Search in sources :

Example 6 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test234DetitleAccountWillBargain.

@Test
public void test234DetitleAccountWillBargain() throws Exception {
    final String TEST_NAME = "test234DetitleAccountWillBargain";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    ObjectDelta<ShadowType> delta = IntegrationTestTools.createDetitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_BARGAIN_OID, prismContext);
    display("ObjectDelta", delta);
    delta.checkConsistence();
    // WHEN
    provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
    // THEN
    result.computeStatus();
    display("modifyObject result", result);
    TestUtil.assertSuccess(result);
    delta.checkConsistence();
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertNoMember(group, getWillRepoIcfName());
    // Make sure that account is still there and it has the privilege
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_NONSENSE_NAME);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    DummyPrivilege priv2 = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
    assertNotNull("Privilege object (bargain) is gone!", priv);
    syncServiceMock.assertNotifySuccessOnly();
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OperationProvisioningScriptsType(com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 7 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test226WillNonsensePrivilege.

/**
	 * Make the account point to a privilege that does not exist.
	 * MidPoint should ignore such privilege.
	 */
@Test
public void test226WillNonsensePrivilege() throws Exception {
    final String TEST_NAME = "test226WillNonsensePrivilege";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    dummyAccount.addAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, PRIVILEGE_NONSENSE_NAME);
    syncServiceMock.reset();
    // WHEN
    PrismObject<ShadowType> shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, result);
    // THEN
    result.computeStatus();
    display("Account", shadow);
    display(result);
    TestUtil.assertSuccess(result);
    assertConnectorOperationIncrement(3);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    PrismObject<ShadowType> foolsShadow = findShadowByName(new QName(RESOURCE_DUMMY_NS, OBJECTCLAS_GROUP_LOCAL_NAME), "fools", resource, result);
    assertNotNull("No shadow for group fools", foolsShadow);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    assertEntitlementGroup(shadow, GROUP_PIRATES_OID);
    assertEntitlementGroup(shadow, foolsShadow.getOid());
    assertEntitlementPriv(shadow, PRIVILEGE_PILLAGE_OID);
    assertEntitlementPriv(shadow, PRIVILEGE_BARGAIN_OID);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    // Just make sure nothing has changed
    dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_PILLAGE_NAME, PRIVILEGE_BARGAIN_NAME, PRIVILEGE_NONSENSE_NAME);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    DummyPrivilege priv2 = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
    assertNotNull("Privilege object (bargain) is gone!", priv2);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertMember(group, transformNameToResource(ACCOUNT_WILL_USERNAME));
    String foolsIcfUid = getIcfUid(foolsShadow);
    DummyGroup groupFools = getDummyGroupAssert("fools", foolsIcfUid);
    assertMember(groupFools, transformNameToResource(ACCOUNT_WILL_USERNAME));
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) QName(javax.xml.namespace.QName) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 8 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test265DeleteAccountLeChuck.

/**
	 * LeChuck has both group and priv entitlement. If deleted it should be correctly removed from all
	 * the entitlements.
	 */
@Test
public void test265DeleteAccountLeChuck() throws Exception {
    final String TEST_NAME = "test265DeleteAccountLeChuck";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    // WHEN
    provisioningService.deleteObject(ShadowType.class, ACCOUNT_LECHUCK_OID, null, null, task, result);
    // THEN
    result.computeStatus();
    display("add object result", result);
    TestUtil.assertSuccess("addObject has failed (result)", result);
    syncServiceMock.assertNotifySuccessOnly();
    // Check if the account is gone and that group membership is gone as well
    DummyAccount dummyAccount = getDummyAccount(ACCOUNT_LECHUCK_NAME, leChuckIcfUid);
    assertNull("Dummy account is NOT gone", dummyAccount);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertNoMember(group, ACCOUNT_LECHUCK_NAME);
    try {
        repositoryService.getObject(ShadowType.class, ACCOUNT_LECHUCK_OID, null, result);
        AssertJUnit.fail("Shadow (repo) is not gone");
    } catch (ObjectNotFoundException e) {
    // This is expected
    }
    try {
        provisioningService.getObject(ShadowType.class, ACCOUNT_LECHUCK_OID, null, task, result);
        AssertJUnit.fail("Shadow (provisioning) is not gone");
    } catch (ObjectNotFoundException e) {
    // This is expected
    }
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ObjectNotFoundException(com.evolveum.midpoint.util.exception.ObjectNotFoundException) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 9 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test222EntitleAccountWillPillage.

