Example 6 with AnyType
use of org.apache.syncope.core.persistence.api.entity.AnyType in project syncope by apache.
the class DynRealmDataBinderImpl method update.
@Override
public DynRealm update(final DynRealm toBeUpdated, final DynRealmTO dynRealmTO) {
toBeUpdated.setKey(dynRealmTO.getKey());
DynRealm dynRealm = dynRealmDAO.save(toBeUpdated);
for (Iterator<? extends DynRealmMembership> itor = dynRealm.getDynMemberships().iterator(); itor.hasNext(); ) {
DynRealmMembership memb = itor.next();
memb.setDynRealm(null);
itor.remove();
}
dynRealmDAO.clearDynMembers(dynRealm);
dynRealmTO.getDynMembershipConds().forEach((type, fiql) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.warn("Ignoring invalid {}: {}", AnyType.class.getSimpleName(), type);
} else {
setDynMembership(dynRealm, anyType, fiql);
}
});
return dynRealmDAO.save(dynRealm);
}
Also used :
DynRealmMembership(org.apache.syncope.core.persistence.api.entity.DynRealmMembership)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
DynRealm(org.apache.syncope.core.persistence.api.entity.DynRealm)
Example 7 with AnyType
use of org.apache.syncope.core.persistence.api.entity.AnyType in project syncope by apache.
the class PolicyDataBinderImpl method getPolicy.
@SuppressWarnings("unchecked")
private <T extends Policy> T getPolicy(final T policy, final PolicyTO policyTO) {
T result = policy;
if (policyTO instanceof PasswordPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PasswordPolicy.class);
}
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(result);
PasswordPolicyTO passwordPolicyTO = PasswordPolicyTO.class.cast(policyTO);
passwordPolicy.setAllowNullPassword(passwordPolicyTO.isAllowNullPassword());
passwordPolicy.setHistoryLength(passwordPolicyTO.getHistoryLength());
passwordPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
passwordPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
passwordPolicy.getRules().removeIf(implementation -> !passwordPolicyTO.getRules().contains(implementation.getKey()));
} else if (policyTO instanceof AccountPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(AccountPolicy.class);
}
AccountPolicy accountPolicy = AccountPolicy.class.cast(result);
AccountPolicyTO accountPolicyTO = AccountPolicyTO.class.cast(policyTO);
accountPolicy.setMaxAuthenticationAttempts(accountPolicyTO.getMaxAuthenticationAttempts());
accountPolicy.setPropagateSuspension(accountPolicyTO.isPropagateSuspension());
accountPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
accountPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
accountPolicy.getRules().removeIf(implementation -> !accountPolicyTO.getRules().contains(implementation.getKey()));
accountPolicy.getResources().clear();
accountPolicyTO.getPassthroughResources().forEach(resourceName -> {
ExternalResource resource = resourceDAO.find(resourceName);
if (resource == null) {
LOG.debug("Ignoring invalid resource {} ", resourceName);
} else {
accountPolicy.add(resource);
}
});
} else if (policyTO instanceof PullPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PullPolicy.class);
}
PullPolicy pullPolicy = PullPolicy.class.cast(result);
PullPolicyTO pullPolicyTO = PullPolicyTO.class.cast(policyTO);
pullPolicy.setConflictResolutionAction(pullPolicyTO.getConflictResolutionAction());
pullPolicyTO.getCorrelationRules().forEach((type, impl) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.debug("Invalid AnyType {} specified, ignoring...", type);
} else {
CorrelationRule correlationRule = pullPolicy.getCorrelationRule(anyType).orElse(null);
if (correlationRule == null) {
correlationRule = entityFactory.newEntity(CorrelationRule.class);
correlationRule.setAnyType(anyType);
correlationRule.setPullPolicy(pullPolicy);
pullPolicy.add(correlationRule);
}
Implementation rule = implementationDAO.find(impl);
if (rule == null) {
throw new NotFoundException("Implementation " + type);
}
correlationRule.setImplementation(rule);
}
});
// remove all rules not contained in the TO
pullPolicy.getCorrelationRules().removeIf(anyFilter -> !pullPolicyTO.getCorrelationRules().containsKey(anyFilter.getAnyType().getKey()));
}
if (result != null) {
result.setDescription(policyTO.getDescription());
}
return result;
}
Also used :
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
LoggerFactory(org.slf4j.LoggerFactory)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
