Search in sources :

Example 6 with GroupTO

use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE1099.

@Test
public void issueSYNCOPE1099() {
    // 1. create group with dynamic condition and resource
    GroupTO group = GroupITCase.getSampleTO("syncope1099G");
    group.getResources().clear();
    group.getResources().add(RESOURCE_NAME_TESTDB);
    group.setUDynMembershipCond("firstname==issueSYNCOPE1099");
    group = createGroup(group).getEntity();
    assertNotNull(group);
    // 2. create user matching the condition above
    UserTO user = UserITCase.getUniqueSampleTO("syncope1099U@apache.org");
    user.getPlainAttr("firstname").get().getValues().set(0, "issueSYNCOPE1099");
    ProvisioningResult<UserTO> created = createUser(user);
    assertNotNull(created);
    // 3. verify that dynamic membership is set and that resource is consequently assigned
    user = created.getEntity();
    String groupKey = group.getKey();
    assertTrue(user.getDynMemberships().stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
    assertTrue(user.getResources().contains(RESOURCE_NAME_TESTDB));
    // 4. verify that propagation happened towards the resource of the dynamic group
    assertFalse(created.getPropagationStatuses().isEmpty());
    assertEquals(RESOURCE_NAME_TESTDB, created.getPropagationStatuses().get(0).getResource());
}
Also used : StringPatchItem(org.apache.syncope.common.lib.patch.StringPatchItem) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Assertions.assertNotEquals(org.junit.jupiter.api.Assertions.assertNotEquals) Autowired(org.springframework.beans.factory.annotation.Autowired) NamingException(javax.naming.NamingException) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) SpringJUnitConfig(org.springframework.test.context.junit.jupiter.SpringJUnitConfig) MembershipPatch(org.apache.syncope.common.lib.patch.MembershipPatch) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) Pair(org.apache.commons.lang3.tuple.Pair) Map(java.util.Map) RESTHeaders(org.apache.syncope.common.rest.api.RESTHeaders) OperationalAttributes(org.identityconnectors.framework.common.objects.OperationalAttributes) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException) MappingTO(org.apache.syncope.common.lib.to.MappingTO) Collection(java.util.Collection) LDAPPasswordPropagationActions(org.apache.syncope.core.provisioning.java.propagation.LDAPPasswordPropagationActions) Set(java.util.Set) GroupTO(org.apache.syncope.common.lib.to.GroupTO) DBPasswordPropagationActions(org.apache.syncope.core.provisioning.java.propagation.DBPasswordPropagationActions) StandardCharsets(java.nio.charset.StandardCharsets) ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) GenericType(javax.ws.rs.core.GenericType) Test(org.junit.jupiter.api.Test) ImplementationEngine(org.apache.syncope.common.lib.types.ImplementationEngine) Base64(java.util.Base64) List(java.util.List) AttrPatch(org.apache.syncope.common.lib.patch.AttrPatch) Response(javax.ws.rs.core.Response) DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) POJOHelper(org.apache.syncope.core.provisioning.api.serialization.POJOHelper) PropagationTaskExecStatus(org.apache.syncope.common.lib.types.PropagationTaskExecStatus) AttrTO(org.apache.syncope.common.lib.to.AttrTO) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) RealmTO(org.apache.syncope.common.lib.to.RealmTO) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) DataSource(javax.sql.DataSource) ItemTO(org.apache.syncope.common.lib.to.ItemTO) ImplementationType(org.apache.syncope.common.lib.types.ImplementationType) PropagationStatus(org.apache.syncope.common.lib.to.PropagationStatus) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) AbstractITCase(org.apache.syncope.fit.AbstractITCase) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) CipherAlgorithm(org.apache.syncope.common.lib.types.CipherAlgorithm) SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants) PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO) Encryptor(org.apache.syncope.core.spring.security.Encryptor) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) IOUtils(org.apache.cxf.helpers.IOUtils) IOException(java.io.IOException) Name(org.identityconnectors.framework.common.objects.Name) PolicyType(org.apache.syncope.common.lib.types.PolicyType) PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch) MappingPurpose(org.apache.syncope.common.lib.types.MappingPurpose) PatchOperation(org.apache.syncope.common.lib.types.PatchOperation) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserTO(org.apache.syncope.common.lib.to.UserTO) Collections(java.util.Collections) UserTO(org.apache.syncope.common.lib.to.UserTO) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Example 7 with GroupTO

use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE686.