@Test
public void test222EntitleAccountWillPillage() throws Exception {
    final String TEST_NAME = "test222EntitleAccountWillPillage";
    TestUtil.displayTestTile(TEST_NAME);
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    rememberDummyResourceGroupMembersReadCount(null);
    syncServiceMock.reset();
    ObjectDelta<ShadowType> delta = IntegrationTestTools.createEntitleDelta(ACCOUNT_WILL_OID, ASSOCIATION_PRIV_NAME, PRIVILEGE_PILLAGE_OID, prismContext);
    display("ObjectDelta", delta);
    delta.checkConsistence();
    // WHEN
    provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result);
    // THEN
    result.computeStatus();
    display("modifyObject result", result);
    TestUtil.assertSuccess(result);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("account privileges", accountProvileges, PRIVILEGE_PILLAGE_NAME);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    delta.checkConsistence();
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    // Make sure that the groups is still there and will is a member
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertMember(group, transformNameToResource(ACCOUNT_WILL_USERNAME));
    syncServiceMock.assertNotifySuccessOnly();
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    PrismObject<ShadowType> shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, result);
    display("Shadow after", shadow);
    assertEntitlementGroup(shadow, GROUP_PIRATES_OID);
    assertEntitlementPriv(shadow, PRIVILEGE_PILLAGE_OID);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OperationProvisioningScriptsType(com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 10 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestUniversity method test110AddComeniusStructure.

@Test
public void test110AddComeniusStructure() throws Exception {
    final String TEST_NAME = "test110AddComeniusStructure";
    TestUtil.displayTestTile(this, TEST_NAME);
    Task task = taskManager.createTaskInstance(TestUniversity.class.getName() + "." + TEST_NAME);
    DummyPrivilege srcFmfi = new DummyPrivilege("FMFI");
    srcFmfi.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK");
    DummyPrivilege srcVc = new DummyPrivilege("VC");
    srcVc.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK:FMFI");
    DummyPrivilege srcPrif = new DummyPrivilege("PRIF");
    srcPrif.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK");
    // WHEN
    dummyResourceHr.addPrivilege(srcFmfi);
    dummyResourceHr.addPrivilege(srcVc);
    dummyResourceHr.addPrivilege(srcPrif);
    waitForTaskNextRunAssertSuccess(TASK_LIVE_SYNC_DUMMY_HR_OID, true);
    // THEN
    dumpOrgTree();
    PrismObject<OrgType> uk = getAndAssertFunctionalOrg("UK");
    assertNotNull("UK was not found", uk);
    display("Org UK", uk);
    assertHasOrg(uk, ORG_TOP_OID);
    assertAssignedOrg(uk, ORG_TOP_OID);
    assertSubOrgs(uk, 2);
    assertSubOrgs(ORG_TOP_OID, 1);
    assertGroupMembers(uk, "cn=DL-FMFI,ou=FMFI,ou=UK,dc=example,dc=com", "cn=DL-PRIF,ou=PRIF,ou=UK,dc=example,dc=com");
    PrismObject<OrgType> fmfi = getAndAssertFunctionalOrg("FMFI");
    assertNotNull("FMFI was not found", fmfi);
    display("Org FMFI", fmfi);
    assertHasOrg(fmfi, uk.getOid());
    assertAssignedOrg(fmfi, uk.getOid());
    assertSubOrgs(fmfi, 1);
    assertGroupMembers(fmfi, "cn=DL-VC,ou=VC,ou=FMFI,ou=UK,dc=example,dc=com");
    PrismObject<OrgType> prif = getAndAssertFunctionalOrg("PRIF");
    assertNotNull("PRIF was not found", prif);
    display("Org PRIF", prif);
    assertHasOrg(prif, uk.getOid());
    assertAssignedOrg(prif, uk.getOid());
    assertSubOrgs(prif, 0);
    assertNoGroupMembers(prif);
    PrismObject<OrgType> vc = getAndAssertFunctionalOrg("VC");
    assertNotNull("VC was not found", vc);
    display("Org VC", vc);
    assertHasOrg(vc, fmfi.getOid());
    assertAssignedOrg(vc, fmfi.getOid());
    assertSubOrgs(vc, 0);
    assertNoGroupMembers(vc);
}
Also used : Task(com.evolveum.midpoint.task.api.Task) OrgType(com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) Test(org.testng.annotations.Test)

Aggregations

DummyPrivilege (com.evolveum.icf.dummy.resource.DummyPrivilege)24 DummyAccount (com.evolveum.icf.dummy.resource.DummyAccount)16 DummyGroup (com.evolveum.icf.dummy.resource.DummyGroup)16 Task (com.evolveum.midpoint.task.api.Task)16 Test (org.testng.annotations.Test)16 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)13 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)11 SchemaViolationException (com.evolveum.icf.dummy.resource.SchemaViolationException)7 GuardedString (org.identityconnectors.common.security.GuardedString)7 ConflictException (com.evolveum.icf.dummy.resource.ConflictException)6 DummyOrg (com.evolveum.icf.dummy.resource.DummyOrg)6 ObjectAlreadyExistsException (com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException)6 FileNotFoundException (java.io.FileNotFoundException)6 ConnectException (java.net.ConnectException)6 AlreadyExistsException (org.identityconnectors.framework.common.exceptions.AlreadyExistsException)6 ConnectionFailedException (org.identityconnectors.framework.common.exceptions.ConnectionFailedException)6 ConnectorIOException (org.identityconnectors.framework.common.exceptions.ConnectorIOException)6 InvalidAttributeValueException (org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException)6 OperationProvisioningScriptsType (com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType)5 ConnectorException (org.identityconnectors.framework.common.exceptions.ConnectorException)5