use of org.apache.syncope.common.lib.to.PullTaskTO in project syncope by apache.
the class PullTaskITCase method filteredReconciliation.
@Test
public void filteredReconciliation() throws IOException {
String user1OnTestPull = UUID.randomUUID().toString();
String user2OnTestPull = UUID.randomUUID().toString();
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
PullTaskTO task = null;
UserTO userTO = null;
try {
// 1. create 2 users on testpull
jdbcTemplate.execute("INSERT INTO testpull VALUES (" + "'" + user1OnTestPull + "', 'user1', 'Doe', false, 'mail1@apache.org', NULL)");
jdbcTemplate.execute("INSERT INTO testpull VALUES (" + "'" + user2OnTestPull + "', 'user2', 'Rossi', false, 'mail2@apache.org', NULL)");
// 2. create new pull task for test-db, with reconciliation filter (surname 'Rossi')
ImplementationTO reconFilterBuilder = new ImplementationTO();
reconFilterBuilder.setKey("TestReconFilterBuilder");
reconFilterBuilder.setEngine(ImplementationEngine.GROOVY);
reconFilterBuilder.setType(ImplementationType.RECON_FILTER_BUILDER);
reconFilterBuilder.setBody(IOUtils.toString(getClass().getResourceAsStream("/TestReconFilterBuilder.groovy"), StandardCharsets.UTF_8));
Response response = implementationService.create(reconFilterBuilder);
reconFilterBuilder = implementationService.read(reconFilterBuilder.getType(), response.getHeaderString(RESTHeaders.RESOURCE_KEY));
assertNotNull(reconFilterBuilder);
task = taskService.read(TaskType.PULL, "7c2242f4-14af-4ab5-af31-cdae23783655", true);
task.setPullMode(PullMode.FILTERED_RECONCILIATION);
task.setReconFilterBuilder(reconFilterBuilder.getKey());
response = taskService.create(TaskType.PULL, task);
task = getObject(response.getLocation(), TaskService.class, PullTaskTO.class);
assertNotNull(task);
assertEquals(reconFilterBuilder.getKey(), task.getReconFilterBuilder());
// 3. exec task
ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, task.getKey(), 50, false);
assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
// 4. verify that only enabled user was pulled
userTO = userService.read("user2");
assertNotNull(userTO);
try {
userService.read("user1");
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
} finally {
jdbcTemplate.execute("DELETE FROM testpull WHERE id = '" + user1OnTestPull + "'");
jdbcTemplate.execute("DELETE FROM testpull WHERE id = '" + user2OnTestPull + "'");
if (task != null && !"7c2242f4-14af-4ab5-af31-cdae23783655".equals(task.getKey())) {
taskService.delete(TaskType.PULL, task.getKey());
}
if (userTO != null) {
userService.delete(userTO.getKey());
}
}
}
use of org.apache.syncope.common.lib.to.PullTaskTO in project syncope by apache.
the class PullTaskITCase method remediation.
@Test
public void remediation() {
// First of all, clear any potential conflict with existing user / group
ldapCleanup();
// 1. create ldap cloned resource, where 'userId' (mandatory on Syncope) is removed from mapping
ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
ldap.setKey("ldapForRemediation");
ProvisionTO provision = ldap.getProvision(AnyTypeKind.USER.name()).get();
provision.getVirSchemas().clear();
provision.getMapping().getItems().removeIf(item -> "userId".equals(item.getIntAttrName()));
ldap = createResource(ldap);
// 2. create PullTask with remediation enabled, for the new resource
PullTaskTO pullTask = (PullTaskTO) taskService.search(new TaskQuery.Builder(TaskType.PULL).resource(RESOURCE_NAME_LDAP).build()).getResult().get(0);
assertNotNull(pullTask);
pullTask.setResource(ldap.getKey());
pullTask.setRemediation(true);
pullTask.getActions().clear();
Response response = taskService.create(TaskType.PULL, pullTask);
if (response.getStatusInfo().getStatusCode() != Response.Status.CREATED.getStatusCode()) {
throw (RuntimeException) clientFactory.getExceptionMapper().fromResponse(response);
}
pullTask = getObject(response.getLocation(), TaskService.class, PullTaskTO.class);
assertNotNull(pullTask);
try {
// 3. execute the pull task and verify that:
ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
// 3a. user was not pulled
try {
userService.read("pullFromLDAP");
fail("This should never happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
// 3b. remediation was created
Optional<RemediationTO> remediation = remediationService.list().stream().filter(r -> "uid=pullFromLDAP,ou=People,o=isp".equalsIgnoreCase(r.getRemoteName())).findFirst();
assertTrue(remediation.isPresent());
assertEquals(AnyTypeKind.USER.name(), remediation.get().getAnyType());
assertEquals(ResourceOperation.CREATE, remediation.get().getOperation());
assertNotNull(remediation.get().getAnyTOPayload());
assertNull(remediation.get().getAnyPatchPayload());
assertNull(remediation.get().getKeyPayload());
assertTrue(remediation.get().getError().contains("RequiredValuesMissing [userId]"));
// 4. remedy by copying the email value to userId
UserTO user = (UserTO) remediation.get().getAnyTOPayload();
user.getResources().clear();
String email = user.getPlainAttr("email").get().getValues().get(0);
user.getPlainAttrs().add(new AttrTO.Builder().schema("userId").value(email).build());
remediationService.remedy(remediation.get().getKey(), user);
// 5. user is now found
user = userService.read("pullFromLDAP");
assertNotNull(user);
assertEquals(email, user.getPlainAttr("userId").get().getValues().get(0));
// 6. remediation was removed
try {
remediationService.read(remediation.get().getKey());
fail("This should never happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
} finally {
resourceService.delete(ldap.getKey());
}
}
use of org.apache.syncope.common.lib.to.PullTaskTO in project syncope by apache.
the class PullTaskITCase method issueSYNCOPE1062.
@Test
public void issueSYNCOPE1062() {
GroupTO propagationGroup = null;
PullTaskTO pullTask = null;
UserTO user = null;
GroupTO group = null;
try {
// 1. create group with resource for propagation
propagationGroup = GroupITCase.getBasicSampleTO("SYNCOPE1062");
propagationGroup.getResources().add(RESOURCE_NAME_DBPULL);
propagationGroup = createGroup(propagationGroup).getEntity();
// 2. create pull task for another resource, with user template assigning the group above
pullTask = new PullTaskTO();
pullTask.setDestinationRealm(SyncopeConstants.ROOT_REALM);
pullTask.setName("SYNCOPE1062");
pullTask.setActive(true);
pullTask.setPerformCreate(true);
pullTask.setPerformUpdate(true);
pullTask.setPullMode(PullMode.FULL_RECONCILIATION);
pullTask.setResource(RESOURCE_NAME_LDAP);
UserTO template = new UserTO();
template.getAuxClasses().add("minimal group");
template.getMemberships().add(new MembershipTO.Builder().group(propagationGroup.getKey()).build());
template.getPlainAttrs().add(attrTO("firstname", "'fixed'"));
pullTask.getTemplates().put(AnyTypeKind.USER.name(), template);
Response taskResponse = taskService.create(TaskType.PULL, pullTask);
pullTask = getObject(taskResponse.getLocation(), TaskService.class, PullTaskTO.class);
assertNotNull(pullTask);
assertFalse(pullTask.getTemplates().isEmpty());
// 3. exec the pull task
ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
// the user is successfully pulled...
user = userService.read("pullFromLDAP");
assertNotNull(user);
assertEquals("pullFromLDAP@syncope.apache.org", user.getPlainAttr("email").get().getValues().get(0));
group = groupService.read("testLDAPGroup");
assertNotNull(group);
ConnObjectTO connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
assertNotNull(connObject);
assertEquals("pullFromLDAP@syncope.apache.org", connObject.getAttr("mail").get().getValues().get(0));
AttrTO userDn = connObject.getAttr(Name.NAME).get();
assertNotNull(userDn);
assertEquals(1, userDn.getValues().size());
assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0)));
// ...and propagated
PagedResult<TaskTO> propagationTasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).resource(RESOURCE_NAME_DBPULL).anyTypeKind(AnyTypeKind.USER).entityKey(user.getKey()).build());
assertEquals(1, propagationTasks.getSize());
// 4. update the user on the external resource
updateLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, userDn.getValues().get(0), Pair.of("mail", "pullFromLDAP2@syncope.apache.org"));
connObject = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), user.getKey());
assertNotNull(connObject);
assertEquals("pullFromLDAP2@syncope.apache.org", connObject.getAttr("mail").get().getValues().get(0));
// 5. exec the pull task again
execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
// the internal is updated...
user = userService.read("pullFromLDAP");
assertNotNull(user);
assertEquals("pullFromLDAP2@syncope.apache.org", user.getPlainAttr("email").get().getValues().get(0));
// ...and propagated
propagationTasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).resource(RESOURCE_NAME_DBPULL).anyTypeKind(AnyTypeKind.USER).entityKey(user.getKey()).build());
assertEquals(2, propagationTasks.getSize());
} catch (Exception e) {
LOG.error("Unexpected during issueSYNCOPE1062()", e);
fail(e.getMessage());
} finally {
if (pullTask != null) {
taskService.delete(TaskType.PULL, pullTask.getKey());
}
if (propagationGroup != null) {
groupService.delete(propagationGroup.getKey());
}
if (group != null) {
groupService.delete(group.getKey());
}
if (user != null) {
userService.delete(user.getKey());
}
}
}
use of org.apache.syncope.common.lib.to.PullTaskTO in project syncope by apache.
the class PullTaskITCase method issueSYNCOPE313DB.
@Test
public void issueSYNCOPE313DB() throws Exception {
// 1. create user in DB
UserTO user = UserITCase.getUniqueSampleTO("syncope313-db@syncope.apache.org");
user.setPassword("security123");
user.getResources().add(RESOURCE_NAME_TESTDB);
user = createUser(user).getEntity();
assertNotNull(user);
assertFalse(user.getResources().isEmpty());
// 2. Check that the DB resource has the correct password
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
String value = queryForObject(jdbcTemplate, 50, "SELECT PASSWORD FROM test WHERE ID=?", String.class, user.getUsername());
assertEquals(Encryptor.getInstance().encode("security123", CipherAlgorithm.SHA1), value.toUpperCase());
// 3. Update the password in the DB
String newCleanPassword = "new-security";
String newPassword = Encryptor.getInstance().encode(newCleanPassword, CipherAlgorithm.SHA1);
jdbcTemplate.execute("UPDATE test set PASSWORD='" + newPassword + "' where ID='" + user.getUsername() + "'");
// 4. Pull the user from the resource
ImplementationTO pullActions = new ImplementationTO();
pullActions.setKey(DBPasswordPullActions.class.getSimpleName());
pullActions.setEngine(ImplementationEngine.JAVA);
pullActions.setType(ImplementationType.PULL_ACTIONS);
pullActions.setBody(DBPasswordPullActions.class.getName());
Response response = implementationService.create(pullActions);
pullActions = implementationService.read(pullActions.getType(), response.getHeaderString(RESTHeaders.RESOURCE_KEY));
assertNotNull(pullActions);
PullTaskTO pullTask = new PullTaskTO();
pullTask.setDestinationRealm(SyncopeConstants.ROOT_REALM);
pullTask.setName("DB Pull Task");
pullTask.setActive(true);
pullTask.setPerformCreate(true);
pullTask.setPerformUpdate(true);
pullTask.setPullMode(PullMode.FULL_RECONCILIATION);
pullTask.setResource(RESOURCE_NAME_TESTDB);
pullTask.getActions().add(pullActions.getKey());
Response taskResponse = taskService.create(TaskType.PULL, pullTask);
PullTaskTO actual = getObject(taskResponse.getLocation(), TaskService.class, PullTaskTO.class);
assertNotNull(actual);
pullTask = taskService.read(TaskType.PULL, actual.getKey(), true);
assertNotNull(pullTask);
assertEquals(actual.getKey(), pullTask.getKey());
assertEquals(actual.getJobDelegate(), pullTask.getJobDelegate());
ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
// 5. Test the pulled user
Pair<Map<String, Set<String>>, UserTO> self = clientFactory.create(user.getUsername(), newCleanPassword).self();
assertNotNull(self);
// 6. Delete PullTask + user
taskService.delete(TaskType.PULL, pullTask.getKey());
deleteUser(user.getKey());
}
use of org.apache.syncope.common.lib.to.PullTaskTO in project syncope by apache.
the class PullTaskITCase method create.
@Test
public void create() {
PullTaskTO task = new PullTaskTO();
task.setName("Test create Pull");
task.setDestinationRealm("/");
task.setResource(RESOURCE_NAME_WS2);
task.setPullMode(PullMode.FULL_RECONCILIATION);
UserTO userTemplate = new UserTO();
userTemplate.getResources().add(RESOURCE_NAME_WS2);
userTemplate.getMemberships().add(new MembershipTO.Builder().group("f779c0d4-633b-4be5-8f57-32eb478a3ca5").build());
task.getTemplates().put(AnyTypeKind.USER.name(), userTemplate);
GroupTO groupTemplate = new GroupTO();
groupTemplate.getResources().add(RESOURCE_NAME_LDAP);
task.getTemplates().put(AnyTypeKind.GROUP.name(), groupTemplate);
Response response = taskService.create(TaskType.PULL, task);
PullTaskTO actual = getObject(response.getLocation(), TaskService.class, PullTaskTO.class);
assertNotNull(actual);
task = taskService.read(TaskType.PULL, actual.getKey(), true);
assertNotNull(task);
assertEquals(actual.getKey(), task.getKey());
assertEquals(actual.getJobDelegate(), task.getJobDelegate());
assertEquals(userTemplate, task.getTemplates().get(AnyTypeKind.USER.name()));
assertEquals(groupTemplate, task.getTemplates().get(AnyTypeKind.GROUP.name()));
}
Aggregations