Search in sources :

Example 36 with ResourceTO

use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.

the class PullTaskITCase method remediation.

@Test
public void remediation() {
    // First of all, clear any potential conflict with existing user / group
    ldapCleanup();
    // 1. create ldap cloned resource, where 'userId' (mandatory on Syncope) is removed from mapping
    ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
    ldap.setKey("ldapForRemediation");
    ProvisionTO provision = ldap.getProvision(AnyTypeKind.USER.name()).get();
    provision.getVirSchemas().clear();
    provision.getMapping().getItems().removeIf(item -> "userId".equals(item.getIntAttrName()));
    ldap = createResource(ldap);
    // 2. create PullTask with remediation enabled, for the new resource
    PullTaskTO pullTask = (PullTaskTO) taskService.search(new TaskQuery.Builder(TaskType.PULL).resource(RESOURCE_NAME_LDAP).build()).getResult().get(0);
    assertNotNull(pullTask);
    pullTask.setResource(ldap.getKey());
    pullTask.setRemediation(true);
    pullTask.getActions().clear();
    Response response = taskService.create(TaskType.PULL, pullTask);
    if (response.getStatusInfo().getStatusCode() != Response.Status.CREATED.getStatusCode()) {
        throw (RuntimeException) clientFactory.getExceptionMapper().fromResponse(response);
    }
    pullTask = getObject(response.getLocation(), TaskService.class, PullTaskTO.class);
    assertNotNull(pullTask);
    try {
        // 3. execute the pull task and verify that:
        ExecTO execution = execProvisioningTask(taskService, TaskType.PULL, pullTask.getKey(), 50, false);
        assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(execution.getStatus()));
        // 3a. user was not pulled
        try {
            userService.read("pullFromLDAP");
            fail("This should never happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.NotFound, e.getType());
        }
        // 3b. remediation was created
        Optional<RemediationTO> remediation = remediationService.list().stream().filter(r -> "uid=pullFromLDAP,ou=People,o=isp".equalsIgnoreCase(r.getRemoteName())).findFirst();
        assertTrue(remediation.isPresent());
        assertEquals(AnyTypeKind.USER.name(), remediation.get().getAnyType());
        assertEquals(ResourceOperation.CREATE, remediation.get().getOperation());
        assertNotNull(remediation.get().getAnyTOPayload());
        assertNull(remediation.get().getAnyPatchPayload());
        assertNull(remediation.get().getKeyPayload());
        assertTrue(remediation.get().getError().contains("RequiredValuesMissing [userId]"));
        // 4. remedy by copying the email value to userId
        UserTO user = (UserTO) remediation.get().getAnyTOPayload();
        user.getResources().clear();
        String email = user.getPlainAttr("email").get().getValues().get(0);
        user.getPlainAttrs().add(new AttrTO.Builder().schema("userId").value(email).build());
        remediationService.remedy(remediation.get().getKey(), user);
        // 5. user is now found
        user = userService.read("pullFromLDAP");
        assertNotNull(user);
        assertEquals(email, user.getPlainAttr("userId").get().getValues().get(0));
        // 6. remediation was removed
        try {
            remediationService.read(remediation.get().getKey());
            fail("This should never happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.NotFound, e.getType());
        }
    } finally {
        resourceService.delete(ldap.getKey());
    }
}
