use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.
the class DummyConnector method removeAttributeValues.
/**
* {@inheritDoc}
*/
public Uid removeAttributeValues(ObjectClass objectClass, Uid uid, Set<Attribute> valuesToRemove, OperationOptions options) {
validate(objectClass);
validate(uid);
try {
if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
DummyAccount account;
if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
account = resource.getAccountByUsername(uid.getUidValue());
} else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
account = resource.getAccountById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (account == null) {
throw new UnknownUidException("Account with UID " + uid + " does not exist on resource");
}
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new UnsupportedOperationException("Removing password value is not supported");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new IllegalArgumentException("Attempt to remove value from enable attribute");
} else if (PredefinedAttributes.AUXILIARY_OBJECT_CLASS_NAME.equalsIgnoreCase(attr.getName())) {
account.deleteAuxiliaryObjectClassNames(attr.getValue());
} else {
String name = attr.getName();
try {
account.removeAttributeValues(name, attr.getValue());
log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), account, account.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new IllegalArgumentException(e.getMessage(), e);
}
}
}
} else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
DummyGroup group;
if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
group = resource.getGroupByName(uid.getUidValue());
} else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
group = resource.getGroupById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (group == null) {
throw new UnknownUidException("Group with UID " + uid + " does not exist on resource");
}
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new IllegalArgumentException("Attempt to change password on group");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new IllegalArgumentException("Attempt to remove value from enable attribute");
} else {
String name = attr.getName();
List<Object> values = attr.getValue();
if (attr.is(DummyGroup.ATTR_MEMBERS_NAME) && values != null && configuration.getUpCaseName()) {
List<Object> newValues = new ArrayList<Object>(values.size());
for (Object val : values) {
newValues.add(StringUtils.upperCase((String) val));
}
values = newValues;
}
try {
group.removeAttributeValues(name, values);
log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), group, group.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new IllegalArgumentException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
DummyPrivilege priv;
if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
priv = resource.getPrivilegeByName(uid.getUidValue());
} else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
priv = resource.getPrivilegeById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (priv == null) {
throw new UnknownUidException("Privilege with UID " + uid + " does not exist on resource");
}
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new IllegalArgumentException("Attempt to change password on privilege");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new IllegalArgumentException("Attempt to remove value from enable attribute");
} else {
String name = attr.getName();
try {
priv.removeAttributeValues(name, attr.getValue());
log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), priv, priv.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new IllegalArgumentException(e.getMessage(), e);
}
}
}
} else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
DummyOrg org;
if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
org = resource.getOrgByName(uid.getUidValue());
} else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
org = resource.getOrgById(uid.getUidValue());
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
if (org == null) {
throw new UnknownUidException("Org with UID " + uid + " does not exist on resource");
}
for (Attribute attr : valuesToRemove) {
if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
throw new IllegalArgumentException("Attempt to change password on org");
} else if (attr.is(OperationalAttributes.ENABLE_NAME)) {
throw new IllegalArgumentException("Attempt to remove value from enable org");
} else {
String name = attr.getName();
try {
org.removeAttributeValues(name, attr.getValue());
log.ok("Removed attribute {0} values {1} from {2}, resulting values: {3}", name, attr.getValue(), org, org.getAttributeValues(name, Object.class));
} catch (SchemaViolationException e) {
// The framework should deal with it ... somehow
throw new IllegalArgumentException(e.getMessage(), e);
}
}
}
} else {
throw new ConnectorException("Unknown object class " + objectClass);
}
} catch (ConnectException e) {
log.info("removeAttributeValues::exception " + e);
throw new ConnectionFailedException(e.getMessage(), e);
} catch (FileNotFoundException e) {
log.info("removeAttributeValues::exception " + e);
throw new ConnectorIOException(e.getMessage(), e);
} catch (SchemaViolationException e) {
log.info("removeAttributeValues::exception " + e);
throw new InvalidAttributeValueException(e.getMessage(), e);
} catch (ConflictException e) {
log.info("removeAttributeValues::exception " + e);
throw new AlreadyExistsException(e);
}
return uid;
}
use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.
the class DummyConnector method sync.
