u=userPrincipalName");
param.setServerUrls(new HashSet<String>());
param.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
param.setMode("ad");
ClientResponse resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, param);
Assert.assertEquals(400, resp.getStatus());
// Test that adding two profiles with the same domain name results in 400
String label = "ad apitest config duplicate 1";
AuthnCreateParam duplicateConfig1 = new AuthnCreateParam();
duplicateConfig1.setLabel(label);
duplicateConfig1.setDescription("ad configuration created by ApiTest.java");
duplicateConfig1.setDisable(false);
duplicateConfig1.getDomains().add("mydomain.com");
duplicateConfig1.setGroupAttribute("CN");
duplicateConfig1.setGroupWhitelistValues(new HashSet<String>());
duplicateConfig1.getGroupWhitelistValues().add("*Admins*");
duplicateConfig1.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
duplicateConfig1.setManagerPassword(AD_PASS_WORD);
duplicateConfig1.setSearchBase("CN=Users,DC=sanity,DC=local");
duplicateConfig1.setSearchFilter("userPrincipalName=%u");
duplicateConfig1.setServerUrls(new HashSet<String>());
duplicateConfig1.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
duplicateConfig1.setMode("ad");
AuthnProviderRestRep authnResp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, duplicateConfig1);
Assert.assertNotNull(authnResp);
URI firstCreatedConfig = authnResp.getId();
AuthnCreateParam duplicateConfig2 = new AuthnCreateParam();
duplicateConfig2.setLabel("ad apitest config duplicate 2");
duplicateConfig2.setDescription("ad configuration created by ApiTest.java");
duplicateConfig2.setDisable(false);
duplicateConfig2.getDomains().add("mydomain.com");
duplicateConfig2.setGroupAttribute("CN");
duplicateConfig2.setGroupWhitelistValues(new HashSet<String>());
duplicateConfig2.getGroupWhitelistValues().add("*Admins*");
duplicateConfig2.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
duplicateConfig2.setManagerPassword(AD_PASS_WORD);
duplicateConfig2.setSearchBase("CN=Users,DC=sanity,DC=local");
duplicateConfig2.setSearchFilter("userPrincipalName=%u");
duplicateConfig2.setServerUrls(new HashSet<String>());
duplicateConfig2.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
duplicateConfig2.setMode("ad");
resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, duplicateConfig2);
Assert.assertEquals(400, resp.getStatus());
// Test for duplicate name check (post)
duplicateConfig2.setLabel(label);
duplicateConfig2.getDomains().add("mydomain2.com");
resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, duplicateConfig2);
Assert.assertEquals(400, resp.getStatus());
// Test that you cannot update an existing with a domain name that exists somewhere else
AuthnUpdateParam updateParam = new AuthnUpdateParam();
updateParam.getDomainChanges().getAdd().add("sanity.local");
String myDomainComauthnProvidersUrlFormat = String.format("/vdc/admin/authnproviders/%s", firstCreatedConfig.toString());
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParam);
Assert.assertEquals(400, resp.getStatus());
// test that updating the config with the same name as itself is fine (no op)
AuthnUpdateParam updateParamSameName = new AuthnUpdateParam();
updateParamSameName.getDomainChanges().getAdd().add("mydomain.com");
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParamSameName);
Assert.assertEquals(200, resp.getStatus());
// test that trying to update a config with a name too short causes 400
AuthnUpdateParam updateParamNameTooShort = new AuthnUpdateParam();
updateParamNameTooShort.setLabel("a");
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParamNameTooShort);
Assert.assertEquals(400, resp.getStatus());
// test that trying to update a config with a name too long causes 400
AuthnUpdateParam updateParamNameTooLong = new AuthnUpdateParam();
updateParamNameTooLong.setLabel("authn" + STR144);
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParamNameTooLong);
Assert.assertEquals(400, resp.getStatus());
// test that trying to update a config with the same name doesn't cause an error
AuthnUpdateParam updateParam2 = new AuthnUpdateParam();
updateParam2.setLabel(label);
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParam2);
Assert.assertEquals(200, resp.getStatus());
// test that the String payload will be trimmed
updateParam2 = new AuthnUpdateParam();
updateParam2.setLabel(" " + label + " ");
authnResp = rSys.path(myDomainComauthnProvidersUrlFormat).put(AuthnProviderRestRep.class, updateParam2);
Assert.assertTrue(authnResp.getName().equals(label));
// Mark the mydomain.com provider as disabled. Try to add a conflicting domain provider.
// Should still fail. Because even though disabled the provider can eventually be renabled.
AuthnUpdateParam updateParam3 = new AuthnUpdateParam();
updateParam3.setDisable(true);
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParam3);
Assert.assertEquals(200, resp.getStatus());
resp = rSys.path(myDomainComauthnProvidersUrlFormat).put(ClientResponse.class, updateParam);
Assert.assertEquals(400, resp.getStatus());
// Now delete that mydomain.com provider and re-add it, see that
// it is now allowed because the conflicting provider has been deleted
resp = rSys.path(myDomainComauthnProvidersUrlFormat).delete(ClientResponse.class);
Assert.assertEquals(200, resp.getStatus());
authnResp = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, duplicateConfig1);
Assert.assertNotNull(authnResp);
// Test that updating a config with a MaxPageSize=0 fails
AuthnUpdateParam pageSizeUpdateParam = new AuthnUpdateParam();
pageSizeUpdateParam.setMaxPageSize(0);
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp.getId().toString())).put(ClientResponse.class, pageSizeUpdateParam);
Assert.assertEquals(400, resp.getStatus());
// Set the page size and verify that it is successful.
pageSizeUpdateParam.setMaxPageSize(500);
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp.getId().toString())).put(ClientResponse.class, pageSizeUpdateParam);
Assert.assertEquals(200, resp.getStatus());
// Get the provider and verify that it has the new page size
authnResp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp.getId().toString())).get(AuthnProviderRestRep.class);
Assert.assertEquals(pageSizeUpdateParam.getMaxPageSize().intValue(), authnResp.getMaxPageSize().intValue());
// Test that a bad search scope gets rejected.
// Missing scope is tested by all the other tests above which do not
// supply scope.
AuthnCreateParam badScopeParam = new AuthnCreateParam();
badScopeParam.setLabel("ad apitest config with bad scope");
badScopeParam.setDescription("ad configuration created by ApiTest.java");
badScopeParam.setDisable(false);
badScopeParam.getDomains().add("mydomain4.com");
badScopeParam.setGroupAttribute("CN");
badScopeParam.setGroupWhitelistValues(new HashSet<String>());
badScopeParam.getGroupWhitelistValues().add("*Admins*");
badScopeParam.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
badScopeParam.setManagerPassword(AD_PASS_WORD);
badScopeParam.setSearchBase("CN=Users,DC=sanity,DC=local");
badScopeParam.setSearchFilter("userPrincipalName=%u");
badScopeParam.setServerUrls(new HashSet<String>());
badScopeParam.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
// BAD SCOPE
badScopeParam.setSearchScope("bad scope");
badScopeParam.setMode("ad");
resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, badScopeParam);
Assert.assertEquals(400, resp.getStatus());
// Test that a good search scope works
AuthnCreateParam goodScopeParam = new AuthnCreateParam();
String goodScopeName = "ad apitest config with good scope";
goodScopeParam.setLabel(goodScopeName);
goodScopeParam.setDescription("ad configuration created by ApiTest.java");
goodScopeParam.setDisable(false);
goodScopeParam.getDomains().add("mydomain5.com");
goodScopeParam.setGroupAttribute("CN");
goodScopeParam.setGroupWhitelistValues(new HashSet<String>());
goodScopeParam.getGroupWhitelistValues().add("*Admins*");
goodScopeParam.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
goodScopeParam.setManagerPassword(AD_PASS_WORD);
goodScopeParam.setSearchBase("CN=Users,DC=sanity,DC=local");
goodScopeParam.setSearchFilter("userPrincipalName=%u");
goodScopeParam.setServerUrls(new HashSet<String>());
goodScopeParam.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
goodScopeParam.setSearchScope(AuthnProvider.SearchScope.SUBTREE.toString());
goodScopeParam.setMode("ad");
resp = rSys.path("/vdc/admin/authnproviders").post(ClientResponse.class, goodScopeParam);
Assert.assertEquals(200, resp.getStatus());
// create a config, then try to modify its name to one that exists.
