use of com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType in project midpoint by Evolveum.
the class OrgClosureManager method rebuild.
//endregion
//region Rebuilding or checking org closure
// we are already in the context of a transaction (and the org struct table is locked if possible)
// "check" here means "thorough check" (i.e. comparing with recomputed closure)
private void rebuild(boolean check, boolean rebuild, boolean stopOnFailure, final Context context, final Session session, OperationResult result) throws SchemaException {
List existingEntries = null;
if (check) {
LOGGER.info("Reading from existing org closure table");
Query selectQuery = session.createSQLQuery("SELECT descendant_oid, ancestor_oid, val from " + CLOSURE_TABLE_NAME).addScalar("descendant_oid", StringType.INSTANCE).addScalar("ancestor_oid", StringType.INSTANCE).addScalar("val", IntegerType.INSTANCE);
existingEntries = selectQuery.list();
LOGGER.info("{} entries read", existingEntries.size());
}
LOGGER.info("Computing org closure table from scratch");
Query deleteQuery = session.createSQLQuery("delete from " + CLOSURE_TABLE_NAME);
deleteQuery.executeUpdate();
LOGGER.trace("Closure table content deleted");
final int orgsTotal = repositoryService.countObjects(OrgType.class, new ObjectQuery(), result);
final MutableInt orgsProcessed = new MutableInt(0);
ResultHandler<OrgType> handler = new ResultHandler<OrgType>() {
@Override
public boolean handle(PrismObject<OrgType> object, OperationResult parentResult) {
LOGGER.trace("Processing {}", object);
handleAdd(object.getOid(), getParentOidsFromObject(object), context, session);
orgsProcessed.add(1);
int currentState = orgsProcessed.intValue();
if (currentState % 100 == 0) {
LOGGER.info("{} organizations processed (out of {})", currentState, orgsTotal);
}
return true;
}
};
repositoryService.searchObjectsIterative(OrgType.class, new ObjectQuery(), handler, null, false, result);
LOGGER.info("Org closure table was successfully recomputed (not committed yet); all {} organizations processed", orgsTotal);
if (check) {
LOGGER.info("Reading from recomputed org closure table");
Query selectQuery = session.createSQLQuery("SELECT descendant_oid, ancestor_oid, val from " + CLOSURE_TABLE_NAME).addScalar("descendant_oid", StringType.INSTANCE).addScalar("ancestor_oid", StringType.INSTANCE).addScalar("val", IntegerType.INSTANCE);
List recomputedEntries = selectQuery.list();
LOGGER.info("{} entries read", recomputedEntries.size());
compareOrgClosureTables(existingEntries, recomputedEntries, rebuild, result);
} else {
result.recordSuccess();
}
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType in project midpoint by Evolveum.
the class AbstractAdLdapMultidomainTest method test500AddOrgMeleeIsland.
@Test
public void test500AddOrgMeleeIsland() throws Exception {
final String TEST_NAME = "test500AddOrgMeleeIsland";
TestUtil.displayTestTile(this, TEST_NAME);
// GIVEN
Task task = createTask(TEST_NAME);
OperationResult result = task.getResult();
PrismObject<OrgType> org = instantiateObject(OrgType.class);
OrgType orgType = org.asObjectable();
orgType.setName(new PolyStringType(GROUP_MELEE_ISLAND_NAME));
AssignmentType metaroleAssignment = new AssignmentType();
ObjectReferenceType metaroleRef = new ObjectReferenceType();
metaroleRef.setOid(ROLE_META_ORG_OID);
metaroleRef.setType(RoleType.COMPLEX_TYPE);
metaroleAssignment.setTargetRef(metaroleRef);
orgType.getAssignment().add(metaroleAssignment);
// WHEN
TestUtil.displayWhen(TEST_NAME);
addObject(org, task, result);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
orgMeleeIslandOid = org.getOid();
Entry entryGroup = assertLdapGroup(GROUP_MELEE_ISLAND_NAME);
Entry entryOu = assertLdapOrg(GROUP_MELEE_ISLAND_NAME);
org = getObject(OrgType.class, orgMeleeIslandOid);
groupMeleeIslandOid = getLinkRefOid(org, getResourceOid(), ShadowKindType.ENTITLEMENT, INTENT_GROUP);
ouMeleeIslandOid = getLinkRefOid(org, getResourceOid(), ShadowKindType.GENERIC, INTENT_OU_TOP);
assertLinks(org, 2);
PrismObject<ShadowType> shadowGroup = getShadowModel(groupMeleeIslandOid);
display("Shadow: group (model)", shadowGroup);
PrismObject<ShadowType> shadowOu = getShadowModel(ouMeleeIslandOid);
display("Shadow: ou (model)", shadowOu);
// assertLdapConnectorInstances(2);
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType in project midpoint by Evolveum.
