use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.
the class AbstractEDirTest method test200AssignAccountBarbossa.
@Test
public void test200AssignAccountBarbossa() throws Exception {
final String TEST_NAME = "test200AssignAccountBarbossa";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
long tsStart = System.currentTimeMillis();
// WHEN
TestUtil.displayWhen(TEST_NAME);
assignAccount(USER_BARBOSSA_OID, getResourceOid(), null, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
long tsEnd = System.currentTimeMillis();
Entry entry = assertLdapAccount(USER_BARBOSSA_USERNAME, USER_BARBOSSA_FULL_NAME);
assertAttribute(entry, "title", null);
PrismObject<UserType> user = getUser(USER_BARBOSSA_OID);
String shadowOid = getSingleLinkOid(user);
PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
display("Shadow (model)", shadow);
accountBarbossaOid = shadow.getOid();
Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
String accountBarbossaIcfUid = (String) identifiers.iterator().next().getRealValue();
assertNotNull("No identifier in " + shadow, accountBarbossaIcfUid);
assertEquals("Wrong ICFS UID", MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes()), accountBarbossaIcfUid);
assertLdapPassword(USER_BARBOSSA_USERNAME, USER_BARBOSSA_PASSWORD);
assertPasswordAllowChange(shadow, null);
ResourceAttribute<Long> createTimestampAttribute = ShadowUtil.getAttribute(shadow, new QName(MidPointConstants.NS_RI, "createTimestamp"));
assertNotNull("No createTimestamp in " + shadow, createTimestampAttribute);
Long createTimestamp = createTimestampAttribute.getRealValue();
// LDAP server may be on a different host. Allow for some clock offset.
TestUtil.assertBetween("Wrong createTimestamp in " + shadow, roundTsDown(tsStart) - 1000, roundTsUp(tsEnd) + 1000, createTimestamp);
}
use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.
the class AbstractAdLdapTest method test200AssignAccountBarbossa.
@Test
public void test200AssignAccountBarbossa() throws Exception {
final String TEST_NAME = "test200AssignAccountBarbossa";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
long tsStart = System.currentTimeMillis();
// WHEN
TestUtil.displayWhen(TEST_NAME);
assignAccount(USER_BARBOSSA_OID, getResourceOid(), null, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
long tsEnd = System.currentTimeMillis();
Entry entry = assertLdapAccount(USER_BARBOSSA_USERNAME, USER_BARBOSSA_FULL_NAME);
assertAttribute(entry, "title", null);
PrismObject<UserType> user = getUser(USER_BARBOSSA_OID);
String shadowOid = getSingleLinkOid(user);
PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
display("Shadow (model)", shadow);
accountBarbossaOid = shadow.getOid();
Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
String accountBarbossaIcfUid = (String) identifiers.iterator().next().getRealValue();
assertNotNull("No identifier in " + shadow, accountBarbossaIcfUid);
assertEquals("Wrong ICFS UID", AdUtils.formatGuidToDashedNotation(MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes())), accountBarbossaIcfUid);
assertLdapPassword(USER_BARBOSSA_USERNAME, USER_BARBOSSA_FULL_NAME, USER_BARBOSSA_PASSWORD);
assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
ResourceAttribute<Long> createTimestampAttribute = ShadowUtil.getAttribute(shadow, new QName(MidPointConstants.NS_RI, "createTimeStamp"));
assertNotNull("No createTimestamp in " + shadow, createTimestampAttribute);
Long createTimestamp = createTimestampAttribute.getRealValue();
// LDAP server may be on a different host. Allow for some clock offset.
TestUtil.assertBetween("Wrong createTimestamp in " + shadow, roundTsDown(tsStart) - 120000, roundTsUp(tsEnd) + 120000, createTimestamp);
assertLdapConnectorInstances(2);
}
use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.
the class AbstractAdLdapMultidomainTest method test600AssignAccountSubman.
