Example 6 with WorkflowFormTO
use of org.apache.syncope.common.lib.to.WorkflowFormTO in project syncope by apache.
the class UserSelfITCase method updateWithApproval.
@Test
public void updateWithApproval() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// 1. create user as admin
UserTO created = createUser(UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org")).getEntity();
assertNotNull(created);
assertFalse(created.getUsername().endsWith("XX"));
// 2. self-update (username + memberships + resource) - works but needs approval
UserPatch userPatch = new UserPatch();
userPatch.setKey(created.getKey());
userPatch.setUsername(new StringReplacePatchItem.Builder().value(created.getUsername() + "XX").build());
userPatch.getMemberships().add(new MembershipPatch.Builder().operation(PatchOperation.ADD_REPLACE).group("bf825fe1-7320-4a54-bd64-143b5c18ab97").build());
userPatch.getResources().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(RESOURCE_NAME_TESTDB).build());
userPatch.setPassword(new PasswordPatch.Builder().value("newPassword123").onSyncope(false).resource(RESOURCE_NAME_TESTDB).build());
SyncopeClient authClient = clientFactory.create(created.getUsername(), "password123");
UserTO updated = authClient.getService(UserSelfService.class).update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
}).getEntity();
assertNotNull(updated);
assertEquals("updateApproval", updated.getStatus());
assertFalse(updated.getUsername().endsWith("XX"));
assertTrue(updated.getMemberships().isEmpty());
// no propagation happened
assertTrue(updated.getResources().isEmpty());
try {
resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), updated.getKey());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.NotFound, e.getType());
}
// 3. approve self-update as admin
WorkflowFormTO form = userWorkflowService.getFormForUser(updated.getKey());
form = userWorkflowService.claimForm(form.getTaskId());
form.getProperty("approveUpdate").get().setValue(Boolean.TRUE.toString());
updated = userWorkflowService.submitForm(form);
assertNotNull(updated);
assertEquals("active", updated.getStatus());
assertTrue(updated.getUsername().endsWith("XX"));
assertEquals(1, updated.getMemberships().size());
// check that propagation also happened
assertTrue(updated.getResources().contains(RESOURCE_NAME_TESTDB));
assertNotNull(resourceService.readConnObject(RESOURCE_NAME_TESTDB, AnyTypeKind.USER.name(), updated.getKey()));
}
Also used :
GenericType(javax.ws.rs.core.GenericType)
PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch)
StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem)
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
Test(org.junit.jupiter.api.Test)
Example 7 with WorkflowFormTO
use of org.apache.syncope.common.lib.to.WorkflowFormTO in project syncope by apache.
the class UserWorkflowITCase method createWithApproval.
@Test
public void createWithApproval() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// read forms *before* any operation
List<WorkflowFormTO> forms = userWorkflowService.getForms();
assertNotNull(forms);
int preForms = forms.size();
UserTO userTO = UserITCase.getUniqueSampleTO("createWithApproval@syncope.apache.org");
userTO.getResources().add(RESOURCE_NAME_TESTDB);
// User with group 0cbcabd2-4410-4b6b-8f05-a052b451d18f are defined in workflow as subject to approval
userTO.getMemberships().add(new MembershipTO.Builder().group("0cbcabd2-4410-4b6b-8f05-a052b451d18f").build());
// 1. create user and verify that no propagation occurred)
ProvisioningResult<UserTO> result = createUser(userTO);
assertNotNull(result);
userTO = result.getEntity();
assertEquals(1, userTO.getMemberships().size());
assertEquals("0cbcabd2-4410-4b6b-8f05-a052b451d18f", userTO.getMemberships().get(0).getGroupKey());
assertEquals("createApproval", userTO.getStatus());
assertEquals(Collections.singleton(RESOURCE_NAME_TESTDB), userTO.getResources());
assertTrue(result.getPropagationStatuses().isEmpty());
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
Exception exception = null;
try {
jdbcTemplate.queryForObject("SELECT id FROM test WHERE id=?", new String[] { userTO.getUsername() }, Integer.class);
} catch (EmptyResultDataAccessException e) {
exception = e;
}
assertNotNull(exception);
// 2. request if there is any pending form for user just created
forms = userWorkflowService.getForms();
assertNotNull(forms);
assertEquals(preForms + 1, forms.size());
// 3. as admin, request for changes: still pending approval
String updatedUsername = "changed-" + UUID.randomUUID().toString();
userTO.setUsername(updatedUsername);
userWorkflowService.executeTask("default", userTO);
WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey());
assertNotNull(form);
assertNotNull(form.getTaskId());
assertNotNull(form.getUserTO());
assertEquals(updatedUsername, form.getUserTO().getUsername());
assertNull(form.getUserPatch());
assertNull(form.getOwner());
// 4. claim task (as admin)
