use of org.apache.syncope.common.lib.to.AnyObjectTO in project syncope by apache.
the class AnyObjectITCase method deleteAttr.
@Test
public void deleteAttr() {
AnyObjectTO anyObjectTO = getSampleTO("deleteAttr");
anyObjectTO = createAnyObject(anyObjectTO).getEntity();
assertNotNull(anyObjectTO);
assertNotNull(anyObjectTO.getPlainAttr("location"));
anyObjectService.delete(anyObjectTO.getKey(), SchemaType.PLAIN, "location");
try {
anyObjectService.read(anyObjectTO.getKey(), SchemaType.PLAIN, "location");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
}
use of org.apache.syncope.common.lib.to.AnyObjectTO in project syncope by apache.
the class AnyObjectITCase method issueSYNCOPE756.
@Test
public void issueSYNCOPE756() {
AnyObjectTO anyObjectTO = getSampleTO("issueSYNCOPE756");
anyObjectTO.getRelationships().add(new RelationshipTO.Builder().otherEnd(AnyTypeKind.USER.name(), "1417acbe-cbf6-4277-9372-e75e04f97000").build());
try {
createAnyObject(anyObjectTO).getEntity();
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidAnyType, e.getType());
}
}
use of org.apache.syncope.common.lib.to.AnyObjectTO in project syncope by apache.
the class AuthenticationITCase method anyTypeEntitlement.
@Test
public void anyTypeEntitlement() {
final String anyTypeKey = "FOLDER " + getUUIDString();
// 1. no entitlement exists (yet) for the any type to be created
assertFalse(syncopeService.platform().getEntitlements().stream().anyMatch(entitlement -> entitlement.contains(anyTypeKey)));
// 2. create plain schema, any type class and any type
PlainSchemaTO path = new PlainSchemaTO();
path.setKey("path" + getUUIDString());
path.setType(AttrSchemaType.String);
path = createSchema(SchemaType.PLAIN, path);
AnyTypeClassTO anyTypeClass = new AnyTypeClassTO();
anyTypeClass.setKey("folder" + getUUIDString());
anyTypeClass.getPlainSchemas().add(path.getKey());
anyTypeClassService.create(anyTypeClass);
AnyTypeTO anyTypeTO = new AnyTypeTO();
anyTypeTO.setKey(anyTypeKey);
anyTypeTO.setKind(AnyTypeKind.ANY_OBJECT);
anyTypeTO.getClasses().add(anyTypeClass.getKey());
anyTypeService.create(anyTypeTO);
// 2. now entitlement exists for the any type just created
assertTrue(syncopeService.platform().getEntitlements().stream().anyMatch(entitlement -> entitlement.contains(anyTypeKey)));
// 3. attempt to create an instance of the type above: fail because no entitlement was assigned
AnyObjectTO folder = new AnyObjectTO();
folder.setName("home");
folder.setRealm(SyncopeConstants.ROOT_REALM);
folder.setType(anyTypeKey);
folder.getPlainAttrs().add(attrTO(path.getKey(), "/home"));
SyncopeClient belliniClient = clientFactory.create("bellini", ADMIN_PWD);
try {
belliniClient.getService(AnyObjectService.class).create(folder);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
}
// 4. give create entitlement for the any type just created
RoleTO role = new RoleTO();
role.setKey("role" + getUUIDString());
role.getRealms().add(SyncopeConstants.ROOT_REALM);
role.getEntitlements().add(anyTypeKey + "_READ");
role.getEntitlements().add(anyTypeKey + "_CREATE");
role = createRole(role);
UserTO bellini = userService.read("bellini");
UserPatch patch = new UserPatch();
patch.setKey(bellini.getKey());
patch.getRoles().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(role.getKey()).build());
bellini = updateUser(patch).getEntity();
assertTrue(bellini.getRoles().contains(role.getKey()));
// 5. now the instance of the type above can be created successfully
belliniClient.logout();
belliniClient.login(new BasicAuthenticationHandler("bellini", ADMIN_PWD));
belliniClient.getService(AnyObjectService.class).create(folder);
}
use of org.apache.syncope.common.lib.to.AnyObjectTO in project syncope by apache.
the class AnyPanel method getDirectoryPanel.