@Test
public void test600AssignAccountSubman() throws Exception {
final String TEST_NAME = "test600AssignAccountSubman";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
long tsStart = System.currentTimeMillis();
// WHEN
TestUtil.displayWhen(TEST_NAME);
assignRole(USER_SUBMAN_OID, ROLE_SUBMISSIVE_OID, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
long tsEnd = System.currentTimeMillis();
Entry entry = assertLdapSubAccount(USER_SUBMAN_USERNAME, USER_SUBMAN_FULL_NAME);
display("Sub entry", entry);
assertAttribute(entry, "title", null);
PrismObject<UserType> userAfter = getUser(USER_SUBMAN_OID);
String shadowOid = getSingleLinkOid(userAfter);
PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
display("Shadow (model)", shadow);
accountSubmanOid = shadow.getOid();
Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
String accountBarbossaIcfUid = (String) identifiers.iterator().next().getRealValue();
assertNotNull("No identifier in " + shadow, accountBarbossaIcfUid);
assertEquals("Wrong ICFS UID", AdUtils.formatGuidToDashedNotation(MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes())), accountBarbossaIcfUid);
assertLdapPassword(getSubLdapConnectionConfig(), USER_SUBMAN_USERNAME, USER_SUBMAN_FULL_NAME, USER_SUBMAN_PASSWORD);
assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
ResourceAttribute<Long> createTimestampAttribute = ShadowUtil.getAttribute(shadow, new QName(MidPointConstants.NS_RI, "createTimeStamp"));
assertNotNull("No createTimestamp in " + shadow, createTimestampAttribute);
Long createTimestamp = createTimestampAttribute.getRealValue();
// LDAP server may be on a different host. Allow for some clock offset.
TestUtil.assertBetween("Wrong createTimestamp in " + shadow, roundTsDown(tsStart) - 120000, roundTsUp(tsEnd) + 120000, createTimestamp);
// assertLdapConnectorInstances(2);
}
use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.
the class AbstractAdLdapMultidomainTest method test700AssignAccountSubmarineAndModify.
/**
* Create account and modify it in a very quick succession.
* This test is designed to check if we can live with a long
* global catalog update delay.
* MID-2926
*/
@Test
public void test700AssignAccountSubmarineAndModify() throws Exception {
final String TEST_NAME = "test700AssignAccountSubmarineAndModify";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = taskManager.createTaskInstance(this.getClass().getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
long tsStart = System.currentTimeMillis();
// WHEN
TestUtil.displayWhen(TEST_NAME);
assignRole(USER_SUBMARINE_OID, ROLE_SUBMISSIVE_OID, task, result);
modifyUserReplace(USER_SUBMARINE_OID, UserType.F_TITLE, task, result, PrismTestUtil.createPolyString("Underseadog"));
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
long tsEnd = System.currentTimeMillis();
Entry entry = assertLdapSubAccount(USER_SUBMARINE_USERNAME, USER_SUBMARINE_FULL_NAME);
display("Sub entry", entry);
assertAttribute(entry, "title", "Underseadog");
PrismObject<UserType> userAfter = getUser(USER_SUBMARINE_OID);
String shadowOid = getSingleLinkOid(userAfter);
PrismObject<ShadowType> shadow = getShadowModel(shadowOid);
display("Shadow (model)", shadow);
accountSubmarineOid = shadow.getOid();
Collection<ResourceAttribute<?>> identifiers = ShadowUtil.getPrimaryIdentifiers(shadow);
String accountIcfUid = (String) identifiers.iterator().next().getRealValue();
assertNotNull("No identifier in " + shadow, accountIcfUid);
assertEquals("Wrong ICFS UID", AdUtils.formatGuidToDashedNotation(MiscUtil.binaryToHex(entry.get(getPrimaryIdentifierAttributeName()).getBytes())), accountIcfUid);
assertAttribute(entry, ATTRIBUTE_USER_ACCOUNT_CONTROL_NAME, "512");
// assertLdapConnectorInstances(2);
}
use of com.evolveum.midpoint.schema.processor.ResourceAttribute in project midpoint by Evolveum.
the class ConsistencyTest method test511AssignAccountMorgan.
