Search in sources :

Example 16 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class DummyConnector method create.

/******************
     * SPI Operations
     *
     * Implement the following operations using the contract and
     * description found in the Javadoc for these methods.
     ******************/
/**
     * {@inheritDoc}
     */
/**
     * {@inheritDoc}
     */
public Uid create(final ObjectClass objectClass, final Set<Attribute> createAttributes, final OperationOptions options) {
    log.info("create::begin attributes {0}", createAttributes);
    validate(objectClass);
    DummyObject newObject;
    try {
        if (ObjectClass.ACCOUNT.is(objectClass.getObjectClassValue())) {
            // Convert attributes to account
            DummyAccount newAccount = convertToAccount(createAttributes);
            log.ok("Adding dummy account:\n{0}", newAccount.debugDump());
            resource.addAccount(newAccount);
            newObject = newAccount;
        } else if (ObjectClass.GROUP.is(objectClass.getObjectClassValue())) {
            DummyGroup newGroup = convertToGroup(createAttributes);
            log.ok("Adding dummy group:\n{0}", newGroup.debugDump());
            resource.addGroup(newGroup);
            newObject = newGroup;
        } else if (objectClass.is(OBJECTCLASS_PRIVILEGE_NAME)) {
            DummyPrivilege newPriv = convertToPriv(createAttributes);
            log.ok("Adding dummy privilege:\n{0}", newPriv.debugDump());
            resource.addPrivilege(newPriv);
            newObject = newPriv;
        } else if (objectClass.is(OBJECTCLASS_ORG_NAME)) {
            DummyOrg newOrg = convertToOrg(createAttributes);
            log.ok("Adding dummy org:\n{0}", newOrg.debugDump());
            resource.addOrg(newOrg);
            newObject = newOrg;
        } else {
            throw new ConnectorException("Unknown object class " + objectClass);
        }
    } catch (ObjectAlreadyExistsException e) {
        // The framework should deal with it ... somehow
        throw new AlreadyExistsException(e.getMessage(), e);
    } catch (ConnectException e) {
        throw new ConnectionFailedException(e.getMessage(), e);
    } catch (FileNotFoundException e) {
        throw new ConnectorIOException(e.getMessage(), e);
    } catch (SchemaViolationException e) {
        throw new InvalidAttributeValueException(e);
    } catch (ConflictException e) {
        throw new AlreadyExistsException(e);
    }
    String id;
    if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_NAME)) {
        id = newObject.getName();
    } else if (configuration.getUidMode().equals(DummyConfiguration.UID_MODE_UUID)) {
        id = newObject.getId();
    } else {
        throw new IllegalStateException("Unknown UID mode " + configuration.getUidMode());
    }
    Uid uid = new Uid(id);
    log.info("create::end");
    return uid;
}
Also used : ConnectorIOException(org.identityconnectors.framework.common.exceptions.ConnectorIOException) AlreadyExistsException(org.identityconnectors.framework.common.exceptions.AlreadyExistsException) ObjectAlreadyExistsException(com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException) ConflictException(com.evolveum.icf.dummy.resource.ConflictException) FileNotFoundException(java.io.FileNotFoundException) GuardedString(org.identityconnectors.common.security.GuardedString) DummyObject(com.evolveum.icf.dummy.resource.DummyObject) InvalidAttributeValueException(org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException) ConnectorException(org.identityconnectors.framework.common.exceptions.ConnectorException) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) SchemaViolationException(com.evolveum.icf.dummy.resource.SchemaViolationException) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyOrg(com.evolveum.icf.dummy.resource.DummyOrg) ObjectAlreadyExistsException(com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException) ConnectionFailedException(org.identityconnectors.framework.common.exceptions.ConnectionFailedException) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) ConnectException(java.net.ConnectException)

Example 17 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class DummyConnector method convertToPriv.

