use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class GroupITCase method aDynMembershipCount.
@Test
public void aDynMembershipCount() {
// Create a new printer as a dynamic member of a new group
GroupTO group = getBasicSampleTO("aDynamicMembership");
String fiql = SyncopeClient.getAnyObjectSearchConditionBuilder("PRINTER").is("location").equalTo("home").query();
group.getADynMembershipConds().put("PRINTER", fiql);
group = createGroup(group).getEntity();
AnyObjectTO printer = new AnyObjectTO();
printer.setRealm(SyncopeConstants.ROOT_REALM);
printer.setName("Printer_" + getUUIDString());
printer.setType("PRINTER");
AttrTO location = new AttrTO.Builder().schema("location").value("home").build();
printer.getPlainAttrs().add(location);
printer = createAnyObject(printer).getEntity();
group = groupService.read(group.getKey());
assertEquals(0, group.getStaticAnyObjectMembershipCount());
assertEquals(1, group.getDynamicAnyObjectMembershipCount());
anyObjectService.delete(printer.getKey());
groupService.delete(group.getKey());
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class GroupITCase method aDynMembership.
@Test
public void aDynMembership() {
String fiql = SyncopeClient.getAnyObjectSearchConditionBuilder("PRINTER").is("location").notNullValue().query();
// 1. create group with a given aDynMembership condition
GroupTO group = getBasicSampleTO("aDynMembership");
group.getADynMembershipConds().put("PRINTER", fiql);
group = createGroup(group).getEntity();
assertEquals(fiql, group.getADynMembershipConds().get("PRINTER"));
group = groupService.read(group.getKey());
final String groupKey = group.getKey();
assertEquals(fiql, group.getADynMembershipConds().get("PRINTER"));
// verify that the condition is dynamically applied
AnyObjectTO newAny = AnyObjectITCase.getSampleTO("aDynMembership");
newAny.getResources().clear();
newAny = createAnyObject(newAny).getEntity();
assertNotNull(newAny.getPlainAttr("location"));
List<MembershipTO> memberships = anyObjectService.read("fc6dbc3a-6c07-4965-8781-921e7401a4a5").getDynMemberships();
assertTrue(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
memberships = anyObjectService.read("8559d14d-58c2-46eb-a2d4-a7d35161e8f8").getDynMemberships();
assertTrue(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
memberships = anyObjectService.read(newAny.getKey()).getDynMemberships();
assertTrue(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
// 2. update group and change aDynMembership condition
fiql = SyncopeClient.getAnyObjectSearchConditionBuilder("PRINTER").is("location").nullValue().query();
GroupPatch patch = new GroupPatch();
patch.setKey(group.getKey());
patch.getADynMembershipConds().put("PRINTER", fiql);
group = updateGroup(patch).getEntity();
assertEquals(fiql, group.getADynMembershipConds().get("PRINTER"));
group = groupService.read(group.getKey());
assertEquals(fiql, group.getADynMembershipConds().get("PRINTER"));
// verify that the condition is dynamically applied
AnyObjectPatch anyPatch = new AnyObjectPatch();
anyPatch.setKey(newAny.getKey());
anyPatch.getPlainAttrs().add(new AttrPatch.Builder().operation(PatchOperation.DELETE).attrTO(new AttrTO.Builder().schema("location").build()).build());
newAny = updateAnyObject(anyPatch).getEntity();
assertFalse(newAny.getPlainAttr("location").isPresent());
memberships = anyObjectService.read("fc6dbc3a-6c07-4965-8781-921e7401a4a5").getDynMemberships();
assertFalse(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
memberships = anyObjectService.read("8559d14d-58c2-46eb-a2d4-a7d35161e8f8").getDynMemberships();
assertFalse(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
memberships = anyObjectService.read(newAny.getKey()).getDynMemberships();
assertTrue(memberships.stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class BaseUserSelfResource method millisToDate.
protected void millisToDate(final Set<AttrTO> attrs, final PlainSchemaTO plainSchema) throws IllegalArgumentException {
final FastDateFormat fmt = FastDateFormat.getInstance(plainSchema.getConversionPattern());
attrs.stream().filter(attr -> (attr.getSchema().equals(plainSchema.getKey()))).forEachOrdered(attr -> {
for (ListIterator<String> itor = attr.getValues().listIterator(); itor.hasNext(); ) {
String value = itor.next();
try {
itor.set(fmt.format(Long.valueOf(value)));
} catch (NumberFormatException ex) {
LOG.error("Invalid format value for {}", value);
}
}
});
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class UserRequestValidatorTest method testCompliant.