/**
* assign account to the user morgan. Account with the same 'uid' (not dn, nut other secondary identifier already exists)
* account should be linked to the user.
* @throws Exception
*/
@Test
public void test511AssignAccountMorgan() throws Exception {
final String TEST_NAME = "test511AssignAccountMorgan";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
openDJController.assumeRunning();
Task task = taskManager.createTaskInstance(ConsistencyTest.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
dummyAuditService.clear();
//prepare new OU in opendj
Entry entry = openDJController.addEntryFromLdifFile(LDIF_CREATE_USERS_OU_FILENAME);
PrismObject<UserType> user = repositoryService.getObject(UserType.class, USER_MORGAN_OID, null, result);
display("User Morgan: ", user);
PrismReference linkRef = user.findReference(UserType.F_LINK_REF);
ExpressionType expression = new ExpressionType();
ObjectFactory of = new ObjectFactory();
RawType raw = new RawType(new PrimitiveXNode("uid=morgan,ou=users,dc=example,dc=com"), prismContext);
JAXBElement val = of.createValue(raw);
expression.getExpressionEvaluator().add(val);
MappingType mapping = new MappingType();
mapping.setExpression(expression);
ResourceAttributeDefinitionType attrDefType = new ResourceAttributeDefinitionType();
attrDefType.setRef(new ItemPathType(new ItemPath(getOpenDjSecondaryIdentifierQName())));
attrDefType.setOutbound(mapping);
ConstructionType construction = new ConstructionType();
construction.getAttribute().add(attrDefType);
construction.setResourceRef(ObjectTypeUtil.createObjectRef(resourceTypeOpenDjrepo));
AssignmentType assignment = new AssignmentType();
assignment.setConstruction(construction);
ObjectDelta<UserType> userDelta = ObjectDelta.createModificationAddContainer(UserType.class, USER_MORGAN_OID, UserType.F_ASSIGNMENT, prismContext, assignment.asPrismContainerValue());
Collection<ObjectDelta<? extends ObjectType>> deltas = MiscSchemaUtil.createCollection(userDelta);
// WHEN
TestUtil.displayWhen(TEST_NAME);
modelService.executeChanges(deltas, null, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
// assertEquals("Expected handled error but got: " + result.getStatus(), OperationResultStatus.HANDLED_ERROR, result.getStatus());
PrismObject<UserType> userMorgan = modelService.getObject(UserType.class, USER_MORGAN_OID, null, task, result);
display("User morgan after", userMorgan);
UserType userMorganType = userMorgan.asObjectable();
assertEquals("Unexpected number of accountRefs", 1, userMorganType.getLinkRef().size());
String accountOid = userMorganType.getLinkRef().iterator().next().getOid();
// Check shadow
PrismObject<ShadowType> accountShadow = repositoryService.getObject(ShadowType.class, accountOid, null, result);
assertShadowRepo(accountShadow, accountOid, "uid=morgan,ou=people,dc=example,dc=com", resourceTypeOpenDjrepo, RESOURCE_OPENDJ_ACCOUNT_OBJECTCLASS);
// Check account
PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountOid, null, task, result);
assertShadowModel(accountModel, accountOid, "uid=morgan,ou=people,dc=example,dc=com", resourceTypeOpenDjrepo, RESOURCE_OPENDJ_ACCOUNT_OBJECTCLASS);
ResourceAttribute attributes = ShadowUtil.getAttribute(accountModel, new QName(resourceTypeOpenDjrepo.getNamespace(), "uid"));
assertEquals("morgan", attributes.getAnyRealValue());
// TODO: check OpenDJ Account
}
Aggregations