Examples with UserService org.apache.syncope.common.rest.api.service.UserService used on opensource projects

Search in sources :

Example 6 with UserService

use of org.apache.syncope.common.rest.api.service.UserService in project syncope by apache.

the class AuthenticationITCase method checkFailedLogins.

@Test
public void checkFailedLogins() {
    UserTO userTO = UserITCase.getUniqueSampleTO("checkFailedLogin@syncope.apache.org");
    userTO.getRoles().add("User manager");
    userTO = createUser(userTO).getEntity();
    assertNotNull(userTO);
    String userKey = userTO.getKey();
    UserService userService2 = clientFactory.create(userTO.getUsername(), "password123").getService(UserService.class);
    assertEquals(0, getFailedLogins(userService2, userKey));
    // authentications failed ...
    try {
        clientFactory.create(userTO.getUsername(), "wrongpwd1");
        fail("This should not happen");
    } catch (AccessControlException e) {
        assertNotNull(e);
    }
    try {
        clientFactory.create(userTO.getUsername(), "wrongpwd1");
        fail("This should not happen");
    } catch (AccessControlException e) {
        assertNotNull(e);
    }
    assertEquals(2, getFailedLogins(userService, userKey));
    UserService userService4 = clientFactory.create(userTO.getUsername(), "password123").getService(UserService.class);
    assertEquals(0, getFailedLogins(userService4, userKey));
}
Also used : UserService(org.apache.syncope.common.rest.api.service.UserService) UserTO(org.apache.syncope.common.lib.to.UserTO) AccessControlException(java.security.AccessControlException) Test(org.junit.jupiter.api.Test)

Example 7 with UserService

use of org.apache.syncope.common.rest.api.service.UserService in project syncope by apache.

the class AuthenticationITCase method delegatedUserCRUD.

@Test
public void delegatedUserCRUD() {
    String roleKey = null;
    String delegatedAdminKey = null;
    try {
        // 1. create role for full user administration, under realm /even/two
        RoleTO role = new RoleTO();
        role.setKey("Delegated user admin");
        role.getEntitlements().add(StandardEntitlement.USER_CREATE);
        role.getEntitlements().add(StandardEntitlement.USER_UPDATE);
        role.getEntitlements().add(StandardEntitlement.USER_DELETE);
        role.getEntitlements().add(StandardEntitlement.USER_SEARCH);
        role.getEntitlements().add(StandardEntitlement.USER_READ);
        role.getRealms().add("/even/two");
        roleKey = roleService.create(role).getHeaderString(RESTHeaders.RESOURCE_KEY);
        assertNotNull(roleKey);
        // 2. as admin, create delegated admin user, and assign the role just created
        UserTO delegatedAdmin = UserITCase.getUniqueSampleTO("admin@syncope.apache.org");
        delegatedAdmin.getRoles().add(roleKey);
        delegatedAdmin = createUser(delegatedAdmin).getEntity();
        delegatedAdminKey = delegatedAdmin.getKey();
        // 3. instantiate a delegate user service client, for further operatins
        UserService delegatedUserService = clientFactory.create(delegatedAdmin.getUsername(), "password123").getService(UserService.class);
        // 4. as delegated, create user under realm / -> fail
        UserTO user = UserITCase.getUniqueSampleTO("delegated@syncope.apache.org");
        try {
            delegatedUserService.create(user, true);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
        }
        // 5. set realm to /even/two -> succeed
        user.setRealm("/even/two");
        Response response = delegatedUserService.create(user, true);
        assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
        user = response.readEntity(new GenericType<ProvisioningResult<UserTO>>() {
        }).getEntity();
        assertEquals("surname", user.getPlainAttr("surname").get().getValues().get(0));
        // 5. as delegated, update user attempting to move under realm / -> fail
        UserPatch userPatch = new UserPatch();
        userPatch.setKey(user.getKey());
        userPatch.setRealm(new StringReplacePatchItem.Builder().value("/odd").build());
        userPatch.getPlainAttrs().add(attrAddReplacePatch("surname", "surname2"));
        try {
            delegatedUserService.update(userPatch);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
        }
        // 6. revert realm change -> succeed
        userPatch.setRealm(null);
        response = delegatedUserService.update(userPatch);
        assertEquals(Response.Status.OK.getStatusCode(), response.getStatus());
        user = response.readEntity(new GenericType<ProvisioningResult<UserTO>>() {
        }).getEntity();
        assertEquals("surname2", user.getPlainAttr("surname").get().getValues().get(0));
        // 7. as delegated, delete user
        delegatedUserService.delete(user.getKey());
        try {
            userService.read(user.getKey());
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.NotFound, e.getType());
        }
    } finally {
        if (roleKey != null) {
            roleService.delete(roleKey);
        }
        if (delegatedAdminKey != null) {
            userService.delete(delegatedAdminKey);
        }
    }
}
Also used : Response(javax.ws.rs.core.Response) StringReplacePatchItem(org.apache.syncope.common.lib.patch.StringReplacePatchItem) UserService(org.apache.syncope.common.rest.api.service.UserService) UserTO(org.apache.syncope.common.lib.to.UserTO) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) RoleTO(org.apache.syncope.common.lib.to.RoleTO) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) Test(org.junit.jupiter.api.Test)