@Test
public void issueSYNCOPE686() {
    // 1. read configured cipher algorithm in order to be able to restore it at the end of test
    AttrTO pwdCipherAlgo = configurationService.get("password.cipher.algorithm");
    String origpwdCipherAlgo = pwdCipherAlgo.getValues().get(0);
    // 2. set AES password cipher algorithm
    pwdCipherAlgo.getValues().set(0, "AES");
    configurationService.set(pwdCipherAlgo);
    try {
        // 3. create group with LDAP resource assigned
        GroupTO group = GroupITCase.getBasicSampleTO("syncope686");
        group.getResources().add(RESOURCE_NAME_LDAP);
        group = createGroup(group).getEntity();
        assertNotNull(group);
        // 4. create user with no resources
        UserTO userTO = UserITCase.getUniqueSampleTO("syncope686@apache.org");
        userTO.getResources().clear();
        userTO = createUser(userTO).getEntity();
        assertNotNull(userTO);
        // 5. update user with the new group, and don't provide any password
        UserPatch userPatch = new UserPatch();
        userPatch.setKey(userTO.getKey());
        userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.ADD_REPLACE).group(group.getKey()).build());
        ProvisioningResult<UserTO> result = updateUser(userPatch);
        assertNotNull(result);
        // 5. verify that propagation was successful
        List<PropagationStatus> props = result.getPropagationStatuses();
        assertNotNull(props);
        assertEquals(1, props.size());
        PropagationStatus prop = props.iterator().next();
        assertNotNull(prop);
        assertEquals(RESOURCE_NAME_LDAP, prop.getResource());
        assertEquals(PropagationTaskExecStatus.SUCCESS, prop.getStatus());
    } finally {
        // restore initial cipher algorithm
        pwdCipherAlgo.getValues().set(0, origpwdCipherAlgo);
        configurationService.set(pwdCipherAlgo);
    }
}
Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) AttrTO(org.apache.syncope.common.lib.to.AttrTO) PropagationStatus(org.apache.syncope.common.lib.to.PropagationStatus) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Example 8 with GroupTO

use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE357.

@Test
public void issueSYNCOPE357() throws IOException {
    // 1. create group with LDAP resource
    GroupTO groupTO = new GroupTO();
    groupTO.setName("SYNCOPE357-" + getUUIDString());
    groupTO.setRealm("/");
    groupTO.getResources().add(RESOURCE_NAME_LDAP);
    groupTO = createGroup(groupTO).getEntity();
    assertNotNull(groupTO);
    // 2. create user with membership of the above group
    UserTO userTO = UserITCase.getUniqueSampleTO("syncope357@syncope.apache.org");
    userTO.getPlainAttrs().add(attrTO("obscure", "valueToBeObscured"));
    userTO.getPlainAttrs().add(attrTO("photo", Base64.getEncoder().encodeToString(IOUtils.readBytesFromStream(getClass().getResourceAsStream("/favicon.jpg")))));
    userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
    userTO = createUser(userTO).getEntity();
    assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
    assertNotNull(userTO.getPlainAttr("obscure"));
    assertNotNull(userTO.getPlainAttr("photo"));
    // 3. read user on resource
    ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
    assertNotNull(connObj);
    AttrTO registeredAddress = connObj.getAttr("registeredAddress").get();
    assertNotNull(registeredAddress);
    assertEquals(userTO.getPlainAttr("obscure").get().getValues(), registeredAddress.getValues());
    Optional<AttrTO> jpegPhoto = connObj.getAttr("jpegPhoto");
    assertTrue(jpegPhoto.isPresent());
    assertEquals(userTO.getPlainAttr("photo").get().getValues().get(0), jpegPhoto.get().getValues().get(0));
    // 4. remove group
    groupService.delete(groupTO.getKey());
    // 5. try to read user on resource: fail
    try {
        resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.NotFound, e.getType());
    }
}
Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) AttrTO(org.apache.syncope.common.lib.to.AttrTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Example 9 with GroupTO

use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE354.

