Example 6 with MembershipCond
use of org.apache.syncope.core.persistence.api.dao.search.MembershipCond in project syncope by apache.
the class SCIMDataBinder method toSCIMGroup.
public SCIMGroup toSCIMGroup(final GroupTO groupTO, final String location, final List<String> attributes, final List<String> excludedAttributes) {
SCIMGroup group = new SCIMGroup(groupTO.getKey(), new Meta(Resource.Group, groupTO.getCreationDate(), groupTO.getLastChangeDate() == null ? groupTO.getCreationDate() : groupTO.getLastChangeDate(), groupTO.getETagValue(), location), output(attributes, excludedAttributes, "displayName", groupTO.getName()));
MembershipCond membCond = new MembershipCond();
membCond.setGroup(groupTO.getKey());
SearchCond searchCond = SearchCond.getLeafCond(membCond);
if (output(attributes, excludedAttributes, "members")) {
int count = userLogic.search(searchCond, 1, 1, Collections.<OrderByClause>emptyList(), SyncopeConstants.ROOT_REALM, false).getLeft();
for (int page = 1; page <= (count / AnyDAO.DEFAULT_PAGE_SIZE) + 1; page++) {
List<UserTO> users = userLogic.search(searchCond, page, AnyDAO.DEFAULT_PAGE_SIZE, Collections.<OrderByClause>emptyList(), SyncopeConstants.ROOT_REALM, false).getRight();
users.forEach(userTO -> {
group.getMembers().add(new Member(userTO.getKey(), StringUtils.substringBefore(location, "/Groups") + "/Users/" + userTO.getKey(), userTO.getUsername()));
});
}
}
return group;
}
Also used :
Meta(org.apache.syncope.ext.scimv2.api.data.Meta)
SCIMGroup(org.apache.syncope.ext.scimv2.api.data.SCIMGroup)
OrderByClause(org.apache.syncope.core.persistence.api.dao.search.OrderByClause)
UserTO(org.apache.syncope.common.lib.to.UserTO)
MembershipCond(org.apache.syncope.core.persistence.api.dao.search.MembershipCond)
SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond)
Member(org.apache.syncope.ext.scimv2.api.data.Member)
Example 7 with MembershipCond
use of org.apache.syncope.core.persistence.api.dao.search.MembershipCond in project syncope by apache.
the class GroupMemberProvisionTaskJobDelegate method doExecute.
@Override
protected String doExecute(final boolean dryRun) throws JobExecutionException {
Group group = groupDAO.authFind(groupKey);
StringBuilder result = new StringBuilder("Group ").append(group.getName()).append(" members ");
if (actionType == BulkMembersActionType.DEPROVISION) {
result.append("de");
}
result.append("provision\n\n");
status.set(result.toString());
MembershipCond membershipCond = new MembershipCond();
membershipCond.setGroup(groupKey);
List<User> users = searchDAO.search(SearchCond.getLeafCond(membershipCond), AnyTypeKind.USER);
Collection<String> groupResourceKeys = groupDAO.findAllResourceKeys(groupKey);
status.set("About to " + (actionType == BulkMembersActionType.DEPROVISION ? "de" : "") + "provision " + users.size() + " users from " + groupResourceKeys);
for (int i = 0; i < users.size() && !interrupt; i++) {
List<PropagationStatus> statuses = actionType == BulkMembersActionType.DEPROVISION ? userProvisioningManager.deprovision(users.get(i).getKey(), groupResourceKeys, false) : userProvisioningManager.provision(users.get(i).getKey(), true, null, groupResourceKeys, false);
for (PropagationStatus propagationStatus : statuses) {
result.append("User ").append(users.get(i).getKey()).append('\t').append("Resource ").append(propagationStatus.getResource()).append('\t').append(propagationStatus.getStatus());
if (StringUtils.isNotBlank(propagationStatus.getFailureReason())) {
result.append('\n').append(propagationStatus.getFailureReason()).append('\n');
}
result.append("\n");
}
result.append("\n");
}
if (interrupt) {
LOG.debug("Group assignment interrupted");
interrupted = true;
return result.append("\n*** Group assignment interrupted ***\n").toString();
}
membershipCond = new MembershipCond();
membershipCond.setGroup(groupKey);
List<AnyObject> anyObjects = searchDAO.search(SearchCond.getLeafCond(membershipCond), AnyTypeKind.ANY_OBJECT);