the class TestUniversity method getAndAssertFunctionalOrg.
// @Test
// public void test500ReconcileOpenDJDefault() throws Exception {
// final String TEST_NAME = "test500ReconcileOpenDJDefault";
// TestUtil.displayTestTile(this, TEST_NAME);
//
// // GIVEN
// Task task = createTask(TestInsurance.class.getName() + "." + TEST_NAME);
// OperationResult result = task.getResult();
// assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
//
// List<PrismObject<UserType>> users = modelService.searchObjects(UserType.class, null, null, task, result);
// display("Users before recon", users);
// assertUsers(15);
//
// reconciliationTaskResultListener.clear();
//
// // WHEN
// TestUtil.displayWhen(TEST_NAME);
// importObjectFromFile(TASK_RECON_OPENDJ_DEFAULT_SINGLE_FILE);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// waitForTaskFinish(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID, false);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// reconciliationTaskResultListener.assertResult(RESOURCE_OPENDJ_OID, 0, 17, 0, 0);
//
// users = modelService.searchObjects(UserType.class, null, null, task, result);
// display("Users after recon", users);
//
// assertUsers(18);
//
// // Task result
// PrismObject<TaskType> reconTaskAfter = getTask(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID);
// OperationResultType reconTaskResult = reconTaskAfter.asObjectable().getResult();
// display("Recon task result", reconTaskResult);
// TestUtil.assertSuccess(reconTaskResult);
// }
//
// @Test
// public void test502ReconcileOpenDJDefaultAgain() throws Exception {
// final String TEST_NAME = "test502ReconcileOpenDJDefaultAgain";
// TestUtil.displayTestTile(this, TEST_NAME);
//
// // GIVEN
// Task task = createTask(TestInsurance.class.getName() + "." + TEST_NAME);
// OperationResult result = task.getResult();
// assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
//
// assertUsers(18);
// reconciliationTaskResultListener.clear();
//
// // WHEN
// TestUtil.displayWhen(TEST_NAME);
// restartTask(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// waitForTaskFinish(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID, false);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// reconciliationTaskResultListener.assertResult(RESOURCE_OPENDJ_OID, 0, 17, 0, 0);
//
// assertUsers(18);
//
// // Task result
// PrismObject<TaskType> reconTaskAfter = getTask(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID);
// OperationResultType reconTaskResult = reconTaskAfter.asObjectable().getResult();
// display("Recon task result", reconTaskResult);
// TestUtil.assertSuccess(reconTaskResult);
// }
//
// @Test
// public void test510ReconcileOpenDJLdapGroup() throws Exception {
// final String TEST_NAME = "test510ReconcileOpenDJLdapGroup";
// TestUtil.displayTestTile(this, TEST_NAME);
//
// // GIVEN
// Task task = createTask(TestInsurance.class.getName() + "." + TEST_NAME);
// OperationResult result = task.getResult();
// assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
//
// List<PrismObject<UserType>> users = modelService.searchObjects(UserType.class, null, null, task, result);
// display("Users before recon", users);
// assertUsers(18);
//
// reconciliationTaskResultListener.clear();
//
// // WHEN
// TestUtil.displayWhen(TEST_NAME);
// importObjectFromFile(TASK_RECON_OPENDJ_LDAPGROUP_SINGLE_FILE);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// waitForTaskFinish(TASK_RECON_OPENDJ_LDAPGROUP_SINGLE_OID, false);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// reconciliationTaskResultListener.assertResult(RESOURCE_OPENDJ_OID, 0, 2, 0, 0);
//
// users = modelService.searchObjects(UserType.class, null, null, task, result);
// display("Users after recon", users);
//
