Examples with ConnObjectTO org.apache.syncope.common.lib.to.ConnObjectTO used on opensource projects

Example 6 with ConnObjectTO

use of org.apache.syncope.common.lib.to.ConnObjectTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE881.

@Test
public void issueSYNCOPE881() {
    // 1. create group and assign LDAP
    GroupTO group = GroupITCase.getSampleTO("syncope881G");
    group.getVirAttrs().add(attrTO("rvirtualdata", "rvirtualvalue"));
    group = createGroup(group).getEntity();
    assertNotNull(group);
    assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), group.getKey()));
    // 2. create user and assign such group
    UserTO user = UserITCase.getUniqueSampleTO("syncope881U@apache.org");
    user.getMemberships().clear();
    user.getMemberships().add(new MembershipTO.Builder().group(group.getKey()).build());
    user = createUser(user).getEntity();
    assertNotNull(user);
    // 3. verify that user is in LDAP
    ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
    assertNotNull(connObject);
    AttrTO userDn = connObject.getAttr(Name.NAME).get();
    assertNotNull(userDn);
    assertEquals(1, userDn.getValues().size());
    assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
    // 4. remove user
    userService.delete(user.getKey());
    // 5. verify that user is not in LDAP anynmore
    assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
}

Example 7 with ConnObjectTO

use of org.apache.syncope.common.lib.to.ConnObjectTO in project syncope by apache.

the class UserITCase method mappingPurpose.

@Test
public void mappingPurpose() {
    UserTO userTO = getUniqueSampleTO("mpurpose@apache.org");
    userTO.getAuxClasses().add("csv");
    userTO.getResources().clear();
    userTO.getResources().add(RESOURCE_NAME_CSV);
    userTO = createUser(userTO).getEntity();
    assertNotNull(userTO);
    ConnObjectTO connObjectTO = resourceService.readConnObject(RESOURCE_NAME_CSV, AnyTypeKind.USER.name(), userTO.getKey());
    assertFalse(connObjectTO.getAttr("email").isPresent());
}

Example 8 with ConnObjectTO

use of org.apache.syncope.common.lib.to.ConnObjectTO in project syncope by apache.

the class PullTaskITCase method issueSYNCOPE313LDAP.

@Test
public void issueSYNCOPE313LDAP() throws Exception {
    // First of all, clear any potential conflict with existing user / group
    ldapCleanup();
    UserTO user = null;
    PullTaskTO pullTask = null;
    ConnInstanceTO resourceConnector = null;
    ConnConfProperty property = null;
    try {
        // 1. create user in LDAP
        String oldCleanPassword = "security123";
        user = UserITCase.getUniqueSampleTO("syncope313-ldap@syncope.apache.org");
        user.setPassword(oldCleanPassword);
        user.getResources().add(RESOURCE_NAME_LDAP);
        user = createUser(user).getEntity();
        assertNotNull(user);
        assertFalse(user.getResources().isEmpty());
        // 2. request to change password only on Syncope and not on LDAP
        String newCleanPassword = "new-security123";
        UserPatch userPatch = new UserPatch();
        userPatch.setKey(user.getKey());
        userPatch.setPassword(new PasswordPatch.Builder().value(newCleanPassword).build());
        user = updateUser(userPatch).getEntity();
        // 3. Check that the Syncope user now has the changed password
        Pair<Map<String, Set<String>>, UserTO> self = clientFactory.create(user.getUsername(), newCleanPassword).self();
        assertNotNull(self);
        // 4. Check that the LDAP resource has the old password
        ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
        assertNotNull(getLdapRemoteObject(connObject.getAttr(Name.NAME).get().getValues().get(0), oldCleanPassword, connObject.getAttr(Name.NAME).get().getValues().get(0)));
        // 5. Update the LDAP Connector to retrieve passwords
        ResourceTO ldapResource = resourceService.read(RESOURCE_NAME_LDAP);
        resourceConnector = connectorService.read(ldapResource.getConnector(), Locale.ENGLISH.getLanguage());
        property = resourceConnector.getConf("retrievePasswordsWithSearch").get();
        property.getValues().clear();
        property.getValues().add(Boolean.TRUE);
        connectorService.update(resourceConnector);
        // 6. Pull the user from the resource
        ImplementationTO pullActions = new ImplementationTO();
        pullActions.setKey(LDAPPasswordPullActions.class.getSimpleName());
        pullActions.setEngine(ImplementationEngine.JAVA);
        pullActions.setType(ImplementationType.PULL_ACTIONS);
        pullActions.setBody(LDAPPasswordPullActions.class.getName());
        Response response = implementationService.create(pullActions);
        pullActions = implementationService.read(pullActions.getType(), response.getHeaderString(RESTHeaders.RESOURCE_KEY));
        assertNotNull(pullActions);
        pullTask = new PullTaskTO();
        pullTask.setDestinationRealm(SyncopeConstants.ROOT_REALM);
        pullTask.setName("LDAP Pull Task");
        pullTask.setActive(true);
        pullTask.setPerformCreate(true);
        pullTask.setPerformUpdate(true);
        pullTask.setPullMode(PullMode.FULL_RECONCILIATION);
        pullTask.setResource(RESOURCE_NAME_LDAP);
        pullTask.getActions().add(pullActions.getKey());
        Response taskResponse = taskService.create(TaskType.PULL, pullTask);
        pullTask = getObject(taskResponse.getLocation(), TaskService.class, PullTaskTO.class);
        assertNotNull(pullTask);
        ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
        assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
        // 7. Test the pulled user
        self = clientFactory.create(user.getUsername(), oldCleanPassword).self();
        assertNotNull(self);
    } catch (Exception e) {
        fail(e.getMessage());
    } finally {
        // Delete PullTask + user + reset the connector
        if (pullTask != null) {
            taskService.delete(TaskType.PULL, pullTask.getKey());
        }
        if (resourceConnector != null && property != null) {
            property.getValues().clear();
            property.getValues().add(Boolean.FALSE);
            connectorService.update(resourceConnector);
        }
        if (user != null) {
            deleteUser(user.getKey());
        }
    }
}

Example 9 with ConnObjectTO

use of org.apache.syncope.common.lib.to.ConnObjectTO in project syncope by apache.

the class ResourceLogic method listConnObjects.

@PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_LIST_CONNOBJECT + "')")
@Transactional(readOnly = true)
public Pair<SearchResult, List<ConnObjectTO>> listConnObjects(final String key, final String anyTypeKey, final int size, final String pagedResultsCookie, final List<OrderByClause> orderBy) {
    ExternalResource resource;
    ObjectClass objectClass;
    OperationOptions options;
    if (SyncopeConstants.REALM_ANYTYPE.equals(anyTypeKey)) {
        resource = resourceDAO.authFind(key);
        if (resource == null) {
            throw new NotFoundException("Resource '" + key + "'");
        }
        if (resource.getOrgUnit() == null) {
            throw new NotFoundException("Realm provisioning for resource '" + key + "'");
        }
        objectClass = resource.getOrgUnit().getObjectClass();
        options = MappingUtils.buildOperationOptions(MappingUtils.getPropagationItems(resource.getOrgUnit().getItems()).iterator());
    } else {
        Triple<ExternalResource, AnyType, Provision> init = connObjectInit(key, anyTypeKey);
        resource = init.getLeft();
        objectClass = init.getRight().getObjectClass();
        init.getRight().getMapping().getItems();
        Set<MappingItem> linkinMappingItems = virSchemaDAO.findByProvision(init.getRight()).stream().map(virSchema -> virSchema.asLinkingMappingItem()).collect(Collectors.toSet());
        Iterator<MappingItem> mapItems = new IteratorChain<>(init.getRight().getMapping().getItems().iterator(), linkinMappingItems.iterator());
        options = MappingUtils.buildOperationOptions(mapItems);
    }
    final List<ConnObjectTO> connObjects = new ArrayList<>();
    SearchResult searchResult = connFactory.getConnector(resource).search(objectClass, null, new ResultsHandler() {

        private int count;

        @Override
        public boolean handle(final ConnectorObject connectorObject) {
            connObjects.add(ConnObjectUtils.getConnObjectTO(connectorObject));
            // safety protection against uncontrolled result size
            count++;
            return count < size;
        }
    }, size, pagedResultsCookie, orderBy, options);
    return ImmutablePair.of(searchResult, connObjects);
}

Example 10 with ConnObjectTO

use of org.apache.syncope.common.lib.to.ConnObjectTO in project syncope by apache.

the class ResourceLogic method readConnObject.

@PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_GET_CONNOBJECT + "')")
@Transactional(readOnly = true)
public ConnObjectTO readConnObject(final String key, final String anyTypeKey, final String anyKey) {
    Triple<ExternalResource, AnyType, Provision> init = connObjectInit(key, anyTypeKey);
    // 1. find any
    Any<?> any = init.getMiddle().getKind() == AnyTypeKind.USER ? userDAO.find(anyKey) : init.getMiddle().getKind() == AnyTypeKind.ANY_OBJECT ? anyObjectDAO.find(anyKey) : groupDAO.find(anyKey);
    if (any == null) {
        throw new NotFoundException(init.getMiddle() + " " + anyKey);
    }
    // 2. build connObjectKeyItem
    Optional<MappingItem> connObjectKeyItem = MappingUtils.getConnObjectKeyItem(init.getRight());
    if (!connObjectKeyItem.isPresent()) {
        throw new NotFoundException("ConnObjectKey mapping for " + init.getMiddle() + " " + anyKey + " on resource '" + key + "'");
    }
    Optional<String> connObjectKeyValue = mappingManager.getConnObjectKeyValue(any, init.getRight());
    // 3. determine attributes to query
    Set<MappingItem> linkinMappingItems = virSchemaDAO.findByProvision(init.getRight()).stream().map(virSchema -> virSchema.asLinkingMappingItem()).collect(Collectors.toSet());
    Iterator<MappingItem> mapItems = new IteratorChain<>(init.getRight().getMapping().getItems().iterator(), linkinMappingItems.iterator());
    // 4. read from the underlying connector
    Connector connector = connFactory.getConnector(init.getLeft());
    ConnectorObject connectorObject = connector.getObject(init.getRight().getObjectClass(), AttributeBuilder.build(connObjectKeyItem.get().getExtAttrName(), connObjectKeyValue.get()), MappingUtils.buildOperationOptions(mapItems));
    if (connectorObject == null) {
        throw new NotFoundException("Object " + connObjectKeyValue.get() + " with class " + init.getRight().getObjectClass() + " not found on resource " + key);
    }
    // 5. build result
    Set<Attribute> attributes = connectorObject.getAttributes();
    if (AttributeUtil.find(Uid.NAME, attributes) == null) {
        attributes.add(connectorObject.getUid());
    }
    if (AttributeUtil.find(Name.NAME, attributes) == null) {
        attributes.add(connectorObject.getName());
    }
    return ConnObjectUtils.getConnObjectTO(connectorObject);
}