status.set("About to " + (actionType == BulkMembersActionType.DEPROVISION ? "de" : "") + "provision " + anyObjects.size() + " any objects from " + groupResourceKeys);
for (int i = 0; i < anyObjects.size() && !interrupt; i++) {
List<PropagationStatus> statuses = actionType == BulkMembersActionType.DEPROVISION ? anyObjectProvisioningManager.deprovision(anyObjects.get(i).getKey(), groupResourceKeys, false) : anyObjectProvisioningManager.provision(anyObjects.get(i).getKey(), groupResourceKeys, false);
for (PropagationStatus propagationStatus : statuses) {
result.append(anyObjects.get(i).getType().getKey()).append(' ').append(anyObjects.get(i).getKey()).append('\t').append("Resource ").append(propagationStatus.getResource()).append('\t').append(propagationStatus.getStatus());
if (StringUtils.isNotBlank(propagationStatus.getFailureReason())) {
result.append('\n').append(propagationStatus.getFailureReason()).append('\n');
}
result.append("\n");
}
result.append("\n");
}
if (interrupt) {
LOG.debug("Group assignment interrupted");
interrupted = true;
result.append("\n*** Group assignment interrupted ***\n");
}
return result.toString();
}
Also used :
Group(org.apache.syncope.core.persistence.api.entity.group.Group)
AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)
User(org.apache.syncope.core.persistence.api.entity.user.User)
MembershipCond(org.apache.syncope.core.persistence.api.dao.search.MembershipCond)
PropagationStatus(org.apache.syncope.common.lib.to.PropagationStatus)
Example 8 with MembershipCond
use of org.apache.syncope.core.persistence.api.dao.search.MembershipCond in project syncope by apache.
the class SearchCondVisitor method visitPrimitive.
@SuppressWarnings("ConvertToStringSwitch")
private SearchCond visitPrimitive(final SearchCondition<SearchBean> sc) {
String name = getRealPropertyName(sc.getStatement().getProperty());
Optional<SpecialAttr> specialAttrName = SpecialAttr.fromString(name);
String value = null;
try {
value = SearchUtils.toSqlWildcardString(URLDecoder.decode(sc.getStatement().getValue().toString(), StandardCharsets.UTF_8.name()), false).replaceAll("\\\\_", "_");
} catch (UnsupportedEncodingException e) {
throw new IllegalArgumentException("While decoding " + sc.getStatement().getValue(), e);
}
Optional<SpecialAttr> specialAttrValue = SpecialAttr.fromString(value);
AttributeCond attributeCond = createAttributeCond(name);
attributeCond.setExpression(value);
ConditionType ct = sc.getConditionType();
if (sc instanceof SyncopeFiqlSearchCondition && sc.getConditionType() == ConditionType.CUSTOM) {
SyncopeFiqlSearchCondition<SearchBean> sfsc = (SyncopeFiqlSearchCondition<SearchBean>) sc;
if (SyncopeFiqlParser.IEQ.equals(sfsc.getOperator())) {
ct = ConditionType.EQUALS;
} else if (SyncopeFiqlParser.NIEQ.equals(sfsc.getOperator())) {
ct = ConditionType.NOT_EQUALS;
} else {
throw new IllegalArgumentException(String.format("Condition type %s is not supported", sfsc.getOperator()));
}
}
SearchCond leaf;
switch(ct) {
case EQUALS:
case NOT_EQUALS:
if (!specialAttrName.isPresent()) {
if (specialAttrValue.isPresent() && specialAttrValue.get() == SpecialAttr.NULL) {
attributeCond.setType(AttributeCond.Type.ISNULL);
attributeCond.setExpression(null);
} else if (value.indexOf('%') == -1) {
attributeCond.setType(sc.getConditionType() == ConditionType.CUSTOM ? AttributeCond.Type.IEQ : AttributeCond.Type.EQ);
} else {
attributeCond.setType(sc.getConditionType() == ConditionType.CUSTOM ? AttributeCond.Type.ILIKE : AttributeCond.Type.LIKE);
}
leaf = SearchCond.getLeafCond(attributeCond);
} else {
switch(specialAttrName.get()) {
case TYPE:
AnyTypeCond typeCond = new AnyTypeCond();
typeCond.setAnyTypeKey(value);
leaf = SearchCond.getLeafCond(typeCond);
break;
case RESOURCES:
ResourceCond resourceCond = new ResourceCond();
resourceCond.setResourceKey(value);
