use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.
the class UserITCase method enforceMandatoryConditionOnDerived.
@Test
public void enforceMandatoryConditionOnDerived() {
ResourceTO resourceTO = resourceService.read(RESOURCE_NAME_CSV);
assertNotNull(resourceTO);
resourceTO.setKey("resource-csv-enforcing");
resourceTO.setEnforceMandatoryCondition(true);
Response response = resourceService.create(resourceTO);
resourceTO = getObject(response.getLocation(), ResourceService.class, ResourceTO.class);
assertNotNull(resourceTO);
try {
UserTO userTO = getUniqueSampleTO("syncope222@apache.org");
userTO.getResources().add(resourceTO.getKey());
userTO.setPassword("newPassword12");
try {
userTO = createUser(userTO).getEntity();
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.RequiredValuesMissing, e.getType());
}
userTO.getAuxClasses().add("csv");
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
assertEquals(Collections.singleton(resourceTO.getKey()), userTO.getResources());
} finally {
resourceService.delete(resourceTO.getKey());
}
}
use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE505DB.
@Test
public void issueSYNCOPE505DB() throws Exception {
// 1. create user
UserTO user = UserITCase.getUniqueSampleTO("syncope505-db@syncope.apache.org");
user.setPassword("security123");
user = createUser(user).getEntity();
assertNotNull(user);
assertTrue(user.getResources().isEmpty());
// 2. Add DBPasswordPropagationActions
ImplementationTO propagationActions = new ImplementationTO();
propagationActions.setKey(DBPasswordPropagationActions.class.getSimpleName());
propagationActions.setEngine(ImplementationEngine.JAVA);
propagationActions.setType(ImplementationType.PROPAGATION_ACTIONS);
propagationActions.setBody(DBPasswordPropagationActions.class.getName());
Response response = implementationService.create(propagationActions);
propagationActions = implementationService.read(propagationActions.getType(), response.getHeaderString(RESTHeaders.RESOURCE_KEY));
assertNotNull(propagationActions);
ResourceTO resourceTO = resourceService.read(RESOURCE_NAME_TESTDB);
assertNotNull(resourceTO);
resourceTO.getPropagationActions().add(propagationActions.getKey());
resourceService.update(resourceTO);
// 3. Add a db resource to the User
UserPatch userPatch = new UserPatch();
userPatch.setKey(user.getKey());
userPatch.getResources().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(RESOURCE_NAME_TESTDB).build());
userPatch.setPassword(new PasswordPatch.Builder().onSyncope(false).resource(RESOURCE_NAME_TESTDB).build());
user = updateUser(userPatch).getEntity();
assertNotNull(user);
assertEquals(1, user.getResources().size());
// 4. Check that the DB resource has the correct password
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
String value = jdbcTemplate.queryForObject("SELECT PASSWORD FROM test WHERE ID=?", String.class, user.getUsername());
assertEquals(Encryptor.getInstance().encode("security123", CipherAlgorithm.SHA1), value.toUpperCase());
// 5. Remove DBPasswordPropagationActions
resourceTO = resourceService.read(RESOURCE_NAME_TESTDB);
assertNotNull(resourceTO);
resourceTO.getPropagationActions().remove(propagationActions.getKey());
resourceService.update(resourceTO);
}
use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.
the class UserIssuesITCase method issueSYNCOPE354.
@Test
public void issueSYNCOPE354() {
// change resource-ldap group mapping for including uniqueMember (need for assertions below)
ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("description".equals(item.getExtAttrName()))).forEachOrdered(item -> {
item.setExtAttrName("uniqueMember");
});
resourceService.update(ldap);
// 1. create group with LDAP resource
GroupTO groupTO = new GroupTO();
groupTO.setName("SYNCOPE354-" + getUUIDString());
groupTO.setRealm("/");
groupTO.getResources().add(RESOURCE_NAME_LDAP);
groupTO = createGroup(groupTO).getEntity();
assertNotNull(groupTO);
// 2. create user with LDAP resource and membership of the above group
UserTO userTO = UserITCase.getUniqueSampleTO("syncope354@syncope.apache.org");
userTO.getResources().add(RESOURCE_NAME_LDAP);
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
userTO = createUser(userTO).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
// 3. read group on resource, check that user DN is included in uniqueMember
ConnObjectTO connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
assertNotNull(connObj);
assertTrue(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
// 4. remove membership
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.DELETE).group(userTO.getMemberships().get(0).getGroupKey()).build());
userTO = updateUser(userPatch).getEntity();
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
// 5. read group on resource, check that user DN was removed from uniqueMember
connObj = resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.GROUP.name(), groupTO.getKey());
assertNotNull(connObj);
assertFalse(connObj.getAttr("uniqueMember").get().getValues().contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
// 6. user has still the LDAP resource assigned - SYNCOPE-1222
userTO = userService.read(userTO.getKey());
assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_LDAP, AnyTypeKind.USER.name(), userTO.getKey()));
// 7. restore original resource-ldap group mapping
ldap.getProvision(AnyTypeKind.GROUP.name()).get().getMapping().getItems().stream().filter(item -> ("uniqueMember".equals(item.getExtAttrName()))).forEachOrdered(item -> {
item.setExtAttrName("description");
});
resourceService.update(ldap);
}
use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.
the class VirAttrITCase method issueSYNCOPE453.