@Test
public void issueSYNCOPE354() {
    // change resource-ldap group mapping for including uniqueMember (need for assertions below)
    ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
    ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("description".equals(item.getExtAttrName()))).forEachOrdered(item -> {
        item.setExtAttrName("uniqueMember");
    });
    resourceService.update(ldap);
    // 1. create group with LDAP resource
    GroupTO groupTO = new GroupTO();
    groupTO.setName("SYNCOPE354-" + getUUIDString());
    groupTO.setRealm("/");
    groupTO.getResources().add(RESOURCE_NAME_LDAP);
    groupTO = createGroup(groupTO).getEntity();
    assertNotNull(groupTO);
    // 2. create user with LDAP resource and membership of the above group
    UserTO userTO = UserITCase.getUniqueSampleTO("syncope354@syncope.apache.org");
    userTO.getResources().add(RESOURCE_NAME_LDAP);
    userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
    userTO = createUser(userTO).getEntity();
    assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
    assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
    // 3. read group on resource, check that user DN is included in uniqueMember
    ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
    assertNotNull(connObj);
    assertTrue(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
    // 4. remove membership
    UserPatch userPatch = new UserPatch();
    userPatch.setKey(userTO.getKey());
    userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.DELETE).group(userTO.getMemberships().get(0).getGroupKey()).build());
    userTO = updateUser(userPatch).getEntity();
    assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
    // 5. read group on resource, check that user DN was removed from uniqueMember
    connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
    assertNotNull(connObj);
    assertFalse(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
    // 6. user has still the LDAP resource assigned - SYNCOPE-1222
    userTO = userService.read(userTO.getKey());
    assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
    assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
    // 7. restore original resource-ldap group mapping
    ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("uniqueMember".equals(item.getExtAttrName()))).forEachOrdered(item -> {
        item.setExtAttrName("description");
    });
    resourceService.update(ldap);
}
Also used : StringPatchItem(org.apache.syncope.common.lib.patch.StringPatchItem) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Assertions.assertNotEquals(org.junit.jupiter.api.Assertions.assertNotEquals) Autowired(org.springframework.beans.factory.annotation.Autowired) NamingException(javax.naming.NamingException) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) SpringJUnitConfig(org.springframework.test.context.junit.jupiter.SpringJUnitConfig) MembershipPatch(org.apache.syncope.common.lib.patch.MembershipPatch) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) Pair(org.apache.commons.lang3.tuple.Pair) Map(java.util.Map) RESTHeaders(org.apache.syncope.common.rest.api.RESTHeaders) OperationalAttributes(org.identityconnectors.framework.common.objects.OperationalAttributes) EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException) MappingTO(org.apache.syncope.common.lib.to.MappingTO) Collection(java.util.Collection) LDAPPasswordPropagationActions(org.apache.syncope.core.provisioning.java.propagation.LDAPPasswordPropagationActions) Set(java.util.Set) GroupTO(org.apache.syncope.common.lib.to.GroupTO) DBPasswordPropagationActions(org.apache.syncope.core.provisioning.java.propagation.DBPasswordPropagationActions) StandardCharsets(java.nio.charset.StandardCharsets) ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) GenericType(javax.ws.rs.core.GenericType) Test(org.junit.jupiter.api.Test) ImplementationEngine(org.apache.syncope.common.lib.types.ImplementationEngine) Base64(java.util.Base64) List(java.util.List) AttrPatch(org.apache.syncope.common.lib.patch.AttrPatch) Response(javax.ws.rs.core.Response) DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) POJOHelper(org.apache.syncope.core.provisioning.api.serialization.POJOHelper) PropagationTaskExecStatus(org.apache.syncope.common.lib.types.PropagationTaskExecStatus) AttrTO(org.apache.syncope.common.lib.to.AttrTO) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) RealmTO(org.apache.syncope.common.lib.to.RealmTO) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) DataSource(javax.sql.DataSource) ItemTO(org.apache.syncope.common.lib.to.ItemTO) ImplementationType(org.apache.syncope.common.lib.types.ImplementationType) PropagationStatus(org.apache.syncope.common.lib.to.PropagationStatus) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) AbstractITCase(org.apache.syncope.fit.AbstractITCase) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) CipherAlgorithm(org.apache.syncope.common.lib.types.CipherAlgorithm) SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants) PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO) Encryptor(org.apache.syncope.core.spring.security.Encryptor) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) IOUtils(org.apache.cxf.helpers.IOUtils) IOException(java.io.IOException) Name(org.identityconnectors.framework.common.objects.Name) PolicyType(org.apache.syncope.common.lib.types.PolicyType) PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch) MappingPurpose(org.apache.syncope.common.lib.types.MappingPurpose) PatchOperation(org.apache.syncope.common.lib.types.PatchOperation) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserTO(org.apache.syncope.common.lib.to.UserTO) Collections(java.util.Collections) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) UserTO(org.apache.syncope.common.lib.to.UserTO) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Example 10 with GroupTO