private DummyPrivilege convertToPriv(Set<Attribute> createAttributes) throws ConnectException, FileNotFoundException, ConflictException {
    String icfName = Utils.getMandatoryStringAttribute(createAttributes, Name.NAME);
    if (configuration.getUpCaseName()) {
        icfName = StringUtils.upperCase(icfName);
    }
    final DummyPrivilege newPriv = new DummyPrivilege(icfName);
    for (Attribute attr : createAttributes) {
        if (attr.is(Uid.NAME)) {
            throw new IllegalArgumentException("UID explicitly specified in the group attributes");
        } else if (attr.is(Name.NAME)) {
        // Skip, already processed
        } else if (attr.is(OperationalAttributeInfos.PASSWORD.getName())) {
            throw new IllegalArgumentException("Password specified for a privilege");
        } else if (attr.is(OperationalAttributeInfos.ENABLE.getName())) {
            throw new IllegalArgumentException("Unsupported ENABLE attribute in privilege");
        } else {
            String name = attr.getName();
            try {
                newPriv.replaceAttributeValues(name, attr.getValue());
            } catch (SchemaViolationException e) {
                throw new IllegalArgumentException(e.getMessage(), e);
            }
        }
    }
    return newPriv;
}
Also used : GuardedString(org.identityconnectors.common.security.GuardedString) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) SchemaViolationException(com.evolveum.icf.dummy.resource.SchemaViolationException)

Example 18 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test214AddPrivilegeBargain.

@Test
public void test214AddPrivilegeBargain() throws Exception {
    final String TEST_NAME = "test214AddPrivilegeBargain";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestDummy.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    PrismObject<ShadowType> priv = prismContext.parseObject(PRIVILEGE_BARGAIN_FILE);
    priv.checkConsistence();
    rememberDummyResourceGroupMembersReadCount(null);
    display("Adding priv", priv);
    // WHEN
    String addedObjectOid = provisioningService.addObject(priv, null, null, task, result);
    // THEN
    result.computeStatus();
    display("add object result", result);
    TestUtil.assertSuccess("addObject has failed (result)", result);
    assertEquals(PRIVILEGE_BARGAIN_OID, addedObjectOid);
    priv.checkConsistence();
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    ShadowType groupRepoType = repositoryService.getObject(ShadowType.class, PRIVILEGE_BARGAIN_OID, null, result).asObjectable();
    PrismAsserts.assertEqualsPolyString("Name not equal.", PRIVILEGE_BARGAIN_NAME, groupRepoType.getName());
    assertEquals("Wrong kind (repo)", ShadowKindType.ENTITLEMENT, groupRepoType.getKind());
    syncServiceMock.assertNotifySuccessOnly();
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    PrismObject<ShadowType> privProvisioningType = provisioningService.getObject(ShadowType.class, PRIVILEGE_BARGAIN_OID, null, task, result);
    display("priv from provisioning", privProvisioningType);
    checkPrivBargain(privProvisioningType, result);
    bargainIcfUid = getIcfUid(privProvisioningType);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    // Check if the group was created in the dummy resource
    DummyPrivilege dummyPriv = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
    assertNotNull("No dummy priv " + PRIVILEGE_BARGAIN_NAME, dummyPriv);
    // Check if the shadow is still in the repo (e.g. that the consistency or sync haven't removed it)
    PrismObject<ShadowType> shadowFromRepo = repositoryService.getObject(ShadowType.class, addedObjectOid, null, result);
    assertNotNull("Shadow was not created in the repository", shadowFromRepo);
    display("Repository shadow", shadowFromRepo.debugDump());
    checkRepoEntitlementShadow(shadowFromRepo);
    checkConsistency(priv);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) Test(org.testng.annotations.Test)

Example 19 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test225GetFoolishPirateWill.

