Examples with RoleTO org.apache.syncope.common.lib.to.RoleTO used on opensource projects

Search in sources :

Example 11 with RoleTO

use of org.apache.syncope.common.lib.to.RoleTO in project syncope by apache.

the class RoleITCase method dynMembership.

@Test
public void dynMembership() {
    UserTO bellini = userService.read("bellini");
    assertTrue(bellini.getDynRoles().isEmpty());
    assertTrue(bellini.getPrivileges().isEmpty());
    RoleTO role = getSampleRoleTO("dynMembership");
    role.getPrivileges().add("getMighty");
    role.setDynMembershipCond("cool==true");
    Response response = roleService.create(role);
    role = getObject(response.getLocation(), RoleService.class, RoleTO.class);
    assertNotNull(role);
    bellini = userService.read("bellini");
    assertTrue(bellini.getDynRoles().contains(role.getKey()));
    assertTrue(bellini.getPrivileges().contains("getMighty"));
    role.setDynMembershipCond("cool==false");
    roleService.update(role);
    bellini = userService.read("bellini");
    assertTrue(bellini.getDynMemberships().isEmpty());
    assertTrue(bellini.getPrivileges().isEmpty());
}
Also used : Response(javax.ws.rs.core.Response) RoleService(org.apache.syncope.common.rest.api.service.RoleService) UserTO(org.apache.syncope.common.lib.to.UserTO) RoleTO(org.apache.syncope.common.lib.to.RoleTO) Test(org.junit.jupiter.api.Test)

Example 12 with RoleTO

use of org.apache.syncope.common.lib.to.RoleTO in project syncope by apache.

the class RoleITCase method list.

@Test
public void list() {
    List<RoleTO> roleTOs = roleService.list();
    assertNotNull(roleTOs);
    assertFalse(roleTOs.isEmpty());
    for (RoleTO instance : roleTOs) {
        assertNotNull(instance);
    }
}
Also used : RoleTO(org.apache.syncope.common.lib.to.RoleTO) Test(org.junit.jupiter.api.Test)

Example 13 with RoleTO

use of org.apache.syncope.common.lib.to.RoleTO in project syncope by apache.

the class ApplicationITCase method crud.

@Test
public void crud() {
    // 1. create application
    ApplicationTO application = new ApplicationTO();
    application.setKey(UUID.randomUUID().toString());
    PrivilegeTO privilegeTO = new PrivilegeTO();
    privilegeTO.setKey(UUID.randomUUID().toString());
    privilegeTO.setSpec("{ \"one\": true }");
    application.getPrivileges().add(privilegeTO);
    privilegeTO = new PrivilegeTO();
    privilegeTO.setKey(UUID.randomUUID().toString());
    privilegeTO.setSpec("{ \"two\": true }");
    application.getPrivileges().add(privilegeTO);
    privilegeTO = new PrivilegeTO();
    privilegeTO.setKey(UUID.randomUUID().toString());
    privilegeTO.setSpec("{ \"three\": true }");
    application.getPrivileges().add(privilegeTO);
    Response response = applicationService.create(application);
    assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatusInfo().getStatusCode());
    application = getObject(response.getLocation(), ApplicationService.class, ApplicationTO.class);
    assertNotNull(application);
    assertNull(application.getDescription());
    assertEquals(3, application.getPrivileges().size());
    // 2. update application
    application.setDescription("A description");
    application.getPrivileges().remove(1);
    applicationService.update(application);
    application = applicationService.read(application.getKey());
    assertNotNull(application);
    assertNotNull(application.getDescription());
    assertEquals(2, application.getPrivileges().size());
    // 3. assign application's privileges to a new role
    RoleTO role = new RoleTO();
    role.setKey("privileged");
    role.getPrivileges().addAll(application.getPrivileges().stream().map(EntityTO::getKey).collect(Collectors.toList()));
    response = roleService.create(role);
    assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatusInfo().getStatusCode());
    role = getObject(response.getLocation(), RoleService.class, RoleTO.class);
    assertNotNull(role);
    assertEquals(2, role.getPrivileges().size());
    // 4. delete application => delete privileges
    applicationService.delete(application.getKey());
    try {
        applicationService.read(application.getKey());
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.NotFound, e.getType());
    }
    role = roleService.read(role.getKey());
    assertNotNull(role);
    assertTrue(role.getPrivileges().isEmpty());
}
Also used : Response(javax.ws.rs.core.Response) EntityTO(org.apache.syncope.common.lib.to.EntityTO) RoleService(org.apache.syncope.common.rest.api.service.RoleService) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) ApplicationTO(org.apache.syncope.common.lib.to.ApplicationTO) PrivilegeTO(org.apache.syncope.common.lib.to.PrivilegeTO) RoleTO(org.apache.syncope.common.lib.to.RoleTO) ApplicationService(org.apache.syncope.common.rest.api.service.ApplicationService) Test(org.junit.jupiter.api.Test)