use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE881.

@Test
public void issueSYNCOPE881() {
    // 1. create group and assign LDAP
    GroupTO group = GroupITCase.getSampleTO("syncope881G");
    group.getVirAttrs().add(attrTO("rvirtualdata", "rvirtualvalue"));
    group = createGroup(group).getEntity();
    assertNotNull(group);
    assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), group.getKey()));
    // 2. create user and assign such group
    UserTO user = UserITCase.getUniqueSampleTO("syncope881U@apache.org");
    user.getMemberships().clear();
    user.getMemberships().add(new MembershipTO.Builder().group(group.getKey()).build());
    user = createUser(user).getEntity();
    assertNotNull(user);
    // 3. verify that user is in LDAP
    ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
    assertNotNull(connObject);
    AttrTO userDn = connObject.getAttr(Name.NAME).get();
    assertNotNull(userDn);
    assertEquals(1, userDn.getValues().size());
    assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
    // 4. remove user
    userService.delete(user.getKey());
    // 5. verify that user is not in LDAP anynmore
    assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
}
Also used : UserTO(org.apache.syncope.common.lib.to.UserTO) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) AttrTO(org.apache.syncope.common.lib.to.AttrTO) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Aggregations

GroupTO (org.apache.syncope.common.lib.to.GroupTO)90 Test (org.junit.jupiter.api.Test)47 UserTO (org.apache.syncope.common.lib.to.UserTO)34 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)27 GroupPatch (org.apache.syncope.common.lib.patch.GroupPatch)23 MembershipTO (org.apache.syncope.common.lib.to.MembershipTO)17 AnyObjectTO (org.apache.syncope.common.lib.to.AnyObjectTO)16 List (java.util.List)15 AttrTO (org.apache.syncope.common.lib.to.AttrTO)15 ConnObjectTO (org.apache.syncope.common.lib.to.ConnObjectTO)14 ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)14 Response (javax.ws.rs.core.Response)13 NamingException (javax.naming.NamingException)12 PropagationStatus (org.apache.syncope.common.lib.to.PropagationStatus)12 Map (java.util.Map)11 ForbiddenException (javax.ws.rs.ForbiddenException)11 AccessControlException (java.security.AccessControlException)10 BulkActionResult (org.apache.syncope.common.lib.to.BulkActionResult)10 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)10 Collections (java.util.Collections)9