/**
* {@inheritDoc}
*/
public void sync(ObjectClass objectClass, SyncToken token, SyncResultsHandler handler, final OperationOptions options) {
log.info("sync::begin");
validate(objectClass);
Collection<String> attributesToGet = getAttrsToGet(options);
try {
int syncToken = (Integer) token.getValue();
List<DummyDelta> deltas = resource.getDeltasSince(syncToken);
for (DummyDelta delta : deltas) {
Class<? extends DummyObject> deltaObjectClass = delta.getObjectClass();
if (objectClass.is(ObjectClass.ALL_NAME)) {
// take all changes
} else if (objectClass.is(ObjectClass.ACCOUNT_NAME)) {
if (deltaObjectClass != DummyAccount.class) {
log.ok("Skipping delta {0} because of objectclass mismatch", delta);
continue;
}
} else if (objectClass.is(ObjectClass.GROUP_NAME)) {
if (deltaObjectClass != DummyGroup.class) {
log.ok("Skipping delta {0} because of objectclass mismatch", delta);
continue;
}
}
SyncDeltaBuilder deltaBuilder = new SyncDeltaBuilder();
if (deltaObjectClass == DummyAccount.class) {
deltaBuilder.setObjectClass(ObjectClass.ACCOUNT);
} else if (deltaObjectClass == DummyGroup.class) {
deltaBuilder.setObjectClass(ObjectClass.GROUP);
} else if (deltaObjectClass == DummyPrivilege.class) {
deltaBuilder.setObjectClass(new ObjectClass(OBJECTCLASS_PRIVILEGE_NAME));
} else if (deltaObjectClass == DummyOrg.class) {
deltaBuilder.setObjectClass(new ObjectClass(OBJECTCLASS_ORG_NAME));
} else {
throw new IllegalArgumentException("Unknown delta objectClass " + deltaObjectClass);
}
SyncDeltaType deltaType;
if (delta.getType() == DummyDeltaType.ADD || delta.getType() == DummyDeltaType.MODIFY) {
if (resource.getSyncStyle() == DummySyncStyle.DUMB) {
deltaType = SyncDeltaType.CREATE_OR_UPDATE;
} else {
if (delta.getType() == DummyDeltaType.ADD) {
deltaType = SyncDeltaType.CREATE;
} else {
deltaType = SyncDeltaType.UPDATE;
}
}
if (deltaObjectClass == DummyAccount.class) {
DummyAccount account = resource.getAccountById(delta.getObjectId());
if (account == null) {
throw new IllegalStateException("We have delta for account '" + delta.getObjectId() + "' but such account does not exist");
}
ConnectorObject cobject = convertToConnectorObject(account, attributesToGet);
deltaBuilder.setObject(cobject);
} else if (deltaObjectClass == DummyGroup.class) {
DummyGroup group = resource.getGroupById(delta.getObjectId());
if (group == null) {
throw new IllegalStateException("We have delta for group '" + delta.getObjectId() + "' but such group does not exist");
}
ConnectorObject cobject = convertToConnectorObject(group, attributesToGet);
deltaBuilder.setObject(cobject);
} else if (deltaObjectClass == DummyPrivilege.class) {
DummyPrivilege privilege = resource.getPrivilegeById(delta.getObjectId());
if (privilege == null) {
throw new IllegalStateException("We have privilege for group '" + delta.getObjectId() + "' but such privilege does not exist");
}
ConnectorObject cobject = convertToConnectorObject(privilege, attributesToGet);
deltaBuilder.setObject(cobject);
} else {
throw new IllegalArgumentException("Unknown delta objectClass " + deltaObjectClass);
}
} else if (delta.getType() == DummyDeltaType.DELETE) {
deltaType = SyncDeltaType.DELETE;
} else {
throw new IllegalStateException("Unknown delta type " + delta.getType());
}
deltaBuilder.setDeltaType(deltaType);
deltaBuilder.setToken(new SyncToken(delta.getSyncToken()));
Uid uid;
if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
uid = new Uid(delta.getObjectName());
} else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
if (nameHintChecksEnabled()) {
uid = new Uid(delta.getObjectId(), new Name(delta.getObjectName()));
} else {
uid = new Uid(delta.getObjectId());
}
} else {
throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
}
deltaBuilder.setUid(uid);
SyncDelta syncDelta = deltaBuilder.build();
log.info("sync::handle {0}", syncDelta);
handler.handle(syncDelta);
}
} catch (ConnectException e) {
log.info("sync::exception " + e);
throw new ConnectionFailedException(e.getMessage(), e);
} catch (FileNotFoundException e) {
log.info("sync::exception " + e);
throw new ConnectorIOException(e.getMessage(), e);
} catch (SchemaViolationException e) {
log.info("sync::exception " + e);
throw new InvalidAttributeValueException(e.getMessage(), e);
} catch (ConflictException e) {
log.info("sync::exception " + e);
throw new AlreadyExistsException(e);
}
log.info("sync::end");
}
use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.
