use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserITCase method create.
@Test
public void create() {
// get task list
PagedResult<PropagationTaskTO> tasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).page(1).size(1).build());
assertNotNull(tasks);
assertFalse(tasks.getResult().isEmpty());
String maxKey = tasks.getResult().iterator().next().getKey();
PropagationTaskTO taskTO = taskService.read(TaskType.PROPAGATION, maxKey, true);
assertNotNull(taskTO);
int maxTaskExecutions = taskTO.getExecutions().size();
UserTO userTO = getUniqueSampleTO("a.b@c.com");
// add a membership
userTO.getMemberships().add(new MembershipTO.Builder().group("f779c0d4-633b-4be5-8f57-32eb478a3ca5").build());
// add an attribute with a non-existing schema: must be ignored
AttrTO attrWithInvalidSchemaTO = attrTO("invalid schema", "a value");
userTO.getPlainAttrs().add(attrWithInvalidSchemaTO);
// add an attribute with null value: must be ignored
userTO.getPlainAttrs().add(attrTO("activationDate", null));
// 1. create user
UserTO newUserTO = createUser(userTO).getEntity();
assertNotNull(newUserTO);
// issue SYNCOPE-15
assertNotNull(newUserTO.getCreationDate());
assertNotNull(newUserTO.getCreator());
assertNotNull(newUserTO.getLastChangeDate());
assertNotNull(newUserTO.getLastModifier());
assertEquals(newUserTO.getCreationDate(), newUserTO.getLastChangeDate());
assertFalse(newUserTO.getPlainAttrs().contains(attrWithInvalidSchemaTO));
// check for changePwdDate
assertNotNull(newUserTO.getCreationDate());
// get the new task list
tasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).page(1).size(1).build());
assertNotNull(tasks);
assertFalse(tasks.getResult().isEmpty());
String newMaxKey = tasks.getResult().iterator().next().getKey();
// default configuration for ws-target-resource2:
// only failed executions have to be registered
// --> no more tasks/executions should be added
assertEquals(newMaxKey, maxKey);
// get last task
taskTO = taskService.read(TaskType.PROPAGATION, newMaxKey, true);
assertNotNull(taskTO);
assertEquals(maxTaskExecutions, taskTO.getExecutions().size());
// 3. verify password
try {
Pair<Map<String, Set<String>>, UserTO> self = clientFactory.create(newUserTO.getUsername(), "password123").self();
assertNotNull(self);
} catch (AccessControlException e) {
fail("Credentials should be valid and not cause AccessControlException");
}
try {
clientFactory.create(newUserTO.getUsername(), "passwordXX").getService(UserSelfService.class);
fail("Credentials are invalid, thus request should raise AccessControlException");
} catch (AccessControlException e) {
assertNotNull(e);
}
// 4. try (and fail) to create another user with same (unique) values
userTO = getSampleTO(userTO.getUsername());
AttrTO userIdAttr = userTO.getPlainAttr("userId").get();
userIdAttr.getValues().clear();
userIdAttr.getValues().add("a.b@c.com");
try {
createUser(userTO);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.EntityExists, e.getType());
}
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE686.
@Test
public void issueSYNCOPE686() {
// 1. read configured cipher algorithm in order to be able to restore it at the end of test
AttrTO pwdCipherAlgo = configurationService.get("password.cipher.algorithm");
String origpwdCipherAlgo = pwdCipherAlgo.getValues().get(0);
// 2. set AES password cipher algorithm
pwdCipherAlgo.getValues().set(0, "AES");
configurationService.set(pwdCipherAlgo);
try {
// 3. create group with LDAP resource assigned
GroupTO group = GroupITCase.getBasicSampleTO("syncope686");
group.getResources().add(RESOURCE_NAME_LDAP);
group = createGroup(group).getEntity();
assertNotNull(group);
// 4. create user with no resources
UserTO userTO = UserITCase.getUniqueSampleTO("syncope686@apache.org");
userTO.getResources().clear();
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
// 5. update user with the new group, and don't provide any password
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.ADD_REPLACE).group(group.getKey()).build());
ProvisioningResult<UserTO> result = updateUser(userPatch);
assertNotNull(result);
// 5. verify that propagation was successful
List<PropagationStatus> props = result.getPropagationStatuses();
assertNotNull(props);
assertEquals(1, props.size());
PropagationStatus prop = props.iterator().next();
assertNotNull(prop);
assertEquals(RESOURCE_NAME_LDAP, prop.getResource());
assertEquals(PropagationTaskExecStatus.SUCCESS, prop.getStatus());
} finally {
// restore initial cipher algorithm
pwdCipherAlgo.getValues().set(0, origpwdCipherAlgo);
configurationService.set(pwdCipherAlgo);
}
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE122.