PolicyDataBinder(org.apache.syncope.core.provisioning.api.data.PolicyDataBinder)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO)
ImplementationDAO(org.apache.syncope.core.persistence.api.dao.ImplementationDAO)
PolicyTO(org.apache.syncope.common.lib.policy.PolicyTO)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Logger(org.slf4j.Logger)
Policy(org.apache.syncope.core.persistence.api.entity.policy.Policy)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
Collectors(java.util.stream.Collectors)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
EntityFactory(org.apache.syncope.core.persistence.api.entity.EntityFactory)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
Component(org.springframework.stereotype.Component)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
ExternalResourceDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
CorrelationRule(org.apache.syncope.core.persistence.api.entity.policy.CorrelationRule)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Example 8 with AnyType
use of org.apache.syncope.core.persistence.api.entity.AnyType in project syncope by apache.
the class RealmDataBinderImpl method setTemplates.
private void setTemplates(final RealmTO realmTO, final Realm realm) {
// validate JEXL expressions from templates and proceed if fine
templateUtils.check(realmTO.getTemplates(), ClientExceptionType.InvalidRealm);
realmTO.getTemplates().forEach((key, template) -> {
AnyType type = anyTypeDAO.find(key);
if (type == null) {
LOG.debug("Invalid AnyType {} specified, ignoring...", key);
} else {
AnyTemplateRealm anyTemplate = realm.getTemplate(type).orElse(null);
if (anyTemplate == null) {
anyTemplate = entityFactory.newEntity(AnyTemplateRealm.class);
anyTemplate.setAnyType(type);
anyTemplate.setRealm(realm);
realm.add(anyTemplate);
}
anyTemplate.set(template);
}
});
// remove all templates not contained in the TO
realm.getTemplates().removeIf(template -> !realmTO.getTemplates().containsKey(template.getAnyType().getKey()));
}
Also used :
AnyTemplateRealm(org.apache.syncope.core.persistence.api.entity.AnyTemplateRealm)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Example 9 with AnyType
use of org.apache.syncope.core.persistence.api.entity.AnyType in project syncope by apache.
the class ResourceLogic method listConnObjects.
@PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_LIST_CONNOBJECT + "')")
@Transactional(readOnly = true)
public Pair<SearchResult, List<ConnObjectTO>> listConnObjects(final String key, final String anyTypeKey, final int size, final String pagedResultsCookie, final List<OrderByClause> orderBy) {
ExternalResource resource;
ObjectClass objectClass;
OperationOptions options;
if (SyncopeConstants.REALM_ANYTYPE.equals(anyTypeKey)) {
resource = resourceDAO.authFind(key);
if (resource == null) {
throw new NotFoundException("Resource '" + key + "'");
}
if (resource.getOrgUnit() == null) {
throw new NotFoundException("Realm provisioning for resource '" + key + "'");
}
objectClass = resource.getOrgUnit().getObjectClass();
options = MappingUtils.buildOperationOptions(MappingUtils.getPropagationItems(resource.getOrgUnit().getItems()).iterator());
} else {
Triple<ExternalResource, AnyType, Provision> init = connObjectInit(key, anyTypeKey);
resource = init.getLeft();
objectClass = init.getRight().getObjectClass();
init.getRight().getMapping().getItems();
Set<MappingItem> linkinMappingItems = virSchemaDAO.findByProvision(init.getRight()).stream().map(virSchema -> virSchema.asLinkingMappingItem()).collect(Collectors.toSet());
Iterator<MappingItem> mapItems = new IteratorChain<>(init.getRight().getMapping().getItems().iterator(), linkinMappingItems.iterator());
options = MappingUtils.buildOperationOptions(mapItems);
}
final List<ConnObjectTO> connObjects = new ArrayList<>();
SearchResult searchResult = connFactory.getConnector(resource).search(objectClass, null, new ResultsHandler() {
private int count;
@Override
public boolean handle(final ConnectorObject connectorObject) {
connObjects.add(ConnObjectUtils.getConnObjectTO(connectorObject));
// safety protection against uncontrolled result size
count++;
return count < size;
}
}, size, pagedResultsCookie, orderBy, options);
return ImmutablePair.of(searchResult, connObjects);
}
Also used :
OperationOptions(org.identityconnectors.framework.common.objects.OperationOptions)
Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
