use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE1099.
@Test
public void issueSYNCOPE1099() {
// 1. create group with dynamic condition and resource
GroupTO group = GroupITCase.getSampleTO("syncope1099G");
group.getResources().clear();
group.getResources().add(RESOURCE_NAME_TESTDB);
group.setUDynMembershipCond("firstname==issueSYNCOPE1099");
group = createGroup(group).getEntity();
assertNotNull(group);
// 2. create user matching the condition above
UserTO user = UserITCase.getUniqueSampleTO("syncope1099U@apache.org");
user.getPlainAttr("firstname").get().getValues().set(0, "issueSYNCOPE1099");
ProvisioningResult<UserTO> created = createUser(user);
assertNotNull(created);
// 3. verify that dynamic membership is set and that resource is consequently assigned
user = created.getEntity();
String groupKey = group.getKey();
assertTrue(user.getDynMemberships().stream().anyMatch(m -> m.getGroupKey().equals(groupKey)));
assertTrue(user.getResources().contains(RESOURCE_NAME_TESTDB));
// 4. verify that propagation happened towards the resource of the dynamic group
assertFalse(created.getPropagationStatuses().isEmpty());
assertEquals(RESOURCE_NAME_TESTDB, created.getPropagationStatuses().get(0).getResource());
}
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE686.
@Test
public void issueSYNCOPE686() {
// 1. read configured cipher algorithm in order to be able to restore it at the end of test
AttrTO pwdCipherAlgo = configurationService.get("password.cipher.algorithm");
String origpwdCipherAlgo = pwdCipherAlgo.getValues().get(0);
// 2. set AES password cipher algorithm
pwdCipherAlgo.getValues().set(0, "AES");
configurationService.set(pwdCipherAlgo);
try {
// 3. create group with LDAP resource assigned
GroupTO group = GroupITCase.getBasicSampleTO("syncope686");
group.getResources().add(RESOURCE_NAME_LDAP);
group = createGroup(group).getEntity();
assertNotNull(group);
// 4. create user with no resources
UserTO userTO = UserITCase.getUniqueSampleTO("syncope686@apache.org");
userTO.getResources().clear();
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
// 5. update user with the new group, and don't provide any password
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.ADD_REPLACE).group(group.getKey()).build());
ProvisioningResult<UserTO> result = updateUser(userPatch);
assertNotNull(result);
// 5. verify that propagation was successful
List<PropagationStatus> props = result.getPropagationStatuses();
assertNotNull(props);
assertEquals(1, props.size());
PropagationStatus prop = props.iterator().next();
assertNotNull(prop);
assertEquals(RESOURCE_NAME_LDAP, prop.getResource());
assertEquals(PropagationTaskExecStatus.SUCCESS, prop.getStatus());
} finally {
// restore initial cipher algorithm
pwdCipherAlgo.getValues().set(0, origpwdCipherAlgo);
configurationService.set(pwdCipherAlgo);
}
}
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE357.
@Test
public void issueSYNCOPE357() throws IOException {
// 1. create group with LDAP resource
GroupTO groupTO = new GroupTO();
groupTO.setName("SYNCOPE357-" + getUUIDString());
groupTO.setRealm("/");
groupTO.getResources().add(RESOURCE_NAME_LDAP);
groupTO = createGroup(groupTO).getEntity();
assertNotNull(groupTO);
// 2. create user with membership of the above group
UserTO userTO = UserITCase.getUniqueSampleTO("syncope357@syncope.apache.org");
userTO.getPlainAttrs().add(attrTO("obscure", "valueToBeObscured"));
userTO.getPlainAttrs().add(attrTO("photo", Base64.getEncoder().encodeToString(IOUtils.readBytesFromStream(getClass().getResourceAsStream("/favicon.jpg")))));
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
userTO = createUser(userTO).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(userTO.getPlainAttr("obscure"));
assertNotNull(userTO.getPlainAttr("photo"));
// 3. read user on resource
ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(connObj);
AttrTO registeredAddress = connObj.getAttr("registeredAddress").get();
assertNotNull(registeredAddress);
assertEquals(userTO.getPlainAttr("obscure").get().getValues(), registeredAddress.getValues());
Optional<AttrTO> jpegPhoto = connObj.getAttr("jpegPhoto");
assertTrue(jpegPhoto.isPresent());
assertEquals(userTO.getPlainAttr("photo").get().getValues().get(0), jpegPhoto.get().getValues().get(0));
// 4. remove group
groupService.delete(groupTO.getKey());
// 5. try to read user on resource: fail
try {
resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
}
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE354.
@Test
public void issueSYNCOPE354() {
// change resource-ldap group mapping for including uniqueMember (need for assertions below)
ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("description".equals(item.getExtAttrName()))).forEachOrdered(item -> {
item.setExtAttrName("uniqueMember");
});
resourceService.update(ldap);
// 1. create group with LDAP resource
GroupTO groupTO = new GroupTO();
groupTO.setName("SYNCOPE354-" + getUUIDString());
groupTO.setRealm("/");
groupTO.getResources().add(RESOURCE_NAME_LDAP);
groupTO = createGroup(groupTO).getEntity();
assertNotNull(groupTO);
// 2. create user with LDAP resource and membership of the above group
UserTO userTO = UserITCase.getUniqueSampleTO("syncope354@syncope.apache.org");
userTO.getResources().add(RESOURCE_NAME_LDAP);
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
userTO = createUser(userTO).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
// 3. read group on resource, check that user DN is included in uniqueMember
ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
assertNotNull(connObj);
assertTrue(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
// 4. remove membership
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.DELETE).group(userTO.getMemberships().get(0).getGroupKey()).build());
userTO = updateUser(userPatch).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
// 5. read group on resource, check that user DN was removed from uniqueMember
connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
assertNotNull(connObj);
assertFalse(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
// 6. user has still the LDAP resource assigned - SYNCOPE-1222
userTO = userService.read(userTO.getKey());
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
// 7. restore original resource-ldap group mapping
ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("uniqueMember".equals(item.getExtAttrName()))).forEachOrdered(item -> {
item.setExtAttrName("description");
});
resourceService.update(ldap);
}
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE881.
@Test
public void issueSYNCOPE881() {
// 1. create group and assign LDAP
GroupTO group = GroupITCase.getSampleTO("syncope881G");
group.getVirAttrs().add(attrTO("rvirtualdata", "rvirtualvalue"));
group = createGroup(group).getEntity();
assertNotNull(group);
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), group.getKey()));
// 2. create user and assign such group
UserTO user = UserITCase.getUniqueSampleTO("syncope881U@apache.org");
user.getMemberships().clear();
user.getMemberships().add(new MembershipTO.Builder().group(group.getKey()).build());
user = createUser(user).getEntity();
assertNotNull(user);
// 3. verify that user is in LDAP
ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
assertNotNull(connObject);
AttrTO userDn = connObject.getAttr(Name.NAME).get();
assertNotNull(userDn);
assertEquals(1, userDn.getValues().size());
assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
// 4. remove user
userService.delete(user.getKey());
// 5. verify that user is not in LDAP anynmore
assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
}
Aggregations