Example 61 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class UpgradeEntitlementSubConfigsStep method initialize.
@Override
public void initialize() throws UpgradeException {
DEBUG.message("Initialising the upgrade entitlement sub-config step");
final Set<ApplicationType> existingApplicationTypes = entitlementService.getApplicationTypes();
final Set<String> existingResourceTypeUUIDs = getResourceTypeUUIDs(ROOT_REALM);
final Set<String> presentTypes = extract(existingApplicationTypes, new TypeNameExtractor());
final Set<String> presentApps = extract(entitlementService.getApplications(), new AppNameExtractor());
final Document entitlementDoc = getEntitlementXML();
final NodeList subConfigs = entitlementDoc.getElementsByTagName(SMSUtils.SUB_CONFIG);
for (int idx = 0; idx < subConfigs.getLength(); idx++) {
final Node subConfig = subConfigs.item(idx);
final String id = getNodeAttributeValue(subConfig, ID);
final String name = getNodeAttributeValue(subConfig, NAME);
if (APPLICATION_TYPE.equals(id)) {
captureMissingEntry(name, subConfig, presentTypes, missingApplicationTypes);
captureMissingActions(name, subConfig);
} else if (APPLICATION.equals(id)) {
captureMissingEntry(name, subConfig, presentApps, missingApps);
//app will be null if application needs to be created (see missing entries)
final Application app = getApplication(name);
final Map<String, Set<String>> subConfigAttrs = parseAttributeValuePairTags(subConfig);
captureDifferentSet(app == null ? null : app.getSubjects(), getSubjects(subConfigAttrs), changedSubjects, name);
captureDifferentSet(app == null ? null : app.getConditions(), getConditions(subConfigAttrs), changedConditions, name);
captureDifferentSet(app == null ? null : app.getResourceTypeUuids(), EntitlementUtils.getResourceTypeUUIDs(subConfigAttrs), changedResourceTypeUUIDs, name);
Set<String> configDescriptionSet = getDescription(subConfigAttrs);
String configDescription = null;
if (configDescriptionSet != null && !configDescriptionSet.isEmpty()) {
configDescription = configDescriptionSet.iterator().next();
}
captureDifferentString(app == null ? null : app.getDescription(), configDescription, changedDescriptions, name);
final EntitlementCombiner combiner = (app == null ? null : app.getEntitlementCombiner());
captureDifferentEntitlementCombiner(combiner == null ? null : combiner.getName(), getCombiner(subConfigAttrs), name);
} else if (RESOURCE_TYPE.equals(id)) {
// note that the name variable actually holds the UUID of the ResourceType
// the name is buried in the config.
//
captureMissingEntry(name, subConfig, existingResourceTypeUUIDs, missingResourceTypes);
}
}
}
Also used :
HashSet(java.util.HashSet)
Set(java.util.Set)
NodeList(org.w3c.dom.NodeList)
Node(org.w3c.dom.Node)
Document(org.w3c.dom.Document)
ApplicationType(com.sun.identity.entitlement.ApplicationType)
Application(com.sun.identity.entitlement.Application)
HashMap(java.util.HashMap)
Map(java.util.Map)
EntitlementUtils.resourceTypeFromMap(org.forgerock.openam.entitlement.utils.EntitlementUtils.resourceTypeFromMap)
EntitlementCombiner(com.sun.identity.entitlement.EntitlementCombiner)
DenyOverride(com.sun.identity.entitlement.DenyOverride)
Example 62 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class UpgradeEntitlementSubConfigsStep method addChangedConditions.
/**
* Clears the conditions currently associated with an application, then replaces them with
* the new set of conditions defined.
*
* @throws UpgradeException If there was an error while updating the application.
*/
private void addChangedConditions() throws UpgradeException {
for (final Map.Entry<String, Set<String>> entry : changedConditions.entrySet()) {
final String name = entry.getKey();
final Set<String> conditions = entry.getValue();
try {
UpgradeProgress.reportStart(AUDIT_MODIFIED_CON_START, name);
if (DEBUG.messageEnabled()) {
DEBUG.message("Modifying application " + name + " ; adding conditions: " + conditions);
}
final Application application = getApplication(name);
application.setConditions(conditions);
entitlementService.storeApplication(application);
UpgradeProgress.reportEnd(AUDIT_UPGRADE_SUCCESS);
} catch (EntitlementException ee) {
UpgradeProgress.reportEnd(AUDIT_UPGRADE_FAIL);
throw new UpgradeException(ee);
}
}
}
Also used :
UpgradeException(org.forgerock.openam.upgrade.UpgradeException)
EntitlementException(com.sun.identity.entitlement.EntitlementException)
HashSet(java.util.HashSet)
Set(java.util.Set)
HashMap(java.util.HashMap)
Map(java.util.Map)
EntitlementUtils.resourceTypeFromMap(org.forgerock.openam.entitlement.utils.EntitlementUtils.resourceTypeFromMap)
Application(com.sun.identity.entitlement.Application)
Example 63 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class RemoveReferralsStepTest method simpleSuccessfulPassThrough.