form = userWorkflowService.claimForm(form.getTaskId());
assertNotNull(form);
assertNotNull(form.getTaskId());
assertNotNull(form.getUserTO());
assertEquals(updatedUsername, form.getUserTO().getUsername());
assertNull(form.getUserPatch());
assertNotNull(form.getOwner());
// 5. approve user (and verify that propagation occurred)
form.getProperty("approveCreate").get().setValue(Boolean.TRUE.toString());
userTO = userWorkflowService.submitForm(form);
assertNotNull(userTO);
assertEquals(updatedUsername, userTO.getUsername());
assertEquals("active", userTO.getStatus());
assertEquals(Collections.singleton(RESOURCE_NAME_TESTDB), userTO.getResources());
String username = queryForObject(jdbcTemplate, 50, "SELECT id FROM test WHERE id=?", String.class, userTO.getUsername());
assertEquals(userTO.getUsername(), username);
// 6. update user
UserPatch userPatch = new UserPatch();
userPatch.setKey(userTO.getKey());
userPatch.setPassword(new PasswordPatch.Builder().value("anotherPassword123").build());
userTO = updateUser(userPatch).getEntity();
assertNotNull(userTO);
}
Also used :
PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
UserTO(org.apache.syncope.common.lib.to.UserTO)
MembershipTO(org.apache.syncope.common.lib.to.MembershipTO)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
Test(org.junit.jupiter.api.Test)
Example 8 with WorkflowFormTO
use of org.apache.syncope.common.lib.to.WorkflowFormTO in project syncope by apache.
the class UserWorkflowITCase method createWithReject.
@Test
public void createWithReject() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
UserTO userTO = UserITCase.getUniqueSampleTO("createWithReject@syncope.apache.org");
userTO.getResources().add(RESOURCE_NAME_TESTDB);
// User with group 9 are defined in workflow as subject to approval
userTO.getMemberships().add(new MembershipTO.Builder().group("0cbcabd2-4410-4b6b-8f05-a052b451d18f").build());
// 1. create user with group 9
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
assertEquals(1, userTO.getMemberships().size());
assertEquals("0cbcabd2-4410-4b6b-8f05-a052b451d18f", userTO.getMemberships().get(0).getGroupKey());
assertEquals("createApproval", userTO.getStatus());
// 2. request if there is any pending task for user just created
WorkflowFormTO form = userWorkflowService.getFormForUser(userTO.getKey());
assertNotNull(form);
assertNotNull(form.getUsername());
assertEquals(userTO.getUsername(), form.getUsername());
assertNotNull(form.getTaskId());
assertNull(form.getOwner());
// 3. claim task as rossini, with role "User manager" granting entitlement to claim forms but not in group 7,
// designated for approval in workflow definition: fail
UserTO rossini = userService.read("1417acbe-cbf6-4277-9372-e75e04f97000");
if (!rossini.getRoles().contains("User manager")) {
UserPatch userPatch = new UserPatch();
userPatch.setKey("1417acbe-cbf6-4277-9372-e75e04f97000");
userPatch.getRoles().add(new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value("User manager").build());
rossini = updateUser(userPatch).getEntity();
}
assertTrue(rossini.getRoles().contains("User manager"));
UserWorkflowService userService2 = clientFactory.create("rossini", ADMIN_PWD).getService(UserWorkflowService.class);
try {
userService2.claimForm(form.getTaskId());
fail("This should not happen");
} catch (SyncopeClientException e) {
assertEquals(ClientExceptionType.Workflow, e.getType());
}
// 4. claim task from bellini, with role "User manager" and in group 7
UserWorkflowService userService3 = clientFactory.create("bellini", ADMIN_PWD).getService(UserWorkflowService.class);
form = userService3.claimForm(form.getTaskId());
assertNotNull(form);
assertNotNull(form.getTaskId());
assertNotNull(form.getOwner());
// 5. reject user
form.getProperty("approveCreate").get().setValue(Boolean.FALSE.toString());
form.getProperty("rejectReason").get().setValue("I don't like him.");
userTO = userService3.submitForm(form);
assertNotNull(userTO);
assertEquals("rejected", userTO.getStatus());
// 6. check that rejected user was not propagated to external resource (SYNCOPE-364)
JdbcTemplate jdbcTemplate = new JdbcTemplate(testDataSource);
Exception exception = null;
try {
jdbcTemplate.queryForObject("SELECT id FROM test WHERE id=?", new String[] { userTO.getUsername() }, Integer.class);
} catch (EmptyResultDataAccessException e) {
exception = e;
}
assertNotNull(exception);
}
Also used :
UserWorkflowService(org.apache.syncope.common.rest.api.service.UserWorkflowService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
MembershipTO(org.apache.syncope.common.lib.to.MembershipTO)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
JdbcTemplate(org.springframework.jdbc.core.JdbcTemplate)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
Test(org.junit.jupiter.api.Test)
Example 9 with WorkflowFormTO
use of org.apache.syncope.common.lib.to.WorkflowFormTO in project syncope by apache.
the class UserWorkflowITCase method updateApproval.