Also used : ProvisionTO(org.apache.syncope.common.lib.to.ProvisionTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) TaskTO(org.apache.syncope.common.lib.to.TaskTO) Date(java.util.Date) Autowired(org.springframework.beans.factory.annotation.Autowired) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO) ResourceOperation(org.apache.syncope.common.lib.types.ResourceOperation) ResourceDeassociationAction(org.apache.syncope.common.lib.types.ResourceDeassociationAction) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) SpringJUnitConfig(org.springframework.test.context.junit.jupiter.SpringJUnitConfig) LDAPPasswordPullActions(org.apache.syncope.core.provisioning.java.pushpull.LDAPPasswordPullActions) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) Pair(org.apache.commons.lang3.tuple.Pair) BeforeAll(org.junit.jupiter.api.BeforeAll) Locale(java.util.Locale) Map(java.util.Map) RESTHeaders(org.apache.syncope.common.rest.api.RESTHeaders) PagedResult(org.apache.syncope.common.lib.to.PagedResult) FlowableDetector(org.apache.syncope.fit.FlowableDetector) ExecTO(org.apache.syncope.common.lib.to.ExecTO) PullMode(org.apache.syncope.common.lib.types.PullMode) DBPasswordPullActions(org.apache.syncope.core.provisioning.java.pushpull.DBPasswordPullActions) Set(java.util.Set) UUID(java.util.UUID) GroupTO(org.apache.syncope.common.lib.to.GroupTO) StandardCharsets(java.nio.charset.StandardCharsets) ImplementationTO(org.apache.syncope.common.lib.to.ImplementationTO) Test(org.junit.jupiter.api.Test) IOUtils(org.apache.commons.io.IOUtils) ImplementationEngine(org.apache.syncope.common.lib.types.ImplementationEngine) Response(javax.ws.rs.core.Response) DeassociationPatch(org.apache.syncope.common.lib.patch.DeassociationPatch) TestPullActions(org.apache.syncope.fit.core.reference.TestPullActions) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Optional(java.util.Optional) RemediationTO(org.apache.syncope.common.lib.to.RemediationTO) PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) TaskService(org.apache.syncope.common.rest.api.service.TaskService) PropagationTaskExecStatus(org.apache.syncope.common.lib.types.PropagationTaskExecStatus) AttrTO(org.apache.syncope.common.lib.to.AttrTO) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) SerializationUtils(org.apache.commons.lang3.SerializationUtils) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) HashSet(java.util.HashSet) ConnConfProperty(org.apache.syncope.common.lib.types.ConnConfProperty) DataSource(javax.sql.DataSource) ItemTO(org.apache.syncope.common.lib.to.ItemTO) ImplementationType(org.apache.syncope.common.lib.types.ImplementationType) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) AnyQuery(org.apache.syncope.common.rest.api.beans.AnyQuery) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) CipherAlgorithm(org.apache.syncope.common.lib.types.CipherAlgorithm) OutputStream(java.io.OutputStream) SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants) Properties(java.util.Properties) TaskQuery(org.apache.syncope.common.rest.api.beans.TaskQuery) Encryptor(org.apache.syncope.core.spring.security.Encryptor) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) FileOutputStream(java.io.FileOutputStream) IOException(java.io.IOException) FileInputStream(java.io.FileInputStream) Name(org.identityconnectors.framework.common.objects.Name) PolicyType(org.apache.syncope.common.lib.types.PolicyType) PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch) ConnectorCapability(org.apache.syncope.common.lib.types.ConnectorCapability) PullTaskTO(org.apache.syncope.common.lib.to.PullTaskTO) ConnectorService(org.apache.syncope.common.rest.api.service.ConnectorService) ConnInstanceTO(org.apache.syncope.common.lib.to.ConnInstanceTO) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserTO(org.apache.syncope.common.lib.to.UserTO) InputStream(java.io.InputStream) AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO) TaskType(org.apache.syncope.common.lib.types.TaskType) ExecTO(org.apache.syncope.common.lib.to.ExecTO) TaskService(org.apache.syncope.common.rest.api.service.TaskService) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) RemediationTO(org.apache.syncope.common.lib.to.RemediationTO) Response(javax.ws.rs.core.Response) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) UserTO(org.apache.syncope.common.lib.to.UserTO) PullTaskTO(org.apache.syncope.common.lib.to.PullTaskTO) ProvisionTO(org.apache.syncope.common.lib.to.ProvisionTO) Test(org.junit.jupiter.api.Test)