@Test
public void testCompliant() throws IOException {
UserTO userTO = new UserTO();
// plain
AttrTO firstname = attrTO("firstname", "defaultFirstname");
AttrTO surname = attrTO("surname", "surnameValue");
AttrTO additionalCtype = attrTO("additional#ctype", "ctypeValue");
AttrTO notAllowed = attrTO("not_allowed", "notAllowedValue");
userTO.getPlainAttrs().addAll(Arrays.asList(firstname, surname, notAllowed, additionalCtype));
Map<String, CustomAttributesInfo> customForm = new ObjectMapper().readValue(new ClassPathResource("customForm.json").getFile(), new TypeReference<HashMap<String, CustomAttributesInfo>>() {
});
// not allowed because of presence of notAllowed attribute
assertFalse(UserRequestValidator.compliant(userTO, customForm, true));
// remove notAllowed attribute and make it compliant
userTO.getPlainAttrs().remove(notAllowed);
assertTrue(UserRequestValidator.compliant(userTO, customForm, true));
// firstname must have only one defaultValue
userTO.getPlainAttr("firstname").get().getValues().add("notAllowedFirstnameValue");
assertFalse(UserRequestValidator.compliant(userTO, customForm, true));
assertTrue(UserRequestValidator.compliant(userTO, customForm, false));
// clean
userTO.getPlainAttr("firstname").get().getValues().remove("notAllowedFirstnameValue");
// derived must not be present
AttrTO derivedNotAllowed = attrTO("derivedNotAllowed");
userTO.getDerAttrs().add(derivedNotAllowed);
assertFalse(UserRequestValidator.compliant(userTO, customForm, true));
// clean
userTO.getDerAttrs().clear();
// virtual
AttrTO virtualdata = attrTO("virtualdata", "defaultVirtualData");
userTO.getVirAttrs().add(virtualdata);
assertTrue(UserRequestValidator.compliant(userTO, customForm, true));
// with empty form is compliant by definition
assertTrue(UserRequestValidator.compliant(userTO, new HashMap<>(), true));
}
use of org.apache.syncope.common.lib.to.AttrTO in project syncope by apache.
the class PropagationManagerImpl method createTasks.
/**
* Create propagation tasks.
*
* @param any to be provisioned
* @param password clear text password to be provisioned
* @param changePwd whether password should be included for propagation attributes or not
* @param enable whether user must be enabled or not
* @param deleteOnResource whether any must be deleted anyway from external resource or not
* @param propByRes operation to be performed per resource
* @param vAttrs virtual attributes to be set
* @return list of propagation tasks created
*/
protected List<PropagationTaskTO> createTasks(final Any<?> any, final String password, final boolean changePwd, final Boolean enable, final boolean deleteOnResource, final PropagationByResource propByRes, final Collection<AttrTO> vAttrs) {
LOG.debug("Provisioning {}:\n{}", any, propByRes);
// Avoid duplicates - see javadoc
propByRes.purge();
LOG.debug("After purge {}:\n{}", any, propByRes);
// Virtual attributes
Set<String> virtualResources = new HashSet<>();
virtualResources.addAll(propByRes.get(ResourceOperation.CREATE));
virtualResources.addAll(propByRes.get(ResourceOperation.UPDATE));
virtualResources.addAll(dao(any.getType().getKind()).findAllResourceKeys(any.getKey()));
Map<String, Set<Attribute>> vAttrMap = new HashMap<>();
if (vAttrs != null) {
vAttrs.forEach(vAttr -> {
VirSchema schema = virSchemaDAO.find(vAttr.getSchema());
if (schema == null) {
LOG.warn("Ignoring invalid {} {}", VirSchema.class.getSimpleName(), vAttr.getSchema());
} else if (schema.isReadonly()) {
LOG.warn("Ignoring read-only {} {}", VirSchema.class.getSimpleName(), vAttr.getSchema());