leaf = SearchCond.getLeafCond(resourceCond);
break;
case GROUPS:
MembershipCond groupCond = new MembershipCond();
groupCond.setGroup(value);
leaf = SearchCond.getLeafCond(groupCond);
break;
case RELATIONSHIPS:
RelationshipCond relationshipCond = new RelationshipCond();
relationshipCond.setAnyObject(value);
leaf = SearchCond.getLeafCond(relationshipCond);
break;
case RELATIONSHIP_TYPES:
RelationshipTypeCond relationshipTypeCond = new RelationshipTypeCond();
relationshipTypeCond.setRelationshipTypeKey(value);
leaf = SearchCond.getLeafCond(relationshipTypeCond);
break;
case ROLES:
RoleCond roleCond = new RoleCond();
roleCond.setRole(value);
leaf = SearchCond.getLeafCond(roleCond);
break;
case PRIVILEGES:
PrivilegeCond privilegeCond = new PrivilegeCond();
privilegeCond.setPrivilege(value);
leaf = SearchCond.getLeafCond(privilegeCond);
break;
case DYNREALMS:
DynRealmCond dynRealmCond = new DynRealmCond();
dynRealmCond.setDynRealm(value);
leaf = SearchCond.getLeafCond(dynRealmCond);
break;
case ASSIGNABLE:
AssignableCond assignableCond = new AssignableCond();
assignableCond.setRealmFullPath(realm);
leaf = SearchCond.getLeafCond(assignableCond);
break;
case MEMBER:
MemberCond memberCond = new MemberCond();
memberCond.setMember(value);
leaf = SearchCond.getLeafCond(memberCond);
break;
default:
throw new IllegalArgumentException(String.format("Special attr name %s is not supported", specialAttrName));
}
}
if (ct == ConditionType.NOT_EQUALS) {
if (leaf.getAttributeCond() != null && leaf.getAttributeCond().getType() == AttributeCond.Type.ISNULL) {
leaf.getAttributeCond().setType(AttributeCond.Type.ISNOTNULL);
} else if (leaf.getAnyCond() != null && leaf.getAnyCond().getType() == AnyCond.Type.ISNULL) {
leaf.getAnyCond().setType(AttributeCond.Type.ISNOTNULL);
} else {
leaf = SearchCond.getNotLeafCond(leaf);
}
}
break;
case GREATER_OR_EQUALS:
attributeCond.setType(AttributeCond.Type.GE);
leaf = SearchCond.getLeafCond(attributeCond);
break;
case GREATER_THAN:
attributeCond.setType(AttributeCond.Type.GT);
leaf = SearchCond.getLeafCond(attributeCond);
break;
case LESS_OR_EQUALS:
attributeCond.setType(AttributeCond.Type.LE);
leaf = SearchCond.getLeafCond(attributeCond);
break;
case LESS_THAN:
attributeCond.setType(AttributeCond.Type.LT);
leaf = SearchCond.getLeafCond(attributeCond);
break;
default:
throw new IllegalArgumentException(String.format("Condition type %s is not supported", ct.name()));
}
return leaf;
}
Also used :
AssignableCond(org.apache.syncope.core.persistence.api.dao.search.AssignableCond)
MemberCond(org.apache.syncope.core.persistence.api.dao.search.MemberCond)
AttributeCond(org.apache.syncope.core.persistence.api.dao.search.AttributeCond)
SearchBean(org.apache.cxf.jaxrs.ext.search.SearchBean)
MembershipCond(org.apache.syncope.core.persistence.api.dao.search.MembershipCond)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
RelationshipCond(org.apache.syncope.core.persistence.api.dao.search.RelationshipCond)
ResourceCond(org.apache.syncope.core.persistence.api.dao.search.ResourceCond)
SpecialAttr(org.apache.syncope.common.lib.search.SpecialAttr)
SyncopeFiqlSearchCondition(org.apache.syncope.common.lib.search.SyncopeFiqlSearchCondition)
AnyTypeCond(org.apache.syncope.core.persistence.api.dao.search.AnyTypeCond)
RoleCond(org.apache.syncope.core.persistence.api.dao.search.RoleCond)
DynRealmCond(org.apache.syncope.core.persistence.api.dao.search.DynRealmCond)
RelationshipTypeCond(org.apache.syncope.core.persistence.api.dao.search.RelationshipTypeCond)
ConditionType(org.apache.cxf.jaxrs.ext.search.ConditionType)
SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond)
PrivilegeCond(org.apache.syncope.core.persistence.api.dao.search.PrivilegeCond)
Example 9 with MembershipCond
use of org.apache.syncope.core.persistence.api.dao.search.MembershipCond in project syncope by apache.
the class SearchCondConverterTest method groups.