Example 14 with RoleTO

use of org.apache.syncope.common.lib.to.RoleTO in project syncope by apache.

the class AuthenticationITCase method anyTypeEntitlement.

@Test
public void anyTypeEntitlement() {
    final String anyTypeKey = "FOLDER " + getUUIDString();
    // 1. no entitlement exists (yet) for the any type to be created
    assertFalse(syncopeService.platform().getEntitlements().stream().anyMatch(entitlement -> entitlement.contains(anyTypeKey)));
    // 2. create plain schema, any type class and any type
    PlainSchemaTO path = new PlainSchemaTO();
    path.setKey("path" + getUUIDString());
    path.setType(AttrSchemaType.String);
    path = createSchema(SchemaType.PLAIN, path);
    AnyTypeClassTO anyTypeClass = new AnyTypeClassTO();
    anyTypeClass.setKey("folder" + getUUIDString());
    anyTypeClass.getPlainSchemas().add(path.getKey());
    anyTypeClassService.create(anyTypeClass);
    AnyTypeTO anyTypeTO = new AnyTypeTO();
    anyTypeTO.setKey(anyTypeKey);
    anyTypeTO.setKind(AnyTypeKind.ANY_OBJECT);
    anyTypeTO.getClasses().add(anyTypeClass.getKey());
    anyTypeService.create(anyTypeTO);
    // 2. now entitlement exists for the any type just created
    assertTrue(syncopeService.platform().getEntitlements().stream().anyMatch(entitlement -> entitlement.contains(anyTypeKey)));
    // 3. attempt to create an instance of the type above: fail because no entitlement was assigned
    AnyObjectTO folder = new AnyObjectTO();
    folder.setName("home");
    folder.setRealm(SyncopeConstants.ROOT_REALM);
    folder.setType(anyTypeKey);
    folder.getPlainAttrs().add(attrTO(path.getKey(), "/home"));
    SyncopeClient belliniClient = clientFactory.create("bellini", ADMIN_PWD);
    try {
        belliniClient.getService(AnyObjectService.class).create(folder);
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
    }
    // 4. give create entitlement for the any type just created
    RoleTO role = new RoleTO();
    role.setKey("role" + getUUIDString());
    role.getRealms().add(SyncopeConstants.ROOT_REALM);
    role.getEntitlements().add(anyTypeKey + "_READ");
    role.getEntitlements().add(anyTypeKey + "_CREATE");
    role = createRole(role);
    UserTO bellini = userService.read("bellini");
    UserPatch patch = new UserPatch();
    patch.setKey(bellini.getKey());
    patch.getRoles().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(role.getKey()).build());
    bellini = updateUser(patch).getEntity();
    assertTrue(bellini.getRoles().contains(role.getKey()));
    // 5. now the instance of the type above can be created successfully
    belliniClient.logout();
    belliniClient.login(new BasicAuthenticationHandler("bellini", ADMIN_PWD));
    belliniClient.getService(AnyObjectService.class).create(folder);
}
Also used : StringPatchItem(org.apache.syncope.common.lib.patch.StringPatchItem) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Autowired(org.springframework.beans.factory.annotation.Autowired) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) ResourceDeassociationAction(org.apache.syncope.common.lib.types.ResourceDeassociationAction) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) SpringJUnitConfig(org.springframework.test.context.junit.jupiter.SpringJUnitConfig) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) Pair(org.apache.commons.lang3.tuple.Pair) AttrSchemaType(org.apache.syncope.common.lib.types.AttrSchemaType) Map(java.util.Map) RESTHeaders(org.apache.syncope.common.rest.api.RESTHeaders) PagedResult(org.apache.syncope.common.lib.to.PagedResult) FlowableDetector(org.apache.syncope.fit.FlowableDetector) BasicAuthenticationHandler(org.apache.syncope.client.lib.BasicAuthenticationHandler) BulkActionResult(org.apache.syncope.common.lib.to.BulkActionResult) SchemaService(org.apache.syncope.common.rest.api.service.SchemaService) Set(java.util.Set) WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO) SchemaType(org.apache.syncope.common.lib.types.SchemaType) Collectors(java.util.stream.Collectors) StatusPatch(org.apache.syncope.common.lib.patch.StatusPatch) GenericType(javax.ws.rs.core.GenericType) Test(org.junit.jupiter.api.Test) Response(javax.ws.rs.core.Response) DeassociationPatch(org.apache.syncope.common.lib.patch.DeassociationPatch) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) AccessControlException(java.security.AccessControlException) Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) StandardEntitlement(org.apache.syncope.common.lib.types.StandardEntitlement) AnonymousAuthenticationHandler(org.apache.syncope.client.lib.AnonymousAuthenticationHandler) UserService(org.apache.syncope.common.rest.api.service.UserService) JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate) PlainSchemaTO(org.apache.syncope.common.lib.to.PlainSchemaTO) RoleTO(org.apache.syncope.common.lib.to.RoleTO) Assumptions.assumeTrue(org.junit.jupiter.api.Assumptions.assumeTrue) DataSource(javax.sql.DataSource) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) AbstractITCase(org.apache.syncope.fit.AbstractITCase) AnyQuery(org.apache.syncope.common.rest.api.beans.AnyQuery) AnyObjectService(org.apache.syncope.common.rest.api.service.AnyObjectService) MembershipTO(org.apache.syncope.common.lib.to.MembershipTO) CipherAlgorithm(org.apache.syncope.common.lib.types.CipherAlgorithm) AnyTypeClassTO(org.apache.syncope.common.lib.to.AnyTypeClassTO) SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants) Encryptor(org.apache.syncope.core.spring.security.Encryptor) ForbiddenException(javax.ws.rs.ForbiddenException) StatusPatchType(org.apache.syncope.common.lib.types.StatusPatchType) AnyTypeTO(org.apache.syncope.common.lib.to.AnyTypeTO) PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch) PatchOperation(org.apache.syncope.common.lib.types.PatchOperation) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserTO(org.apache.syncope.common.lib.to.UserTO) AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) AnyTypeTO(org.apache.syncope.common.lib.to.AnyTypeTO) RoleTO(org.apache.syncope.common.lib.to.RoleTO) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) PlainSchemaTO(org.apache.syncope.common.lib.to.PlainSchemaTO) AnyObjectTO(org.apache.syncope.common.lib.to.AnyObjectTO) AnyObjectService(org.apache.syncope.common.rest.api.service.AnyObjectService) UserTO(org.apache.syncope.common.lib.to.UserTO) BasicAuthenticationHandler(org.apache.syncope.client.lib.BasicAuthenticationHandler) AnyTypeClassTO(org.apache.syncope.common.lib.to.AnyTypeClassTO) Test(org.junit.jupiter.api.Test)

Example 15 with RoleTO

use of org.apache.syncope.common.lib.to.RoleTO in project syncope by apache.

the class AuthenticationITCase method delegatedUserCRUD.

@Test
public void delegatedUserCRUD() {
    String roleKey = null;
    String delegatedAdminKey = null;
    try {
        // 1. create role for full user administration, under realm /even/two
        RoleTO role = new RoleTO();
        role.setKey("Delegated user admin");
        role.getEntitlements().add(StandardEntitlement.USER_CREATE);
        role.getEntitlements().add(StandardEntitlement.USER_UPDATE);
        role.getEntitlements().add(StandardEntitlement.USER_DELETE);
        role.getEntitlements().add(StandardEntitlement.USER_SEARCH);
        role.getEntitlements().add(StandardEntitlement.USER_READ);
        role.getRealms().add("/even/two");
        roleKey = roleService.create(role).getHeaderString(RESTHeaders.RESOURCE_KEY);
        assertNotNull(roleKey);
        // 2. as admin, create delegated admin user, and assign the role just created
        UserTO delegatedAdmin = UserITCase.getUniqueSampleTO("admin@syncope.apache.org");
        delegatedAdmin.getRoles().add(roleKey);
        delegatedAdmin = createUser(delegatedAdmin).getEntity();
        delegatedAdminKey = delegatedAdmin.getKey();
        // 3. instantiate a delegate user service client, for further operatins
        UserService delegatedUserService = clientFactory.create(delegatedAdmin.getUsername(), "password123").getService(UserService.class);
        // 4. as delegated, create user under realm / -> fail
        UserTO user = UserITCase.getUniqueSampleTO("delegated@syncope.apache.org");
        try {
            delegatedUserService.create(user, true);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
        }
        // 5. set realm to /even/two -> succeed
        user.setRealm("/even/two");
        Response response = delegatedUserService.create(user, true);
        assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
        user = response.readEntity(new GenericType<ProvisioningResult<UserTO>>() {
        }).getEntity();
        assertEquals("surname", user.getPlainAttr("surname").get().getValues().get(0));
        // 5. as delegated, update user attempting to move under realm / -> fail
        UserPatch userPatch = new UserPatch();
        userPatch.setKey(user.getKey());
        userPatch.setRealm(new StringReplacePatchItem.Builder().value("/odd").build());
        userPatch.getPlainAttrs().add(attrAddReplacePatch("surname", "surname2"));
        try {
            delegatedUserService.update(userPatch);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
        }
        // 6. revert realm change -> succeed
        userPatch.setRealm(null);
        response = delegatedUserService.update(userPatch);
        assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
        user = response.readEntity(new GenericType<ProvisioningResult<UserTO>>() {
        }).getEntity();
        assertEquals("surname2", user.getPlainAttr("surname").get().getValues().get(0));
        // 7. as delegated, delete user
        delegatedUserService.delete(user.getKey());
        try {
            userService.read(user.getKey());
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.NotFound, e.getType());
        }
    } finally {
        if (roleKey != null) {
            roleService.delete(roleKey);
        }
        if (delegatedAdminKey != null) {
            userService.delete(delegatedAdminKey);
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) UserService(org.apache.syncope.common.rest.api.service.UserService) UserTO(org.apache.syncope.common.lib.to.UserTO) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) RoleTO(org.apache.syncope.common.lib.to.RoleTO) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) Test(org.junit.jupiter.api.Test)

Aggregations

RoleTO (org.apache.syncope.common.lib.to.RoleTO)18 Test (org.junit.jupiter.api.Test)12 Response (javax.ws.rs.core.Response)8 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)8 UserTO (org.apache.syncope.common.lib.to.UserTO)6 UserPatch (org.apache.syncope.common.lib.patch.UserPatch)4 RoleService (org.apache.syncope.common.rest.api.service.RoleService)4 AbstractITCase (org.apache.syncope.fit.AbstractITCase)4 Assertions.assertEquals (org.junit.jupiter.api.Assertions.assertEquals)4 Assertions.assertNotNull (org.junit.jupiter.api.Assertions.assertNotNull)4 Assertions.assertTrue (org.junit.jupiter.api.Assertions.assertTrue)4 SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)3 AnyTypeTO (org.apache.syncope.common.lib.to.AnyTypeTO)3 PagedResult (org.apache.syncope.common.lib.to.PagedResult)3 ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)3 AnyTypeKind (org.apache.syncope.common.lib.types.AnyTypeKind)3 ClientExceptionType (org.apache.syncope.common.lib.types.ClientExceptionType)3 AnyQuery (org.apache.syncope.common.rest.api.beans.AnyQuery)3 UserService (org.apache.syncope.common.rest.api.service.UserService)3 Assertions.assertFalse (org.junit.jupiter.api.Assertions.assertFalse)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial