Example 1 with SchemaService
use of org.apache.syncope.common.rest.api.service.SchemaService in project syncope by apache.
the class VirSchemaITCase method anonymous.
@Test
public void anonymous() {
SchemaService unauthenticated = clientFactory.create().getService(SchemaService.class);
try {
unauthenticated.search(new SchemaQuery.Builder().type(SchemaType.VIRTUAL).build());
fail("This should not happen");
} catch (AccessControlException e) {
assertNotNull(e);
}
SchemaService anonymous = clientFactory.create(new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY)).getService(SchemaService.class);
assertFalse(anonymous.search(new SchemaQuery.Builder().type(SchemaType.VIRTUAL).build()).isEmpty());
}
Also used :
SchemaService(org.apache.syncope.common.rest.api.service.SchemaService)
AccessControlException(java.security.AccessControlException)
AnonymousAuthenticationHandler(org.apache.syncope.client.lib.AnonymousAuthenticationHandler)
SchemaQuery(org.apache.syncope.common.rest.api.beans.SchemaQuery)
Test(org.junit.jupiter.api.Test)
Example 2 with SchemaService
use of org.apache.syncope.common.rest.api.service.SchemaService in project syncope by apache.
the class AuthenticationITCase method userSchemaAuthorization.
@Test
public void userSchemaAuthorization() {
String schemaName = "authTestSchema" + getUUIDString();
// 1. create a schema (as admin)
PlainSchemaTO schemaTO = new PlainSchemaTO();
schemaTO.setKey(schemaName);
schemaTO.setMandatoryCondition("false");
schemaTO.setType(AttrSchemaType.String);
PlainSchemaTO newPlainSchemaTO = createSchema(SchemaType.PLAIN, schemaTO);
assertEquals(schemaTO, newPlainSchemaTO);
// 2. create an user with the role created above (as admin)
UserTO userTO = UserITCase.getUniqueSampleTO("auth@test.org");
userTO = createUser(userTO).getEntity();
assertNotNull(userTO);
// 3. read the schema created above (as admin) - success
schemaTO = schemaService.read(SchemaType.PLAIN, schemaName);
assertNotNull(schemaTO);
// 4. read the schema created above (as user) - success
SchemaService schemaService2 = clientFactory.create(userTO.getUsername(), "password123").getService(SchemaService.class);
schemaTO = schemaService2.read(SchemaType.PLAIN, schemaName);
assertNotNull(schemaTO);
// 5. update the schema create above (as user) - failure
try {
schemaService2.update(SchemaType.PLAIN, schemaTO);
fail("Schema update as user should not work");
} catch (ForbiddenException e) {
assertNotNull(e);
}
assertEquals(0, getFailedLogins(userService, userTO.getKey()));
}
Also used :
PlainSchemaTO(org.apache.syncope.common.lib.to.PlainSchemaTO)
ForbiddenException(javax.ws.rs.ForbiddenException)
SchemaService(org.apache.syncope.common.rest.api.service.SchemaService)
UserTO(org.apache.syncope.common.lib.to.UserTO)
Test(org.junit.jupiter.api.Test)
Example 3 with SchemaService
use of org.apache.syncope.common.rest.api.service.SchemaService in project syncope by apache.
the class SchemaResource method newResourceResponse.
@Override
protected AbstractResource.ResourceResponse newResourceResponse(final IResource.Attributes attributes) {
LOG.debug("Search all {} any type kind related schemas", AnyTypeKind.USER.name());
ResourceResponse response = new AbstractResource.ResourceResponse();
response.setContentType(MediaType.APPLICATION_JSON);
try {
HttpServletRequest request = (HttpServletRequest) attributes.getRequest().getContainerRequest();
if (!xsrfCheck(request)) {
LOG.error("XSRF TOKEN does not match");
response.setError(Response.Status.BAD_REQUEST.getStatusCode(), "XSRF TOKEN does not match");
return response;
}
List<String> classes = Collections.emptyList();
String group = attributes.getParameters().get("group").toString();
if (group != null) {
try {
TypeExtensionTO typeExt = SyncopeEnduserSession.get().getService(SyncopeService.class).readUserTypeExtension(group);
classes = typeExt.getAuxClasses();
} catch (Exception e) {
LOG.error("Could not read User type extension for Group {}", group);
}
} else {
String anyTypeClass = attributes.getParameters().get("anyTypeClass").toString();
if (anyTypeClass != null) {
classes = Collections.singletonList(anyTypeClass);
} else {
classes = SyncopeEnduserSession.get().getService(SyncopeService.class).platform().getUserClasses();
}
}
// USER from customization, if empty or null ignore it, use it to filter attributes otherwise
Map<String, CustomAttributesInfo> customForm = SyncopeEnduserApplication.get().getCustomForm();
SchemaService schemaService = SyncopeEnduserSession.get().getService(SchemaService.class);