@Test
public void groups() {
String fiql = new UserFiqlSearchConditionBuilder().inGroups("e7ff94e8-19c9-4f0a-b8b7-28327edbf6ed").query();
assertEquals(SpecialAttr.GROUPS + "==e7ff94e8-19c9-4f0a-b8b7-28327edbf6ed", fiql);
MembershipCond groupCond = new MembershipCond();
groupCond.setGroup("e7ff94e8-19c9-4f0a-b8b7-28327edbf6ed");
SearchCond simpleCond = SearchCond.getLeafCond(groupCond);
assertEquals(simpleCond, SearchCondConverter.convert(fiql));
}
Also used :
MembershipCond(org.apache.syncope.core.persistence.api.dao.search.MembershipCond)
UserFiqlSearchConditionBuilder(org.apache.syncope.common.lib.search.UserFiqlSearchConditionBuilder)
SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond)
Test(org.junit.jupiter.api.Test)
Example 10 with MembershipCond
use of org.apache.syncope.core.persistence.api.dao.search.MembershipCond in project syncope by apache.
the class AnySearchTest method userMatch.
@Test
public void userMatch() {
User user = userDAO.find("1417acbe-cbf6-4277-9372-e75e04f97000");
assertNotNull(user);
MembershipCond groupCond = new MembershipCond();
groupCond.setGroup("secretary");
assertFalse(searchDAO.matches(user, SearchCond.getLeafCond(groupCond)));
groupCond.setGroup("root");
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(groupCond)));
RoleCond roleCond = new RoleCond();
roleCond.setRole("Other");
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(roleCond)));
PrivilegeCond privilegeCond = new PrivilegeCond();
privilegeCond.setPrivilege("postMighty");
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(privilegeCond)));
user = userDAO.find("c9b2dec2-00a7-4855-97c0-d854842b4b24");
assertNotNull(user);
RelationshipCond relationshipCond = new RelationshipCond();
relationshipCond.setAnyObject("fc6dbc3a-6c07-4965-8781-921e7401a4a5");
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(relationshipCond)));
RelationshipTypeCond relationshipTypeCond = new RelationshipTypeCond();
relationshipTypeCond.setRelationshipTypeKey("neighborhood");
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(relationshipTypeCond)));
}
Also used :
User(org.apache.syncope.core.persistence.api.entity.user.User)
RoleCond(org.apache.syncope.core.persistence.api.dao.search.RoleCond)
MembershipCond(org.apache.syncope.core.persistence.api.dao.search.MembershipCond)
RelationshipCond(org.apache.syncope.core.persistence.api.dao.search.RelationshipCond)
RelationshipTypeCond(org.apache.syncope.core.persistence.api.dao.search.RelationshipTypeCond)
PrivilegeCond(org.apache.syncope.core.persistence.api.dao.search.PrivilegeCond)
Test(org.junit.jupiter.api.Test)
AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest)
Aggregations
MembershipCond (org.apache.syncope.core.persistence.api.dao.search.MembershipCond)11
SearchCond (org.apache.syncope.core.persistence.api.dao.search.SearchCond)8
Test (org.junit.jupiter.api.Test)7
User (org.apache.syncope.core.persistence.api.entity.user.User)6
AbstractTest (org.apache.syncope.core.persistence.jpa.AbstractTest)6
AttributeCond (org.apache.syncope.core.persistence.api.dao.search.AttributeCond)4
OrderByClause (org.apache.syncope.core.persistence.api.dao.search.OrderByClause)3
AnyTypeCond (org.apache.syncope.core.persistence.api.dao.search.AnyTypeCond)2
PrivilegeCond (org.apache.syncope.core.persistence.api.dao.search.PrivilegeCond)2
RelationshipCond (org.apache.syncope.core.persistence.api.dao.search.RelationshipCond)2
RelationshipTypeCond (org.apache.syncope.core.persistence.api.dao.search.RelationshipTypeCond)2
RoleCond (org.apache.syncope.core.persistence.api.dao.search.RoleCond)2
Member (org.apache.syncope.ext.scimv2.api.data.Member)2
SCIMGroup (org.apache.syncope.ext.scimv2.api.data.SCIMGroup)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)1
Arrays (java.util.Arrays)1
Collections (java.util.Collections)1
HashSet (java.util.HashSet)1
Set (java.util.Set)1
Collectors (java.util.stream.Collectors)1