@Test
public void issueSYNCOPE453() {
String resourceName = "issueSYNCOPE453Res" + getUUIDString();
String groupKey = null;
String groupName = "issueSYNCOPE453Group" + getUUIDString();
try {
// -------------------------------------------
// Create a VirAttrITCase ad-hoc
// -------------------------------------------
VirSchemaTO rvirtualdata;
try {
rvirtualdata = schemaService.read(SchemaType.VIRTUAL, "rvirtualdata");
} catch (SyncopeClientException e) {
LOG.warn("rvirtualdata not found, re-creating", e);
rvirtualdata = new VirSchemaTO();
rvirtualdata.setKey("rvirtualdata");
rvirtualdata.setExtAttrName("businessCategory");
rvirtualdata.setResource(RESOURCE_NAME_LDAP);
rvirtualdata.setAnyType(AnyTypeKind.GROUP.name());
rvirtualdata = createSchema(SchemaType.VIRTUAL, rvirtualdata);
}
assertNotNull(rvirtualdata);
if (!"minimal group".equals(rvirtualdata.getAnyTypeClass())) {
LOG.warn("rvirtualdata not in minimal group, restoring");
AnyTypeClassTO minimalGroup = anyTypeClassService.read("minimal group");
minimalGroup.getVirSchemas().add(rvirtualdata.getKey());
anyTypeClassService.update(minimalGroup);
rvirtualdata = schemaService.read(SchemaType.VIRTUAL, rvirtualdata.getKey());
assertEquals("minimal group", rvirtualdata.getAnyTypeClass());
}
// -------------------------------------------
// Create a resource ad-hoc
// -------------------------------------------
ResourceTO resourceTO = new ResourceTO();
resourceTO.setKey(resourceName);
resourceTO.setConnector("be24b061-019d-4e3e-baf0-0a6d0a45cb9c");
ProvisionTO provisionTO = new ProvisionTO();
provisionTO.setAnyType(AnyTypeKind.USER.name());
provisionTO.setObjectClass(ObjectClass.ACCOUNT_NAME);
resourceTO.getProvisions().add(provisionTO);
MappingTO mapping = new MappingTO();
provisionTO.setMapping(mapping);
ItemTO item = new ItemTO();
item.setIntAttrName("fullname");
item.setExtAttrName("ID");
item.setPurpose(MappingPurpose.PROPAGATION);
item.setConnObjectKey(true);
mapping.setConnObjectKeyItem(item);
item = new ItemTO();
item.setIntAttrName("username");
item.setExtAttrName("USERNAME");
item.setPurpose(MappingPurpose.PROPAGATION);
mapping.getItems().add(item);
item = new ItemTO();
item.setIntAttrName("groups[" + groupName + "].rvirtualdata");
item.setExtAttrName("EMAIL");
item.setPurpose(MappingPurpose.PROPAGATION);
mapping.getItems().add(item);
assertNotNull(getObject(resourceService.create(resourceTO).getLocation(), ResourceService.class, ResourceTO.class));
// -------------------------------------------
GroupTO groupTO = new GroupTO();
groupTO.setName(groupName);
groupTO.setRealm("/");
groupTO.getVirAttrs().add(attrTO(rvirtualdata.getKey(), "ml@group.it"));
groupTO.getResources().add(RESOURCE_NAME_LDAP);
groupTO = createGroup(groupTO).getEntity();
groupKey = groupTO.getKey();
assertEquals(1, groupTO.getVirAttrs().size());
assertEquals("ml@group.it", groupTO.getVirAttrs().iterator().next().getValues().get(0));
// -------------------------------------------
// -------------------------------------------
// Create new user
// -------------------------------------------
UserTO userTO = UserITCase.getUniqueSampleTO("syn453@syncope.apache.org");
userTO.getPlainAttrs().add(attrTO("fullname", "123"));
userTO.getResources().clear();
userTO.getResources().add(resourceName);
userTO.getVirAttrs().clear();
userTO.getMemberships().clear();
userTO.getMemberships().add(new MembershipTO.Builder().group(groupTO.getKey()).build());
ProvisioningResult<UserTO> result = createUser(userTO);
assertEquals(2, result.getPropagationStatuses().size());
assertEquals(PropagationTaskExecStatus.SUCCESS, result.getPropagationStatuses().get(0).getStatus());
assertEquals(PropagationTaskExecStatus.SUCCESS, result.getPropagationStatuses().get(1).getStatus());
userTO = result.getEntity();
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
Map<String, Object> actuals = jdbcTemplate.queryForMap("SELECT id, surname, email FROM testpull WHERE id=?", new Object[] { userTO.getPlainAttr("fullname").get().getValues().get(0) });
assertEquals(userTO.getPlainAttr("fullname").get().getValues().get(0), actuals.get("id").toString());
assertEquals("ml@group.it", actuals.get("email"));
// -------------------------------------------
} catch (Exception e) {
LOG.error("Unexpected error", e);
} finally {
// -------------------------------------------
// Delete resource and group ad-hoc
// -------------------------------------------
resourceService.delete(resourceName);
if (groupKey != null) {
groupService.delete(groupKey);
}
// -------------------------------------------
}
}
use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.
