Example 41 with GroupTO
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class GroupLogic method link.
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public GroupTO link(final String key, final Collection<String> resources) {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = RealmUtils.getEffective(AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm());
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
GroupPatch patch = new GroupPatch();
patch.setKey(key);
patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()).collect(Collectors.toList()));
patch.getADynMembershipConds().putAll(group.getADynMembershipConds());
patch.setUDynMembershipCond(group.getUDynMembershipCond());
return binder.getGroupTO(provisioningManager.link(patch));
}
Also used :
GroupPatch(org.apache.syncope.common.lib.patch.GroupPatch)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 42 with GroupTO
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class MigrationPullActions method after.
@Transactional
@Override
public void after(final ProvisioningProfile<?, ?> profile, final SyncDelta delta, final EntityTO entity, final ProvisioningReport result) throws JobExecutionException {
if (entity instanceof UserTO) {
// handles ciphered password import
CipherAlgorithm cipherAlgorithm = null;
Attribute cipherAlgorithmAttr = delta.getObject().getAttributeByName(CIPHER_ALGORITHM_ATTR);
if (cipherAlgorithmAttr != null && cipherAlgorithmAttr.getValue() != null && !cipherAlgorithmAttr.getValue().isEmpty()) {
cipherAlgorithm = CipherAlgorithm.valueOf(cipherAlgorithmAttr.getValue().get(0).toString());
}
GuardedString passwordValue = AttributeUtil.getPasswordValue(delta.getObject().getAttributes());
if (cipherAlgorithm != null && passwordValue != null) {
User user = userDAO.find(entity.getKey());
LOG.debug("Setting encoded password for {}", user);
user.setEncodedPassword(SecurityUtil.decrypt(passwordValue), cipherAlgorithm);
}
} else if (entity instanceof GroupTO) {
// handles group membership
Attribute membershipsAttr = delta.getObject().getAttributeByName(MEMBERSHIPS_ATTR);
if (membershipsAttr != null && membershipsAttr.getValue() != null && !membershipsAttr.getValue().isEmpty()) {
LOG.debug("Found {} for group {}", MEMBERSHIPS_ATTR, entity.getKey());
for (Object membership : membershipsAttr.getValue()) {
User member = userDAO.findByUsername(membership.toString());
if (member == null) {
LOG.warn("Could not find member {} for group {}", membership, entity.getKey());
} else {
Set<String> memb = memberships.get(member.getKey());
if (memb == null) {
memb = new HashSet<>();
memberships.put(member.getKey(), memb);
}
memb.add(entity.getKey());
}
}
}
} else {
super.after(profile, delta, entity, result);
}
}
Also used :
CipherAlgorithm(org.apache.syncope.common.lib.types.CipherAlgorithm)
User(org.apache.syncope.core.persistence.api.entity.user.User)
HashSet(java.util.HashSet)
Set(java.util.Set)
Attribute(org.identityconnectors.framework.common.objects.Attribute)
UserTO(org.apache.syncope.common.lib.to.UserTO)
GuardedString(org.identityconnectors.common.security.GuardedString)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
HashSet(java.util.HashSet)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 43 with GroupTO
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class GroupDirectoryPanel method getActions.
@Override
public ActionsPanel<GroupTO> getActions(final IModel<GroupTO> model) {
final ActionsPanel<GroupTO> panel = super.getActions(model);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
send(GroupDirectoryPanel.this, Broadcast.EXACT, new AjaxWizard.EditItemActionEvent<>(new GroupWrapper(restClient.read(model.getObject().getKey())), target));
}
}, ActionType.EDIT, StringUtils.join(new String[] { StandardEntitlement.GROUP_READ, StandardEntitlement.GROUP_UPDATE }, ",")).setRealm(realm);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = 6242834621660352855L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
GroupTO clone = SerializationUtils.clone(model.getObject());
clone.setKey(null);
send(GroupDirectoryPanel.this, Broadcast.EXACT, new AjaxWizard.NewItemActionEvent<>(new GroupWrapper(clone), target));
}
@Override
protected boolean statusCondition(final GroupTO modelObject) {
return realm.startsWith(SyncopeConstants.ROOT_REALM);
}
}, ActionType.CLONE, StandardEntitlement.GROUP_CREATE).setRealm(realm);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = 6242834621660352855L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
target.add(typeExtensionsModal.setContent(new TypeExtensionDirectoryPanel(typeExtensionsModal, model.getObject(), pageRef)));
