Search in sources :

Example 1 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class UserIssuesITCase method issueSYNCOPE626.

@Test
public void issueSYNCOPE626() {
    DefaultPasswordRuleConf ruleConf = new DefaultPasswordRuleConf();
    ruleConf.setUsernameAllowed(false);
    ImplementationTO rule = new ImplementationTO();
    rule.setKey("DefaultPasswordRuleConf" + getUUIDString());
    rule.setEngine(ImplementationEngine.JAVA);
    rule.setType(ImplementationType.PASSWORD_RULE);
    rule.setBody(POJOHelper.serialize(ruleConf));
    Response response = implementationService.create(rule);
    rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
    PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
    passwordPolicy.setDescription("Password Policy for SYNCOPE-626");
    passwordPolicy.getRules().add(rule.getKey());
    passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
    assertNotNull(passwordPolicy);
    RealmTO realm = realmService.list("/even/two").get(0);
    String oldPasswordPolicy = realm.getPasswordPolicy();
    realm.setPasswordPolicy(passwordPolicy.getKey());
    realmService.update(realm);
    try {
        UserTO user = UserITCase.getUniqueSampleTO("syncope626@syncope.apache.org");
        user.setRealm(realm.getFullPath());
        user.setPassword(user.getUsername());
        try {
            createUser(user);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.InvalidUser, e.getType());
            assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
        }
        user.setPassword("password123");
        user = createUser(user).getEntity();
        assertNotNull(user);
    } finally {
        realm.setPasswordPolicy(oldPasswordPolicy);
        realmService.update(realm);
        policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
    }
}
Also used : ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) Response(javax.ws.rs.core.Response) DefaultPasswordRuleConf(org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf) UserTO(org.apache.syncope.common.lib.to.UserTO) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO) Test(org.junit.jupiter.api.Test)

Example 2 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class UserITCase method customPolicyRules.

@Test
public void customPolicyRules() {
    // Using custom policy rules with application/xml requires to overwrite
    // org.apache.syncope.common.lib.policy.AbstractAccountRuleConf's and / or
    // org.apache.syncope.common.lib.policy.AbstractPasswordRuleConf's
    // @XmlSeeAlso - the power of JAXB :-/
    assumeTrue(MediaType.APPLICATION_JSON_TYPE.equals(clientFactory.getContentType().getMediaType()));
    ImplementationTO implementationTO = new ImplementationTO();
    implementationTO.setKey("TestAccountRuleConf" + UUID.randomUUID().toString());
    implementationTO.setEngine(ImplementationEngine.JAVA);
    implementationTO.setType(ImplementationType.ACCOUNT_RULE);
    implementationTO.setBody(POJOHelper.serialize(new TestAccountRuleConf()));
    Response response = implementationService.create(implementationTO);
    implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
    AccountPolicyTO accountPolicy = new AccountPolicyTO();
    accountPolicy.setDescription("Account Policy with custom rules");
    accountPolicy.getRules().add(implementationTO.getKey());
    accountPolicy = createPolicy(PolicyType.ACCOUNT, accountPolicy);
    assertNotNull(accountPolicy);
    implementationTO = new ImplementationTO();
    implementationTO.setKey("TestPasswordRuleConf" + UUID.randomUUID().toString());
    implementationTO.setEngine(ImplementationEngine.JAVA);
    implementationTO.setType(ImplementationType.PASSWORD_RULE);
    implementationTO.setBody(POJOHelper.serialize(new TestPasswordRuleConf()));
    response = implementationService.create(implementationTO);
    implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
    PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
    passwordPolicy.setDescription("Password Policy with custom rules");
    passwordPolicy.getRules().add(implementationTO.getKey());
    passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
    assertNotNull(passwordPolicy);
    RealmTO realm = realmService.list("/even/two").get(0);
    String oldAccountPolicy = realm.getAccountPolicy();
    realm.setAccountPolicy(accountPolicy.getKey());
    String oldPasswordPolicy = realm.getPasswordPolicy();
    realm.setPasswordPolicy(passwordPolicy.getKey());
    realmService.update(realm);
    try {
        UserTO user = getUniqueSampleTO("custompolicyrules@syncope.apache.org");
        user.setRealm(realm.getFullPath());
        try {
            createUser(user);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.InvalidUser, e.getType());
            assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
        }
        user.setPassword(user.getPassword() + "XXX");
        try {
            createUser(user);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.InvalidUser, e.getType());
            assertTrue(e.getElements().iterator().next().startsWith("InvalidUsername"));
        }
        user.setUsername("YYY" + user.getUsername());
        user = createUser(user).getEntity();
        assertNotNull(user);
    } finally {
        realm.setAccountPolicy(oldAccountPolicy);
        realm.setPasswordPolicy(oldPasswordPolicy);
        realmService.update(realm);
        policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
        policyService.delete(PolicyType.ACCOUNT, accountPolicy.getKey());
    }
}
Also used : ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) Response(javax.ws.rs.core.Response) TestPasswordRuleConf(org.apache.syncope.fit.core.reference.TestPasswordRuleConf) UserTO(org.apache.syncope.common.lib.to.UserTO) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO) TestAccountRuleConf(org.apache.syncope.fit.core.reference.TestAccountRuleConf) PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO) Test(org.junit.jupiter.api.Test)

