Search in sources :

Example 16 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class SyncMBeanImplTest method testSyncAllGroups.

@Test
public void testSyncAllGroups() throws Exception {
    // first sync external users into the repo
    Map<String, String> expected = new HashMap();
    Iterator<ExternalGroup> grIt = idp.listGroups();
    while (grIt.hasNext()) {
        ExternalGroup eg = grIt.next();
        sync(idp, eg.getId(), true);
        expected.put(eg.getId(), "upd");
    }
    // verify effect of syncAllUsers (which in this case are groups)
    String[] result = syncMBean.syncAllUsers(false);
    assertResultMessages(result, expected);
    UserManager userManager = getUserManager();
    for (String id : expected.keySet()) {
        ExternalIdentity ei = idp.getGroup(id);
        assertSync(ei, userManager);
    }
}
Also used : HashMap(java.util.HashMap) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) UserManager(org.apache.jackrabbit.api.security.user.UserManager) ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity) Test(org.junit.Test)

Example 17 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncForeignExternalGroup.

@Test
public void testSyncForeignExternalGroup() throws Exception {
    ExternalGroup foreign = new TestIdentityProvider.ForeignExternalGroup();
    SyncResult res = syncContext.sync(foreign);
    assertNotNull(res);
    assertSame(SyncResult.Status.FOREIGN, res.getStatus());
    // expect {@code SyncedIdentity} in accordance with {@code sync(String userId)},
    // where the authorizable is found to be linked to a different IDP.
    SyncedIdentity si = res.getIdentity();
    assertNotNull(si);
    assertEquals(foreign.getId(), si.getId());
    ExternalIdentityRef ref = si.getExternalIdRef();
    assertNotNull(ref);
    assertEquals(foreign.getExternalId(), ref);
    assertTrue(si.isGroup());
    assertEquals(-1, si.lastSynced());
    assertFalse(r.hasPendingChanges());
}
Also used : ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) SyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 18 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncExternalGroupExisting.

@Test
public void testSyncExternalGroupExisting() throws Exception {
    // create an external external group that already has been synced into the repo
    ExternalGroup externalGroup = idp.listGroups().next();
    SyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    ctx.sync(externalGroup);
    ctx.close();
    // synchronizing using DynamicSyncContext must update the existing group
    syncContext.setForceGroupSync(true);
    SyncResult result = syncContext.sync(externalGroup);
    assertSame(SyncResult.Status.UPDATE, result.getStatus());
}
Also used : DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) SyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext) DefaultSyncContext(org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 19 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class ExternalGroupPrincipalProviderTest method testFindPrincipalsFiltersDuplicates.

@Test
public void testFindPrincipalsFiltersDuplicates() throws Exception {
    ExternalGroup gr = idp.getGroup("a");
    ExternalUser otherUser = new TestUser("anotherUser", ImmutableSet.of(gr.getExternalId()));
    sync(otherUser);
    Set<Principal> expected = new HashSet();
    expected.add(new PrincipalImpl(gr.getPrincipalName()));
    long depth = syncConfig.user().getMembershipNestingDepth();
    if (depth > 1) {
        collectExpectedPrincipals(expected, gr.getDeclaredGroups(), --depth);
    }
    Iterator<? extends Principal> res = principalProvider.findPrincipals("a", PrincipalManager.SEARCH_TYPE_ALL);
    assertTrue(res.hasNext());
    assertEquals(expected, ImmutableSet.copyOf(res));
}
Also used : ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) Principal(java.security.Principal) PrincipalImpl(org.apache.jackrabbit.oak.spi.security.principal.PrincipalImpl) HashSet(java.util.HashSet) Test(org.junit.Test)

Example 20 with ExternalGroup

use of org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup in project jackrabbit-oak by apache.

the class LdapProviderTest method testGetMembers.

@Test
public void testGetMembers() throws Exception {
    ExternalIdentityRef ref = new ExternalIdentityRef(TEST_GROUP1_DN, IDP_NAME);
    ExternalIdentity id = idp.getIdentity(ref);
    assertTrue("Group instance", id instanceof ExternalGroup);
    ExternalGroup grp = (ExternalGroup) id;
    assertIfEquals("Group members", TEST_GROUP1_MEMBERS, grp.getDeclaredMembers());
}
Also used : ExternalIdentityRef(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity) Test(org.junit.Test)

Aggregations

ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)20 Test (org.junit.Test)16 AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)8 ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)8 Group (org.apache.jackrabbit.api.security.user.Group)7 SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)6 ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)5 Nonnull (javax.annotation.Nonnull)3 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)3 DebugTimer (org.apache.jackrabbit.oak.commons.DebugTimer)3 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)3 SyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)3 Principal (java.security.Principal)2 HashMap (java.util.HashMap)2 RepositoryException (javax.jcr.RepositoryException)2 User (org.apache.jackrabbit.api.security.user.User)2 UserManager (org.apache.jackrabbit.api.security.user.UserManager)2 ExternalIdentityException (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)2 SyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext)2 SyncException (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncException)2