Search in sources :

Example 36 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testLostMembershipWithExpirationSet.

@Test
public void testLostMembershipWithExpirationSet() throws Exception {
    long expTime = 2;
    syncConfig.user().setMembershipNestingDepth(1).setMembershipExpirationTime(expTime).setExpirationTime(expTime);
    Group gr = createTestGroup();
    setExternalID(gr, idp.getName());
    SyncResult result = syncCtx.sync(idp.listUsers().next());
    User user = (User) userManager.getAuthorizable(result.getIdentity().getId());
    gr.addMember(user);
    root.commit();
    waitUntilExpired(user, root, expTime);
    DefaultSyncContext newCtx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory);
    result = newCtx.sync(user.getID());
    root.commit();
    assertSame(SyncResult.Status.UPDATE, result.getStatus());
    gr = (Group) userManager.getAuthorizable(gr.getID());
    assertFalse(gr.isDeclaredMember(userManager.getAuthorizable(user.getID())));
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 37 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testLostMembership.

@Test
public void testLostMembership() throws Exception {
    // create a group in the repository which is marked as being external
    // and associated with the test-IDP to setup the situation that a
    // repository group is no longer listed in the IDP.
    Group gr = createTestGroup();
    setExternalID(gr, idp.getName());
    // sync an external user from the IDP into the repo and make it member
    // of the test group
    SyncResult result = syncCtx.sync(idp.listUsers().next());
    User user = userManager.getAuthorizable(result.getIdentity().getId(), User.class);
    gr.addMember(user);
    root.commit();
    // enforce synchronization of the user and it's group membership
    syncCtx.setForceUserSync(true);
    syncConfig.user().setMembershipExpirationTime(-1);
    // 1. membership nesting is < 0 => membership not synchronized
    syncConfig.user().setMembershipNestingDepth(-1);
    syncCtx.sync(user.getID()).getStatus();
    assertTrue(gr.isDeclaredMember(user));
    // 2. membership nesting is > 0 => membership gets synchronized
    syncConfig.user().setMembershipNestingDepth(1);
    assertEquals(SyncResult.Status.UPDATE, syncCtx.sync(user.getID()).getStatus());
    assertFalse(gr.isDeclaredMember(user));
}
Also used : Group(org.apache.jackrabbit.api.security.user.Group) ExternalGroup(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup) User(org.apache.jackrabbit.api.security.user.User) ExternalUser(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 38 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DynamicSyncContextTest method testSyncUserByIdUpdate.

@Test
public void testSyncUserByIdUpdate() throws Exception {
    ExternalIdentity externalId = idp.listUsers().next();
    Authorizable a = userManager.createUser(externalId.getId(), null);
    a.setProperty(DefaultSyncContext.REP_EXTERNAL_ID, valueFactory.createValue(externalId.getExternalId().getString()));
    syncContext.setForceUserSync(true);
    SyncResult result = syncContext.sync(externalId.getId());
    assertEquals(SyncResult.Status.UPDATE, result.getStatus());
    Tree t = r.getTree(a.getPath());
    assertTrue(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES));
}
Also used : ExternalIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) Tree(org.apache.jackrabbit.oak.api.Tree) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 39 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncByForeignGroupId.

@Test
public void testSyncByForeignGroupId() throws Exception {
    SyncResult result = syncCtx.sync(createTestGroup().getID());
    assertEquals(SyncResult.Status.FOREIGN, result.getStatus());
    SyncedIdentity si = result.getIdentity();
    assertNotNull(si);
    assertNull(si.getExternalIdRef());
    assertTrue(si.isGroup());
}
Also used : SyncedIdentity(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity) SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) AbstractExternalAuthTest(org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest) Test(org.junit.Test)

Example 40 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncResultImplTest method testGetIdentityFromNull.

@Test
public void testGetIdentityFromNull() {
    SyncResult res = new DefaultSyncResultImpl(null, SyncResult.Status.NOP);
    assertNull(res.getIdentity());
}
Also used : SyncResult(org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult) Test(org.junit.Test)

Aggregations

SyncResult (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult)46 Test (org.junit.Test)37 AbstractExternalAuthTest (org.apache.jackrabbit.oak.spi.security.authentication.external.AbstractExternalAuthTest)34 ExternalGroup (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalGroup)14 ExternalUser (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalUser)13 User (org.apache.jackrabbit.api.security.user.User)11 SyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncedIdentity)11 Group (org.apache.jackrabbit.api.security.user.Group)10 ExternalIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentity)7 ExternalIdentityRef (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityRef)5 Nonnull (javax.annotation.Nonnull)4 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)4 CommitFailedException (org.apache.jackrabbit.oak.api.CommitFailedException)4 Tree (org.apache.jackrabbit.oak.api.Tree)4 SyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncContext)4 ArrayList (java.util.ArrayList)3 DefaultSyncContext (org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncContext)3 DefaultSyncedIdentity (org.apache.jackrabbit.oak.spi.security.authentication.external.basic.DefaultSyncedIdentity)3 ExternalIdentityException (org.apache.jackrabbit.oak.spi.security.authentication.external.ExternalIdentityException)2 SyncException (org.apache.jackrabbit.oak.spi.security.authentication.external.SyncException)2