Example 37 with ResourceTO

use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.

the class PushTaskITCase method issueSYNCOPE598.

@Test
public void issueSYNCOPE598() {
    // create a new group schema
    PlainSchemaTO schemaTO = new PlainSchemaTO();
    schemaTO.setKey("LDAPGroupName" + getUUIDString());
    schemaTO.setType(AttrSchemaType.String);
    schemaTO.setMandatoryCondition("true");
    schemaTO = createSchema(SchemaType.PLAIN, schemaTO);
    assertNotNull(schemaTO);
    AnyTypeClassTO typeClass = new AnyTypeClassTO();
    typeClass.setKey("SYNCOPE-598" + getUUIDString());
    typeClass.getPlainSchemas().add(schemaTO.getKey());
    anyTypeClassService.create(typeClass);
    // create a new sample group
    GroupTO groupTO = new GroupTO();
    groupTO.setName("all" + getUUIDString());
    groupTO.setRealm("/even");
    groupTO.getAuxClasses().add(typeClass.getKey());
    groupTO.getPlainAttrs().add(attrTO(schemaTO.getKey(), "all"));
    groupTO = createGroup(groupTO).getEntity();
    assertNotNull(groupTO);
    String resourceName = "resource-ldap-grouponly";
    ResourceTO newResourceTO = null;
    try {
        // Create resource ad-hoc
        ResourceTO resourceTO = new ResourceTO();
        resourceTO.setKey(resourceName);
        resourceTO.setConnector("74141a3b-0762-4720-a4aa-fc3e374ef3ef");
        ProvisionTO provisionTO = new ProvisionTO();
        provisionTO.setAnyType(AnyTypeKind.GROUP.name());
        provisionTO.setObjectClass(ObjectClass.GROUP_NAME);
        provisionTO.getAuxClasses().add(typeClass.getKey());
        resourceTO.getProvisions().add(provisionTO);
        MappingTO mapping = new MappingTO();
        provisionTO.setMapping(mapping);
        ItemTO item = new ItemTO();
        item.setExtAttrName("cn");
        item.setIntAttrName(schemaTO.getKey());
        item.setConnObjectKey(true);
        item.setPurpose(MappingPurpose.BOTH);
        mapping.setConnObjectKeyItem(item);
        mapping.setConnObjectLink("'cn=' + " + schemaTO.getKey() + " + ',ou=groups,o=isp'");
        Response response = resourceService.create(resourceTO);
        newResourceTO = getObject(response.getLocation(), ResourceService.class, ResourceTO.class);
        assertNotNull(newResourceTO);
        assertFalse(newResourceTO.getProvision(AnyTypeKind.USER.name()).isPresent());
        assertNotNull(newResourceTO.getProvision(AnyTypeKind.GROUP.name()).get().getMapping());
        // create push task ad-hoc
        PushTaskTO task = new PushTaskTO();
        task.setName("issueSYNCOPE598");
        task.setActive(true);
        task.setResource(resourceName);
        task.setSourceRealm(SyncopeConstants.ROOT_REALM);
        task.setPerformCreate(true);
        task.setPerformDelete(true);
        task.setPerformUpdate(true);
        task.setUnmatchingRule(UnmatchingRule.ASSIGN);
        task.setMatchingRule(MatchingRule.UPDATE);
        task.getFilters().put(AnyTypeKind.GROUP.name(), SyncopeClient.getGroupSearchConditionBuilder().is("name").equalTo(groupTO.getName()).query());
        response = taskService.create(TaskType.PUSH, task);
        PushTaskTO push = getObject(response.getLocation(), TaskService.class, PushTaskTO.class);
        assertNotNull(push);
        // execute the new task
        ExecTO exec = execProvisioningTask(taskService, TaskType.PUSH, push.getKey(), 50, false);
        assertEquals(PropagationTaskExecStatus.SUCCESS, PropagationTaskExecStatus.valueOf(exec.getStatus()));
    } finally {
        groupService.delete(groupTO.getKey());
        if (newResourceTO != null) {
            resourceService.delete(resourceName);
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) PlainSchemaTO(org.apache.syncope.common.lib.to.PlainSchemaTO) MappingTO(org.apache.syncope.common.lib.to.MappingTO) ExecTO(org.apache.syncope.common.lib.to.ExecTO) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) PushTaskTO(org.apache.syncope.common.lib.to.PushTaskTO) ResourceService(org.apache.syncope.common.rest.api.service.ResourceService) ProvisionTO(org.apache.syncope.common.lib.to.ProvisionTO) AnyTypeClassTO(org.apache.syncope.common.lib.to.AnyTypeClassTO) ItemTO(org.apache.syncope.common.lib.to.ItemTO) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Test(org.junit.jupiter.api.Test)

Example 38 with ResourceTO

use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.

the class ResourceITCase method createOverridingProps.

