use of org.apache.syncope.core.persistence.api.entity.DynRealm in project syncope by apache.
the class JPADynRealmDAO method save.
@Override
public DynRealm save(final DynRealm dynRealm) {
DynRealm merged = entityManager().merge(dynRealm);
// refresh dynamic memberships
clearDynMembers(merged);
merged.getDynMemberships().stream().map(memb -> jpaAnySearchDAO().search(SearchCondConverter.convert(memb.getFIQLCond()), memb.getAnyType().getKind())).forEachOrdered(matching -> {
matching.forEach(any -> {
Query insert = entityManager().createNativeQuery("INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)");
insert.setParameter(1, any.getKey());
insert.setParameter(2, merged.getKey());
insert.executeUpdate();
publisher.publishEvent(new AnyCreatedUpdatedEvent<>(this, any, AuthContextUtils.getDomain()));
});
});
return merged;
}
use of org.apache.syncope.core.persistence.api.entity.DynRealm in project syncope by apache.
the class DynRealmDataBinderImpl method update.
@Override
public DynRealm update(final DynRealm toBeUpdated, final DynRealmTO dynRealmTO) {
toBeUpdated.setKey(dynRealmTO.getKey());
DynRealm dynRealm = dynRealmDAO.save(toBeUpdated);
for (Iterator<? extends DynRealmMembership> itor = dynRealm.getDynMemberships().iterator(); itor.hasNext(); ) {
DynRealmMembership memb = itor.next();
memb.setDynRealm(null);
itor.remove();
}
dynRealmDAO.clearDynMembers(dynRealm);
dynRealmTO.getDynMembershipConds().forEach((type, fiql) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.warn("Ignoring invalid {}: {}", AnyType.class.getSimpleName(), type);
} else {
setDynMembership(dynRealm, anyType, fiql);
}
});
return dynRealmDAO.save(dynRealm);
}
use of org.apache.syncope.core.persistence.api.entity.DynRealm in project syncope by apache.
the class DynRealmTest method misc.
@Test
public void misc() {
DynRealm dynRealm = entityFactory.newEntity(DynRealm.class);
dynRealm.setKey("/name");
DynRealmMembership memb = entityFactory.newEntity(DynRealmMembership.class);
memb.setDynRealm(dynRealm);
memb.setAnyType(anyTypeDAO.findUser());
memb.setFIQLCond("cool==true");
dynRealm.add(memb);
memb.setDynRealm(dynRealm);
// invalid key (starts with /)
try {
dynRealmDAO.save(dynRealm);
fail("This should not happen");
} catch (Exception e) {
assertNotNull(e);
}
dynRealm.setKey("name");
DynRealm actual = dynRealmDAO.save(dynRealm);
assertNotNull(actual);
dynRealmDAO.flush();
DynRealmCond dynRealmCond = new DynRealmCond();
dynRealmCond.setDynRealm(actual.getKey());
List<User> matching = searchDAO.search(SearchCond.getLeafCond(dynRealmCond), AnyTypeKind.USER);
assertNotNull(matching);
assertFalse(matching.isEmpty());
User user = matching.get(0);
assertTrue(searchDAO.matches(user, SearchCond.getLeafCond(dynRealmCond)));
assertTrue(userDAO.findDynRealms(user.getKey()).contains(actual.getKey()));
}
use of org.apache.syncope.core.persistence.api.entity.DynRealm in project syncope by apache.
the class RoleDataBinderImpl method update.
@Override
public Role update(final Role toBeUpdated, final RoleTO roleTO) {
toBeUpdated.setKey(roleTO.getKey());
Role role = roleDAO.save(toBeUpdated);
role.getEntitlements().clear();
role.getEntitlements().addAll(roleTO.getEntitlements());
role.getRealms().clear();
for (String realmFullPath : roleTO.getRealms()) {
Realm realm = realmDAO.findByFullPath(realmFullPath);
if (realm == null) {
LOG.debug("Invalid realm full path {}, ignoring", realmFullPath);
} else {
role.add(realm);
}
}
role.getDynRealms().clear();
for (String key : roleTO.getDynRealms()) {
DynRealm dynRealm = dynRealmDAO.find(key);
if (dynRealm == null) {
LOG.debug("Invalid dynamic ream {}, ignoring", key);
} else {
role.add(dynRealm);
}
}
role = roleDAO.save(role);
// dynamic membership
roleDAO.clearDynMembers(role);
if (role.getKey() == null && roleTO.getDynMembershipCond() != null) {
setDynMembership(role, roleTO.getDynMembershipCond());
} else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() == null) {
role.setDynMembership(null);
} else if (role.getDynMembership() == null && roleTO.getDynMembershipCond() != null) {
setDynMembership(role, roleTO.getDynMembershipCond());
} else if (role.getDynMembership() != null && roleTO.getDynMembershipCond() != null && !role.getDynMembership().getFIQLCond().equals(roleTO.getDynMembershipCond())) {
setDynMembership(role, roleTO.getDynMembershipCond());
}
role.getPrivileges().clear();
for (String key : roleTO.getPrivileges()) {
Privilege privilege = applicationDAO.findPrivilege(key);
if (privilege == null) {
LOG.debug("Invalid privilege {}, ignoring", key);
} else {
role.add(privilege);
}
}
return role;
}
use of org.apache.syncope.core.persistence.api.entity.DynRealm in project syncope by apache.
the class ElasticsearchAnySearchDAO method adminRealmsFilter.
private Pair<DisMaxQueryBuilder, Set<String>> adminRealmsFilter(final Set<String> adminRealms) {
DisMaxQueryBuilder builder = QueryBuilders.disMaxQuery();
Set<String> dynRealmKeys = new HashSet<>();
RealmUtils.normalize(adminRealms).forEach(realmPath -> {
if (realmPath.startsWith("/")) {
Realm realm = realmDAO.findByFullPath(realmPath);
if (realm == null) {
SyncopeClientException noRealm = SyncopeClientException.build(ClientExceptionType.InvalidRealm);
noRealm.getElements().add("Invalid realm specified: " + realmPath);
throw noRealm;
} else {
realmDAO.findDescendants(realm).forEach(descendant -> {
builder.add(QueryBuilders.termQuery("realm", descendant.getFullPath()));
});
}
} else {
DynRealm dynRealm = dynRealmDAO.find(realmPath);
if (dynRealm == null) {
LOG.warn("Ignoring invalid dynamic realm {}", realmPath);
} else {
dynRealmKeys.add(dynRealm.getKey());
builder.add(QueryBuilders.termQuery("dynRealm", dynRealm.getKey()));
}
}
});
if (!dynRealmKeys.isEmpty()) {
realmDAO.findAll().forEach(descendant -> {
builder.add(QueryBuilders.termQuery("realm", descendant.getFullPath()));
});
}
return Pair.of(builder, dynRealmKeys);
}
Aggregations