Search in sources :

Example 16 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class DefaultRealmPullResultHandler method delete.

private List<ProvisioningReport> delete(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
    if (!profile.getTask().isPerformDelete()) {
        LOG.debug("PullTask not configured for delete");
        finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    LOG.debug("About to delete {}", keys);
    List<ProvisioningReport> results = new ArrayList<>();
    for (String key : keys) {
        Object output;
        Result resultStatus = Result.FAILURE;
        ProvisioningReport result = new ProvisioningReport();
        try {
            result.setKey(key);
            result.setOperation(ResourceOperation.DELETE);
            result.setAnyType(REALM_TYPE);
            result.setStatus(ProvisioningReport.Status.SUCCESS);
            Realm realm = realmDAO.find(key);
            RealmTO before = binder.getRealmTO(realm, true);
            if (before == null) {
                result.setStatus(ProvisioningReport.Status.FAILURE);
                result.setMessage(String.format("Realm '%s' not found", key));
            } else {
                result.setName(before.getFullPath());
            }
            if (!profile.isDryRun()) {
                for (PullActions action : profile.getActions()) {
                    action.beforeDelete(profile, delta, before);
                }
                try {
                    if (!realmDAO.findChildren(realm).isEmpty()) {
                        throw SyncopeClientException.build(ClientExceptionType.HasChildren);
                    }
                    Set<String> adminRealms = Collections.singleton(realm.getFullPath());
                    AnyCond keyCond = new AnyCond(AttributeCond.Type.ISNOTNULL);
                    keyCond.setSchema("key");
                    SearchCond allMatchingCond = SearchCond.getLeafCond(keyCond);
                    int users = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.USER);
                    int groups = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.GROUP);
                    int anyObjects = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.ANY_OBJECT);
                    if (users + groups + anyObjects > 0) {
                        SyncopeClientException containedAnys = SyncopeClientException.build(ClientExceptionType.AssociatedAnys);
                        containedAnys.getElements().add(users + " user(s)");
                        containedAnys.getElements().add(groups + " group(s)");
                        containedAnys.getElements().add(anyObjects + " anyObject(s)");
                        throw containedAnys;
                    }
                    PropagationByResource propByRes = new PropagationByResource();
                    for (String resource : realm.getResourceKeys()) {
                        propByRes.add(ResourceOperation.DELETE, resource);
                    }
                    List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
                    taskExecutor.execute(tasks, false);
                    realmDAO.delete(realm);
                    output = null;
                    resultStatus = Result.SUCCESS;
                    for (PullActions action : profile.getActions()) {
                        action.after(profile, delta, before, result);
                    }
                } catch (Exception e) {
                    throwIgnoreProvisionException(delta, e);
                    result.setStatus(ProvisioningReport.Status.FAILURE);
                    result.setMessage(ExceptionUtils.getRootCauseMessage(e));
                    LOG.error("Could not delete {}", realm, e);
                    output = e;
                }
                finalize(ResourceOperation.DELETE.name().toLowerCase(), resultStatus, before, output, delta);
            }
            results.add(result);
        } catch (DelegatedAdministrationException e) {
            LOG.error("Not allowed to read Realm {}", key, e);
        } catch (Exception e) {
            LOG.error("Could not delete Realm {}", key, e);
        }
    }
    return results;
}
Also used : PropagationTaskTO(org.apache.syncope.common.lib.to.PropagationTaskTO) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) ArrayList(java.util.ArrayList) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) JobExecutionException(org.quartz.JobExecutionException) Result(org.apache.syncope.common.lib.types.AuditElements.Result) SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond) Realm(org.apache.syncope.core.persistence.api.entity.Realm) AnyCond(org.apache.syncope.core.persistence.api.dao.search.AnyCond)

Example 17 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class DefaultRealmPullResultHandler method update.