@Test
public void simpleSuccessfulPassThrough() throws Exception {
// Given
given(connectionFactory.create()).willReturn(connection);
given(connection.search(isA(SearchRequest.class))).willReturn(entryReader);
given(entryReader.hasNext()).willReturn(true).willReturn(false);
given(entryReader.readEntry()).willReturn(resultEntry);
given(resultEntry.getName()).willReturn(DN.valueOf("ou=test,ou=forgerock,ou=org"));
JsonValue jsonValue = json(object(field("name", "ref"), field("mapApplNameToResources", object(field("app1", array("*://*:*/*")))), field("realms", array("/a"))));
Set<String> values = singleton("serializable=" + jsonValue.toString());
Attribute attribute = new LinkedAttribute("ou", values);
AttributeParser attributeParser = AttributeParser.parseAttribute(attribute);
given(resultEntry.parseAttribute("sunKeyValue")).willReturn(attributeParser);
Application app1 = new Application();
app1.setName("app1");
app1.addAllResourceTypeUuids(singleton("123"));
given(applicationService.getApplication(isA(Subject.class), eq("/"), eq("app1"))).willReturn(app1);
given(policyServiceFactory.get(eq("/a"), isA(Subject.class))).willReturn(policyService);
Privilege policy1 = new OpenSSOPrivilege();
policy1.setName("pol1");
given(policyService.findAllPoliciesByApplication("app1")).willReturn(singletonList(policy1));
ResourceType resourceType1 = ResourceType.builder().setName("resourceType1").setUUID("123").build();
given(resourceTypeService.getResourceType(isA(Subject.class), eq("/"), eq("123"))).willReturn(resourceType1);
// When
testStep.initialize();
boolean isApplicable = testStep.isApplicable();
testStep.perform();
String shortReport = testStep.getShortReport("");
String longReport = testStep.getDetailedReport("");
// Then
assertThat(isApplicable).isTrue();
assertThat(shortReport).containsSequence("applications to be cloned", "Referrals found");
assertThat(longReport).containsSequence("app1", "ou=test,ou=forgerock,ou=org");
verify(resourceTypeService).saveResourceType(isA(Subject.class), eq("/a"), resourceTypeCaptor.capture());
verify(applicationService).saveApplication(isA(Subject.class), eq("/a"), applicationCaptor.capture());
verify(policyService).modify(policyCaptor.capture());
ResourceType clonedResourceType = resourceTypeCaptor.getValue();
assertThat(clonedResourceType).isNotEqualTo(resourceType1);
assertThat(clonedResourceType.getName()).isEqualTo("resourceType1");
Application clonedApplication = applicationCaptor.getValue();
assertThat(clonedApplication).isNotEqualTo(app1);
assertThat(clonedApplication.getName()).isEqualTo("app1");
assertThat(clonedApplication.getResourceTypeUuids()).containsExactly(clonedResourceType.getUUID());
Privilege modifiedPolicy = policyCaptor.getValue();
assertThat(modifiedPolicy).isEqualTo(modifiedPolicy);
assertThat(modifiedPolicy.getResourceTypeUuid()).isEqualTo(clonedResourceType.getUUID());
verify(connection).delete(deleteRequestCaptor.capture());
DeleteRequest request = deleteRequestCaptor.getValue();
assertThat(request.getName().toString()).isEqualTo("ou=test,ou=forgerock,ou=org");
}
Also used :
SearchRequest(org.forgerock.opendj.ldap.requests.SearchRequest)
Attribute(org.forgerock.opendj.ldap.Attribute)
LinkedAttribute(org.forgerock.opendj.ldap.LinkedAttribute)
JsonValue(org.forgerock.json.JsonValue)
OpenSSOPrivilege(com.sun.identity.entitlement.opensso.OpenSSOPrivilege)
ResourceType(org.forgerock.openam.entitlement.ResourceType)
Subject(javax.security.auth.Subject)
LinkedAttribute(org.forgerock.opendj.ldap.LinkedAttribute)
AttributeParser(org.forgerock.opendj.ldap.AttributeParser)
OpenSSOPrivilege(com.sun.identity.entitlement.opensso.OpenSSOPrivilege)
Privilege(com.sun.identity.entitlement.Privilege)
Application(com.sun.identity.entitlement.Application)
DeleteRequest(org.forgerock.opendj.ldap.requests.DeleteRequest)
Test(org.testng.annotations.Test)
Example 64 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class UpgradeResourceTypeStep method perform.
/**
* {@inheritDoc}
*/
@Override
public void perform() throws UpgradeException {
for (Map.Entry<String, Set<ResourceTypeState>> entry : resourceTypeStatePerRealm.entrySet()) {
final String realm = entry.getKey();
final EntitlementConfiguration ec = EntitlementConfiguration.getInstance(getAdminSubject(), realm);
final PrivilegeManager pm = PrivilegeManager.getInstance(realm, getAdminSubject());
for (ResourceTypeState state : entry.getValue()) {
if (state.applicationNeedsResourceType) {
ResourceType resourceType = createResourceType(state, realm);
upgradeApplication(ec, state.appName, resourceType.getUUID());
// Application modified, clear cache.
ApplicationManager.clearCache(realm);
}
if (state.policiesNeedsResourceType) {
final Application application = ec.getApplication(state.appName);
final Set<String> uuids = application.getResourceTypeUuids();
if (!uuids.isEmpty()) {
// there should only be one resource type associated with the application at this stage
upgradePrivileges(pm, state.appName, uuids.iterator().next());
}
}
}
}
}
Also used :
Set(java.util.Set)
CollectionUtils.transformSet(org.forgerock.openam.utils.CollectionUtils.transformSet)
HashSet(java.util.HashSet)
PrivilegeManager(com.sun.identity.entitlement.PrivilegeManager)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
ResourceType(org.forgerock.openam.entitlement.ResourceType)
Map(java.util.Map)
HashMap(java.util.HashMap)
Application(com.sun.identity.entitlement.Application)
Example 65 with Application
use of com.sun.identity.entitlement.Application in project OpenAM by OpenRock.
the class UpgradeEntitlementSubConfigsStepTest method setUp.
@BeforeMethod
public void setUp() throws IllegalAccessException, InstantiationException {
mockTypes = new HashSet<ApplicationType>(3);
final ApplicationType type1 = newType("type1");
final ApplicationType type2 = newType("type2");
final ApplicationType type3 = newType("type3");
mockTypes.addAll(Arrays.asList(type1, type2, type3));
this.type1 = type1;
mockApplications = new HashSet<Application>(3);
final Application application1 = newApplication("application1", type1);
final Application application2 = newApplication("application2", type1);
final Application application3 = newApplication("application3", type1);
mockApplications.addAll(Arrays.asList(application1, application2, application3));
entitlementService = mock(EntitlementConfiguration.class);
adminTokenAction = mock(PrivilegedAction.class);
connectionFactory = mock(ConnectionFactory.class);
resourceTypeConfiguration = mock(ResourceTypeConfiguration.class);
upgradeStep = new SafeUpgradeEntitlementSubConfigsStep(entitlementService, resourceTypeConfiguration, adminTokenAction, connectionFactory);
final HashSet<String> conditions = new HashSet<String>();
conditions.add("condition.entry.1");
conditions.add("condition.entry.2");
final HashSet<String> subjects = new HashSet<String>();
subjects.add("subject.entry.1");
subjects.add("subject.entry.2");
final HashSet<String> resources = new HashSet<String>();
resources.add("http://*");
resources.add("https://*");
app = newApplication("application4", type1);
app.setConditions(conditions);
app.setSubjects(subjects);
app.setEntitlementCombinerName(DEFAULT_COMBINER);
}
Also used :
ApplicationType(com.sun.identity.entitlement.ApplicationType)
ConnectionFactory(org.forgerock.openam.sm.datalayer.api.ConnectionFactory)
PrivilegedAction(java.security.PrivilegedAction)
EntitlementConfiguration(com.sun.identity.entitlement.EntitlementConfiguration)
ResourceTypeConfiguration(org.forgerock.openam.entitlement.configuration.ResourceTypeConfiguration)
Application(com.sun.identity.entitlement.Application)
HashSet(java.util.HashSet)
BeforeMethod(org.testng.annotations.BeforeMethod)
Aggregations
Application (com.sun.identity.entitlement.Application)65
EntitlementException (com.sun.identity.entitlement.EntitlementException)37
Subject (javax.security.auth.Subject)29
ResourceResponse (org.forgerock.json.resource.ResourceResponse)22
Test (org.testng.annotations.Test)22
HashSet (java.util.HashSet)20
JsonValue (org.forgerock.json.JsonValue)18
Set (java.util.Set)16
ResourceException (org.forgerock.json.resource.ResourceException)16
RealmContext (org.forgerock.openam.rest.RealmContext)16
SSOTokenContext (org.forgerock.openam.rest.resource.SSOTokenContext)16
HashMap (java.util.HashMap)15
ClientContext (org.forgerock.services.context.ClientContext)13
Context (org.forgerock.services.context.Context)13
Matchers.anyString (org.mockito.Matchers.anyString)13
UpgradeException (org.forgerock.openam.upgrade.UpgradeException)10
UpdateRequest (org.forgerock.json.resource.UpdateRequest)9
ApplicationWrapper (org.forgerock.openam.entitlement.rest.wrappers.ApplicationWrapper)9
Map (java.util.Map)8
BadRequestException (org.forgerock.json.resource.BadRequestException)7