@Test
public void updateApproval() {
assumeTrue(FlowableDetector.isFlowableEnabledForUsers(syncopeService));
// read forms *before* any operation
List<WorkflowFormTO> forms = userWorkflowService.getForms();
assertNotNull(forms);
int preForms = forms.size();
UserTO created = createUser(UserITCase.getUniqueSampleTO("updateApproval@syncope.apache.org")).getEntity();
assertNotNull(created);
assertEquals("/", created.getRealm());
assertEquals(0, created.getMemberships().size());
UserPatch patch = new UserPatch();
patch.setKey(created.getKey());
patch.getMemberships().add(new MembershipPatch.Builder().group("b1f7c12d-ec83-441f-a50e-1691daaedf3b").build());
SyncopeClient client = clientFactory.create(created.getUsername(), "password123");
Response response = client.getService(UserSelfService.class).update(patch);
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
assertEquals("updateApproval", userService.read(created.getKey()).getStatus());
forms = userWorkflowService.getForms();
assertNotNull(forms);
assertEquals(preForms + 1, forms.size());
WorkflowFormTO form = userWorkflowService.getFormForUser(created.getKey());
assertNotNull(form);
assertNotNull(form.getTaskId());
assertNull(form.getOwner());
assertNotNull(form.getUserTO());
assertNotNull(form.getUserPatch());
assertEquals(patch, form.getUserPatch());
// as admin, request for more changes: still pending approval
patch.setRealm(new StringReplacePatchItem.Builder().value("/even/two").build());
response = userService.update(patch);
assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
assertEquals("updateApproval", userService.read(created.getKey()).getStatus());
// the patch is updated in the approval form
form = userWorkflowService.getFormForUser(created.getKey());
assertEquals(patch, form.getUserPatch());
// approve the user
form = userWorkflowService.claimForm(form.getTaskId());
form.getProperty("approveUpdate").get().setValue(Boolean.TRUE.toString());
userWorkflowService.submitForm(form);
// verify that the approved user bears both original and further changes
UserTO approved = userService.read(created.getKey());
assertNotNull(approved);
assertEquals("/even/two", approved.getRealm());
assertEquals(1, approved.getMemberships().size());
assertNotNull(approved.getMembership("b1f7c12d-ec83-441f-a50e-1691daaedf3b").get());
}
Also used :
Response(javax.ws.rs.core.Response)
MembershipPatch(org.apache.syncope.common.lib.patch.MembershipPatch)
StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem)
UserSelfService(org.apache.syncope.common.rest.api.service.UserSelfService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
UserPatch(org.apache.syncope.common.lib.patch.UserPatch)
SyncopeClient(org.apache.syncope.client.lib.SyncopeClient)
Test(org.junit.jupiter.api.Test)
Example 10 with WorkflowFormTO
use of org.apache.syncope.common.lib.to.WorkflowFormTO in project syncope by apache.
the class ApprovalDirectoryPanel method getActions.
@Override
public ActionsPanel<WorkflowFormTO> getActions(final IModel<WorkflowFormTO> model) {
final ActionsPanel<WorkflowFormTO> panel = super.getActions(model);
panel.add(new ActionLink<WorkflowFormTO>() {
private static final long serialVersionUID = -3722207913631435501L;
@Override
public void onClick(final AjaxRequestTarget target, final WorkflowFormTO ignore) {
claimForm(model.getObject().getTaskId());
SyncopeConsoleSession.get().info(getString(Constants.OPERATION_SUCCEEDED));
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
target.add(container);
}
}, ActionLink.ActionType.CLAIM, StandardEntitlement.WORKFLOW_FORM_CLAIM);
panel.add(new ActionLink<WorkflowFormTO>() {
private static final long serialVersionUID = -3722207913631435501L;
@Override
public void onClick(final AjaxRequestTarget target, final WorkflowFormTO ignore) {
manageApprovalModal.setFormModel(new CompoundPropertyModel<>(model.getObject()));
target.add(manageApprovalModal.setContent(new ApprovalModal(manageApprovalModal, pageRef, model.getObject()) {
private static final long serialVersionUID = 5546519445061007248L;
@Override
public void onSubmit(final AjaxRequestTarget target, final Form<?> form) {
try {
super.onSubmit(target, form);