Autowired(org.springframework.beans.factory.annotation.Autowired)
ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO)
StringUtils(org.apache.commons.lang3.StringUtils)
AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind)
Attribute(org.identityconnectors.framework.common.objects.Attribute)
GroupDAO(org.apache.syncope.core.persistence.api.dao.GroupDAO)
Pair(org.apache.commons.lang3.tuple.Pair)
AnyObjectDAO(org.apache.syncope.core.persistence.api.dao.AnyObjectDAO)
ConnObjectUtils(org.apache.syncope.core.provisioning.java.utils.ConnObjectUtils)
OperationOptions(org.identityconnectors.framework.common.objects.OperationOptions)
AuthContextUtils(org.apache.syncope.core.spring.security.AuthContextUtils)
Method(java.lang.reflect.Method)
Triple(org.apache.commons.lang3.tuple.Triple)
ResultsHandler(org.identityconnectors.framework.common.objects.ResultsHandler)
UserDAO(org.apache.syncope.core.persistence.api.dao.UserDAO)
Set(java.util.Set)
ConnInstanceDAO(org.apache.syncope.core.persistence.api.dao.ConnInstanceDAO)
ResourceDataBinder(org.apache.syncope.core.provisioning.api.data.ResourceDataBinder)
Collectors(java.util.stream.Collectors)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
MappingItem(org.apache.syncope.core.persistence.api.entity.resource.MappingItem)
AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)
Connector(org.apache.syncope.core.provisioning.api.Connector)
ConnectorObject(org.identityconnectors.framework.common.objects.ConnectorObject)
List(java.util.List)
Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision)
AttributeUtil(org.identityconnectors.framework.common.objects.AttributeUtil)
AttributeBuilder(org.identityconnectors.framework.common.objects.AttributeBuilder)
ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass)
ConnectorFactory(org.apache.syncope.core.provisioning.api.ConnectorFactory)
Optional(java.util.Optional)
ExternalResourceDAO(org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO)
StandardEntitlement(org.apache.syncope.common.lib.types.StandardEntitlement)
OrderByClause(org.apache.syncope.core.persistence.api.dao.search.OrderByClause)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
ConnInstanceDataBinder(org.apache.syncope.core.provisioning.api.data.ConnInstanceDataBinder)
ArrayList(java.util.ArrayList)
RealmUtils(org.apache.syncope.core.provisioning.api.utils.RealmUtils)
DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException)
DuplicateException(org.apache.syncope.core.persistence.api.dao.DuplicateException)
MappingManager(org.apache.syncope.core.provisioning.api.MappingManager)
ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType)
SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants)
ImmutableTriple(org.apache.commons.lang3.tuple.ImmutableTriple)
Iterator(java.util.Iterator)
ResourceTO(org.apache.syncope.common.lib.to.ResourceTO)
Uid(org.identityconnectors.framework.common.objects.Uid)
IteratorChain(org.apache.syncope.common.lib.collections.IteratorChain)
ConnInstance(org.apache.syncope.core.persistence.api.entity.ConnInstance)
Name(org.identityconnectors.framework.common.objects.Name)
ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair)
MappingUtils(org.apache.syncope.core.provisioning.java.utils.MappingUtils)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Component(org.springframework.stereotype.Component)
VirSchemaDAO(org.apache.syncope.core.persistence.api.dao.VirSchemaDAO)
SearchResult(org.identityconnectors.framework.common.objects.SearchResult)
Any(org.apache.syncope.core.persistence.api.entity.Any)
Transactional(org.springframework.transaction.annotation.Transactional)
MappingItem(org.apache.syncope.core.persistence.api.entity.resource.MappingItem)
ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass)
ConnectorObject(org.identityconnectors.framework.common.objects.ConnectorObject)
ArrayList(java.util.ArrayList)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
SearchResult(org.identityconnectors.framework.common.objects.SearchResult)
ResultsHandler(org.identityconnectors.framework.common.objects.ResultsHandler)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
IteratorChain(org.apache.syncope.common.lib.collections.IteratorChain)
ConnObjectTO(org.apache.syncope.common.lib.to.ConnObjectTO)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with AnyType
use of org.apache.syncope.core.persistence.api.entity.AnyType in project syncope by apache.