Example 8 with UserService

use of org.apache.syncope.common.rest.api.service.UserService in project syncope by apache.

the class AuthenticationITCase method userRead.

@Test
public void userRead() {
    UserTO userTO = UserITCase.getUniqueSampleTO("testuserread@test.org");
    userTO.getRoles().add("User manager");
    userTO = createUser(userTO).getEntity();
    assertNotNull(userTO);
    UserService userService2 = clientFactory.create(userTO.getUsername(), "password123").getService(UserService.class);
    UserTO readUserTO = userService2.read("1417acbe-cbf6-4277-9372-e75e04f97000");
    assertNotNull(readUserTO);
    UserService userService3 = clientFactory.create("puccini", ADMIN_PWD).getService(UserService.class);
    try {
        userService3.read("b3cbc78d-32e6-4bd4-92e0-bbe07566a2ee");
        fail("This should not happen");
    } catch (SyncopeClientException e) {
        assertNotNull(e);
        assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
    }
}
Also used : UserService(org.apache.syncope.common.rest.api.service.UserService) UserTO(org.apache.syncope.common.lib.to.UserTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Test(org.junit.jupiter.api.Test)

Example 9 with UserService

use of org.apache.syncope.common.rest.api.service.UserService in project syncope by apache.

the class DynRealmITCase method delegatedAdmin.