/**
	 * Create a fresh group directly on the resource. So we are sure there is no shadow
	 * for it yet. Add will to this group. Get will account. Make sure that the group is
	 * in the associations.
	 */
@Test
public void test225GetFoolishPirateWill() throws Exception {
    final String TEST_NAME = "test225GetFoolishPirateWill";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    Task task = createTask(TEST_NAME);
    OperationResult result = task.getResult();
    DummyGroup groupFools = new DummyGroup("fools");
    dummyResource.addGroup(groupFools);
    groupFools.addMember(transformNameFromResource(ACCOUNT_WILL_USERNAME));
    syncServiceMock.reset();
    rememberDummyResourceGroupMembersReadCount(null);
    rememberConnectorOperationCount();
    // WHEN
    PrismObject<ShadowType> account = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, result);
    // THEN
    result.computeStatus();
    display("Account", account);
    display(result);
    TestUtil.assertSuccess(result);
    assertConnectorOperationIncrement(2);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    PrismObject<ShadowType> foolsShadow = findShadowByName(new QName(RESOURCE_DUMMY_NS, OBJECTCLAS_GROUP_LOCAL_NAME), "fools", resource, result);
    assertNotNull("No shadow for group fools", foolsShadow);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    assertEntitlementGroup(account, GROUP_PIRATES_OID);
    assertEntitlementGroup(account, foolsShadow.getOid());
    assertEntitlementPriv(account, PRIVILEGE_PILLAGE_OID);
    assertEntitlementPriv(account, PRIVILEGE_BARGAIN_OID);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    // Just make sure nothing has changed
    DummyAccount dummyAccount = getDummyAccountAssert(transformNameFromResource(ACCOUNT_WILL_USERNAME), willIcfUid);
    assertNotNull("Account will is gone!", dummyAccount);
    Set<String> accountProvileges = dummyAccount.getAttributeValues(DummyAccount.ATTR_PRIVILEGES_NAME, String.class);
    PrismAsserts.assertSets("Wrong account privileges", accountProvileges, PRIVILEGE_PILLAGE_NAME, PRIVILEGE_BARGAIN_NAME);
    // Make sure that privilege object is still there
    DummyPrivilege priv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("Privilege object is gone!", priv);
    DummyPrivilege priv2 = getDummyPrivilegeAssert(PRIVILEGE_BARGAIN_NAME, bargainIcfUid);
    assertNotNull("Privilege object (bargain) is gone!", priv2);
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    DummyGroup group = getDummyGroupAssert(GROUP_PIRATES_NAME, piratesIcfUid);
    assertMember(group, transformNameToResource(ACCOUNT_WILL_USERNAME));
    String foolsIcfUid = getIcfUid(foolsShadow);
    groupFools = getDummyGroupAssert("fools", foolsIcfUid);
    assertMember(groupFools, transformNameToResource(ACCOUNT_WILL_USERNAME));
    assertDummyResourceGroupMembersReadCountIncrement(null, 0);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) QName(javax.xml.namespace.QName) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) DummyAccount(com.evolveum.icf.dummy.resource.DummyAccount) DummyGroup(com.evolveum.icf.dummy.resource.DummyGroup) Test(org.testng.annotations.Test)

Example 20 with DummyPrivilege

use of com.evolveum.icf.dummy.resource.DummyPrivilege in project midpoint by Evolveum.

the class TestDummy method test210AddPrivilege.

