Examples with AttributeCond org.apache.syncope.core.persistence.api.dao.search.AttributeCond used on opensource projects

Example 1 with AttributeCond

use of org.apache.syncope.core.persistence.api.dao.search.AttributeCond in project syncope by apache.

the class AuthDataAccessor method authenticate.

/**
 * Attempts to authenticate the given credentials against internal storage and pass-through resources (if
 * configured): the first succeeding causes global success.
 *
 * @param authentication given credentials
 * @return {@code null} if no matching user was found, authentication result otherwise
 */
@Transactional(noRollbackFor = DisabledException.class)
public Pair<User, Boolean> authenticate(final Authentication authentication) {
    User user = null;
    Optional<? extends CPlainAttr> authAttrs = confDAO.find("authentication.attributes");
    List<String> authAttrValues = authAttrs.isPresent() ? authAttrs.get().getValuesAsStrings() : Collections.singletonList("username");
    for (int i = 0; user == null && i < authAttrValues.size(); i++) {
        if ("username".equals(authAttrValues.get(i))) {
            user = userDAO.findByUsername(authentication.getName());
        } else {
            AttributeCond attrCond = new AttributeCond(AttributeCond.Type.EQ);
            attrCond.setSchema(authAttrValues.get(i));
            attrCond.setExpression(authentication.getName());
            List<User> users = searchDAO.search(SearchCond.getLeafCond(attrCond), AnyTypeKind.USER);
            if (users.size() == 1) {
                user = users.get(0);
            } else {
                LOG.warn("Value {} provided for {} does not uniquely identify a user", authentication.getName(), authAttrValues.get(i));
            }
        }
    }
    Boolean authenticated = null;
    if (user != null) {
        authenticated = false;
        if (user.isSuspended() != null && user.isSuspended()) {
            throw new DisabledException("User " + user.getUsername() + " is suspended");
        }
        Optional<? extends CPlainAttr> authStatuses = confDAO.find("authentication.statuses");
        if (authStatuses.isPresent() && !authStatuses.get().getValuesAsStrings().contains(user.getStatus())) {
            throw new DisabledException("User " + user.getUsername() + " not allowed to authenticate");
        }
        boolean userModified = false;
        authenticated = AuthDataAccessor.this.authenticate(user, authentication.getCredentials().toString());
        if (authenticated) {
            if (confDAO.find("log.lastlogindate", true)) {
                user.setLastLoginDate(new Date());
                userModified = true;
            }
            if (user.getFailedLogins() != 0) {
                user.setFailedLogins(0);
                userModified = true;
            }
        } else {
            user.setFailedLogins(user.getFailedLogins() + 1);
            userModified = true;
        }
        if (userModified) {
            userDAO.save(user);
        }
    }
    return ImmutablePair.of(user, authenticated);
}

Example 2 with AttributeCond

use of org.apache.syncope.core.persistence.api.dao.search.AttributeCond in project syncope by apache.

the class DefaultPullCorrelationRule method getSearchCond.

@Override
public SearchCond getSearchCond(final ConnectorObject connObj, final Provision provision) {
    Map<String, Item> mappingItems = provision.getMapping().getItems().stream().collect(Collectors.toMap(Item::getIntAttrName, Function.identity()));
    // search for anys by attribute(s) specified in the policy
    SearchCond searchCond = null;
    for (String schema : conf.getSchemas()) {
        Item mappingItem = mappingItems.get(schema);
        Attribute attr = mappingItem == null ? null : connObj.getAttributeByName(mappingItem.getExtAttrName());
        if (attr == null) {
            throw new IllegalArgumentException("Connector object does not contains the attributes to perform the search: " + schema);
        }
        AttributeCond.Type type;
        String expression = null;
        if (attr.getValue() == null || attr.getValue().isEmpty() || (attr.getValue().size() == 1 && attr.getValue().get(0) == null)) {
            type = AttributeCond.Type.ISNULL;
        } else {
            type = AttributeCond.Type.EQ;
            expression = attr.getValue().size() > 1 ? attr.getValue().toString() : attr.getValue().get(0).toString();
        }
        SearchCond nodeCond;
        // any objects: just key or name can be selected
        if ("key".equalsIgnoreCase(schema) || "username".equalsIgnoreCase(schema) || "name".equalsIgnoreCase(schema)) {
            AnyCond cond = new AnyCond();
            cond.setSchema(schema);
            cond.setType(type);
            cond.setExpression(expression);
            nodeCond = SearchCond.getLeafCond(cond);
        } else {
            AttributeCond cond = new AttributeCond();
            cond.setSchema(schema);
            cond.setType(type);
            cond.setExpression(expression);
            nodeCond = SearchCond.getLeafCond(cond);
        }
        searchCond = searchCond == null ? nodeCond : SearchCond.getAndCond(searchCond, nodeCond);
    }
    return searchCond;
}

Example 3 with AttributeCond

use of org.apache.syncope.core.persistence.api.dao.search.AttributeCond in project syncope by apache.

the class SearchCondConverterTest method ilike.

@Test
public void ilike() {
    String fiql = new UserFiqlSearchConditionBuilder().is("username").equalToIgnoreCase("ros*").query();
    assertEquals("username=~ros*", fiql);
    AttributeCond attrCond = new AnyCond(AttributeCond.Type.ILIKE);
    attrCond.setSchema("username");
    attrCond.setExpression("ros%");
    SearchCond simpleCond = SearchCond.getLeafCond(attrCond);
    assertEquals(simpleCond, SearchCondConverter.convert(fiql));
}

Example 4 with AttributeCond

use of org.apache.syncope.core.persistence.api.dao.search.AttributeCond in project syncope by apache.

the class SearchCondConverterTest method like.

@Test
public void like() {
    String fiql = new UserFiqlSearchConditionBuilder().is("username").equalTo("ros*").query();
    assertEquals("username==ros*", fiql);
    AttributeCond attrCond = new AnyCond(AttributeCond.Type.LIKE);
    attrCond.setSchema("username");
    attrCond.setExpression("ros%");
    SearchCond simpleCond = SearchCond.getLeafCond(attrCond);
    assertEquals(simpleCond, SearchCondConverter.convert(fiql));
}

Example 5 with AttributeCond

use of org.apache.syncope.core.persistence.api.dao.search.AttributeCond in project syncope by apache.

the class SearchCondConverterTest method isNotNull.

@Test
public void isNotNull() {
    String fiql = new UserFiqlSearchConditionBuilder().is("loginDate").notNullValue().query();
    assertEquals("loginDate!=" + SpecialAttr.NULL, fiql);
    AttributeCond attrCond = new AttributeCond(AttributeCond.Type.ISNOTNULL);
    attrCond.setSchema("loginDate");
    SearchCond simpleCond = SearchCond.getLeafCond(attrCond);
    assertEquals(simpleCond, SearchCondConverter.convert(fiql));
}