Example 1 with AccountPolicyTO
use of org.apache.syncope.common.lib.policy.AccountPolicyTO in project syncope by apache.
the class UserITCase method customPolicyRules.
@Test
public void customPolicyRules() {
// Using custom policy rules with application/xml requires to overwrite
// org.apache.syncope.common.lib.policy.AbstractAccountRuleConf's and / or
// org.apache.syncope.common.lib.policy.AbstractPasswordRuleConf's
// @XmlSeeAlso - the power of JAXB :-/
assumeTrue(MediaType.APPLICATION_JSON_TYPE.equals(clientFactory.getContentType().getMediaType()));
ImplementationTO implementationTO = new ImplementationTO();
implementationTO.setKey("TestAccountRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.ACCOUNT_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestAccountRuleConf()));
Response response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
AccountPolicyTO accountPolicy = new AccountPolicyTO();
accountPolicy.setDescription("Account Policy with custom rules");
accountPolicy.getRules().add(implementationTO.getKey());
accountPolicy = createPolicy(PolicyType.ACCOUNT, accountPolicy);
assertNotNull(accountPolicy);
implementationTO = new ImplementationTO();
implementationTO.setKey("TestPasswordRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.PASSWORD_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestPasswordRuleConf()));
response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
passwordPolicy.setDescription("Password Policy with custom rules");
passwordPolicy.getRules().add(implementationTO.getKey());
passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
assertNotNull(passwordPolicy);
RealmTO realm = realmService.list("/even/two").get(0);
String oldAccountPolicy = realm.getAccountPolicy();
realm.setAccountPolicy(accountPolicy.getKey());
String oldPasswordPolicy = realm.getPasswordPolicy();
realm.setPasswordPolicy(passwordPolicy.getKey());
realmService.update(realm);
try {
UserTO user = getUniqueSampleTO("custompolicyrules@syncope.apache.org");
user.setRealm(realm.getFullPath());
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
}
user.setPassword(user.getPassword() + "XXX");
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidUsername"));
}
user.setUsername("YYY" + user.getUsername());
user = createUser(user).getEntity();
assertNotNull(user);
} finally {
realm.setAccountPolicy(oldAccountPolicy);
realm.setPasswordPolicy(oldPasswordPolicy);
realmService.update(realm);
policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
policyService.delete(PolicyType.ACCOUNT, accountPolicy.getKey());
}
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
Response(javax.ws.rs.core.Response)
TestPasswordRuleConf(org.apache.syncope.fit.core.reference.TestPasswordRuleConf)
UserTO(org.apache.syncope.common.lib.to.UserTO)
RealmTO(org.apache.syncope.common.lib.to.RealmTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
TestAccountRuleConf(org.apache.syncope.fit.core.reference.TestAccountRuleConf)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Test(org.junit.jupiter.api.Test)
Example 2 with AccountPolicyTO
use of org.apache.syncope.common.lib.policy.AccountPolicyTO in project syncope by apache.
the class RealmITCase method deletingAccountPolicy.
@Test
public void deletingAccountPolicy() {
// 1. create account policy
DefaultAccountRuleConf ruleConf = new DefaultAccountRuleConf();
ruleConf.setMinLength(3);
ruleConf.setMaxLength(8);
ImplementationTO rule = new ImplementationTO();
rule.setKey("DefaultAccountRuleConf" + UUID.randomUUID().toString());
rule.setEngine(ImplementationEngine.JAVA);
rule.setType(ImplementationType.ACCOUNT_RULE);
rule.setBody(POJOHelper.serialize(ruleConf));
Response response = implementationService.create(rule);
rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
AccountPolicyTO policy = new AccountPolicyTO();
policy.setDescription("deletingAccountPolicy");
policy.getRules().add(rule.getKey());
policy = createPolicy(PolicyType.ACCOUNT, policy);
assertNotNull(policy);
// 2. create realm with policy assigned
RealmTO realm = new RealmTO();
realm.setName("withppolicy");
response = realmService.create(SyncopeConstants.ROOT_REALM, realm);
RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
assertNotNull(actuals);
assertTrue(actuals.length > 0);
realm = actuals[0];
String existingAccountPolicy = realm.getAccountPolicy();
realm.setAccountPolicy(policy.getKey());
realmService.update(realm);
actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
assertNotNull(actuals);
assertTrue(actuals.length > 0);
RealmTO actual = actuals[0];
assertEquals(policy.getKey(), actual.getAccountPolicy());
// 3. remove policy
policyService.delete(PolicyType.ACCOUNT, policy.getKey());
// 4. verify
actual = getRealm(actual.getFullPath()).get();
assertEquals(existingAccountPolicy, actual.getAccountPolicy());
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
Response(javax.ws.rs.core.Response)
DefaultAccountRuleConf(org.apache.syncope.common.lib.policy.DefaultAccountRuleConf)
RealmService(org.apache.syncope.common.rest.api.service.RealmService)
RealmTO(org.apache.syncope.common.lib.to.RealmTO)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
Test(org.junit.jupiter.api.Test)
Example 3 with AccountPolicyTO
use of org.apache.syncope.common.lib.policy.AccountPolicyTO in project syncope by apache.
the class PolicyDataBinderImpl method getPolicy.