@Test
public void test210AddPrivilege() throws Exception {
    final String TEST_NAME = "test210AddPrivilege";
    TestUtil.displayTestTile(TEST_NAME);
    // GIVEN
    Task task = taskManager.createTaskInstance(TestDummy.class.getName() + "." + TEST_NAME);
    OperationResult result = task.getResult();
    syncServiceMock.reset();
    PrismObject<ShadowType> priv = prismContext.parseObject(PRIVILEGE_PILLAGE_FILE);
    priv.checkConsistence();
    display("Adding priv", priv);
    // WHEN
    String addedObjectOid = provisioningService.addObject(priv, null, null, task, result);
    // THEN
    result.computeStatus();
    display("add object result", result);
    TestUtil.assertSuccess("addObject has failed (result)", result);
    assertEquals(PRIVILEGE_PILLAGE_OID, addedObjectOid);
    priv.checkConsistence();
    ShadowType groupRepoType = repositoryService.getObject(ShadowType.class, PRIVILEGE_PILLAGE_OID, null, result).asObjectable();
    PrismAsserts.assertEqualsPolyString("Name not equal.", PRIVILEGE_PILLAGE_NAME, groupRepoType.getName());
    assertEquals("Wrong kind (repo)", ShadowKindType.ENTITLEMENT, groupRepoType.getKind());
    syncServiceMock.assertNotifySuccessOnly();
    PrismObject<ShadowType> privProvisioning = provisioningService.getObject(ShadowType.class, PRIVILEGE_PILLAGE_OID, null, task, result);
    display("priv from provisioning", privProvisioning);
    checkPrivPillage(privProvisioning, result);
    pillageIcfUid = getIcfUid(privProvisioning);
    // Check if the priv was created in the dummy resource
    DummyPrivilege dummyPriv = getDummyPrivilegeAssert(PRIVILEGE_PILLAGE_NAME, pillageIcfUid);
    assertNotNull("No dummy priv " + PRIVILEGE_PILLAGE_NAME, dummyPriv);
    assertEquals("Wrong privilege power", (Integer) 100, dummyPriv.getAttributeValue(DummyResourceContoller.DUMMY_PRIVILEGE_ATTRIBUTE_POWER, Integer.class));
    // Check if the shadow is still in the repo (e.g. that the consistency or sync haven't removed it)
    PrismObject<ShadowType> shadowFromRepo = repositoryService.getObject(ShadowType.class, addedObjectOid, null, result);
    assertNotNull("Shadow was not created in the repository", shadowFromRepo);
    display("Repository shadow", shadowFromRepo.debugDump());
    checkRepoEntitlementShadow(shadowFromRepo);
    checkConsistency(priv);
    assertSteadyResource();
}
Also used : Task(com.evolveum.midpoint.task.api.Task) ShadowType(com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType) OperationResult(com.evolveum.midpoint.schema.result.OperationResult) DummyPrivilege(com.evolveum.icf.dummy.resource.DummyPrivilege) Test(org.testng.annotations.Test)

Aggregations

DummyPrivilege (com.evolveum.icf.dummy.resource.DummyPrivilege)24 DummyAccount (com.evolveum.icf.dummy.resource.DummyAccount)16 DummyGroup (com.evolveum.icf.dummy.resource.DummyGroup)16 Task (com.evolveum.midpoint.task.api.Task)16 Test (org.testng.annotations.Test)16 OperationResult (com.evolveum.midpoint.schema.result.OperationResult)13 ShadowType (com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType)11 SchemaViolationException (com.evolveum.icf.dummy.resource.SchemaViolationException)7 GuardedString (org.identityconnectors.common.security.GuardedString)7 ConflictException (com.evolveum.icf.dummy.resource.ConflictException)6 DummyOrg (com.evolveum.icf.dummy.resource.DummyOrg)6 ObjectAlreadyExistsException (com.evolveum.icf.dummy.resource.ObjectAlreadyExistsException)6 FileNotFoundException (java.io.FileNotFoundException)6 ConnectException (java.net.ConnectException)6 AlreadyExistsException (org.identityconnectors.framework.common.exceptions.AlreadyExistsException)6 ConnectionFailedException (org.identityconnectors.framework.common.exceptions.ConnectionFailedException)6 ConnectorIOException (org.identityconnectors.framework.common.exceptions.ConnectorIOException)6 InvalidAttributeValueException (org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException)6 OperationProvisioningScriptsType (com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType)5 ConnectorException (org.identityconnectors.framework.common.exceptions.ConnectorException)5