typeExtensionsModal.header(new StringResourceModel("typeExtensions", model));
typeExtensionsModal.show(true);
}
}, ActionType.TYPE_EXTENSIONS, StandardEntitlement.GROUP_UPDATE).setRealm(realm);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770645L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
templates.setTargetObject(model.getObject());
templates.toggle(target, true);
}
@Override
public boolean isIndicatorEnabled() {
return false;
}
}, ActionType.MEMBERS, StandardEntitlement.GROUP_UPDATE).setRealm(realm);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
try {
restClient.bulkMembersAction(model.getObject().getKey(), BulkMembersActionType.PROVISION);
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
LOG.error("While provisioning members of group {}", model.getObject().getKey(), e);
SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}, ActionType.PROVISION_MEMBERS, String.format("%s,%s", StandardEntitlement.TASK_CREATE, StandardEntitlement.TASK_EXECUTE));
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
try {
restClient.bulkMembersAction(model.getObject().getKey(), BulkMembersActionType.DEPROVISION);
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
LOG.error("While provisioning members of group {}", model.getObject().getKey(), e);
SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}, ActionType.DEPROVISION_MEMBERS, String.format("%s,%s", StandardEntitlement.TASK_CREATE, StandardEntitlement.TASK_EXECUTE));
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770645L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
IModel<AnyWrapper<GroupTO>> formModel = new CompoundPropertyModel<>(new AnyWrapper<>(model.getObject()));
altDefaultModal.setFormModel(formModel);
target.add(altDefaultModal.setContent(new AnyStatusModal<>(altDefaultModal, pageRef, formModel.getObject().getInnerObject(), "resource", false)));
altDefaultModal.header(new Model<>(getString("any.edit", new Model<>(new AnyWrapper<>(model.getObject())))));
altDefaultModal.show(true);
}
}, ActionType.MANAGE_RESOURCES, StandardEntitlement.GROUP_READ).setRealm(realm);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
target.add(utilityModal.setContent(new AnyPropagationTasks(utilityModal, AnyTypeKind.GROUP, model.getObject().getKey(), pageRef)));
utilityModal.header(new StringResourceModel("any.propagation.tasks", model));
utilityModal.show(true);
}
}, ActionType.PROPAGATION_TASKS, StandardEntitlement.TASK_LIST);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
target.add(utilityModal.setContent(new NotificationTasks(AnyTypeKind.GROUP, model.getObject().getKey(), pageRef)));
utilityModal.header(new StringResourceModel("any.notification.tasks", model));
utilityModal.show(true);
}
}, ActionType.NOTIFICATION_TASKS, StandardEntitlement.TASK_LIST);
panel.add(new ActionLink<GroupTO>() {
private static final long serialVersionUID = -7978723352517770644L;
@Override
public void onClick(final AjaxRequestTarget target, final GroupTO ignore) {
try {
restClient.delete(model.getObject().getETagValue(), model.getObject().getKey());
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
target.add(container);
} catch (SyncopeClientException e) {
LOG.error("While deleting object {}", model.getObject().getKey(), e);
SyncopeConsoleSession.get().error(StringUtils.isBlank(e.getMessage()) ? e.getClass().getName() : e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
@Override
protected boolean statusCondition(final GroupTO modelObject) {
return realm.startsWith(SyncopeConstants.ROOT_REALM);
}
}, ActionType.DELETE, StandardEntitlement.GROUP_DELETE, true).setRealm(realm);
return panel;
}
Also used :
CompoundPropertyModel(org.apache.wicket.model.CompoundPropertyModel)
AjaxWizard(org.apache.syncope.client.console.wizards.AjaxWizard)
GroupWrapper(org.apache.syncope.client.console.wizards.any.GroupWrapper)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
AnyWrapper(org.apache.syncope.client.console.wizards.any.AnyWrapper)
NotificationTasks(org.apache.syncope.client.console.notifications.NotificationTasks)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
AjaxRequestTarget(org.apache.wicket.ajax.AjaxRequestTarget)
AnyStatusModal(org.apache.syncope.client.console.status.AnyStatusModal)
AnyPropagationTasks(org.apache.syncope.client.console.tasks.AnyPropagationTasks)
BasePage(org.apache.syncope.client.console.pages.BasePage)
StringResourceModel(org.apache.wicket.model.StringResourceModel)
ActionLink(org.apache.syncope.client.console.wicket.markup.html.form.ActionLink)
Example 44 with GroupTO
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class AbstractService method doSearch.