@Test
public void issueSYNCOPE122() {
// 1. create user on testdb and testdb2
UserTO userTO = UserITCase.getUniqueSampleTO("syncope122@apache.org");
userTO.getResources().clear();
userTO.getResources().add(RESOURCE_NAME_TESTDB);
userTO.getResources().add(RESOURCE_NAME_TESTDB2);
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
assertTrue(userTO.getResources().contains(RESOURCE_NAME_TESTDB));
assertTrue(userTO.getResources().contains(RESOURCE_NAME_TESTDB2));
String pwdOnSyncope = userTO.getPassword();
ConnObjectTO userOnDb = resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey());
AttrTO pwdOnTestDbAttr = userOnDb.getAttr(OperationalAttributes.PASSWORD_NAME).get();
assertNotNull(pwdOnTestDbAttr);
assertNotNull(pwdOnTestDbAttr.getValues());
assertFalse(pwdOnTestDbAttr.getValues().isEmpty());
String pwdOnTestDb = pwdOnTestDbAttr.getValues().iterator().next();
ConnObjectTO userOnDb2 = resourceService.readConnObject(RESOURCE_NAME_TESTDB2, AnyTypeKind.USER.name(), userTO.getKey());
AttrTO pwdOnTestDb2Attr = userOnDb2.getAttr(OperationalAttributes.PASSWORD_NAME).get();
assertNotNull(pwdOnTestDb2Attr);
assertNotNull(pwdOnTestDb2Attr.getValues());
assertFalse(pwdOnTestDb2Attr.getValues().isEmpty());
String pwdOnTestDb2 = pwdOnTestDb2Attr.getValues().iterator().next();
// 2. request to change password only on testdb (no Syncope, no testdb2)
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.setPassword(new PasswordPatch.Builder().value(getUUIDString()).onSyncope(false).resource(RESOURCE_NAME_TESTDB).build());
ProvisioningResult<UserTO> result = updateUser(userPatch);
userTO = result.getEntity();
// 3a. Chech that only a single propagation took place
assertNotNull(result.getPropagationStatuses());
assertEquals(1, result.getPropagationStatuses().size());
assertEquals(RESOURCE_NAME_TESTDB, result.getPropagationStatuses().iterator().next().getResource());
// 3b. verify that password hasn't changed on Syncope
assertEquals(pwdOnSyncope, userTO.getPassword());
// 3c. verify that password *has* changed on testdb
userOnDb = resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), userTO.getKey());
AttrTO pwdOnTestDbAttrAfter = userOnDb.getAttr(OperationalAttributes.PASSWORD_NAME).get();
assertNotNull(pwdOnTestDbAttrAfter);
assertNotNull(pwdOnTestDbAttrAfter.getValues());
assertFalse(pwdOnTestDbAttrAfter.getValues().isEmpty());
assertNotEquals(pwdOnTestDb, pwdOnTestDbAttrAfter.getValues().iterator().next());
// 3d. verify that password hasn't changed on testdb2
userOnDb2 = resourceService.readConnObject(RESOURCE_NAME_TESTDB2, AnyTypeKind.USER.name(), userTO.getKey());
AttrTO pwdOnTestDb2AttrAfter = userOnDb2.getAttr(OperationalAttributes.PASSWORD_NAME).get();
assertNotNull(pwdOnTestDb2AttrAfter);
assertNotNull(pwdOnTestDb2AttrAfter.getValues());
assertFalse(pwdOnTestDb2AttrAfter.getValues().isEmpty());
assertEquals(pwdOnTestDb2, pwdOnTestDb2AttrAfter.getValues().iterator().next());
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE357.
@Test
public void issueSYNCOPE357() throws IOException {
// 1. create group with LDAP resource
GroupTO groupTO = new GroupTO();
groupTO.setName("SYNCOPE357-" + getUUIDString());
groupTO.setRealm("/");
groupTO.getResources().add(RESOURCE_NAME_LDAP);
groupTO = createGroup(groupTO).getEntity();
assertNotNull(groupTO);
// 2. create user with membership of the above group
UserTO userTO = UserITCase.getUniqueSampleTO("syncope357@syncope.apache.org");
userTO.getPlainAttrs().add(attrTO("obscure", "valueToBeObscured"));
userTO.getPlainAttrs().add(attrTO("photo", Base64.getEncoder().encodeToString(IOUtils.readBytesFromStream(getClass().getResourceAsStream("/favicon.jpg")))));
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
userTO = createUser(userTO).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(userTO.getPlainAttr("obscure"));
assertNotNull(userTO.getPlainAttr("photo"));
// 3. read user on resource
ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(connObj);
AttrTO registeredAddress = connObj.getAttr("registeredAddress").get();
assertNotNull(registeredAddress);
assertEquals(userTO.getPlainAttr("obscure").get().getValues(), registeredAddress.getValues());
Optional<AttrTO> jpegPhoto = connObj.getAttr("jpegPhoto");
assertTrue(jpegPhoto.isPresent());
assertEquals(userTO.getPlainAttr("photo").get().getValues().get(0), jpegPhoto.get().getValues().get(0));
// 4. remove group
groupService.delete(groupTO.getKey());
// 5. try to read user on resource: fail
try {
resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE881.
@Test
public void issueSYNCOPE881() {
// 1. create group and assign LDAP
GroupTO group = GroupITCase.getSampleTO("syncope881G");
group.getVirAttrs().add(attrTO("rvirtualdata", "rvirtualvalue"));
group = createGroup(group).getEntity();
assertNotNull(group);
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), group.getKey()));
// 2. create user and assign such group
UserTO user = UserITCase.getUniqueSampleTO("syncope881U@apache.org");
user.getMemberships().clear();
user.getMemberships().add(new MembershipTO.Builder().group(group.getKey()).build());
user = createUser(user).getEntity();
assertNotNull(user);
// 3. verify that user is in LDAP
ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
assertNotNull(connObject);
AttrTO userDn = connObject.getAttr(Name.NAME).get();
assertNotNull(userDn);
assertEquals(1, userDn.getValues().size());
assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
// 4. remove user
userService.delete(user.getKey());
// 5. verify that user is not in LDAP anynmore
assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
}
Aggregations