// assertUsers(18);
//
// // Task result
// PrismObject<TaskType> reconTaskAfter = getTask(TASK_RECON_OPENDJ_LDAPGROUP_SINGLE_OID);
// OperationResultType reconTaskResult = reconTaskAfter.asObjectable().getResult();
// display("Recon task result", reconTaskResult);
// TestUtil.assertSuccess(reconTaskResult);
// }
//
// @Test
// public void test550ReconcileOpenDJAfterMembershipChange() throws Exception {
// final String TEST_NAME = "test550ReconcileOpenDJAfterMembershipChange";
// TestUtil.displayTestTile(this, TEST_NAME);
//
// // We manually remove Lemonhead from R_canibalism group
// // And check whether reconciliation re-adds him again
//
// // GIVEN
// Task task = createTask(TestInsurance.class.getName() + "." + TEST_NAME);
// OperationResult result = task.getResult();
// assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
//
// Collection<String> membersBeforeTest = openDJController.getGroupUniqueMembers(RESP_CANIBALISM_DN);
// System.out.println("group members before test = " + membersBeforeTest);
// assertTrue(RESP_CANIBALISM_DN + " does not contain " + ACCOUNT_LEMONHEAD_DN, membersBeforeTest.contains(ACCOUNT_LEMONHEAD_DN));
//
// openDJController.removeGroupUniqueMember(RESP_CANIBALISM_DN, ACCOUNT_LEMONHEAD_DN);
//
// System.out.println("group members after removal = " + openDJController.getGroupUniqueMembers(RESP_CANIBALISM_DN));
//
// openDJController.assertNoUniqueMember(RESP_CANIBALISM_DN, ACCOUNT_LEMONHEAD_DN);
//
// // WHEN
// TestUtil.displayWhen(TEST_NAME);
// restartTask(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// waitForTaskFinish(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID, false);
//
// // THEN
// TestUtil.displayThen(TEST_NAME);
//
// // Task result
// PrismObject<TaskType> reconTaskAfter = getTask(TASK_RECON_OPENDJ_DEFAULT_SINGLE_OID);
// OperationResultType reconTaskResult = reconTaskAfter.asObjectable().getResult();
// display("Recon task result", reconTaskResult);
// TestUtil.assertSuccess(reconTaskResult);
//
// Collection<String> membersAfterTest = openDJController.getGroupUniqueMembers(RESP_CANIBALISM_DN);
// System.out.println("group members after test = " + membersAfterTest);
// assertTrue(RESP_CANIBALISM_DN + " does not contain " + ACCOUNT_LEMONHEAD_DN, membersAfterTest.contains(ACCOUNT_LEMONHEAD_DN.toLowerCase())); // ...it seems to get lowercased during the reconciliation
// }
private PrismObject<OrgType> getAndAssertFunctionalOrg(String orgName) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, DirectoryException, ExpressionEvaluationException {
PrismObject<OrgType> org = getOrg(orgName);
PrismAsserts.assertPropertyValue(org, OrgType.F_ORG_TYPE, "functional");
assertAssignedRole(org, ROLE_META_ORG_OID);
String ouOid = getLinkRefOid(org, RESOURCE_OPENDJ_OID, ShadowKindType.GENERIC, "org-ou");
PrismObject<ShadowType> ouShadow = getShadowModel(ouOid);
display("Org " + orgName + " OU shadow", ouShadow);
// TODO assert shadow content
String groupOid = getLinkRefOid(org, RESOURCE_OPENDJ_OID, ShadowKindType.ENTITLEMENT, "org-group");
PrismObject<ShadowType> groupShadow = getShadowModel(groupOid);
display("Org " + orgName + " group shadow", groupShadow);
// TODO assert shadow content
Entry ouEntry = openDJController.searchSingle("ou=" + orgName);
assertNotNull("No ou LDAP entry for " + orgName, ouEntry);
display("OU entry", ouEntry);
openDJController.assertObjectClass(ouEntry, "organizationalUnit");
Entry groupEntry = openDJController.searchSingle("cn=DL-" + orgName);
assertNotNull("No group LDAP entry for " + orgName, groupEntry);
display("OU GROUP entry", groupEntry);
openDJController.assertObjectClass(groupEntry, "groupOfUniqueNames");
return org;
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType in project midpoint by Evolveum.