Example 3 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class RealmITCase method deletingAccountPolicy.

@Test
public void deletingAccountPolicy() {
    // 1. create account policy
    DefaultAccountRuleConf ruleConf = new DefaultAccountRuleConf();
    ruleConf.setMinLength(3);
    ruleConf.setMaxLength(8);
    ImplementationTO rule = new ImplementationTO();
    rule.setKey("DefaultAccountRuleConf" + UUID.randomUUID().toString());
    rule.setEngine(ImplementationEngine.JAVA);
    rule.setType(ImplementationType.ACCOUNT_RULE);
    rule.setBody(POJOHelper.serialize(ruleConf));
    Response response = implementationService.create(rule);
    rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
    AccountPolicyTO policy = new AccountPolicyTO();
    policy.setDescription("deletingAccountPolicy");
    policy.getRules().add(rule.getKey());
    policy = createPolicy(PolicyType.ACCOUNT, policy);
    assertNotNull(policy);
    // 2. create realm with policy assigned
    RealmTO realm = new RealmTO();
    realm.setName("withppolicy");
    response = realmService.create(SyncopeConstants.ROOT_REALM, realm);
    RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
    assertNotNull(actuals);
    assertTrue(actuals.length > 0);
    realm = actuals[0];
    String existingAccountPolicy = realm.getAccountPolicy();
    realm.setAccountPolicy(policy.getKey());
    realmService.update(realm);
    actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
    assertNotNull(actuals);
    assertTrue(actuals.length > 0);
    RealmTO actual = actuals[0];
    assertEquals(policy.getKey(), actual.getAccountPolicy());
    // 3. remove policy
    policyService.delete(PolicyType.ACCOUNT, policy.getKey());
    // 4. verify
    actual = getRealm(actual.getFullPath()).get();
    assertEquals(existingAccountPolicy, actual.getAccountPolicy());
}
Also used : ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) Response(javax.ws.rs.core.Response) DefaultAccountRuleConf(org.apache.syncope.common.lib.policy.DefaultAccountRuleConf) RealmService(org.apache.syncope.common.rest.api.service.RealmService) RealmTO(org.apache.syncope.common.lib.to.RealmTO) AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO) Test(org.junit.jupiter.api.Test)

Example 4 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class RealmITCase method createUpdate.