the class VirAttrITCase method issueSYNCOPE691.
@Test
public void issueSYNCOPE691() {
ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
try {
ProvisionTO provision = ldap.getProvision(AnyTypeKind.USER.name()).orElse(null);
assertNotNull(provision);
List<ItemTO> mail = provision.getMapping().getItems().stream().filter(item -> "mail".equals(item.getExtAttrName())).collect(Collectors.toList());
provision.getMapping().getItems().removeAll(mail);
provision.getVirSchemas().clear();
ldap.getProvisions().clear();
ldap.getProvisions().add(provision);
ldap.setKey(RESOURCE_NAME_LDAP + "691" + getUUIDString());
resourceService.create(ldap);
ldap = resourceService.read(ldap.getKey());
provision = ldap.getProvision(AnyTypeKind.USER.name()).get();
assertNotNull(provision);
// create new virtual schema for the resource below
VirSchemaTO virSchema = new VirSchemaTO();
virSchema.setKey("syncope691" + getUUIDString());
virSchema.setExtAttrName("mail");
virSchema.setResource(ldap.getKey());
virSchema.setAnyType(provision.getAnyType());
virSchema = createSchema(SchemaType.VIRTUAL, virSchema);
assertNotNull(virSchema);
AnyTypeClassTO newClass = new AnyTypeClassTO();
newClass.setKey("syncope691" + getUUIDString());
newClass.getVirSchemas().add(virSchema.getKey());
Response response = anyTypeClassService.create(newClass);
assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatusInfo().getStatusCode());
newClass = getObject(response.getLocation(), AnyTypeClassService.class, AnyTypeClassTO.class);
// create a new user
UserTO userTO = UserITCase.getUniqueSampleTO("syncope691@syncope.apache.org");
userTO.getAuxClasses().add(newClass.getKey());
userTO.getResources().clear();
userTO.getMemberships().clear();
userTO.getVirAttrs().clear();
AttrTO emailTO = new AttrTO();
emailTO.setSchema(virSchema.getKey());
emailTO.getValues().add("test@issue691.dom1.org");
emailTO.getValues().add("test@issue691.dom2.org");
userTO.getVirAttrs().add(emailTO);
// assign resource-ldap691 to user
userTO.getResources().add(ldap.getKey());
// save user
userTO = createUser(userTO).getEntity();
// make std controls about user
assertNotNull(userTO);
assertTrue(ldap.getKey().equals(userTO.getResources().iterator().next()));
assertEquals(2, userTO.getVirAttrs().iterator().next().getValues().size());
assertTrue(userTO.getVirAttrs().iterator().next().getValues().contains("test@issue691.dom1.org"));
assertTrue(userTO.getVirAttrs().iterator().next().getValues().contains("test@issue691.dom2.org"));
// update user
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
// modify virtual attribute
userPatch.getVirAttrs().add(new AttrTO.Builder().schema(virSchema.getKey()).value("test@issue691.dom3.org").value("test@issue691.dom4.org").build());
UserTO updated = updateUser(userPatch).getEntity();
assertNotNull(updated);
assertEquals(2, updated.getVirAttrs().iterator().next().getValues().size());
assertTrue(updated.getVirAttrs().iterator().next().getValues().contains("test@issue691.dom3.org"));
assertTrue(updated.getVirAttrs().iterator().next().getValues().contains("test@issue691.dom4.org"));
} finally {
try {
resourceService.delete(ldap.getKey());
} catch (Exception ignore) {
// ignore
}
}
}
Aggregations