use of org.apache.syncope.common.lib.to.ItemTO in project syncope by apache.
the class GroupITCase method issueSYNCOPE632.
@Test
public void issueSYNCOPE632() {
DerSchemaTO orig = schemaService.read(SchemaType.DERIVED, "displayProperty");
DerSchemaTO modified = SerializationUtils.clone(orig);
modified.setExpression("icon + '_' + show");
GroupTO groupTO = GroupITCase.getSampleTO("lastGroup");
try {
schemaService.update(SchemaType.DERIVED, modified);
// 0. create group
groupTO.getPlainAttrs().add(attrTO("icon", "anIcon"));
groupTO.getPlainAttrs().add(attrTO("show", "true"));
groupTO.getResources().clear();
groupTO = createGroup(groupTO).getEntity();
assertNotNull(groupTO);
// 1. create new LDAP resource having ConnObjectKey mapped to a derived attribute
ResourceTO newLDAP = resourceService.read(RESOURCE_NAME_LDAP);
newLDAP.setKey("new-ldap");
newLDAP.setPropagationPriority(0);
for (ProvisionTO provision : newLDAP.getProvisions()) {
provision.getVirSchemas().clear();
}
MappingTO mapping = newLDAP.getProvision(AnyTypeKind.GROUP.name()).get().getMapping();
ItemTO connObjectKey = mapping.getConnObjectKeyItem();
connObjectKey.setIntAttrName("displayProperty");
connObjectKey.setPurpose(MappingPurpose.PROPAGATION);
mapping.setConnObjectKeyItem(connObjectKey);
mapping.setConnObjectLink("'cn=' + displayProperty + ',ou=groups,o=isp'");
ItemTO description = new ItemTO();
description.setIntAttrName("key");
description.setExtAttrName("description");
description.setPurpose(MappingPurpose.PROPAGATION);
mapping.add(description);
newLDAP = createResource(newLDAP);
assertNotNull(newLDAP);
// 2. update group and give the resource created above
GroupPatch patch = new GroupPatch();
patch.setKey(groupTO.getKey());
patch.getResources().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value("new-ldap").build());
groupTO = updateGroup(patch).getEntity();
assertNotNull(groupTO);
// 3. update the group
GroupPatch groupPatch = new GroupPatch();
groupPatch.setKey(groupTO.getKey());
groupPatch.getPlainAttrs().add(attrAddReplacePatch("icon", "anotherIcon"));
groupTO = updateGroup(groupPatch).getEntity();
assertNotNull(groupTO);
// 4. check that a single group exists in LDAP for the group created and updated above
int entries = 0;
DirContext ctx = null;
try {
ctx = getLdapResourceDirContext(null, null);
SearchControls ctls = new SearchControls();
ctls.setReturningAttributes(new String[] { "*", "+" });
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
NamingEnumeration<SearchResult> result = ctx.search("ou=groups,o=isp", "(description=" + groupTO.getKey() + ")", ctls);
while (result.hasMore()) {
result.next();
entries++;
}
} catch (Exception e) {
// ignore
} finally {
if (ctx != null) {
try {
ctx.close();
} catch (NamingException e) {
// ignore
}
}
}
assertEquals(1, entries);
} finally {
schemaService.update(SchemaType.DERIVED, orig);
if (groupTO.getKey() != null) {
groupService.delete(groupTO.getKey());
}
resourceService.delete("new-ldap");
}
}
use of org.apache.syncope.common.lib.to.ItemTO in project syncope by apache.
the class ConnectorITCase method issueSYNCOPE112.