@SuppressWarnings("unchecked")
private <T extends Policy> T getPolicy(final T policy, final PolicyTO policyTO) {
T result = policy;
if (policyTO instanceof PasswordPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PasswordPolicy.class);
}
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(result);
PasswordPolicyTO passwordPolicyTO = PasswordPolicyTO.class.cast(policyTO);
passwordPolicy.setAllowNullPassword(passwordPolicyTO.isAllowNullPassword());
passwordPolicy.setHistoryLength(passwordPolicyTO.getHistoryLength());
passwordPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
passwordPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
passwordPolicy.getRules().removeIf(implementation -> !passwordPolicyTO.getRules().contains(implementation.getKey()));
} else if (policyTO instanceof AccountPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(AccountPolicy.class);
}
AccountPolicy accountPolicy = AccountPolicy.class.cast(result);
AccountPolicyTO accountPolicyTO = AccountPolicyTO.class.cast(policyTO);
accountPolicy.setMaxAuthenticationAttempts(accountPolicyTO.getMaxAuthenticationAttempts());
accountPolicy.setPropagateSuspension(accountPolicyTO.isPropagateSuspension());
accountPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
accountPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
accountPolicy.getRules().removeIf(implementation -> !accountPolicyTO.getRules().contains(implementation.getKey()));
accountPolicy.getResources().clear();
accountPolicyTO.getPassthroughResources().forEach(resourceName -> {
ExternalResource resource = resourceDAO.find(resourceName);
if (resource == null) {
LOG.debug("Ignoring invalid resource {} ", resourceName);
} else {
accountPolicy.add(resource);
}
});
} else if (policyTO instanceof PullPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PullPolicy.class);
}
PullPolicy pullPolicy = PullPolicy.class.cast(result);
PullPolicyTO pullPolicyTO = PullPolicyTO.class.cast(policyTO);
pullPolicy.setConflictResolutionAction(pullPolicyTO.getConflictResolutionAction());
pullPolicyTO.getCorrelationRules().forEach((type, impl) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.debug("Invalid AnyType {} specified, ignoring...", type);
} else {
CorrelationRule correlationRule = pullPolicy.getCorrelationRule(anyType).orElse(null);
if (correlationRule == null) {
correlationRule = entityFactory.newEntity(CorrelationRule.class);
correlationRule.setAnyType(anyType);
correlationRule.setPullPolicy(pullPolicy);
pullPolicy.add(correlationRule);
}
Implementation rule = implementationDAO.find(impl);
if (rule == null) {
throw new NotFoundException("Implementation " + type);
}
correlationRule.setImplementation(rule);
}
});
// remove all rules not contained in the TO
pullPolicy.getCorrelationRules().removeIf(anyFilter -> !pullPolicyTO.getCorrelationRules().containsKey(anyFilter.getAnyType().getKey()));
}
if (result != null) {
result.setDescription(policyTO.getDescription());
}
return result;
}
Also used :
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
LoggerFactory(org.slf4j.LoggerFactory)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
PolicyDataBinder(org.apache.syncope.core.provisioning.api.data.PolicyDataBinder)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO)
ImplementationDAO(org.apache.syncope.core.persistence.api.dao.ImplementationDAO)
PolicyTO(org.apache.syncope.common.lib.policy.PolicyTO)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Logger(org.slf4j.Logger)
Policy(org.apache.syncope.core.persistence.api.entity.policy.Policy)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
Collectors(java.util.stream.Collectors)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
EntityFactory(org.apache.syncope.core.persistence.api.entity.EntityFactory)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
Component(org.springframework.stereotype.Component)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
ExternalResourceDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Example 4 with AccountPolicyTO
use of org.apache.syncope.common.lib.policy.AccountPolicyTO in project syncope by apache.
the class PolicyDataBinderImpl method getPolicyTO.