protected Panel getDirectoryPanel(final String id) {
final Panel panel;
String fiql;
final String realm;
final String dynRealm;
if (realmTO.getFullPath().startsWith(SyncopeConstants.ROOT_REALM)) {
realm = realmTO.getFullPath();
dynRealm = null;
} else {
realm = SyncopeConstants.ROOT_REALM;
dynRealm = realmTO.getKey();
}
switch(anyTypeTO.getKind()) {
case USER:
fiql = dynRealm == null ? SyncopeClient.getUserSearchConditionBuilder().is("key").notNullValue().query() : SyncopeClient.getUserSearchConditionBuilder().inDynRealms(dynRealm).query();
final UserTO userTO = new UserTO();
userTO.setRealm(realmTO.getFullPath());
panel = new UserDirectoryPanel.Builder(anyTypeClassRestClient.list(anyTypeTO.getClasses()), anyTypeTO.getKey(), pageRef).setRealm(realm).setFiltered(true).setFiql(fiql).setWizardInModal(true).addNewItemPanelBuilder(FormLayoutInfoUtils.instantiate(userTO, anyTypeTO.getClasses(), formLayoutInfo.getLeft(), pageRef)).build(id);
MetaDataRoleAuthorizationStrategy.authorize(panel, WebPage.RENDER, StandardEntitlement.USER_SEARCH);
break;
case GROUP:
fiql = dynRealm == null ? SyncopeClient.getGroupSearchConditionBuilder().is("key").notNullValue().query() : SyncopeClient.getGroupSearchConditionBuilder().inDynRealms(dynRealm).query();
final GroupTO groupTO = new GroupTO();
groupTO.setRealm(realmTO.getFullPath());
panel = new GroupDirectoryPanel.Builder(anyTypeClassRestClient.list(anyTypeTO.getClasses()), anyTypeTO.getKey(), pageRef).setRealm(realm).setFiltered(true).setFiql(fiql).setWizardInModal(true).addNewItemPanelBuilder(FormLayoutInfoUtils.instantiate(groupTO, anyTypeTO.getClasses(), formLayoutInfo.getMiddle(), pageRef)).build(id);
// list of group is available to all authenticated users
break;
case ANY_OBJECT:
fiql = dynRealm == null ? SyncopeClient.getAnyObjectSearchConditionBuilder(anyTypeTO.getKey()).is("key").notNullValue().query() : SyncopeClient.getAnyObjectSearchConditionBuilder(anyTypeTO.getKey()).inDynRealms(dynRealm).query();
final AnyObjectTO anyObjectTO = new AnyObjectTO();
anyObjectTO.setRealm(realmTO.getFullPath());
anyObjectTO.setType(anyTypeTO.getKey());
panel = new AnyObjectDirectoryPanel.Builder(anyTypeClassRestClient.list(anyTypeTO.getClasses()), anyTypeTO.getKey(), pageRef).setRealm(realm).setFiltered(true).setFiql(fiql).setWizardInModal(true).addNewItemPanelBuilder(FormLayoutInfoUtils.instantiate(anyObjectTO, anyTypeTO.getClasses(), formLayoutInfo.getRight().get(anyTypeTO.getKey()), pageRef)).build(id);
MetaDataRoleAuthorizationStrategy.authorize(panel, WebPage.RENDER, AnyEntitlement.SEARCH.getFor(anyTypeTO.getKey()));
break;
default:
panel = new LabelPanel(id, null);
}
return panel;
}
use of org.apache.syncope.common.lib.to.AnyObjectTO in project syncope by apache.
the class RemediationDirectoryPanel method getActions.
@Override
protected ActionsPanel<RemediationTO> getActions(final IModel<RemediationTO> model) {
ActionsPanel<RemediationTO> panel = super.getActions(model);
panel.add(new ActionLink<RemediationTO>() {
private static final long serialVersionUID = 6193210574968203299L;
@Override
public void onClick(final AjaxRequestTarget target, final RemediationTO ignore) {
modal.header(new ResourceModel("error"));
modal.setContent(new ExecMessageModal(model.getObject().getError()));
modal.show(true);
target.add(modal);
}
}, ActionLink.ActionType.VIEW_DETAILS, StandardEntitlement.REMEDIATION_READ);
if (model.getObject().getOperation() == ResourceOperation.DELETE) {
String entitlements = StringUtils.join(new String[] { StandardEntitlement.REMEDIATION_REMEDY, AnyTypeKind.USER.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.USER_DELETE : AnyTypeKind.GROUP.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.GROUP_DELETE : AnyEntitlement.DELETE.getFor(model.getObject().getAnyType()) }, ",");
panel.add(new ActionLink<RemediationTO>() {
private static final long serialVersionUID = 6193210574968203299L;
@Override
public void onClick(final AjaxRequestTarget target, final RemediationTO ignore) {
try {
restClient.remedy(model.getObject().getKey(), model.getObject().getKeyPayload());
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
LOG.error("While performing remediation {}", model.getObject().getKey(), e);
SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}, ActionLink.ActionType.CLOSE, entitlements, true);
} else {