ApprovalDirectoryPanel.this.getTogglePanel().close(target);
} catch (SyncopeClientException e) {
SyncopeConsoleSession.get().error(getString(Constants.ERROR) + ": " + e.getMessage());
}
((BasePage) pageRef.getPage()).getNotificationPanel().refresh(target);
}
}));
manageApprovalModal.header(new Model<>(getString("approval.manage", new Model<>(model.getObject()))));
manageApprovalModal.show(true);
}
@Override
protected boolean statusCondition(final WorkflowFormTO modelObject) {
return SyncopeConsoleSession.get().getSelfTO().getUsername().equals(model.getObject().getOwner());
}
}, ActionLink.ActionType.MANAGE_APPROVAL, StandardEntitlement.WORKFLOW_FORM_READ);
// SYNCOPE-1200 edit user while in approval state
panel.add(new ActionLink<WorkflowFormTO>() {
private static final long serialVersionUID = -3722207913631435501L;
@Override
public void onClick(final AjaxRequestTarget target, final WorkflowFormTO ignore) {
modal.setFormModel(new CompoundPropertyModel<>(model.getObject()));
WorkflowFormTO formTO = model.getObject();
UserTO newUserTO;
UserTO previousUserTO;
if (formTO.getUserPatch() == null) {
newUserTO = formTO.getUserTO();
previousUserTO = null;
} else if (formTO.getUserTO() == null) {
// make it stronger by handling possible NPE
previousUserTO = new UserTO();
previousUserTO.setKey(formTO.getUserPatch().getKey());
newUserTO = AnyOperations.patch(previousUserTO, formTO.getUserPatch());
} else {
previousUserTO = formTO.getUserTO();
formTO.getUserTO().setKey(formTO.getUserPatch().getKey());
formTO.getUserTO().setPassword(null);
newUserTO = AnyOperations.patch(formTO.getUserTO(), formTO.getUserPatch());
}
AjaxWizard.EditItemActionEvent<UserTO> editItemActionEvent = new AjaxWizard.EditItemActionEvent<>(newUserTO, target);
editItemActionEvent.forceModalPanel(new ApprovalUserWizardBuilder(model.getObject(), previousUserTO, newUserTO, new AnyTypeRestClient().read(AnyTypeKind.USER.name()).getClasses(), FormLayoutInfoUtils.fetch(Collections.singletonList(AnyTypeKind.USER.name())).getLeft(), pageRef).build(BaseModal.CONTENT_ID, AjaxWizard.Mode.EDIT));
send(ApprovalDirectoryPanel.this, Broadcast.EXACT, editItemActionEvent);
}
@Override
protected boolean statusCondition(final WorkflowFormTO modelObject) {
return SyncopeConsoleSession.get().getSelfTO().getUsername().equals(model.getObject().getOwner());
}
}, ActionLink.ActionType.EDIT_APPROVAL, StandardEntitlement.WORKFLOW_FORM_SUBMIT);
return panel;
}
Also used :
CompoundPropertyModel(org.apache.wicket.model.CompoundPropertyModel)
AjaxWizard(org.apache.syncope.client.console.wizards.AjaxWizard)
AnyTypeRestClient(org.apache.syncope.client.console.rest.AnyTypeRestClient)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
WorkflowFormTO(org.apache.syncope.common.lib.to.WorkflowFormTO)
AjaxRequestTarget(org.apache.wicket.ajax.AjaxRequestTarget)
UserTO(org.apache.syncope.common.lib.to.UserTO)
IModel(org.apache.wicket.model.IModel)
AbstractReadOnlyModel(org.apache.wicket.model.AbstractReadOnlyModel)
Model(org.apache.wicket.model.Model)
ResourceModel(org.apache.wicket.model.ResourceModel)
CompoundPropertyModel(org.apache.wicket.model.CompoundPropertyModel)
BasePage(org.apache.syncope.client.console.pages.BasePage)
Aggregations
WorkflowFormTO (org.apache.syncope.common.lib.to.WorkflowFormTO)16
UserTO (org.apache.syncope.common.lib.to.UserTO)11
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)8
Test (org.junit.jupiter.api.Test)8
UserPatch (org.apache.syncope.common.lib.patch.UserPatch)7
ArrayList (java.util.ArrayList)5
PasswordPatch (org.apache.syncope.common.lib.patch.PasswordPatch)5
MembershipTO (org.apache.syncope.common.lib.to.MembershipTO)5
Map (java.util.Map)4
WorkflowFormPropertyTO (org.apache.syncope.common.lib.to.WorkflowFormPropertyTO)4
NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)4
FlowableException (org.flowable.engine.common.api.FlowableException)4
Task (org.flowable.task.api.Task)4
JsonNode (com.fasterxml.jackson.databind.JsonNode)3
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)3
IOException (java.io.IOException)3
InputStream (java.io.InputStream)3
OutputStream (java.io.OutputStream)3
Collections (java.util.Collections)3
