Search in sources :

Example 1 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class DummyConnector method removeAttributeValues.

/**
     * {@inheritDoc}
     */
public Uid removeAttributeValues(ObjectClass objectClass, Uid uid, Set<Attribute> valuesToRemove, OperationOptions options) {
    validate(objectClass);
    validate(uid);
    try {
        if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
            DummyAccount account;
            if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
                account = resource.getAccountByUsername(uid.getUidValue());
            } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
                account = resource.getAccountById(uid.getUidValue());
            } else {
                throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
            }
            if (account == null) {
                throw new UnknownUidException("Account with UID " + uid + " does not exist on resource");
            }
            for (Attribute attr : valuesToRemove) {
                if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
                    throw new UnsupportedOperationException("Removing password value is not supported");
                } else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
                    throw new IllegalArgumentException("Attempt to remove value from enable attribute");
                } else if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equalsIgnoreCase(attr.getName())) {
                    account.deleteAuxiliaryObjectClassNames(attr.getValue());
                } else {
                    String name = attr.getName();
                    try {
                        account.removeAttributeValues(name, attr.getValue());
                        log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), account, account.getAttributeValues(name, Object.class));
                    } catch (SchemaViolationException e) {
                        // The framework should deal with it ... somehow
                        throw new IllegalArgumentException(e.getMessage(), e);
                    }
                }
            }
        } else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
            DummyGroup group;
            if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
                group = resource.getGroupByName(uid.getUidValue());
            } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
                group = resource.getGroupById(uid.getUidValue());
            } else {
                throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
            }
            if (group == null) {
                throw new UnknownUidException("Group with UID " + uid + " does not exist on resource");
            }
            for (Attribute attr : valuesToRemove) {
                if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
                    throw new IllegalArgumentException("Attempt to change password on group");
                } else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
                    throw new IllegalArgumentException("Attempt to remove value from enable attribute");
                } else {
                    String name = attr.getName();
                    List<Object> values = attr.getValue();
                    if (attr.is(DummyGroup.ATTR_MEMBERS_NAME) && values != null && configuration.getUpCaseName()) {
                        List<Object> newValues = new ArrayList<Object>(values.size());
                        for (Object val : values) {
                            newValues.add(StringUtils.upperCase((String) val));
                        }
                        values = newValues;
                    }
                    try {
                        group.removeAttributeValues(name, values);
                        log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), group, group.getAttributeValues(name, Object.class));
                    } catch (SchemaViolationException e) {
                        // The framework should deal with it ... somehow
                        throw new IllegalArgumentException(e.getMessage(), e);
                    }
                }
            }
        } else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
            DummyPrivilege priv;
            if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
                priv = resource.getPrivilegeByName(uid.getUidValue());
            } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
                priv = resource.getPrivilegeById(uid.getUidValue());
            } else {
                throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
            }
            if (priv == null) {
                throw new UnknownUidException("Privilege with UID " + uid + " does not exist on resource");
            }
            for (Attribute attr : valuesToRemove) {
                if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
                    throw new IllegalArgumentException("Attempt to change password on privilege");
                } else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
                    throw new IllegalArgumentException("Attempt to remove value from enable attribute");
                } else {
                    String name = attr.getName();
                    try {
                        priv.removeAttributeValues(name, attr.getValue());
                        log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), priv, priv.getAttributeValues(name, Object.class));
                    } catch (SchemaViolationException e) {
                        // The framework should deal with it ... somehow
                        throw new IllegalArgumentException(e.getMessage(), e);
                    }
                }
            }
        } else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
            DummyOrg org;
            if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
                org = resource.getOrgByName(uid.getUidValue());
            } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
                org = resource.getOrgById(uid.getUidValue());
            } else {
                throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
            }
            if (org == null) {
                throw new UnknownUidException("Org with UID " + uid + " does not exist on resource");
            }
            for (Attribute attr : valuesToRemove) {
                if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
                    throw new IllegalArgumentException("Attempt to change password on org");
                } else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
                    throw new IllegalArgumentException("Attempt to remove value from enable org");
                } else {
                    String name = attr.getName();
                    try {
                        org.removeAttributeValues(name, attr.getValue());
                        log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), org, org.getAttributeValues(name, Object.class));
                    } catch (SchemaViolationException e) {
                        // The framework should deal with it ... somehow
                        throw new IllegalArgumentException(e.getMessage(), e);
                    }
                }
            }
        } else {
            throw new ConnectorException("Unknown object class " + objectClass);
        }
    } catch (ConnectException e) {
        log.info("removeAttributeValues::exception " + e);
        throw new ConnectionFailedException(e.getMessage(), e);
    } catch (FileNotFoundException e) {
        log.info("removeAttributeValues::exception " + e);
        throw new ConnectorIOException(e.getMessage(), e);
    } catch (SchemaViolationException e) {
        log.info("removeAttributeValues::exception " + e);
        throw new InvalidAttributeValueException(e.getMessage(), e);
    } catch (ConflictException e) {
        log.info("removeAttributeValues::exception " + e);
        throw new AlreadyExistsException(e);
    }
    return uid;
}
Also used : ConnectorIOException(org.identityconnectors.framework.common.exceptions.ConnectorIOException) AlreadyExistsException(org.identityconnectors.framework.common.exceptions.AlreadyExistsException) ObjectAlreadyExistsException(com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException) ConflictException(com.evolveum.icf.dummy.resource.ConflictException) ArrayList(java.util.ArrayList) FileNotFoundException(java.io.FileNotFoundException) GuardedString(org.identityconnectors.common.security.GuardedString) InvalidAttributeValueException(org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException) ConnectorException(org.identityconnectors.framework.common.exceptions.ConnectorException) DummyObject(com.evolveum.icf.dummy.resource.DummyObject) UnknownUidException(org.identityconnectors.framework.common.exceptions.UnknownUidException) SchemaViolationException(com.evolveum.icf.dummy.resource.SchemaViolationException) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyOrg(com.evolveum.icf.dummy.resource.DummyOrg) ConnectionFailedException(org.identityconnectors.framework.common.exceptions.ConnectionFailedException) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) ConnectException(java.net.ConnectException)

Example 2 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class DummyConnector method sync.

/**
     * {@inheritDoc}
     */
public void sync(ObjectClass objectClass, SyncToken token, SyncResultsHandler handler, final OperationOptions options) {
    log.info("sync::begin");
    validate(objectClass);
    Collection<String> attributesToGet = getAttrsToGet(options);
    try {
        int syncToken = (Integer) token.getValue();
        List<DummyDelta> deltas = resource.getDeltasSince(syncToken);
        for (DummyDelta delta : deltas) {
            Class<? extends DummyObject> deltaObjectClass = delta.getObjectClass();
            if (objectClass.is(ObjectClass.ALL_NAME)) {
            // take all changes
            } else if (objectClass.is(ObjectClass.ACCOUNT_NAME)) {
                if (deltaObjectClass != DummyAccount.class) {
                    log.ok("Skipping delta {0} because of objectclass mismatch", delta);
                    continue;
                }
            } else if (objectClass.is(ObjectClass.GROUP_NAME)) {
                if (deltaObjectClass != DummyGroup.class) {
                    log.ok("Skipping delta {0} because of objectclass mismatch", delta);
                    continue;
                }
            }
            SyncDeltaBuilder deltaBuilder = new SyncDeltaBuilder();
            if (deltaObjectClass == DummyAccount.class) {
                deltaBuilder.setObjectClass(ObjectClass.ACCOUNT);
            } else if (deltaObjectClass == DummyGroup.class) {
                deltaBuilder.setObjectClass(ObjectClass.GROUP);
            } else if (deltaObjectClass == DummyPrivilege.class) {
                deltaBuilder.setObjectClass(new ObjectClass(OBJECTCLASS_PRIVILEGE_NAME));
            } else if (deltaObjectClass == DummyOrg.class) {
                deltaBuilder.setObjectClass(new ObjectClass(OBJECTCLASS_ORG_NAME));
            } else {
                throw new IllegalArgumentException("Unknown delta objectClass " + deltaObjectClass);
            }
            SyncDeltaType deltaType;
            if (delta.getType() == DummyDeltaType.ADD || delta.getType() == DummyDeltaType.MODIFY) {
                if (resource.getSyncStyle() == DummySyncStyle.DUMB) {
                    deltaType = SyncDeltaType.CREATE_OR_UPDATE;
                } else {
                    if (delta.getType() == DummyDeltaType.ADD) {
                        deltaType = SyncDeltaType.CREATE;
                    } else {
                        deltaType = SyncDeltaType.UPDATE;
                    }
                }
                if (deltaObjectClass == DummyAccount.class) {
                    DummyAccount account = resource.getAccountById(delta.getObjectId());
                    if (account == null) {
                        throw new IllegalStateException("We have delta for account '" + delta.getObjectId() + "' but such account does not exist");
                    }
                    ConnectorObject cobject = convertToConnectorObject(account, attributesToGet);
                    deltaBuilder.setObject(cobject);
                } else if (deltaObjectClass == DummyGroup.class) {
                    DummyGroup group = resource.getGroupById(delta.getObjectId());
                    if (group == null) {
                        throw new IllegalStateException("We have delta for group '" + delta.getObjectId() + "' but such group does not exist");
                    }
                    ConnectorObject cobject = convertToConnectorObject(group, attributesToGet);
