use of org.apache.syncope.common.lib.to.PropagationStatus in project syncope by apache.
the class UserLogic method provision.
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')")
@Override
public ProvisioningResult<UserTO> provision(final String key, final Collection<String> resources, final boolean changePwd, final String password, final boolean nullPriorityAsync) {
// security checks
UserTO user = binder.getUserTO(key);
Set<String> effectiveRealms = RealmUtils.getEffective(AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm());
securityChecks(effectiveRealms, user.getRealm(), user.getKey());
List<PropagationStatus> statuses = provisioningManager.provision(key, changePwd, password, resources, nullPriorityAsync);
ProvisioningResult<UserTO> result = new ProvisioningResult<>();
result.setEntity(binder.returnUserTO(binder.getUserTO(key)));
result.getPropagationStatuses().addAll(statuses);
return result;
}
use of org.apache.syncope.common.lib.to.PropagationStatus in project syncope by apache.
the class GroupLogic method provision.
@PreAuthorize("hasRole('" + StandardEntitlement.GROUP_UPDATE + "')")
@Override
public ProvisioningResult<GroupTO> provision(final String key, final Collection<String> resources, final boolean changePwd, final String password, final boolean nullPriorityAsync) {
// security checks
GroupTO group = binder.getGroupTO(key);
Set<String> effectiveRealms = RealmUtils.getEffective(AuthContextUtils.getAuthorizations().get(StandardEntitlement.GROUP_UPDATE), group.getRealm());
securityChecks(effectiveRealms, group.getRealm(), group.getKey());
List<PropagationStatus> statuses = provisioningManager.provision(key, resources, nullPriorityAsync);
ProvisioningResult<GroupTO> result = new ProvisioningResult<>();
result.setEntity(binder.getGroupTO(key));
result.getPropagationStatuses().addAll(statuses);
return result;
}
use of org.apache.syncope.common.lib.to.PropagationStatus in project syncope by apache.
the class GroupITCase method bulkMembersAction.
@Test
public void bulkMembersAction() throws InterruptedException {
// 1. create group without resources
GroupTO groupTO = getBasicSampleTO("forProvision");
groupTO = createGroup(groupTO).getEntity();
// 2. create user with such group assigned
UserTO userTO = UserITCase.getUniqueSampleTO("forProvision@syncope.apache.org");
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
userTO = createUser(userTO).getEntity();
// 3. modify the group by assiging the LDAP resource
GroupPatch groupPatch = new GroupPatch();
groupPatch.setKey(groupTO.getKey());
groupPatch.getResources().add(new StringPatchItem.Builder().value(RESOURCE_NAME_LDAP).build());
ProvisioningResult<GroupTO> groupUpdateResult = updateGroup(groupPatch);
groupTO = groupUpdateResult.getEntity();
PropagationStatus propStatus = groupUpdateResult.getPropagationStatuses().get(0);
assertEquals(RESOURCE_NAME_LDAP, propStatus.getResource());
assertEquals(PropagationTaskExecStatus.SUCCESS, propStatus.getStatus());
// 4. verify that the user above is not found on LDAP
try {
resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
try {
// 5. bulk provision group members
ExecTO exec = groupService.bulkMembersAction(groupTO.getKey(), BulkMembersActionType.PROVISION);
assertNotNull(exec.getRefKey());
int i = 0;
int maxit = 50;
// wait for task exec completion (executions incremented)
SchedTaskTO taskTO;
do {
Thread.sleep(1000);
taskTO = taskService.read(TaskType.SCHEDULED, exec.getRefKey(), true);
assertNotNull(taskTO);
assertNotNull(taskTO.getExecutions());
i++;
} while (taskTO.getExecutions().isEmpty() && i < maxit);
assertFalse(taskTO.getExecutions().isEmpty());
assertEquals(TaskJob.Status.SUCCESS.name(), taskTO.getExecutions().get(0).getStatus());
// 6. verify that the user above is now fond on LDAP
ConnObjectTO userOnLdap = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(userOnLdap);
} finally {
groupService.delete(groupTO.getKey());
userService.delete(userTO.getKey());
}
}
use of org.apache.syncope.common.lib.to.PropagationStatus in project syncope by apache.
the class GroupMemberProvisionTaskJobDelegate method doExecute.