private List<ProvisioningReport> update(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
    if (!profile.getTask().isPerformUpdate()) {
        LOG.debug("PullTask not configured for update");
        finalize(MatchingRule.toEventName(MatchingRule.UPDATE), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    LOG.debug("About to update {}", keys);
    List<ProvisioningReport> results = new ArrayList<>();
    for (String key : keys) {
        LOG.debug("About to update {}", key);
        ProvisioningReport result = new ProvisioningReport();
        result.setOperation(ResourceOperation.UPDATE);
        result.setAnyType(REALM_TYPE);
        result.setStatus(ProvisioningReport.Status.SUCCESS);
        result.setKey(key);
        Realm realm = realmDAO.find(key);
        RealmTO before = binder.getRealmTO(realm, true);
        if (before == null) {
            result.setStatus(ProvisioningReport.Status.FAILURE);
            result.setMessage(String.format("Realm '%s' not found", key));
        } else {
            result.setName(before.getFullPath());
        }
        if (!profile.isDryRun()) {
            Result resultStatus;
            Object output;
            if (before == null) {
                resultStatus = Result.FAILURE;
                output = null;
            } else {
                try {
                    for (PullActions action : profile.getActions()) {
                        action.beforeUpdate(profile, delta, before, null);
                    }
                    PropagationByResource propByRes = binder.update(realm, before);
                    realm = realmDAO.save(realm);
                    RealmTO updated = binder.getRealmTO(realm, true);
                    List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
                    taskExecutor.execute(tasks, false);
                    for (PullActions action : profile.getActions()) {
                        action.after(profile, delta, updated, result);
                    }
                    output = updated;
                    resultStatus = Result.SUCCESS;
                    result.setName(updated.getFullPath());
                    LOG.debug("{} successfully updated", updated);
                } catch (PropagationException e) {
                    // A propagation failure doesn't imply a pull failure.
                    // The propagation exception status will be reported into the propagation task execution.
                    LOG.error("Could not propagate Realm {}", delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                } catch (Exception e) {
                    throwIgnoreProvisionException(delta, e);
                    result.setStatus(ProvisioningReport.Status.FAILURE);
                    result.setMessage(ExceptionUtils.getRootCauseMessage(e));
                    LOG.error("Could not update Realm {}", delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                }
            }
            finalize(MatchingRule.toEventName(MatchingRule.UPDATE), resultStatus, before, output, delta);
        }
        results.add(result);
    }
    return results;
}
Also used : PropagationTaskTO(org.apache.syncope.common.lib.to.PropagationTaskTO) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) ArrayList(java.util.ArrayList) RealmTO(org.apache.syncope.common.lib.to.RealmTO) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) JobExecutionException(org.quartz.JobExecutionException) Result(org.apache.syncope.common.lib.types.AuditElements.Result) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) Realm(org.apache.syncope.core.persistence.api.entity.Realm)

Example 18 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class RealmITCase method propagate.

@Test
public void propagate() {
    // 1. create realm and add the LDAP resource
    RealmTO realm = new RealmTO();
    realm.setName("test");
    realm.getResources().add(RESOURCE_NAME_LDAP_ORGUNIT);
    RealmTO childRealm = new RealmTO();
    childRealm.setName("child");
    childRealm.getResources().add(RESOURCE_NAME_LDAP_ORGUNIT);
    RealmTO descendantRealm = new RealmTO();
    descendantRealm.setName("test");
    descendantRealm.getResources().add(RESOURCE_NAME_LDAP_ORGUNIT);
    // 2. check propagation
    ProvisioningResult<RealmTO> result = realmService.create("/", realm).readEntity(new GenericType<ProvisioningResult<RealmTO>>() {
    });
    assertNotNull(result);
    assertEquals(1, result.getPropagationStatuses().size());
    assertEquals(RESOURCE_NAME_LDAP_ORGUNIT, result.getPropagationStatuses().get(0).getResource());
    assertEquals(PropagationTaskExecStatus.SUCCESS, result.getPropagationStatuses().get(0).getStatus());
    ProvisioningResult<RealmTO> resultChild = realmService.create("/test", childRealm).readEntity(new GenericType<ProvisioningResult<RealmTO>>() {
    });
    assertNotNull(resultChild);
    assertEquals(1, resultChild.getPropagationStatuses().size());
    assertEquals(RESOURCE_NAME_LDAP_ORGUNIT, resultChild.getPropagationStatuses().get(0).getResource());
    assertEquals(PropagationTaskExecStatus.SUCCESS, resultChild.getPropagationStatuses().get(0).getStatus());
    ProvisioningResult<RealmTO> resultDescendant = realmService.create("/test/child", descendantRealm).readEntity(new GenericType<ProvisioningResult<RealmTO>>() {
    });
    assertNotNull(resultDescendant);
    assertEquals(1, resultDescendant.getPropagationStatuses().size());
    assertEquals(RESOURCE_NAME_LDAP_ORGUNIT, resultDescendant.getPropagationStatuses().get(0).getResource());
    assertEquals(PropagationTaskExecStatus.SUCCESS, resultDescendant.getPropagationStatuses().get(0).getStatus());
    // 3. check on LDAP
    assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=test,o=isp"));
    assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=child,ou=test,o=isp"));
    assertNotNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=test,ou=child,ou=test,o=isp"));
    // 4. remove realms
    realmService.delete("/test/child/test");
    realmService.delete("/test/child");
    realmService.delete("/test");
    // 5. check on LDAP: both realms should be deleted
    assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=test,ou=child,ou=test,o=isp"));
    assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=child,ou=test,o=isp"));
    assertNull(getLdapRemoteObject(RESOURCE_LDAP_ADMIN_DN, RESOURCE_LDAP_ADMIN_PWD, "ou=test,o=isp"));
}
Also used : ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) RealmTO(org.apache.syncope.common.lib.to.RealmTO) Test(org.junit.jupiter.api.Test)