                    deltaBuilder.setObject(cobject);
                } else if (deltaObjectClass == DummyPrivilege.class) {
                    DummyPrivilege privilege = resource.getPrivilegeById(delta.getObjectId());
                    if (privilege == null) {
                        throw new IllegalStateException("We have privilege for group '" + delta.getObjectId() + "' but such privilege does not exist");
                    }
                    ConnectorObject cobject = convertToConnectorObject(privilege, attributesToGet);
                    deltaBuilder.setObject(cobject);
                } else {
                    throw new IllegalArgumentException("Unknown delta objectClass " + deltaObjectClass);
                }
            } else if (delta.getType() == DummyDeltaType.DELETE) {
                deltaType = SyncDeltaType.DELETE;
            } else {
                throw new IllegalStateException("Unknown delta type " + delta.getType());
            }
            deltaBuilder.setDeltaType(deltaType);
            deltaBuilder.setToken(new SyncToken(delta.getSyncToken()));
            Uid uid;
            if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
                uid = new Uid(delta.getObjectName());
            } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
                if (nameHintChecksEnabled()) {
                    uid = new Uid(delta.getObjectId(), new Name(delta.getObjectName()));
                } else {
                    uid = new Uid(delta.getObjectId());
                }
            } else {
                throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
            }
            deltaBuilder.setUid(uid);
            SyncDelta syncDelta = deltaBuilder.build();
            log.info("sync::handle {0}", syncDelta);
            handler.handle(syncDelta);
        }
    } catch (ConnectException e) {
        log.info("sync::exception " + e);
        throw new ConnectionFailedException(e.getMessage(), e);
    } catch (FileNotFoundException e) {
        log.info("sync::exception " + e);
        throw new ConnectorIOException(e.getMessage(), e);
    } catch (SchemaViolationException e) {
        log.info("sync::exception " + e);
        throw new InvalidAttributeValueException(e.getMessage(), e);
    } catch (ConflictException e) {
        log.info("sync::exception " + e);
        throw new AlreadyExistsException(e);
    }
    log.info("sync::end");
}
Also used : ConflictException(com.evolveum.icf.dummy.resource.ConflictException) DummyDelta(com.evolveum.icf.dummy.resource.DummyDelta) FileNotFoundException(java.io.FileNotFoundException) GuardedString(org.identityconnectors.common.security.GuardedString) SchemaViolationException(com.evolveum.icf.dummy.resource.SchemaViolationException) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) ConnectException(java.net.ConnectException) ConnectorIOException(org.identityconnectors.framework.common.exceptions.ConnectorIOException) DummyObjectClass(com.evolveum.icf.dummy.resource.DummyObjectClass) AlreadyExistsException(org.identityconnectors.framework.common.exceptions.AlreadyExistsException) ObjectAlreadyExistsException(com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException) InvalidAttributeValueException(org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyOrg(com.evolveum.icf.dummy.resource.DummyOrg) ConnectionFailedException(org.identityconnectors.framework.common.exceptions.ConnectionFailedException)

