use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE626.
@Test
public void issueSYNCOPE626() {
DefaultPasswordRuleConf ruleConf = new DefaultPasswordRuleConf();
ruleConf.setUsernameAllowed(false);
ImplementationTO rule = new ImplementationTO();
rule.setKey("DefaultPasswordRuleConf" + getUUIDString());
rule.setEngine(ImplementationEngine.JAVA);
rule.setType(ImplementationType.PASSWORD_RULE);
rule.setBody(POJOHelper.serialize(ruleConf));
Response response = implementationService.create(rule);
rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
passwordPolicy.setDescription("Password Policy for SYNCOPE-626");
passwordPolicy.getRules().add(rule.getKey());
passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
assertNotNull(passwordPolicy);
RealmTO realm = realmService.list("/even/two").get(0);
String oldPasswordPolicy = realm.getPasswordPolicy();
realm.setPasswordPolicy(passwordPolicy.getKey());
realmService.update(realm);
try {
UserTO user = UserITCase.getUniqueSampleTO("syncope626@syncope.apache.org");
user.setRealm(realm.getFullPath());
user.setPassword(user.getUsername());
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
}
user.setPassword("password123");
user = createUser(user).getEntity();
assertNotNull(user);
} finally {
realm.setPasswordPolicy(oldPasswordPolicy);
realmService.update(realm);
policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
}
}
use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.
the class UserITCase method customPolicyRules.
@Test
public void customPolicyRules() {
// Using custom policy rules with application/xml requires to overwrite
// org.apache.syncope.common.lib.policy.AbstractAccountRuleConf's and / or
// org.apache.syncope.common.lib.policy.AbstractPasswordRuleConf's
// @XmlSeeAlso - the power of JAXB :-/
assumeTrue(MediaType.APPLICATION_JSON_TYPE.equals(clientFactory.getContentType().getMediaType()));
ImplementationTO implementationTO = new ImplementationTO();
implementationTO.setKey("TestAccountRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.ACCOUNT_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestAccountRuleConf()));
Response response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
AccountPolicyTO accountPolicy = new AccountPolicyTO();
accountPolicy.setDescription("Account Policy with custom rules");
accountPolicy.getRules().add(implementationTO.getKey());
accountPolicy = createPolicy(PolicyType.ACCOUNT, accountPolicy);
assertNotNull(accountPolicy);
implementationTO = new ImplementationTO();
implementationTO.setKey("TestPasswordRuleConf" + UUID.randomUUID().toString());
implementationTO.setEngine(ImplementationEngine.JAVA);
implementationTO.setType(ImplementationType.PASSWORD_RULE);
implementationTO.setBody(POJOHelper.serialize(new TestPasswordRuleConf()));
response = implementationService.create(implementationTO);
implementationTO.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
PasswordPolicyTO passwordPolicy = new PasswordPolicyTO();
passwordPolicy.setDescription("Password Policy with custom rules");
passwordPolicy.getRules().add(implementationTO.getKey());
passwordPolicy = createPolicy(PolicyType.PASSWORD, passwordPolicy);
assertNotNull(passwordPolicy);
RealmTO realm = realmService.list("/even/two").get(0);
String oldAccountPolicy = realm.getAccountPolicy();
realm.setAccountPolicy(accountPolicy.getKey());
String oldPasswordPolicy = realm.getPasswordPolicy();
realm.setPasswordPolicy(passwordPolicy.getKey());
realmService.update(realm);
try {
UserTO user = getUniqueSampleTO("custompolicyrules@syncope.apache.org");
user.setRealm(realm.getFullPath());
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidPassword"));
}
user.setPassword(user.getPassword() + "XXX");
try {
createUser(user);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidUser, e.getType());
assertTrue(e.getElements().iterator().next().startsWith("InvalidUsername"));
}
user.setUsername("YYY" + user.getUsername());
user = createUser(user).getEntity();
assertNotNull(user);
} finally {
realm.setAccountPolicy(oldAccountPolicy);
realm.setPasswordPolicy(oldPasswordPolicy);
realmService.update(realm);
policyService.delete(PolicyType.PASSWORD, passwordPolicy.getKey());
policyService.delete(PolicyType.ACCOUNT, accountPolicy.getKey());
}
}
use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.
the class RealmITCase method deletingAccountPolicy.