@Test
public void issueSYNCOPE112() {
// ----------------------------------------
// Create a new connector
// ----------------------------------------
ConnInstanceTO connectorTO = new ConnInstanceTO();
connectorTO.setAdminRealm(SyncopeConstants.ROOT_REALM);
connectorTO.setLocation(connectorService.read("88a7a819-dab5-46b4-9b90-0b9769eabdb8", Locale.ENGLISH.getLanguage()).getLocation());
// set connector version
connectorTO.setVersion(connIdSoapVersion);
// set connector name
connectorTO.setConnectorName("net.tirasa.connid.bundles.soap.WebServiceConnector");
// set bundle name
connectorTO.setBundleName("net.tirasa.connid.bundles.soap");
// set display name
connectorTO.setDisplayName("WSSoap");
// set the connector configuration using PropertyTO
Set<ConnConfProperty> conf = new HashSet<>();
ConnConfPropSchema userSchema = new ConnConfPropSchema();
userSchema.setName("endpoint");
userSchema.setType(String.class.getName());
userSchema.setRequired(true);
ConnConfProperty endpoint = new ConnConfProperty();
endpoint.setSchema(userSchema);
endpoint.getValues().add("http://localhost:9080/does_not_work");
endpoint.setOverridable(true);
ConnConfPropSchema keyColumnSchema = new ConnConfPropSchema();
keyColumnSchema.setName("servicename");
keyColumnSchema.setType(String.class.getName());
keyColumnSchema.setRequired(true);
ConnConfProperty servicename = new ConnConfProperty();
servicename.setSchema(keyColumnSchema);
servicename.getValues().add("net.tirasa.connid.bundles.soap.provisioning.interfaces.Provisioning");
servicename.setOverridable(false);
conf.add(endpoint);
conf.add(servicename);
// set connector configuration
connectorTO.getConf().addAll(conf);
try {
try {
connectorService.check(connectorTO);
fail("This should not happen");
} catch (Exception e) {
assertNotNull(e);
}
Response response = connectorService.create(connectorTO);
if (response.getStatusInfo().getStatusCode() != Response.Status.CREATED.getStatusCode()) {
throw (RuntimeException) clientFactory.getExceptionMapper().fromResponse(response);
}
connectorTO = getObject(response.getLocation(), ConnectorService.class, ConnInstanceTO.class);
assertNotNull(connectorTO);
// ----------------------------------------
// ----------------------------------------
// create a resourceTO
// ----------------------------------------
String resourceName = "checkForPropOverriding";
ResourceTO resourceTO = new ResourceTO();
resourceTO.setKey(resourceName);
resourceTO.setConnector(connectorTO.getKey());
conf = new HashSet<>();
endpoint.getValues().clear();
endpoint.getValues().add("http://localhost:9080/syncope-fit-build-tools/cxf/soap/provisioning");
conf.add(endpoint);
resourceTO.getConfOverride().addAll(conf);
ProvisionTO provisionTO = new ProvisionTO();
provisionTO.setAnyType(AnyTypeKind.USER.name());
provisionTO.setObjectClass(ObjectClass.ACCOUNT_NAME);
resourceTO.getProvisions().add(provisionTO);
MappingTO mapping = new MappingTO();
provisionTO.setMapping(mapping);
ItemTO mapItem = new ItemTO();
mapItem.setExtAttrName("uid");
mapItem.setIntAttrName("userId");
mapItem.setConnObjectKey(true);
mapping.setConnObjectKeyItem(mapItem);
// ----------------------------------------
try {
resourceService.check(resourceTO);
} catch (Exception e) {
fail(ExceptionUtils.getStackTrace(e));
}
// ----------------------------------------
} finally {
// Remove connector from db to make test re-runnable
connectorService.delete(connectorTO.getKey());
}
}
use of org.apache.syncope.common.lib.to.ItemTO in project syncope by apache.
the class SAML2IdPDataBinderImpl method populateItems.
private void populateItems(final SAML2IdPTO idpTO, final SAML2IdP idp, final AnyTypeClassTO allowedSchemas) {
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
SyncopeClientException invalidMapping = SyncopeClientException.build(ClientExceptionType.InvalidMapping);
SyncopeClientException requiredValuesMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
for (ItemTO itemTO : idpTO.getItems()) {
if (itemTO == null) {
LOG.error("Null {}", ItemTO.class.getSimpleName());
invalidMapping.getElements().add("Null " + ItemTO.class.getSimpleName());
} else if (itemTO.getIntAttrName() == null) {
requiredValuesMissing.getElements().add("intAttrName");
scce.addException(requiredValuesMissing);
} else {
IntAttrName intAttrName = null;
try {
intAttrName = intAttrNameParser.parse(itemTO.getIntAttrName(), AnyTypeKind.USER);
} catch (ParseException e) {
LOG.error("Invalid intAttrName '{}' specified, ignoring", itemTO.getIntAttrName(), e);
}
if (intAttrName == null || intAttrName.getSchemaType() == null && intAttrName.getField() == null) {
LOG.error("'{}' not existing", itemTO.getIntAttrName());
invalidMapping.getElements().add("'" + itemTO.getIntAttrName() + "' not existing");
} else {
boolean allowed = true;
if (intAttrName.getSchemaType() != null && intAttrName.getEnclosingGroup() == null && intAttrName.getRelatedAnyObject() == null) {
switch(intAttrName.getSchemaType()) {
case PLAIN:
allowed = allowedSchemas.getPlainSchemas().contains(intAttrName.getSchemaName());
break;
case DERIVED:
allowed = allowedSchemas.getDerSchemas().contains(intAttrName.getSchemaName());
break;
case VIRTUAL:
allowed = allowedSchemas.getVirSchemas().contains(intAttrName.getSchemaName());
break;
default:
}
}
if (allowed) {
// no mandatory condition implies mandatory condition false
if (!JexlUtils.isExpressionValid(itemTO.getMandatoryCondition() == null ? "false" : itemTO.getMandatoryCondition())) {
SyncopeClientException invalidMandatoryCondition = SyncopeClientException.build(ClientExceptionType.InvalidValues);
invalidMandatoryCondition.getElements().add(itemTO.getMandatoryCondition());
scce.addException(invalidMandatoryCondition);
}
SAML2IdPItem item = entityFactory.newEntity(SAML2IdPItem.class);
BeanUtils.copyProperties(itemTO, item, ITEM_IGNORE_PROPERTIES);
item.setIdP(idp);
item.setPurpose(MappingPurpose.NONE);
if (item.isConnObjectKey()) {
if (intAttrName.getSchemaType() == SchemaType.VIRTUAL) {
invalidMapping.getElements().add("Virtual attributes cannot be set as ConnObjectKey");
}
if ("password".equals(intAttrName.getField())) {
invalidMapping.getElements().add("Password attributes cannot be set as ConnObjectKey");
}
idp.setConnObjectKeyItem(item);
} else {
idp.add(item);
}
} else {
LOG.error("'{}' not allowed", itemTO.getIntAttrName());
invalidMapping.getElements().add("'" + itemTO.getIntAttrName() + "' not allowed");
}
}
}
}
if (!invalidMapping.getElements().isEmpty()) {
scce.addException(invalidMapping);
}
if (scce.hasExceptions()) {
throw scce;
}
}
use of org.apache.syncope.common.lib.to.ItemTO in project syncope by apache.