Example 19 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class RealmITCase method delete.

@Test
public void delete() {
    RealmTO realm = new RealmTO();
    realm.setName("deletable3");
    Response response = realmService.create("/even/two", realm);
    RealmTO[] actuals = getObject(response.getLocation(), RealmService.class, RealmTO[].class);
    assertNotNull(actuals);
    assertTrue(actuals.length > 0);
    RealmTO actual = actuals[0];
    realmService.delete(actual.getFullPath());
    try {
        realmService.list(actual.getFullPath());
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.NotFound, e.getType());
    }
}
Also used : Response(javax.ws.rs.core.Response) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Test(org.junit.jupiter.api.Test)

Example 20 with RealmTO

use of org.apache.syncope.common.lib.to.RealmTO in project syncope by apache.

the class JEXLItemTransformerImpl method beforePull.

@Override
public List<Object> beforePull(final Item item, final EntityTO entityTO, final List<Object> values) {
    if (StringUtils.isNotBlank(pullJEXL) && values != null) {
        List<Object> newValues = new ArrayList<>(values.size());
        values.forEach(value -> {
            JexlContext jexlContext = new MapContext();
            jexlContext.set("value", value);
            if (entityTO instanceof AnyTO) {
                JexlUtils.addFieldsToContext((AnyTO) entityTO, jexlContext);
                JexlUtils.addAttrTOsToContext(((AnyTO) entityTO).getPlainAttrs(), jexlContext);
                JexlUtils.addAttrTOsToContext(((AnyTO) entityTO).getDerAttrs(), jexlContext);
                JexlUtils.addAttrTOsToContext(((AnyTO) entityTO).getVirAttrs(), jexlContext);
            } else if (entityTO instanceof RealmTO) {
                JexlUtils.addFieldsToContext((RealmTO) entityTO, jexlContext);
                newValues.add(JexlUtils.evaluate(pullJEXL, jexlContext));
            }
            newValues.add(JexlUtils.evaluate(pullJEXL, jexlContext));
        });
        return newValues;
    }
    return JEXLItemTransformer.super.beforePull(item, entityTO, values);
}
Also used : AnyTO(org.apache.syncope.common.lib.to.AnyTO) ArrayList(java.util.ArrayList) JexlContext(org.apache.commons.jexl3.JexlContext) RealmTO(org.apache.syncope.common.lib.to.RealmTO) MapContext(org.apache.commons.jexl3.MapContext)

Aggregations

RealmTO (org.apache.syncope.common.lib.to.RealmTO)30 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)12 Realm (org.apache.syncope.core.persistence.api.entity.Realm)10 ArrayList (java.util.ArrayList)7 Response (javax.ws.rs.core.Response)7 PropagationByResource (org.apache.syncope.core.provisioning.api.PropagationByResource)7 PullActions (org.apache.syncope.core.provisioning.api.pushpull.PullActions)7 Test (org.junit.jupiter.api.Test)7 PropagationTaskTO (org.apache.syncope.common.lib.to.PropagationTaskTO)6 ProvisioningReport (org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport)6 ImplementationTO (org.apache.syncope.common.lib.to.ImplementationTO)4 ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)4 Result (org.apache.syncope.common.lib.types.AuditElements.Result)4 PropagationException (org.apache.syncope.core.provisioning.api.propagation.PropagationException)4 IgnoreProvisionException (org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException)4 DelegatedAdministrationException (org.apache.syncope.core.spring.security.DelegatedAdministrationException)4 JobExecutionException (org.quartz.JobExecutionException)4 UserTO (org.apache.syncope.common.lib.to.UserTO)3 NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)3 PropagationReporter (org.apache.syncope.core.provisioning.api.propagation.PropagationReporter)3