@Override
protected String doExecute(final boolean dryRun) throws JobExecutionException {
Group group = groupDAO.authFind(groupKey);
StringBuilder result = new StringBuilder("Group ").append(group.getName()).append(" members ");
if (actionType == BulkMembersActionType.DEPROVISION) {
result.append("de");
}
result.append("provision\n\n");
status.set(result.toString());
MembershipCond membershipCond = new MembershipCond();
membershipCond.setGroup(groupKey);
List<User> users = searchDAO.search(SearchCond.getLeafCond(membershipCond), AnyTypeKind.USER);
Collection<String> groupResourceKeys = groupDAO.findAllResourceKeys(groupKey);
status.set("About to " + (actionType == BulkMembersActionType.DEPROVISION ? "de" : "") + "provision " + users.size() + " users from " + groupResourceKeys);
for (int i = 0; i < users.size() && !interrupt; i++) {
List<PropagationStatus> statuses = actionType == BulkMembersActionType.DEPROVISION ? userProvisioningManager.deprovision(users.get(i).getKey(), groupResourceKeys, false) : userProvisioningManager.provision(users.get(i).getKey(), true, null, groupResourceKeys, false);
for (PropagationStatus propagationStatus : statuses) {
result.append("User ").append(users.get(i).getKey()).append('\t').append("Resource ").append(propagationStatus.getResource()).append('\t').append(propagationStatus.getStatus());
if (StringUtils.isNotBlank(propagationStatus.getFailureReason())) {
result.append('\n').append(propagationStatus.getFailureReason()).append('\n');
}
result.append("\n");
}
result.append("\n");
}
if (interrupt) {
LOG.debug("Group assignment interrupted");
interrupted = true;
return result.append("\n*** Group assignment interrupted ***\n").toString();
}
membershipCond = new MembershipCond();
membershipCond.setGroup(groupKey);
List<AnyObject> anyObjects = searchDAO.search(SearchCond.getLeafCond(membershipCond), AnyTypeKind.ANY_OBJECT);
status.set("About to " + (actionType == BulkMembersActionType.DEPROVISION ? "de" : "") + "provision " + anyObjects.size() + " any objects from " + groupResourceKeys);
for (int i = 0; i < anyObjects.size() && !interrupt; i++) {
List<PropagationStatus> statuses = actionType == BulkMembersActionType.DEPROVISION ? anyObjectProvisioningManager.deprovision(anyObjects.get(i).getKey(), groupResourceKeys, false) : anyObjectProvisioningManager.provision(anyObjects.get(i).getKey(), groupResourceKeys, false);
for (PropagationStatus propagationStatus : statuses) {
result.append(anyObjects.get(i).getType().getKey()).append(' ').append(anyObjects.get(i).getKey()).append('\t').append("Resource ").append(propagationStatus.getResource()).append('\t').append(propagationStatus.getStatus());
if (StringUtils.isNotBlank(propagationStatus.getFailureReason())) {
result.append('\n').append(propagationStatus.getFailureReason()).append('\n');
}
result.append("\n");
}
result.append("\n");
}
if (interrupt) {
LOG.debug("Group assignment interrupted");
interrupted = true;
result.append("\n*** Group assignment interrupted ***\n");
}
return result.toString();
}
use of org.apache.syncope.common.lib.to.PropagationStatus in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE402.
@Test
public void issueSYNCOPE402() {
// 1. create an user with strict mandatory attributes only
UserTO userTO = new UserTO();
userTO.setRealm(SyncopeConstants.ROOT_REALM);
String userId = getUUIDString() + "syncope402@syncope.apache.org";
userTO.setUsername(userId);
userTO.setPassword("password123");
userTO.getPlainAttrs().add(attrTO("userId", userId));
userTO.getPlainAttrs().add(attrTO("fullname", userId));
userTO.getPlainAttrs().add(attrTO("surname", userId));
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
assertTrue(userTO.getResources().isEmpty());
// 2. update assigning a resource NOT forcing mandatory constraints
// AND priority: must fail with PropagationException
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.setPassword(new PasswordPatch.Builder().value("newPassword123").build());
userPatch.getResources().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(RESOURCE_NAME_WS1).build());
userPatch.getResources().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(RESOURCE_NAME_TESTDB).build());
ProvisioningResult<UserTO> result = updateUser(userPatch);
PropagationStatus ws1PropagationStatus = result.getPropagationStatuses().stream().filter(propStatus -> RESOURCE_NAME_WS1.equals(propStatus.getResource())).findFirst().orElse(null);
assertNotNull(ws1PropagationStatus);
assertEquals(RESOURCE_NAME_WS1, ws1PropagationStatus.getResource());
assertNotNull(ws1PropagationStatus.getFailureReason());
assertEquals(PropagationTaskExecStatus.FAILURE, ws1PropagationStatus.getStatus());
}
Aggregations