Example 3 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class AbstractDummyTest method getDummyPrivilegeAssert.

protected DummyPrivilege getDummyPrivilegeAssert(String icfName, String icfUid) throws ConnectException, FileNotFoundException, SchemaViolationException, ConflictException {
    //		if (isNameUnique()) {
    if (isIcfNameUidSame()) {
        return dummyResource.getPrivilegeByName(icfName);
    } else {
        DummyPrivilege priv = dummyResource.getPrivilegeById(icfUid);
        assertNotNull("No dummy privilege with ICF UID " + icfUid + " (expected name " + icfName + ")", priv);
        assertEquals("Unexpected name in " + priv, icfName, priv.getName());
        return priv;
    }
}
Also used : DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege)

Example 4 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test232DetitleAccountWillPillage.

@Test
public void test232DetitleAccountWillPillage() throws Exception {
    final String TEST_NAME = "test232DetitleAccountWillPillage";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    ObjectDelta<ShadowType> delta = IntegrationTestTools.createDetitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_PILLAGE_OID, prismContext);
    display("ObjectDelta", delta);
    delta.checkConsistence();
    // WHEN
    provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
    // THEN
    result.computeStatus();
    display("modifyObject result", result);
    TestUtil.assertSuccess(result);
    delta.checkConsistence();
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertNoMember(group, getWillRepoIcfName());
    // Make sure that account is still there and it has the privilege
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_BARGAIN_NAME, PRIVILEGE_NONSENSE_NAME);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    syncServiceMock.assertNotifySuccessOnly();
    PrismObject<ShadowType> shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, result);
    display("Shadow after", shadow);
    assertEntitlementPriv(shadow, PRIVILEGE_BARGAIN_OID);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OperationProvisioningScriptsType(com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 5 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test234DetitleAccountWillBargain.

@Test
public void test234DetitleAccountWillBargain() throws Exception {
    final String TEST_NAME = "test234DetitleAccountWillBargain";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    ObjectDelta<ShadowType> delta = IntegrationTestTools.createDetitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_BARGAIN_OID, prismContext);
    display("ObjectDelta", delta);
    delta.checkConsistence();
    // WHEN
    provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
    // THEN
    result.computeStatus();
    display("modifyObject result", result);
    TestUtil.assertSuccess(result);
    delta.checkConsistence();
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertNoMember(group, getWillRepoIcfName());
    // Make sure that account is still there and it has the privilege
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_NONSENSE_NAME);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    DummyPrivilege priv2 = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
    assertNotNull("Privilege object (bargain) is gone!", priv);
    syncServiceMock.assertNotifySuccessOnly();
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OperationProvisioningScriptsType(com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Aggregations

DummyPrivilege (com.evolveum.icf.dummy.resource.DummyPrivilege)17 DummyAccount (com.evolveum.icf.dummy.resource.DummyAccount)12 DummyGroup (com.evolveum.icf.dummy.resource.DummyGroup)11 SchemaViolationException (com.evolveum.icf.dummy.resource.SchemaViolationException)10 ConflictException (com.evolveum.icf.dummy.resource.ConflictException)9 DummyOrg (com.evolveum.icf.dummy.resource.DummyOrg)9 ObjectAlreadyExistsException (com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException)9 FileNotFoundException (java.io.FileNotFoundException)9 ConnectException (java.net.ConnectException)9 AlreadyExistsException (org.identityconnectors.framework.common.exceptions.AlreadyExistsException)9 ConnectionFailedException (org.identityconnectors.framework.common.exceptions.ConnectionFailedException)9 ConnectorIOException (org.identityconnectors.framework.common.exceptions.ConnectorIOException)9 InvalidAttributeValueException (org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException)9 ConnectorException (org.identityconnectors.framework.common.exceptions.ConnectorException)8 GuardedString (org.identityconnectors.common.security.GuardedString)7 ArrayList (java.util.ArrayList)6 UnknownUidException (org.identityconnectors.framework.common.exceptions.UnknownUidException)6 Test (org.testng.annotations.Test)5 DummyObject (com.evolveum.icf.dummy.resource.DummyObject)4 OrgType (com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType)3