the class TestUniversity method test110AddComeniusStructure.
@Test
public void test110AddComeniusStructure() throws Exception {
final String TEST_NAME = "test110AddComeniusStructure";
TestUtil.displayTestTile(this, TEST_NAME);
Task task = taskManager.createTaskInstance(TestUniversity.class.getName() + "." + TEST_NAME);
DummyPrivilege srcFmfi = new DummyPrivilege("FMFI");
srcFmfi.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK");
DummyPrivilege srcVc = new DummyPrivilege("VC");
srcVc.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK:FMFI");
DummyPrivilege srcPrif = new DummyPrivilege("PRIF");
srcPrif.addAttributeValue(DUMMY_PRIVILEGE_ATTRIBUTE_HR_ORGPATH, "UK");
// WHEN
dummyResourceHr.addPrivilege(srcFmfi);
dummyResourceHr.addPrivilege(srcVc);
dummyResourceHr.addPrivilege(srcPrif);
waitForTaskNextRunAssertSuccess(TASK_LIVE_SYNC_DUMMY_HR_OID, true);
// THEN
dumpOrgTree();
PrismObject<OrgType> uk = getAndAssertFunctionalOrg("UK");
assertNotNull("UK was not found", uk);
display("Org UK", uk);
assertHasOrg(uk, ORG_TOP_OID);
assertAssignedOrg(uk, ORG_TOP_OID);
assertSubOrgs(uk, 2);
assertSubOrgs(ORG_TOP_OID, 1);
assertGroupMembers(uk, "cn=DL-FMFI,ou=FMFI,ou=UK,dc=example,dc=com", "cn=DL-PRIF,ou=PRIF,ou=UK,dc=example,dc=com");
PrismObject<OrgType> fmfi = getAndAssertFunctionalOrg("FMFI");
assertNotNull("FMFI was not found", fmfi);
display("Org FMFI", fmfi);
assertHasOrg(fmfi, uk.getOid());
assertAssignedOrg(fmfi, uk.getOid());
assertSubOrgs(fmfi, 1);
assertGroupMembers(fmfi, "cn=DL-VC,ou=VC,ou=FMFI,ou=UK,dc=example,dc=com");
PrismObject<OrgType> prif = getAndAssertFunctionalOrg("PRIF");
assertNotNull("PRIF was not found", prif);
display("Org PRIF", prif);
assertHasOrg(prif, uk.getOid());
assertAssignedOrg(prif, uk.getOid());
assertSubOrgs(prif, 0);
assertNoGroupMembers(prif);
PrismObject<OrgType> vc = getAndAssertFunctionalOrg("VC");
assertNotNull("VC was not found", vc);
display("Org VC", vc);
assertHasOrg(vc, fmfi.getOid());
assertAssignedOrg(vc, fmfi.getOid());
assertSubOrgs(vc, 0);
assertNoGroupMembers(vc);
}
use of com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType in project midpoint by Evolveum.
the class TestUniversity method assertNoGroupMembers.
private void assertNoGroupMembers(PrismObject<OrgType> org) throws Exception {
String groupOid = getLinkRefOid(org, RESOURCE_OPENDJ_OID, ShadowKindType.ENTITLEMENT, "org-group");
PrismObject<ShadowType> groupShadow = getShadowModel(groupOid);
assertNoAttribute(resourceOpenDj, groupShadow.asObjectable(), new QName(MidPointConstants.NS_RI, "uniqueMember"));
}
Aggregations