the class SAML2IdPDataBinderImpl method populateItems.
private void populateItems(final SAML2IdP idp, final SAML2IdPTO idpTO) {
idp.getItems().forEach(item -> {
ItemTO itemTO = new ItemTO();
itemTO.setKey(item.getKey());
BeanUtils.copyProperties(item, itemTO, ITEM_IGNORE_PROPERTIES);
itemTO.setPurpose(MappingPurpose.NONE);
if (itemTO.isConnObjectKey()) {
idpTO.setConnObjectKeyItem(itemTO);
} else {
idpTO.add(itemTO);
}
});
}
use of org.apache.syncope.common.lib.to.ItemTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE493.
@Test
public void issueSYNCOPE493() {
// 1. create user and check that firstname is not propagated on resource with mapping for firstname set to NONE
UserTO userTO = UserITCase.getUniqueSampleTO("493@test.org");
userTO.getResources().add(RESOURCE_NAME_WS1);
ProvisioningResult<UserTO> result = createUser(userTO);
assertNotNull(userTO);
assertEquals(1, result.getPropagationStatuses().size());
assertEquals(PropagationTaskExecStatus.SUCCESS, result.getPropagationStatuses().get(0).getStatus());
userTO = result.getEntity();
ConnObjectTO actual = resourceService.readConnObject(RESOURCE_NAME_WS1, AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(actual);
// check if mapping attribute with purpose NONE really hasn't been propagated
assertFalse(actual.getAttr("NAME").isPresent());
// 2. update resource ws-target-resource-1
ResourceTO ws1 = resourceService.read(RESOURCE_NAME_WS1);
assertNotNull(ws1);
MappingTO ws1NewUMapping = ws1.getProvision(AnyTypeKind.USER.name()).get().getMapping();
// change purpose from NONE to BOTH
for (ItemTO itemTO : ws1NewUMapping.getItems()) {
if ("firstname".equals(itemTO.getIntAttrName())) {
itemTO.setPurpose(MappingPurpose.BOTH);
}
}
ws1.getProvision(AnyTypeKind.USER.name()).get().setMapping(ws1NewUMapping);
resourceService.update(ws1);
ResourceTO newWs1 = resourceService.read(ws1.getKey());
assertNotNull(newWs1);
// check for existence
Collection<ItemTO> mapItems = newWs1.getProvision(AnyTypeKind.USER.name()).get().getMapping().getItems();
assertNotNull(mapItems);
assertEquals(7, mapItems.size());
// 3. update user and check firstname propagation
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.setPassword(new PasswordPatch());
userPatch.getPlainAttrs().add(attrAddReplacePatch("firstname", "firstnameNew"));
result = updateUser(userPatch);
assertNotNull(userTO);
assertEquals(1, result.getPropagationStatuses().size());
assertEquals(PropagationTaskExecStatus.SUCCESS, result.getPropagationStatuses().get(0).getStatus());
userTO = result.getEntity();
ConnObjectTO newUser = resourceService.readConnObject(RESOURCE_NAME_WS1, AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(newUser.getAttr("NAME"));
assertEquals("firstnameNew", newUser.getAttr("NAME").get().getValues().get(0));
// 4. restore resource ws-target-resource-1 mapping
ws1NewUMapping = newWs1.getProvision(AnyTypeKind.USER.name()).get().getMapping();
// restore purpose from BOTH to NONE
for (ItemTO itemTO : ws1NewUMapping.getItems()) {
if ("firstname".equals(itemTO.getIntAttrName())) {
itemTO.setPurpose(MappingPurpose.NONE);
}
}
newWs1.getProvision(AnyTypeKind.USER.name()).get().setMapping(ws1NewUMapping);
resourceService.update(newWs1);
}
Aggregations