the class ResourceLogic method setLatestSyncToken.
@PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_UPDATE + "')")
public void setLatestSyncToken(final String key, final String anyTypeKey) {
ExternalResource resource = resourceDAO.authFind(key);
if (resource == null) {
throw new NotFoundException("Resource '" + key + "'");
}
Connector connector;
try {
connector = connFactory.getConnector(resource);
} catch (Exception e) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidConnInstance);
sce.getElements().add(e.getMessage());
throw sce;
}
if (SyncopeConstants.REALM_ANYTYPE.equals(anyTypeKey)) {
if (resource.getOrgUnit() == null) {
throw new NotFoundException("Realm provision not enabled for Resource '" + key + "'");
}
resource.getOrgUnit().setSyncToken(connector.getLatestSyncToken(resource.getOrgUnit().getObjectClass()));
} else {
AnyType anyType = anyTypeDAO.find(anyTypeKey);
if (anyType == null) {
throw new NotFoundException("AnyType '" + anyTypeKey + "'");
}
Optional<? extends Provision> provision = resource.getProvision(anyType);
if (!provision.isPresent()) {
throw new NotFoundException("Provision for AnyType '" + anyTypeKey + "' in Resource '" + key + "'");
}
provision.get().setSyncToken(connector.getLatestSyncToken(provision.get().getObjectClass()));
}
Set<String> effectiveRealms = RealmUtils.getEffective(AuthContextUtils.getAuthorizations().get(StandardEntitlement.RESOURCE_UPDATE), resource.getConnector().getAdminRealm().getFullPath());
securityChecks(effectiveRealms, resource.getConnector().getAdminRealm().getFullPath(), resource.getKey());
resourceDAO.save(resource);
}
Also used :
Connector(org.apache.syncope.core.provisioning.api.Connector)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException)
DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException)
DuplicateException(org.apache.syncope.core.persistence.api.dao.DuplicateException)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Aggregations
AnyType (org.apache.syncope.core.persistence.api.entity.AnyType)35
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)13
NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)9
ExternalResource (org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)9
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)7
Collectors (java.util.stream.Collectors)6
AnyTypeDAO (org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)6
AnyTypeClass (org.apache.syncope.core.persistence.api.entity.AnyTypeClass)6
Autowired (org.springframework.beans.factory.annotation.Autowired)6
Component (org.springframework.stereotype.Component)6
ArrayList (java.util.ArrayList)5
StringUtils (org.apache.commons.lang3.StringUtils)5
AnyTypeKind (org.apache.syncope.common.lib.types.AnyTypeKind)5
Realm (org.apache.syncope.core.persistence.api.entity.Realm)5
AnyObject (org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject)5
Group (org.apache.syncope.core.persistence.api.entity.group.Group)5
Provision (org.apache.syncope.core.persistence.api.entity.resource.Provision)5
AbstractTest (org.apache.syncope.core.persistence.jpa.AbstractTest)5
Test (org.junit.jupiter.api.Test)5
Map (java.util.Map)4