@SuppressWarnings("unchecked")
@Override
public <T extends PolicyTO> T getPolicyTO(final Policy policy) {
T policyTO = null;
if (policy instanceof PasswordPolicy) {
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(policy);
PasswordPolicyTO passwordPolicyTO = new PasswordPolicyTO();
policyTO = (T) passwordPolicyTO;
passwordPolicyTO.setAllowNullPassword(passwordPolicy.isAllowNullPassword());
passwordPolicyTO.setHistoryLength(passwordPolicy.getHistoryLength());
passwordPolicyTO.getRules().addAll(passwordPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof AccountPolicy) {
AccountPolicy accountPolicy = AccountPolicy.class.cast(policy);
AccountPolicyTO accountPolicyTO = new AccountPolicyTO();
policyTO = (T) accountPolicyTO;
accountPolicyTO.setMaxAuthenticationAttempts(accountPolicy.getMaxAuthenticationAttempts());
accountPolicyTO.setPropagateSuspension(accountPolicy.isPropagateSuspension());
accountPolicyTO.getRules().addAll(accountPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
accountPolicyTO.getPassthroughResources().addAll(accountPolicy.getResources().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof PullPolicy) {
PullPolicy pullPolicy = PullPolicy.class.cast(policy);
PullPolicyTO pullPolicyTO = new PullPolicyTO();
policyTO = (T) pullPolicyTO;
pullPolicyTO.setConflictResolutionAction(((PullPolicy) policy).getConflictResolutionAction());
pullPolicy.getCorrelationRules().forEach(rule -> {
pullPolicyTO.getCorrelationRules().put(rule.getAnyType().getKey(), rule.getImplementation().getKey());
});
}
if (policyTO != null) {
policyTO.setKey(policy.getKey());
policyTO.setDescription(policy.getDescription());
for (ExternalResource resource : resourceDAO.findByPolicy(policy)) {
policyTO.getUsedByResources().add(resource.getKey());
}
for (Realm realm : realmDAO.findByPolicy(policy)) {
policyTO.getUsedByRealms().add(realm.getFullPath());
}
}
return policyTO;
}
Also used :
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Example 5 with AccountPolicyTO
use of org.apache.syncope.common.lib.policy.AccountPolicyTO in project syncope by apache.
the class PolicyITCase method issueSYNCOPE682.
@Test
public void issueSYNCOPE682() {
AccountPolicyTO policy = new AccountPolicyTO();
policy.setDescription("SYNCOPE682");
policy.getPassthroughResources().add(RESOURCE_NAME_LDAP);
DefaultAccountRuleConf ruleConf = new DefaultAccountRuleConf();
ruleConf.setMinLength(3);
ruleConf.setMaxLength(8);
ImplementationTO rule = new ImplementationTO();
rule.setKey("DefaultAccountRuleConf" + getUUIDString());
rule.setEngine(ImplementationEngine.JAVA);
rule.setType(ImplementationType.ACCOUNT_RULE);
rule.setBody(POJOHelper.serialize(ruleConf));
Response response = implementationService.create(rule);
rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
policy.getRules().add(rule.getKey());
policy = createPolicy(PolicyType.ACCOUNT, policy);
assertNotNull(policy);
}
Also used :
ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO)
Response(javax.ws.rs.core.Response)
DefaultAccountRuleConf(org.apache.syncope.common.lib.policy.DefaultAccountRuleConf)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
Test(org.junit.jupiter.api.Test)
Aggregations
AccountPolicyTO (org.apache.syncope.common.lib.policy.AccountPolicyTO)7
Test (org.junit.jupiter.api.Test)5
Response (javax.ws.rs.core.Response)4
ImplementationTO (org.apache.syncope.common.lib.to.ImplementationTO)4
DefaultAccountRuleConf (org.apache.syncope.common.lib.policy.DefaultAccountRuleConf)3
PasswordPolicyTO (org.apache.syncope.common.lib.policy.PasswordPolicyTO)3
PullPolicyTO (org.apache.syncope.common.lib.policy.PullPolicyTO)2
RealmTO (org.apache.syncope.common.lib.to.RealmTO)2
Entity (org.apache.syncope.core.persistence.api.entity.Entity)2
Realm (org.apache.syncope.core.persistence.api.entity.Realm)2
AccountPolicy (org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)2
PasswordPolicy (org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)2
PullPolicy (org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)2
ExternalResource (org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)2
Collectors (java.util.stream.Collectors)1
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)1
PolicyTO (org.apache.syncope.common.lib.policy.PolicyTO)1
UserTO (org.apache.syncope.common.lib.to.UserTO)1
RealmService (org.apache.syncope.common.rest.api.service.RealmService)1
AnyTypeDAO (org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)1