@Test
public void deletingAccountPolicy() {
// 1. create account policy
DefaultAccountRuleConf ruleConf = new DefaultAccountRuleConf();
ruleConf.setMinLength(3);
ruleConf.setMaxLength(8);
ImplementationTO rule = new ImplementationTO();
rule.setKey("DefaultAccountRuleConf" + UUID.randomUUID().toString());
rule.setEngine(ImplementationEngine.JAVA);
rule.setType(ImplementationType.ACCOUNT_RULE);
rule.setBody(POJOHelper.serialize(ruleConf));
Response response = implementationService.create(rule);
rule.setKey(response.getHeaderString(RESTHeaders.RESOURCE_KEY));
AccountPolicyTO policy = new AccountPolicyTO();
policy.setDescription("deletingAccountPolicy");
policy.getRules().add(rule.getKey());
policy = createPolicy(PolicyType.ACCOUNT, policy);
assertNotNull(policy);
// 2. create realm with policy assigned
RealmTO realm = new RealmTO();
realm.setName("withppolicy");
response = realmService.create(SyncopeConstants.ROOT_REALM, realm);
RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
assertNotNull(actuals);
assertTrue(actuals.length > 0);
realm = actuals[0];
String existingAccountPolicy = realm.getAccountPolicy();
realm.setAccountPolicy(policy.getKey());
realmService.update(realm);
actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
assertNotNull(actuals);
assertTrue(actuals.length > 0);
RealmTO actual = actuals[0];
assertEquals(policy.getKey(), actual.getAccountPolicy());
// 3. remove policy
policyService.delete(PolicyType.ACCOUNT, policy.getKey());
// 4. verify
actual = getRealm(actual.getFullPath()).get();
assertEquals(existingAccountPolicy, actual.getAccountPolicy());
}
use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.
the class RealmITCase method createUpdate.
@Test
public void createUpdate() {
final RealmTO realm = new RealmTO();
realm.setName("last");
// 1. create
Response response = realmService.create("/even/two", realm);
RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
assertNotNull(actuals);
assertTrue(actuals.length > 0);
RealmTO actual = actuals[0];
assertNotNull(actual.getKey());
assertEquals("last", actual.getName());
assertEquals("/even/two/last", actual.getFullPath());
assertEquals(actual.getParent(), getRealm("/even/two").get().getKey());
assertNull(realm.getAccountPolicy());
assertNull(realm.getPasswordPolicy());
// 2. update setting policies
actual.setAccountPolicy("06e2ed52-6966-44aa-a177-a0ca7434201f");
actual.setPasswordPolicy("986d1236-3ac5-4a19-810c-5ab21d79cba1");
realmService.update(actual);
actual = getRealm(actual.getFullPath()).get();
assertNotNull(actual.getAccountPolicy());
assertNotNull(actual.getPasswordPolicy());
// 3. update changing parent
actual.setParent(getRealm("/odd").get().getKey());
realmService.update(actual);
actual = getRealm("/odd/last").get();
assertNotNull(actual);
assertEquals("/odd/last", actual.getFullPath());
assertEquals(1, realmService.list().stream().filter(object -> realm.getName().equals(object.getName())).count());
// 4. create under invalid path
try {
realmService.create("a name", realm);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.InvalidPath, e.getType());
}
// 5. attempt to create duplicate
try {
realmService.create("/odd", realm);
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.EntityExists, e.getType());
}
}
use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.
the class DefaultRealmPullResultHandler method assign.
private List<ProvisioningReport> assign(final SyncDelta delta, final OrgUnit orgUnit) throws JobExecutionException {
if (!profile.getTask().isPerformCreate()) {
LOG.debug("PullTask not configured for create");
finalize(UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), Result.SUCCESS, null, null, delta);
return Collections.<ProvisioningReport>emptyList();
}
RealmTO realmTO = connObjectUtils.getRealmTO(delta.getObject(), profile.getTask(), orgUnit);
if (realmTO.getFullPath() == null) {
if (realmTO.getParent() == null) {
realmTO.setParent(profile.getTask().getDestinatioRealm().getFullPath());
}
realmTO.setFullPath(realmTO.getParent() + "/" + realmTO.getName());
}
realmTO.getResources().add(profile.getTask().getResource().getKey());
ProvisioningReport result = new ProvisioningReport();
result.setOperation(ResourceOperation.CREATE);
result.setAnyType(REALM_TYPE);
result.setStatus(ProvisioningReport.Status.SUCCESS);
result.setName(realmTO.getFullPath());
if (profile.isDryRun()) {
result.setKey(null);
finalize(UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), Result.SUCCESS, null, null, delta);
} else {
for (PullActions action : profile.getActions()) {
action.beforeAssign(profile, delta, realmTO);
}
create(realmTO, delta, UnmatchingRule.toEventName(UnmatchingRule.ASSIGN), result);
}
return Collections.singletonList(result);
}
Aggregations