final List<SchemaTO> plainSchemas = classes.isEmpty() ? Collections.<SchemaTO>emptyList() : customForm == null || customForm.isEmpty() || customForm.get(SchemaType.PLAIN.name()) == null ? schemaService.search(new SchemaQuery.Builder().type(SchemaType.PLAIN).anyTypeClasses(classes).build()) : customForm.get(SchemaType.PLAIN.name()).isShow() ? customizeSchemas(schemaService.search(new SchemaQuery.Builder().type(SchemaType.PLAIN).anyTypeClasses(classes).build()), group, customForm.get(SchemaType.PLAIN.name()).getAttributes()) : Collections.<SchemaTO>emptyList();
final List<SchemaTO> derSchemas = classes.isEmpty() ? Collections.<SchemaTO>emptyList() : customForm == null || customForm.isEmpty() || customForm.get(SchemaType.DERIVED.name()) == null ? schemaService.search(new SchemaQuery.Builder().type(SchemaType.DERIVED).anyTypeClasses(classes).build()) : customForm.get(SchemaType.DERIVED.name()).isShow() ? customizeSchemas(schemaService.search(new SchemaQuery.Builder().type(SchemaType.DERIVED).anyTypeClasses(classes).build()), group, customForm.get(SchemaType.DERIVED.name()).getAttributes()) : Collections.<SchemaTO>emptyList();
final List<SchemaTO> virSchemas = classes.isEmpty() ? Collections.<SchemaTO>emptyList() : customForm == null || customForm.isEmpty() || customForm.get(SchemaType.VIRTUAL.name()) == null ? schemaService.search(new SchemaQuery.Builder().type(SchemaType.VIRTUAL).anyTypeClasses(classes).build()) : customForm.get(SchemaType.VIRTUAL.name()).isShow() ? customizeSchemas(schemaService.search(new SchemaQuery.Builder().type(SchemaType.VIRTUAL).anyTypeClasses(classes).build()), group, customForm.get(SchemaType.VIRTUAL.name()).getAttributes()) : Collections.<SchemaTO>emptyList();
if (group != null) {
plainSchemas.forEach(schema -> {
schema.setKey(compositeSchemaKey(group, schema.getKey()));
});
derSchemas.forEach(schema -> {
schema.setKey(compositeSchemaKey(group, schema.getKey()));
});
virSchemas.forEach(schema -> {
schema.setKey(compositeSchemaKey(group, schema.getKey()));
});
}
response.setTextEncoding(StandardCharsets.UTF_8.name());
response.setWriteCallback(new AbstractResource.WriteCallback() {
@Override
public void writeData(final IResource.Attributes attributes) throws IOException {
attributes.getResponse().write(MAPPER.writeValueAsString(new SchemaResponse().plainSchemas(plainSchemas).derSchemas(derSchemas).virSchemas(virSchemas)));
}
});
response.setStatusCode(Response.Status.OK.getStatusCode());
} catch (Exception e) {
LOG.error("Error retrieving {} any type kind related schemas", AnyTypeKind.USER.name(), e);
response.setError(Response.Status.BAD_REQUEST.getStatusCode(), new StringBuilder().append("ErrorMessage{{ ").append(e.getMessage()).append(" }}").toString());
}
return response;
}
Also used :
AbstractResource(org.apache.wicket.request.resource.AbstractResource)
IOException(java.io.IOException)
TypeExtensionTO(org.apache.syncope.common.lib.to.TypeExtensionTO)
IOException(java.io.IOException)
HttpServletRequest(javax.servlet.http.HttpServletRequest)
SyncopeService(org.apache.syncope.common.rest.api.service.SyncopeService)
SchemaService(org.apache.syncope.common.rest.api.service.SchemaService)
SchemaTO(org.apache.syncope.common.lib.to.SchemaTO)
SchemaResponse(org.apache.syncope.client.enduser.model.SchemaResponse)
CustomAttributesInfo(org.apache.syncope.client.enduser.model.CustomAttributesInfo)
IResource(org.apache.wicket.request.resource.IResource)
Aggregations
SchemaService (org.apache.syncope.common.rest.api.service.SchemaService)3
Test (org.junit.jupiter.api.Test)2
IOException (java.io.IOException)1
AccessControlException (java.security.AccessControlException)1
HttpServletRequest (javax.servlet.http.HttpServletRequest)1
ForbiddenException (javax.ws.rs.ForbiddenException)1
CustomAttributesInfo (org.apache.syncope.client.enduser.model.CustomAttributesInfo)1
SchemaResponse (org.apache.syncope.client.enduser.model.SchemaResponse)1
AnonymousAuthenticationHandler (org.apache.syncope.client.lib.AnonymousAuthenticationHandler)1
PlainSchemaTO (org.apache.syncope.common.lib.to.PlainSchemaTO)1
SchemaTO (org.apache.syncope.common.lib.to.SchemaTO)1
TypeExtensionTO (org.apache.syncope.common.lib.to.TypeExtensionTO)1
UserTO (org.apache.syncope.common.lib.to.UserTO)1
SchemaQuery (org.apache.syncope.common.rest.api.beans.SchemaQuery)1
SyncopeService (org.apache.syncope.common.rest.api.service.SyncopeService)1
AbstractResource (org.apache.wicket.request.resource.AbstractResource)1
IResource (org.apache.wicket.request.resource.IResource)1