@Test
public void delegatedAdmin() {
    DynRealmTO dynRealm = null;
    RoleTO role = null;
    try {
        // 1. create dynamic realm for all users and groups having resource-ldap assigned
        dynRealm = new DynRealmTO();
        dynRealm.setKey("LDAPLovers" + getUUIDString());
        dynRealm.getDynMembershipConds().put(AnyTypeKind.USER.name(), "$resources==resource-ldap");
        dynRealm.getDynMembershipConds().put(AnyTypeKind.GROUP.name(), "$resources==resource-ldap");
        Response response = dynRealmService.create(dynRealm);
        dynRealm = getObject(response.getLocation(), DynRealmService.class, DynRealmTO.class);
        assertNotNull(dynRealm);
        // 2. create role for such dynamic realm
        role = new RoleTO();
        role.setKey("Administer LDAP" + getUUIDString());
        role.getEntitlements().add(StandardEntitlement.USER_SEARCH);
        role.getEntitlements().add(StandardEntitlement.USER_READ);
        role.getEntitlements().add(StandardEntitlement.USER_UPDATE);
        role.getEntitlements().add(StandardEntitlement.GROUP_READ);
        role.getEntitlements().add(StandardEntitlement.GROUP_UPDATE);
        role.getDynRealms().add(dynRealm.getKey());
        role = createRole(role);
        assertNotNull(role);
        // 3. create new user and assign the new role
        UserTO dynRealmAdmin = UserITCase.getUniqueSampleTO("dynRealmAdmin@apache.org");
        dynRealmAdmin.setPassword("password123");
        dynRealmAdmin.getRoles().add(role.getKey());
        dynRealmAdmin = createUser(dynRealmAdmin).getEntity();
        assertNotNull(dynRealmAdmin);
        // 4. create new user and group, assign resource-ldap
        UserTO user = UserITCase.getUniqueSampleTO("dynRealmUser@apache.org");
        user.setRealm("/even/two");
        user.getResources().clear();
        user.getResources().add(RESOURCE_NAME_LDAP);
        user = createUser(user).getEntity();
        assertNotNull(user);
        final String userKey = user.getKey();
        GroupTO group = GroupITCase.getSampleTO("dynRealmGroup");
        group.setRealm("/odd");
        group.getResources().clear();
        group.getResources().add(RESOURCE_NAME_LDAP);
        group = createGroup(group).getEntity();
        assertNotNull(group);
        final String groupKey = group.getKey();
        if (ElasticsearchDetector.isElasticSearchEnabled(syncopeService)) {
            try {
                Thread.sleep(2000);
            } catch (InterruptedException ex) {
            // ignore
            }
        }
        // 5. verify that the new user and group are found when searching by dynamic realm
        PagedResult<UserTO> matchingUsers = userService.search(new AnyQuery.Builder().realm("/").fiql(SyncopeClient.getUserSearchConditionBuilder().inDynRealms(dynRealm.getKey()).query()).build());
        assertTrue(matchingUsers.getResult().stream().anyMatch(object -> object.getKey().equals(userKey)));
        PagedResult<GroupTO> matchingGroups = groupService.search(new AnyQuery.Builder().realm("/").fiql(SyncopeClient.getGroupSearchConditionBuilder().inDynRealms(dynRealm.getKey()).query()).build());
        assertTrue(matchingGroups.getResult().stream().anyMatch(object -> object.getKey().equals(groupKey)));
        // 6. prepare to act as delegated admin
        SyncopeClient delegatedClient = clientFactory.create(dynRealmAdmin.getUsername(), "password123");
        UserService delegatedUserService = delegatedClient.getService(UserService.class);
        GroupService delegatedGroupService = delegatedClient.getService(GroupService.class);
        // 7. verify delegated administration
        // USER_READ
        assertNotNull(delegatedUserService.read(userKey));
        // GROUP_READ
        assertNotNull(delegatedGroupService.read(groupKey));
        // USER_SEARCH
        matchingUsers = delegatedUserService.search(new AnyQuery.Builder().realm("/").build());
        assertTrue(matchingUsers.getResult().stream().anyMatch(object -> object.getKey().equals(userKey)));
        // USER_UPDATE
        UserPatch userPatch = new UserPatch();
        userPatch.setKey(userKey);
        userPatch.getResources().add(new StringPatchItem.Builder().value(RESOURCE_NAME_LDAP).operation(PatchOperation.DELETE).build());
        // this will fail because unassigning resource-ldap would result in removing the user from the dynamic realm
        try {
            delegatedUserService.update(userPatch);
            fail("This should not happen");
        } catch (SyncopeClientException e) {
            assertEquals(ClientExceptionType.DelegatedAdministration, e.getType());
        }
        // this will succeed instead
        userPatch.getResources().clear();
        userPatch.getResources().add(new StringPatchItem.Builder().value(RESOURCE_NAME_NOPROPAGATION).build());
        user = delegatedUserService.update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
        }).getEntity();
        assertNotNull(user);
        assertTrue(user.getResources().contains(RESOURCE_NAME_NOPROPAGATION));
        // GROUP_UPDATE
        GroupPatch groupPatch = new GroupPatch();
        groupPatch.setKey(groupKey);
        groupPatch.getPlainAttrs().add(new AttrPatch.Builder().attrTO(attrTO("icon", "modified")).build());
        group = delegatedGroupService.update(groupPatch).readEntity(new GenericType<ProvisioningResult<GroupTO>>() {
        }).getEntity();
        assertNotNull(group);
        assertEquals("modified", group.getPlainAttr("icon").get().getValues().get(0));
    } finally {
        if (role != null) {
            roleService.delete(role.getKey());
        }
        if (dynRealm != null) {
            dynRealmService.delete(dynRealm.getKey());
        }
    }
}
Also used : Assertions.fail(org.junit.jupiter.api.Assertions.fail) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) StringPatchItem(org.apache.syncope.common.lib.patch.StringPatchItem) StandardEntitlement(org.apache.syncope.common.lib.types.StandardEntitlement) DynRealmTO(org.apache.syncope.common.lib.to.DynRealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) ElasticsearchDetector(org.apache.syncope.fit.ElasticsearchDetector) UserService(org.apache.syncope.common.rest.api.service.UserService) GroupService(org.apache.syncope.common.rest.api.service.GroupService) Assertions.assertNotEquals(org.junit.jupiter.api.Assertions.assertNotEquals) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) DynRealmService(org.apache.syncope.common.rest.api.service.DynRealmService) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) GroupPatch(org.apache.syncope.common.lib.patch.GroupPatch) RoleTO(org.apache.syncope.common.lib.to.RoleTO) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) AbstractITCase(org.apache.syncope.fit.AbstractITCase) AnyQuery(org.apache.syncope.common.rest.api.beans.AnyQuery) PagedResult(org.apache.syncope.common.lib.to.PagedResult) GroupTO(org.apache.syncope.common.lib.to.GroupTO) GenericType(javax.ws.rs.core.GenericType) Test(org.junit.jupiter.api.Test) AttrPatch(org.apache.syncope.common.lib.patch.AttrPatch) Response(javax.ws.rs.core.Response) PatchOperation(org.apache.syncope.common.lib.types.PatchOperation) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserTO(org.apache.syncope.common.lib.to.UserTO) DynRealmService(org.apache.syncope.common.rest.api.service.DynRealmService) DynRealmTO(org.apache.syncope.common.lib.to.DynRealmTO) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) GroupPatch(org.apache.syncope.common.lib.patch.GroupPatch) UserService(org.apache.syncope.common.rest.api.service.UserService) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) RoleTO(org.apache.syncope.common.lib.to.RoleTO) GroupService(org.apache.syncope.common.rest.api.service.GroupService) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) AttrPatch(org.apache.syncope.common.lib.patch.AttrPatch) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Response(javax.ws.rs.core.Response) UserTO(org.apache.syncope.common.lib.to.UserTO) StringPatchItem(org.apache.syncope.common.lib.patch.StringPatchItem) Test(org.junit.jupiter.api.Test)