@Test
public void createUpdate() {
    final RealmTO realm = new RealmTO();
    realm.setName("last");
    // 1. create
    Response response = realmService.create("/even/two", realm);
    RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
    assertNotNull(actuals);
    assertTrue(actuals.length > 0);
    RealmTO actual = actuals[0];
    assertNotNull(actual.getKey());
    assertEquals("last", actual.getName());
    assertEquals("/even/two/last", actual.getFullPath());
    assertEquals(actual.getParent(), getRealm("/even/two").get().getKey());
    assertNull(realm.getAccountPolicy());
    assertNull(realm.getPasswordPolicy());
    // 2. update setting policies
    actual.setAccountPolicy("06e2ed52-6966-44aa-a177-a0ca7434201f");
    actual.setPasswordPolicy("986d1236-3ac5-4a19-810c-5ab21d79cba1");
    realmService.update(actual);
    actual = getRealm(actual.getFullPath()).get();
    assertNotNull(actual.getAccountPolicy());
    assertNotNull(actual.getPasswordPolicy());
    // 3. update changing parent
    actual.setParent(getRealm("/odd").get().getKey());
    realmService.update(actual);
    actual = getRealm("/odd/last").get();
    assertNotNull(actual);
    assertEquals("/odd/last", actual.getFullPath());
    assertEquals(1, realmService.list().stream().filter(object -> realm.getName().equals(object.getName())).count());
    // 4. create under invalid path
    try {
        realmService.create("a name", realm);
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.InvalidPath, e.getType());
    }
    // 5. attempt to create duplicate
    try {
        realmService.create("/odd", realm);
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.EntityExists, e.getType());
    }
}
Also used : Response(javax.ws.rs.core.Response) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Test(org.junit.jupiter.api.Test)

Example 5 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class DefaultRealmPullResultHandler method assign.

private List<ProvisioningReport> assign(final SyncDelta delta, final OrgUnit orgUnit) throws JobExecutionException {
    if (!profile.getTask().isPerformCreate()) {
        LOG.debug("PullTask not configured for create");
        finalize(UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    RealmTO realmTO = connObjectUtils.getRealmTO(delta.getObject(), profile.getTask(), orgUnit);
    if (realmTO.getFullPath() == null) {
        if (realmTO.getParent() == null) {
            realmTO.setParent(profile.getTask().getDestinatioRealm().getFullPath());
        }
        realmTO.setFullPath(realmTO.getParent() + "/" + realmTO.getName());
    }
    realmTO.getResources().add(profile.getTask().getResource().getKey());
    ProvisioningReport result = new ProvisioningReport();
    result.setOperation(ResourceOperation.CREATE);
    result.setAnyType(REALM_TYPE);
    result.setStatus(ProvisioningReport.Status.SUCCESS);
    result.setName(realmTO.getFullPath());
    if (profile.isDryRun()) {
        result.setKey(null);
        finalize(UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), Result.SUCCESS, null, null, delta);
    } else {
        for (PullActions action : profile.getActions()) {
            action.beforeAssign(profile, delta, realmTO);
        }
        create(realmTO, delta, UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), result);
    }
    return Collections.singletonList(result);
}
Also used : PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) RealmTO(org.apache.syncope.common.lib.to.RealmTO) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport)

Aggregations

RealmTO (org.apache.syncope.common.lib.to.RealmTO)30 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)12 Realm (org.apache.syncope.core.persistence.api.entity.Realm)10 ArrayList (java.util.ArrayList)7 Response (javax.ws.rs.core.Response)7 PropagationByResource (org.apache.syncope.core.provisioning.api.PropagationByResource)7 PullActions (org.apache.syncope.core.provisioning.api.pushpull.PullActions)7 Test (org.junit.jupiter.api.Test)7 PropagationTaskTO (org.apache.syncope.common.lib.to.PropagationTaskTO)6 ProvisioningReport (org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport)6 ImplementationTO (org.apache.syncope.common.lib.to.ImplementationTO)4 ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)4 Result (org.apache.syncope.common.lib.types.AuditElements.Result)4 PropagationException (org.apache.syncope.core.provisioning.api.propagation.PropagationException)4 IgnoreProvisionException (org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException)4 DelegatedAdministrationException (org.apache.syncope.core.spring.security.DelegatedAdministrationException)4 JobExecutionException (org.quartz.JobExecutionException)4 UserTO (org.apache.syncope.common.lib.to.UserTO)3 NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)3 PropagationReporter (org.apache.syncope.core.provisioning.api.propagation.PropagationReporter)3