AuthnCreateParam randomConfig = new AuthnCreateParam();
randomConfig.setLabel("random");
randomConfig.setDescription("random provider");
randomConfig.setDisable(false);
randomConfig.getDomains().add("mydomain6.com");
randomConfig.setGroupAttribute("CN");
randomConfig.setGroupWhitelistValues(new HashSet<String>());
randomConfig.getGroupWhitelistValues().add("*Admins*");
randomConfig.setManagerDn("CN=Administrator,CN=Users,DC=sanity,DC=local");
randomConfig.setManagerPassword(AD_PASS_WORD);
randomConfig.setSearchBase("CN=Users,DC=sanity,DC=local");
randomConfig.setSearchFilter("userPrincipalName=%u");
randomConfig.setServerUrls(new HashSet<String>());
randomConfig.getServerUrls().add("ldap:\\" + AD_SERVER1_IP);
randomConfig.setSearchScope(AuthnProvider.SearchScope.SUBTREE.toString());
randomConfig.setMode("ad");
AuthnProviderRestRep authnResp2 = rSys.path("/vdc/admin/authnproviders").post(AuthnProviderRestRep.class, randomConfig);
Assert.assertNotNull(authnResp2);
AuthnUpdateParam updateParam4 = new AuthnUpdateParam();
updateParam4.setLabel(goodScopeName);
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", authnResp2.getId().toString())).put(ClientResponse.class, updateParam4);
Assert.assertEquals(400, resp.getStatus());
// attempt to delete the only url in the config. should fail with 400
AuthnUpdateParam lastUrl = new AuthnUpdateParam();
lastUrl.getServerUrlChanges().setRemove(new HashSet<String>());
lastUrl.getServerUrlChanges().getRemove().add("ldap:\\" + AD_SERVER1_IP);
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).put(ClientResponse.class, lastUrl);
Assert.assertEquals(400, resp.getStatus());
// modify the main config with a bad group CN. Verify you get 400
AuthnUpdateParam badCN = new AuthnUpdateParam();
badCN.setGroupAttribute("garbage");
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).queryParam("allow_group_attr_change", "true").put(ClientResponse.class, badCN);
String errorMessage = String.format("The authentication provider could not be added or modified because of the following error: The group attribute %s could not be found in AD schema at server [%s].", badCN.getGroupAttribute(), "ldap:\\" + AD_SERVER1_IP);
assertExpectedError(resp, 400, ServiceCode.API_PARAMETER_INVALID, errorMessage);
_savedTokens.remove(ROOTTENANTADMIN);
// put the config back.
AuthnUpdateParam goodCN = new AuthnUpdateParam();
goodCN.setGroupAttribute("CN");
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).queryParam("allow_group_attr_change", "true").put(ClientResponse.class, goodCN);
Assert.assertEquals(200, resp.getStatus());
// modify the group attribute. Should fail.
AuthnUpdateParam changeCN = new AuthnUpdateParam();
changeCN.setGroupAttribute("objectSid");
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).put(ClientResponse.class, changeCN);
Assert.assertEquals(400, resp.getStatus());
// modify the group attribute with force flag. Should succeed.
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).queryParam("allow_group_attr_change", "true").put(ClientResponse.class, changeCN);
Assert.assertEquals(200, resp.getStatus());
// put the original group attribute back for the rest of the tests.
changeCN.setGroupAttribute("CN");
resp = rSys.path(String.format("/vdc/admin/authnproviders/%s", _goodADConfig)).queryParam("allow_group_attr_change", "true").put(ClientResponse.class, changeCN);
Assert.assertEquals(200, resp.getStatus());
}
Also used :
ClientResponse(com.sun.jersey.api.client.ClientResponse)
AuthnUpdateParam(com.emc.storageos.model.auth.AuthnUpdateParam)
AuthnCreateParam(com.emc.storageos.model.auth.AuthnCreateParam)
URI(java.net.URI)
AuthnProviderRestRep(com.emc.storageos.model.auth.AuthnProviderRestRep)
Example 17 with AuthnCreateParam
use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.
the class ApiTestAuthnProviders method testAuthnProviderCreateDuplicateLDAPGroupProperties.