Example 10 with UserService

use of org.apache.syncope.common.rest.api.service.UserService in project syncope by apache.

the class UserITCase method async.

@Test
public void async() {
    SyncopeClient asyncClient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
    UserService asyncService = asyncClient.nullPriorityAsync(asyncClient.getService(UserService.class), true);
    UserTO user = getUniqueSampleTO("async@syncope.apache.org");
    user.getResources().add(RESOURCE_NAME_TESTDB);
    user.getResources().add(RESOURCE_NAME_TESTDB2);
    user.getResources().add(RESOURCE_NAME_LDAP);
    ProvisioningResult<UserTO> result = asyncService.create(user, true).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    });
    assertNotNull(result);
    verifyAsyncResult(result.getPropagationStatuses());
    UserPatch userPatch = new UserPatch();
    userPatch.setKey(result.getEntity().getKey());
    userPatch.setPassword(new PasswordPatch.Builder().onSyncope(true).resources(RESOURCE_NAME_LDAP, RESOURCE_NAME_TESTDB, RESOURCE_NAME_TESTDB2).value("password321").build());
    result = asyncService.update(userPatch).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    });
    assertNotNull(result);
    verifyAsyncResult(result.getPropagationStatuses());
    result = asyncService.delete(result.getEntity().getKey()).readEntity(new GenericType<ProvisioningResult<UserTO>>() {
    });
    assertNotNull(result);
    verifyAsyncResult(result.getPropagationStatuses());
}
Also used : GenericType(javax.ws.rs.core.GenericType) PasswordPatch(org.apache.syncope.common.lib.patch.PasswordPatch) UserService(org.apache.syncope.common.rest.api.service.UserService) UserTO(org.apache.syncope.common.lib.to.UserTO) ProvisioningResult(org.apache.syncope.common.lib.to.ProvisioningResult) SyncopeClient(org.apache.syncope.client.lib.SyncopeClient) UserPatch(org.apache.syncope.common.lib.patch.UserPatch) Test(org.junit.jupiter.api.Test)

Aggregations

UserTO (org.apache.syncope.common.lib.to.UserTO)11 UserService (org.apache.syncope.common.rest.api.service.UserService)11 Test (org.junit.jupiter.api.Test)8 ProvisioningResult (org.apache.syncope.common.lib.to.ProvisioningResult)7 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)5 UserPatch (org.apache.syncope.common.lib.patch.UserPatch)5 GenericType (javax.ws.rs.core.GenericType)4 SyncopeClient (org.apache.syncope.client.lib.SyncopeClient)4 Response (javax.ws.rs.core.Response)3 StatusPatch (org.apache.syncope.common.lib.patch.StatusPatch)3 StringReplacePatchItem (org.apache.syncope.common.lib.patch.StringReplacePatchItem)3 BulkActionResult (org.apache.syncope.common.lib.to.BulkActionResult)3 PagedResult (org.apache.syncope.common.lib.to.PagedResult)3 RoleTO (org.apache.syncope.common.lib.to.RoleTO)3 AnyQuery (org.apache.syncope.common.rest.api.beans.AnyQuery)3 AccessControlException (java.security.AccessControlException)2 Map (java.util.Map)2 ForbiddenException (javax.ws.rs.ForbiddenException)2 PasswordPatch (org.apache.syncope.common.lib.patch.PasswordPatch)2 StringPatchItem (org.apache.syncope.common.lib.patch.StringPatchItem)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial