Examples with SyncResult org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult used on opensource projects

Example 41 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncRemovedUserById.

@Test
public void testSyncRemovedUserById() throws Exception {
    // mark a regular repo user as external user from the test IDP
    User u = userManager.createUser("test" + UUID.randomUUID(), null);
    String userId = u.getID();
    setExternalID(u, idp.getName());
    // test sync with 'keepmissing' = true
    syncCtx.setKeepMissing(true);
    SyncResult result = syncCtx.sync(userId);
    assertEquals(SyncResult.Status.MISSING, result.getStatus());
    assertNotNull(userManager.getAuthorizable(userId));
    // test sync with 'keepmissing' = false
    syncCtx.setKeepMissing(false);
    result = syncCtx.sync(userId);
    assertEquals(SyncResult.Status.DELETE, result.getStatus());
    assertNull(userManager.getAuthorizable(userId));
}

Example 42 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncByForeignId2.

@Test
public void testSyncByForeignId2() throws Exception {
    User u = userManager.getAuthorizable(getTestUser().getID(), User.class);
    setExternalID(u, "differentIDP");
    SyncResult result = syncCtx.sync(u.getID());
    assertEquals(SyncResult.Status.FOREIGN, result.getStatus());
    SyncedIdentity si = result.getIdentity();
    assertNotNull(si);
    assertEquals(DefaultSyncContext.getIdentityRef(u), si.getExternalIdRef());
}

Example 43 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testSyncRemovedGroupWithMembers.

@Test
public void testSyncRemovedGroupWithMembers() throws Exception {
    // mark a regular repo user as external user from the test IDP
    Group gr = createTestGroup();
    gr.addMember(getTestUser());
    String groupId = gr.getID();
    setExternalID(gr, idp.getName());
    // test sync with 'keepmissing' = true
    syncCtx.setKeepMissing(true);
    SyncResult result = syncCtx.sync(groupId);
    assertEquals(SyncResult.Status.NOP, result.getStatus());
    assertNotNull(userManager.getAuthorizable(groupId));
    // test sync with 'keepmissing' = false
    syncCtx.setKeepMissing(false);
    result = syncCtx.sync(groupId);
    assertEquals(SyncResult.Status.NOP, result.getStatus());
    assertNotNull(userManager.getAuthorizable(groupId));
}

Example 44 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class RepExternalIdTest method testUniqueConstraintSubsequentCommit.

@Test
public void testUniqueConstraintSubsequentCommit() throws Exception {
    SyncResult res = syncCtx.sync(idp.getUser(USER_ID));
    r.commit();
    try {
        Tree t = r.getTree(getTestUser().getPath());
        t.setProperty(DefaultSyncContext.REP_EXTERNAL_ID, res.getIdentity().getExternalIdRef().getString());
        r.commit();
        fail("Duplicate value for rep:externalId must be detected in the default setup.");
    } catch (CommitFailedException e) {
        // success: verify nature of the exception
        assertTrue(e.isConstraintViolation());
        assertEquals(30, e.getCode());
    } finally {
        r.refresh();
    }
}

Example 45 with SyncResult

use of org.apache.jackrabbit.oak.spi.security.authentication.external.SyncResult in project jackrabbit-oak by apache.

the class DefaultSyncContextTest method testMembershipForExistingForeignGroup.

/**
 * @see <a href="https://issues.apache.org/jira/browse/OAK-4397">OAK-4397</a>
 */
@Test
public void testMembershipForExistingForeignGroup() throws Exception {
    syncConfig.user().setMembershipNestingDepth(1).setMembershipExpirationTime(-1).setExpirationTime(-1);
    syncConfig.group().setExpirationTime(-1);
    ExternalUser externalUser = idp.getUser(USER_ID);
    ExternalIdentityRef groupRef = externalUser.getDeclaredGroups().iterator().next();
    // create the group as if it had been synced by a foreign IDP
    Group gr = userManager.createGroup(groupRef.getId());
    // but don't set rep:lastSynced :-)
    setExternalID(gr, "foreignIDP");
    root.commit();
    SyncResult result = syncCtx.sync(externalUser);
    assertSame(SyncResult.Status.ADD, result.getStatus());
    User user = userManager.getAuthorizable(externalUser.getId(), User.class);
    assertNotNull(user);
    // synchronizing the user from our IDP must _neither_ change the group
    // members of the group belonging to a different IDP nor synchronizing
    // that foreign group with information retrieved from this IDP (e.g.
    // properties and as such must _not_ set the last-synced property.
    // -> verify group last-synced has not been added
    assertFalse(gr.hasProperty(DefaultSyncContext.REP_LAST_SYNCED));
    // -> verify group membership has not changed
    assertFalse(gr.isDeclaredMember(user));
    Iterator<Group> declared = user.declaredMemberOf();
    while (declared.hasNext()) {
        assertFalse(gr.getID().equals(declared.next().getID()));
    }
}