String entitlements = model.getObject().getOperation() == ResourceOperation.CREATE ? StringUtils.join(new String[] { StandardEntitlement.REMEDIATION_REMEDY, AnyTypeKind.USER.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.USER_CREATE : AnyTypeKind.GROUP.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.GROUP_CREATE : AnyEntitlement.CREATE.getFor(model.getObject().getAnyType()) }, ",") : StringUtils.join(new String[] { StandardEntitlement.REMEDIATION_REMEDY, AnyTypeKind.USER.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.USER_UPDATE : AnyTypeKind.GROUP.name().equals(model.getObject().getAnyType()) ? StandardEntitlement.GROUP_UPDATE : AnyEntitlement.UPDATE.getFor(model.getObject().getAnyType()) }, ",");
panel.add(new ActionLink<RemediationTO>() {
private static final long serialVersionUID = 6193210574968203299L;
@Override
public void onClick(final AjaxRequestTarget target, final RemediationTO ignore) {
modal.setFormModel(new CompoundPropertyModel<>(model.getObject()));
RemediationTO remediationTO = model.getObject();
switch(remediationTO.getAnyType()) {
case "USER":
UserTO newUserTO;
UserTO previousUserTO;
if (remediationTO.getAnyPatchPayload() == null) {
newUserTO = (UserTO) remediationTO.getAnyTOPayload();
previousUserTO = null;
} else {
previousUserTO = new UserRestClient().read(remediationTO.getAnyPatchPayload().getKey());
newUserTO = AnyOperations.patch(previousUserTO, (UserPatch) remediationTO.getAnyPatchPayload());
}
AjaxWizard.EditItemActionEvent<UserTO> userEvent = new AjaxWizard.EditItemActionEvent<>(newUserTO, target);
userEvent.forceModalPanel(new RemediationUserWizardBuilder(model.getObject(), previousUserTO, newUserTO, new AnyTypeRestClient().read(remediationTO.getAnyType()).getClasses(), FormLayoutInfoUtils.fetch(Arrays.asList(remediationTO.getAnyType())).getLeft(), pageRef).build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT));
send(RemediationDirectoryPanel.this, Broadcast.EXACT, userEvent);
break;
case "GROUP":
GroupTO newGroupTO;
GroupTO previousGroupTO;
if (remediationTO.getAnyPatchPayload() == null) {
newGroupTO = (GroupTO) remediationTO.getAnyTOPayload();
previousGroupTO = null;
} else {
previousGroupTO = new GroupRestClient().read(remediationTO.getAnyPatchPayload().getKey());
newGroupTO = AnyOperations.patch(previousGroupTO, (GroupPatch) remediationTO.getAnyPatchPayload());
}
AjaxWizard.EditItemActionEvent<GroupTO> groupEvent = new AjaxWizard.EditItemActionEvent<>(newGroupTO, target);
groupEvent.forceModalPanel(new RemediationGroupWizardBuilder(model.getObject(), previousGroupTO, newGroupTO, new AnyTypeRestClient().read(remediationTO.getAnyType()).getClasses(), FormLayoutInfoUtils.fetch(Arrays.asList(remediationTO.getAnyType())).getMiddle(), pageRef).build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT));
send(RemediationDirectoryPanel.this, Broadcast.EXACT, groupEvent);
break;
default:
AnyObjectTO newAnyObjectTO;
AnyObjectTO previousAnyObjectTO;
if (remediationTO.getAnyPatchPayload() == null) {
newAnyObjectTO = (AnyObjectTO) remediationTO.getAnyTOPayload();
previousAnyObjectTO = null;
} else {
previousAnyObjectTO = new AnyObjectRestClient().read(remediationTO.getAnyPatchPayload().getKey());
newAnyObjectTO = AnyOperations.patch(previousAnyObjectTO, (AnyObjectPatch) remediationTO.getAnyPatchPayload());
}
AjaxWizard.EditItemActionEvent<AnyObjectTO> anyObjectEvent = new AjaxWizard.EditItemActionEvent<>(newAnyObjectTO, target);
anyObjectEvent.forceModalPanel(new RemediationAnyObjectWizardBuilder(model.getObject(), previousAnyObjectTO, newAnyObjectTO, new AnyTypeRestClient().read(remediationTO.getAnyType()).getClasses(), FormLayoutInfoUtils.fetch(Arrays.asList(remediationTO.getAnyType())).getRight().values().iterator().next(), pageRef).build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT));
send(RemediationDirectoryPanel.this, Broadcast.EXACT, anyObjectEvent);
}
}
}, ActionLink.ActionType.EDIT, entitlements);
}
panel.add(new ActionLink<RemediationTO>() {
private static final long serialVersionUID = 6193210574968203299L;
@Override
public void onClick(final AjaxRequestTarget target, final RemediationTO ignore) {
try {
restClient.delete(model.getObject().getKey());
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
LOG.error("While deleting {}", model.getObject().getKey(), e);
SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}, ActionLink.ActionType.DELETE, StandardEntitlement.REMEDIATION_DELETE, true);
return panel;
}
Aggregations