@Test
public void testAuthnProviderCreateDuplicateLDAPGroupProperties() {
final String testName = "testAuthnProviderCreateDuplicateLDAPGroupProperties - ";
AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + TRACE_SUCCESSFUL + "(Duplicate group objectClasses and memberAttributes)");
// Add the same group objectClasses and memberAttributes to the createParam as duplicates.
createParam.getGroupObjectClasses().addAll(getDefaultGroupObjectClasses());
createParam.getGroupMemberAttributes().addAll(getDefaultGroupMemberAttributes());
AuthnProviderRestRep createResp = rSys.path(getTestApi()).post(AuthnProviderRestRep.class, createParam);
validateAuthProviderCreateSuccess(createParam, createResp);
// Validate the counts separately to make sure that the counts are removed.
final int expected = 4;
Assert.assertEquals(expected, createResp.getGroupObjectClasses().size());
Assert.assertEquals(expected, createResp.getGroupMemberAttributes().size());
}
Also used :
AuthnCreateParam(com.emc.storageos.model.auth.AuthnCreateParam)
AuthnProviderRestRep(com.emc.storageos.model.auth.AuthnProviderRestRep)
Test(org.junit.Test)
Example 18 with AuthnCreateParam
use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.
the class ApiTestAuthnProviders method testAuthnProviderCreateWithLDAPGroupPropertiesAndNonManagerDN.
@Test
public void testAuthnProviderCreateWithLDAPGroupPropertiesAndNonManagerDN() {
final String testName = "testAuthnProviderCreateWithLDAPGroupPropertiesAndNonManagerDN - ";
AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + "Successful creation of authn provider with non managerDN");
// overwrite the managerdn with some user information. Just to make sure that ldap schema schema search
// does not need only the managerdn's.
createParam.setManagerDn(getNonManagerBindDN());
createParam.setManagerPassword(getNonManagerBindDNPwd());
AuthnProviderRestRep createResp = rSys.path(getTestApi()).post(AuthnProviderRestRep.class, createParam);
validateAuthProviderCreateSuccess(createParam, createResp);
}
Also used :
AuthnCreateParam(com.emc.storageos.model.auth.AuthnCreateParam)
AuthnProviderRestRep(com.emc.storageos.model.auth.AuthnProviderRestRep)
Test(org.junit.Test)
Example 19 with AuthnCreateParam
use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.
the class ApiTestAuthnProviders method testAuthnProviderCreateWithLDAPGroupObjectClassesOnly.
@Test
public void testAuthnProviderCreateWithLDAPGroupObjectClassesOnly() {
final String testName = "testAuthnProviderCreateWithLDAPGroupObjectClassesOnly - ";
AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + TRACE_SUCCESSFUL);
// Remove the memberAttributes from the createParam.
createParam.getGroupMemberAttributes().clear();
ClientResponse clientCreateResp = rSys.path(getTestApi()).post(ClientResponse.class, createParam);
// Since the createParam does not contain group member attributes, the request
// should fail with the below error.
String partialExpectedErrorMsg = AUTHN_PROVIDER_ADD_UPDATE_PARTIAL_ERROR + "modified because of the following error: Group member attributes are not provided.";
validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientCreateResp);
}
Also used :
ClientResponse(com.sun.jersey.api.client.ClientResponse)
AuthnCreateParam(com.emc.storageos.model.auth.AuthnCreateParam)
Test(org.junit.Test)
Example 20 with AuthnCreateParam
use of com.emc.storageos.model.auth.AuthnCreateParam in project coprhd-controller by CoprHD.
the class ApiTestAuthnProviders method testAuthnProviderEditByRemovingLDAPGroupProperties.