the class AbstractDummyTest method getDummyPrivilegeAssert.
protected DummyPrivilege getDummyPrivilegeAssert(String icfName, String icfUid) throws ConnectException, FileNotFoundException, SchemaViolationException, ConflictException {
// if (isNameUnique()) {
if (isIcfNameUidSame()) {
return dummyResource.getPrivilegeByName(icfName);
} else {
DummyPrivilege priv = dummyResource.getPrivilegeById(icfUid);
assertNotNull("No dummy privilege with ICF UID " + icfUid + " (expected name " + icfName + ")", priv);
assertEquals("Unexpected name in " + priv, icfName, priv.getName());
return priv;
}
}
use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.
the class TestDummy method test232DetitleAccountWillPillage.
@Test
public void test232DetitleAccountWillPillage() throws Exception {
final String TEST_NAME = "test232DetitleAccountWillPillage";
TestUtil.displayTestTile(TEST_NAME);
Task task = createTask(TEST_NAME);
OperationResult result = task.getResult();
syncServiceMock.reset();
ObjectDelta<ShadowType> delta = IntegrationTestTools.createDetitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_PILLAGE_OID, prismContext);
display("ObjectDelta", delta);
delta.checkConsistence();
// WHEN
provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
// THEN
result.computeStatus();
display("modifyObject result", result);
TestUtil.assertSuccess(result);
delta.checkConsistence();
DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
assertNoMember(group, getWillRepoIcfName());
// Make sure that account is still there and it has the privilege
DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
assertNotNull("Account will is gone!", dummyAccount);
Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_BARGAIN_NAME, PRIVILEGE_NONSENSE_NAME);
// Make sure that privilege object is still there
DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
assertNotNull("Privilege object is gone!", priv);
syncServiceMock.assertNotifySuccessOnly();
PrismObject<ShadowType> shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, result);
display("Shadow after", shadow);
assertEntitlementPriv(shadow, PRIVILEGE_BARGAIN_OID);
assertSteadyResource();
}
use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.
the class TestDummy method test234DetitleAccountWillBargain.
@Test
public void test234DetitleAccountWillBargain() throws Exception {
final String TEST_NAME = "test234DetitleAccountWillBargain";
TestUtil.displayTestTile(TEST_NAME);
Task task = createTask(TEST_NAME);
OperationResult result = task.getResult();
syncServiceMock.reset();
ObjectDelta<ShadowType> delta = IntegrationTestTools.createDetitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_BARGAIN_OID, prismContext);
display("ObjectDelta", delta);
delta.checkConsistence();
// WHEN
provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
// THEN
result.computeStatus();
display("modifyObject result", result);
TestUtil.assertSuccess(result);
delta.checkConsistence();
DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
assertNoMember(group, getWillRepoIcfName());
// Make sure that account is still there and it has the privilege
DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
assertNotNull("Account will is gone!", dummyAccount);
Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_NONSENSE_NAME);
// Make sure that privilege object is still there
DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
assertNotNull("Privilege object is gone!", priv);
DummyPrivilege priv2 = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
assertNotNull("Privilege object (bargain) is gone!", priv);
syncServiceMock.assertNotifySuccessOnly();
assertSteadyResource();
}
Aggregations