@Test
public void createOverridingProps() {
    String resourceKey = "overriding-conn-conf-target-resource-create";
    ResourceTO resourceTO = new ResourceTO();
    ProvisionTO provisionTO = new ProvisionTO();
    provisionTO.setAnyType(AnyTypeKind.USER.name());
    provisionTO.setObjectClass(ObjectClass.ACCOUNT_NAME);
    resourceTO.getProvisions().add(provisionTO);
    MappingTO mapping = new MappingTO();
    provisionTO.setMapping(mapping);
    ItemTO item = new ItemTO();
    item.setExtAttrName("uid");
    item.setIntAttrName("userId");
    item.setPurpose(MappingPurpose.BOTH);
    mapping.add(item);
    item = new ItemTO();
    item.setExtAttrName("username");
    item.setIntAttrName("key");
    item.setConnObjectKey(true);
    item.setPurpose(MappingPurpose.BOTH);
    mapping.setConnObjectKeyItem(item);
    item = new ItemTO();
    item.setExtAttrName("fullname");
    item.setIntAttrName("cn");
    item.setConnObjectKey(false);
    item.setPurpose(MappingPurpose.PROPAGATION);
    mapping.add(item);
    resourceTO.setKey(resourceKey);
    resourceTO.setConnector("5ffbb4ac-a8c3-4b44-b699-11b398a1ba08");
    ConnConfProperty prop = new ConnConfProperty();
    ConnConfPropSchema schema = new ConnConfPropSchema();
    schema.setType("java.lang.String");
    schema.setName("endpoint");
    schema.setRequired(true);
    prop.setSchema(schema);
    prop.getValues().add("http://invalidurl/");
    Set<ConnConfProperty> connectorConfigurationProperties = new HashSet<>(Arrays.asList(prop));
    resourceTO.getConfOverride().addAll(connectorConfigurationProperties);
    Response response = resourceService.create(resourceTO);
    ResourceTO actual = getObject(response.getLocation(), ResourceService.class, ResourceTO.class);
    assertNotNull(actual);
    // check the existence
    actual = resourceService.read(resourceKey);
    assertNotNull(actual);
    assertNull(actual.getPropagationPriority());
}
Also used : Response(javax.ws.rs.core.Response) MappingTO(org.apache.syncope.common.lib.to.MappingTO) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) ConnConfProperty(org.apache.syncope.common.lib.types.ConnConfProperty) ProvisionTO(org.apache.syncope.common.lib.to.ProvisionTO) ItemTO(org.apache.syncope.common.lib.to.ItemTO) ConnConfPropSchema(org.apache.syncope.common.lib.types.ConnConfPropSchema) HashSet(java.util.HashSet) Test(org.junit.jupiter.api.Test)

Example 39 with ResourceTO

use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.

the class ResourceITCase method authorizations.

@Test
public void authorizations() {
    SyncopeClient puccini = clientFactory.create("puccini", ADMIN_PWD);
    ResourceService prs = puccini.getService(ResourceService.class);
    // 1. attempt to read a resource for a connector with a different admin realm: fail
    try {
        prs.read(RESOURCE_NAME_WS1);
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
    }
    // 2. read and upate a resource for a connector in the realm for which entitlements are owned: succeed
    try {
        ResourceTO scriptedsql = prs.read(RESOURCE_NAME_DBSCRIPTED);
        assertEquals(TraceLevel.ALL, scriptedsql.getCreateTraceLevel());
        scriptedsql.setCreateTraceLevel(TraceLevel.FAILURES);
        prs.update(scriptedsql);
        scriptedsql = prs.read(RESOURCE_NAME_DBSCRIPTED);
        assertEquals(TraceLevel.FAILURES, scriptedsql.getCreateTraceLevel());
    } finally {
        ResourceTO scriptedsql = resourceService.read(RESOURCE_NAME_DBSCRIPTED);
        scriptedsql.setCreateTraceLevel(TraceLevel.ALL);
        resourceService.update(scriptedsql);
    }
}
Also used : ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) ResourceService(org.apache.syncope.common.rest.api.service.ResourceService) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) Test(org.junit.jupiter.api.Test)