@SuppressWarnings("unchecked")
protected ListResponse<R> doSearch(final Resource type, final SCIMSearchRequest request) {
if (type == null) {
throw new UnsupportedOperationException();
}
if (request.getCount() > confManager().get().getFilterMaxResults()) {
throw new BadRequestException(ErrorType.tooMany, "Too many results requested");
}
SearchCondVisitor visitor = new SearchCondVisitor(type, confManager().get());
int startIndex = request.getStartIndex() <= 1 ? 1 : (request.getStartIndex() / AnyDAO.DEFAULT_PAGE_SIZE) + 1;
int itemsPerPage = request.getCount() <= 1 ? AnyDAO.DEFAULT_PAGE_SIZE : request.getCount();
List<OrderByClause> sort;
if (request.getSortBy() == null) {
sort = Collections.<OrderByClause>emptyList();
} else {
OrderByClause clause = new OrderByClause();
clause.setField(visitor.createAttributeCond(request.getSortBy()).getSchema());
clause.setDirection(request.getSortOrder() == null || request.getSortOrder() == SortOrder.ascending ? OrderByClause.Direction.ASC : OrderByClause.Direction.DESC);
sort = Collections.singletonList(clause);
}
Pair<Integer, ? extends List<? extends AnyTO>> result = anyLogic(type).search(StringUtils.isBlank(request.getFilter()) ? null : SearchCondConverter.convert(visitor, request.getFilter()), startIndex, itemsPerPage, sort, SyncopeConstants.ROOT_REALM, false);
if (result.getLeft() > confManager().get().getFilterMaxResults()) {
throw new BadRequestException(ErrorType.tooMany, "Too many results found");
}
ListResponse<R> response = new ListResponse<>(result.getLeft(), startIndex == 1 ? 1 : startIndex - 1, itemsPerPage);
result.getRight().forEach(anyTO -> {
SCIMResource resource = null;
if (anyTO instanceof UserTO) {
resource = binder().toSCIMUser((UserTO) anyTO, uriInfo.getAbsolutePathBuilder().path(anyTO.getKey()).build().toASCIIString(), request.getAttributes(), request.getExcludedAttributes());
} else if (anyTO instanceof GroupTO) {
resource = binder().toSCIMGroup((GroupTO) anyTO, uriInfo.getAbsolutePathBuilder().path(anyTO.getKey()).build().toASCIIString(), request.getAttributes(), request.getExcludedAttributes());
}
if (resource != null) {
response.getResources().add((R) resource);
}
});
return response;
}
Also used :
SCIMResource(org.apache.syncope.ext.scimv2.api.data.SCIMResource)
ListResponse(org.apache.syncope.ext.scimv2.api.data.ListResponse)
GroupTO(org.apache.syncope.common.lib.to.GroupTO)
OrderByClause(org.apache.syncope.core.persistence.api.dao.search.OrderByClause)
UserTO(org.apache.syncope.common.lib.to.UserTO)
BadRequestException(org.apache.syncope.ext.scimv2.api.BadRequestException)
SearchCondVisitor(org.apache.syncope.core.logic.scim.SearchCondVisitor)
Example 45 with GroupTO
use of org.apache.syncope.common.lib.to.GroupTO in project syncope by apache.
the class DefaultGroupPullResultHandler method doCreate.
@Override
protected AnyTO doCreate(final AnyTO anyTO, final SyncDelta delta) {
GroupTO groupTO = GroupTO.class.cast(anyTO);
Map.Entry<String, List<PropagationStatus>> created = groupProvisioningManager.create(groupTO, groupOwnerMap, Collections.singleton(profile.getTask().getResource().getKey()), true);
return getAnyTO(created.getKey());
}Aggregations
GroupTO (org.apache.syncope.common.lib.to.GroupTO)90
Test (org.junit.jupiter.api.Test)47
UserTO (org.apache.syncope.common.lib.to.UserTO)34
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)27
GroupPatch (org.apache.syncope.common.lib.patch.GroupPatch)23
MembershipTO (org.apache.syncope.common.lib.to.MembershipTO)17
AnyObjectTO (org.apache.syncope.common.lib.to.AnyObjectTO)16
List (java.util.List)15
AttrTO (org.apache.syncope.common.lib.to.AttrTO)15
ConnObjectTO (org.apache.syncope.common.lib.to.ConnObjectTO)14
ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)14
Response (javax.ws.rs.core.Response)13
NamingException (javax.naming.NamingException)12
PropagationStatus (org.apache.syncope.common.lib.to.PropagationStatus)12
Map (java.util.Map)11
ForbiddenException (javax.ws.rs.ForbiddenException)11
AccessControlException (java.security.AccessControlException)10
BulkActionResult (org.apache.syncope.common.lib.to.BulkActionResult)10
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)10
Collections (java.util.Collections)9