@Test
public void testAuthnProviderEditByRemovingLDAPGroupProperties() {
final String testName = "testAuthnProviderEditByRemovingLDAPGroupProperties - ";
AuthnCreateParam createParam = getDefaultAuthnCreateParam(testName + TRACE_AUTHN_PROVIDER_SUCCESSFUL);
AuthnProviderRestRep createResp = rSys.path(getTestApi()).post(AuthnProviderRestRep.class, createParam);
validateAuthProviderCreateSuccess(createParam, createResp);
// Now edit the created authn provider.
final String editAPI = getTestEditApi(createResp.getId());
AuthnUpdateParam editParam = getAuthnUpdateParamFromAuthnProviderRestResp(createResp);
Set<String> addedGroupObjectClasses = new LinkedHashSet<String>();
addedGroupObjectClasses.addAll(editParam.getGroupObjectClassChanges().getAdd());
Set<String> addedGroupMemberAttributes = new LinkedHashSet<String>();
addedGroupMemberAttributes.addAll(editParam.getGroupMemberAttributeChanges().getAdd());
// Remove everything from the add list
editParam.getGroupObjectClassChanges().getAdd().clear();
editParam.getGroupMemberAttributeChanges().getAdd().clear();
// Add everything to the remove list.
editParam.getGroupObjectClassChanges().getRemove().addAll(addedGroupObjectClasses);
editParam.getGroupMemberAttributeChanges().getRemove().addAll(addedGroupMemberAttributes);
editParam.setDescription(testName + "Edit by removing the ldap group properties");
// Now, Send the put request to edit the auth provider with duplicate ldap group properties.
// The request should be be successful and ldap group properties should not have any duplicates.
AuthnProviderRestRep editResp = rSys.path(editAPI).put(AuthnProviderRestRep.class, editParam);
validateAuthProviderEditSuccess(editParam, editResp);
editParam = getAuthnUpdateParamFromAuthnProviderRestResp(createResp);
editParam.setDescription(testName + "Edit after removing the ldap group properties to reset with default values");
// Now, Send the put request to edit the auth provider with duplicate ldap group properties.
// The request should be be successful and ldap group properties should not have any duplicates.
editResp = rSys.path(editAPI).put(AuthnProviderRestRep.class, editParam);
validateAuthProviderEditSuccess(editParam, editResp);
editParam.getGroupObjectClassChanges().getAdd().clear();
editParam.getGroupMemberAttributeChanges().getAdd().clear();
// Add only first two group object classes to the add list.
editParam.getGroupObjectClassChanges().getAdd().add(this.getGroupObjectClass(0));
editParam.getGroupObjectClassChanges().getAdd().add(this.getGroupObjectClass(1));
// Add only last two group object classes to the remove list.
editParam.getGroupObjectClassChanges().getRemove().add(this.getGroupObjectClass(2));
editParam.getGroupObjectClassChanges().getRemove().add(this.getGroupObjectClass(3));
// Add only first two group member attributes to the add list.
editParam.getGroupMemberAttributeChanges().getAdd().add(this.getGroupMemberAttribute(0));
editParam.getGroupMemberAttributeChanges().getAdd().add(this.getGroupMemberAttribute(1));
// Add only last two group member attributes to the remove list.
editParam.getGroupMemberAttributeChanges().getRemove().add(this.getGroupMemberAttribute(2));
editParam.getGroupMemberAttributeChanges().getRemove().add(this.getGroupMemberAttribute(3));
editParam.setDescription(testName + "Edit by removing and adding the ldap group properties in one update");
// Now, Send the put request to edit the auth provider with duplicate ldap group properties.