Example 40 with ResourceTO

use of org.apache.syncope.common.lib.to.ResourceTO in project syncope by apache.

the class ResourceITCase method orgUnit.

@Test
public void orgUnit() {
    String resourceKey = "ws-orgunit";
    ResourceTO resourceTO = buildResourceTO(resourceKey);
    assertNull(resourceTO.getOrgUnit());
    assertNull(resourceTO.getPropagationPriority());
    Response response = resourceService.create(resourceTO);
    resourceTO = getObject(response.getLocation(), ResourceService.class, ResourceTO.class);
    assertNotNull(resourceTO);
    assertNull(resourceTO.getOrgUnit());
    OrgUnitTO orgUnit = new OrgUnitTO();
    orgUnit.setConnObjectLink("'ou=' + name + ',o=isp'");
    orgUnit.setObjectClass("organizationalUnit");
    ItemTO item = new ItemTO();
    item.setIntAttrName("name");
    item.setExtAttrName("ou");
    item.setMandatoryCondition("true");
    item.setPurpose(MappingPurpose.BOTH);
    orgUnit.setConnObjectKeyItem(item);
    resourceTO.setOrgUnit(orgUnit);
    resourceService.update(resourceTO);
    assertNull(resourceTO.getPropagationPriority());
    resourceTO = resourceService.read(resourceKey);
    assertNotNull(resourceTO.getOrgUnit());
    resourceTO.setOrgUnit(null);
    resourceTO.setPropagationPriority(11);
    resourceService.update(resourceTO);
    resourceTO = resourceService.read(resourceKey);
    assertNull(resourceTO.getOrgUnit());
    assertEquals(Integer.valueOf(11), resourceTO.getPropagationPriority());
}
Also used : Response(javax.ws.rs.core.Response) OrgUnitTO(org.apache.syncope.common.lib.to.OrgUnitTO) ResourceTO(org.apache.syncope.common.lib.to.ResourceTO) ResourceService(org.apache.syncope.common.rest.api.service.ResourceService) ItemTO(org.apache.syncope.common.lib.to.ItemTO) Test(org.junit.jupiter.api.Test)

Aggregations

ResourceTO (org.apache.syncope.common.lib.to.ResourceTO)61 Test (org.junit.jupiter.api.Test)49 ItemTO (org.apache.syncope.common.lib.to.ItemTO)32 ProvisionTO (org.apache.syncope.common.lib.to.ProvisionTO)29 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)27 Response (javax.ws.rs.core.Response)23 MappingTO (org.apache.syncope.common.lib.to.MappingTO)23 UserTO (org.apache.syncope.common.lib.to.UserTO)17 ConnInstanceTO (org.apache.syncope.common.lib.to.ConnInstanceTO)14 ConnObjectTO (org.apache.syncope.common.lib.to.ConnObjectTO)12 ResourceService (org.apache.syncope.common.rest.api.service.ResourceService)11 UserPatch (org.apache.syncope.common.lib.patch.UserPatch)10 GroupTO (org.apache.syncope.common.lib.to.GroupTO)10 ConnConfProperty (org.apache.syncope.common.lib.types.ConnConfProperty)9 JdbcTemplate (org.springframework.jdbc.core.JdbcTemplate)9 AnyTypeKind (org.apache.syncope.common.lib.types.AnyTypeKind)8 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)8 Assertions.assertFalse (org.junit.jupiter.api.Assertions.assertFalse)8 Assertions.assertNotNull (org.junit.jupiter.api.Assertions.assertNotNull)8 Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)8