} else if (anyUtilsFactory.getInstance(any).getAllowedSchemas(any, VirSchema.class).contains(schema) && virtualResources.contains(schema.getProvision().getResource().getKey())) {
Set<Attribute> values = vAttrMap.get(schema.getProvision().getResource().getKey());
if (values == null) {
values = new HashSet<>();
vAttrMap.put(schema.getProvision().getResource().getKey(), values);
}
values.add(AttributeBuilder.build(schema.getExtAttrName(), vAttr.getValues()));
propByRes.add(ResourceOperation.UPDATE, schema.getProvision().getResource().getKey());
} else {
LOG.warn("{} not owned by or {} not allowed for {}", schema.getProvision().getResource(), schema, any);
}
});
}
LOG.debug("With virtual attributes {}:\n{}\n{}", any, propByRes, vAttrMap);
List<PropagationTaskTO> tasks = new ArrayList<>();
propByRes.asMap().forEach((resourceKey, operation) -> {
ExternalResource resource = resourceDAO.find(resourceKey);
Provision provision = resource == null ? null : resource.getProvision(any.getType()).orElse(null);
List<? extends Item> mappingItems = provision == null ? Collections.<Item>emptyList() : MappingUtils.getPropagationItems(provision.getMapping().getItems());
if (resource == null) {
LOG.error("Invalid resource name specified: {}, ignoring...", resourceKey);
} else if (provision == null) {
LOG.error("No provision specified on resource {} for type {}, ignoring...", resource, any.getType());
} else if (mappingItems.isEmpty()) {
LOG.warn("Requesting propagation for {} but no propagation mapping provided for {}", any.getType(), resource);
} else {
PropagationTaskTO task = new PropagationTaskTO();
task.setResource(resource.getKey());
task.setObjectClassName(provision.getObjectClass().getObjectClassValue());
task.setAnyTypeKind(any.getType().getKind());
task.setAnyType(any.getType().getKey());
if (!deleteOnResource) {
task.setEntityKey(any.getKey());
}
task.setOperation(operation);
task.setOldConnObjectKey(propByRes.getOldConnObjectKey(resource.getKey()));
Pair<String, Set<Attribute>> preparedAttrs = mappingManager.prepareAttrs(any, password, changePwd, enable, provision);
task.setConnObjectKey(preparedAttrs.getKey());
// Check if any of mandatory attributes (in the mapping) is missing or not received any value:
// if so, add special attributes that will be evaluated by PropagationTaskExecutor
List<String> mandatoryMissing = new ArrayList<>();
List<String> mandatoryNullOrEmpty = new ArrayList<>();
mappingItems.stream().filter(item -> (!item.isConnObjectKey() && JexlUtils.evaluateMandatoryCondition(item.getMandatoryCondition(), any))).forEachOrdered(item -> {
Attribute attr = AttributeUtil.find(item.getExtAttrName(), preparedAttrs.getValue());
if (attr == null) {
mandatoryMissing.add(item.getExtAttrName());
} else if (attr.getValue() == null || attr.getValue().isEmpty()) {
mandatoryNullOrEmpty.add(item.getExtAttrName());
}
});
if (!mandatoryMissing.isEmpty()) {
preparedAttrs.getValue().add(AttributeBuilder.build(PropagationTaskExecutor.MANDATORY_MISSING_ATTR_NAME, mandatoryMissing));
}
if (!mandatoryNullOrEmpty.isEmpty()) {
preparedAttrs.getValue().add(AttributeBuilder.build(PropagationTaskExecutor.MANDATORY_NULL_OR_EMPTY_ATTR_NAME, mandatoryNullOrEmpty));
}
if (vAttrMap.containsKey(resource.getKey())) {
preparedAttrs.getValue().addAll(vAttrMap.get(resource.getKey()));
}
task.setAttributes(POJOHelper.serialize(preparedAttrs.getValue()));
tasks.add(task);
LOG.debug("PropagationTask created: {}", task);
}
});
return tasks;
}
Aggregations