// The request should be be successful and ldap group properties should not have any duplicates.
editResp = rSys.path(editAPI).put(AuthnProviderRestRep.class, editParam);
validateAuthProviderEditSuccess(editParam, editResp);
editParam.getGroupObjectClassChanges().getAdd().clear();
editParam.getGroupMemberAttributeChanges().getAdd().clear();
editParam.getGroupObjectClassChanges().getRemove().clear();
editParam.getGroupMemberAttributeChanges().getRemove().clear();
editParam.getGroupObjectClassChanges().getRemove().add(this.getGroupObjectClass(0));
editParam.getGroupObjectClassChanges().getRemove().add(this.getGroupObjectClass(1));
editParam.setDescription(testName + "Edit by just removing all the group object classes only.");
// Now, Send the put request to edit the auth provider to remove all the object classes and keep
// member attributes.
// The request should fail as both group object classes and member attributes
// can be empty or both can have values. Just only one containing values is
// not allowed.
ClientResponse clientEditResp = rSys.path(editAPI).put(ClientResponse.class, editParam);
// Since the createParam does not contain group object classes, the request
// should fail with the below error.
String partialExpectedErrorMsg = AUTHN_PROVIDER_ADD_UPDATE_PARTIAL_ERROR + "modified because of the following error: Group object classes are not provided.";
validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientEditResp);
editParam.getGroupObjectClassChanges().getAdd().clear();
editParam.getGroupMemberAttributeChanges().getAdd().clear();
editParam.getGroupObjectClassChanges().getRemove().clear();
editParam.getGroupMemberAttributeChanges().getRemove().clear();
editParam.getGroupMemberAttributeChanges().getRemove().add(this.getGroupMemberAttribute(0));
editParam.getGroupMemberAttributeChanges().getRemove().add(this.getGroupMemberAttribute(1));
editParam.setDescription(testName + "Edit by just removing all the group member attributes only.");
// Now, Send the put request to edit the auth provider to remove all the member attributes and keep
// object classes.
// The request should fail as both group object classes and member attributes
// can be empty or both can have values. Just only one containing values is
// not allowed.
clientEditResp = rSys.path(editAPI).put(ClientResponse.class, editParam);
// Since the createParam does not contain group member attributes, the request
// should fail with the below error.
partialExpectedErrorMsg = AUTHN_PROVIDER_ADD_UPDATE_PARTIAL_ERROR + "modified because of the following error: Group member attributes are not provided.";
validateAuthProviderBadRequest(HttpStatus.SC_BAD_REQUEST, partialExpectedErrorMsg, clientEditResp);
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
ClientResponse(com.sun.jersey.api.client.ClientResponse)
AuthnUpdateParam(com.emc.storageos.model.auth.AuthnUpdateParam)
AuthnCreateParam(com.emc.storageos.model.auth.AuthnCreateParam)
AuthnProviderRestRep(com.emc.storageos.model.auth.AuthnProviderRestRep)
Test(org.junit.Test)
Aggregations
AuthnCreateParam (com.emc.storageos.model.auth.AuthnCreateParam)23
AuthnProviderRestRep (com.emc.storageos.model.auth.AuthnProviderRestRep)18
Test (org.junit.Test)13
AuthnUpdateParam (com.emc.storageos.model.auth.AuthnUpdateParam)12
ClientResponse (com.sun.jersey.api.client.ClientResponse)12
AuthnProviderList (com.emc.storageos.model.auth.AuthnProviderList)1
TenantCreateParam (com.emc.storageos.model.tenant.TenantCreateParam)1
UserMappingAttributeParam (com.emc.storageos.model.tenant.UserMappingAttributeParam)1
UserMappingParam (com.emc.storageos.model.tenant.UserMappingParam)1
ViPRClientHelper (com.emc.storageos.usermanagement.util.ViPRClientHelper)1
ADClient (com.emc.storageos.usermanagement.util.ad.ADClient)1
ViPRCoreClient (com.emc.vipr.client.ViPRCoreClient)1
ClientHandlerException (com.sun.jersey.api.client.ClientHandlerException)1
UniformInterfaceException (com.sun.jersey.api.client.UniformInterfaceException)1
InputStream (java.io.InputStream)1
URI (java.net.URI)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
HashSet (java.util.HashSet)1
LinkedHashSet (java.util.LinkedHashSet)1
Properties (java.util.Properties)1
