Search in sources :

Example 1 with ADynGroupMembership

use of org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership in project syncope by apache.

the class GroupDataBinderImpl method setDynMembership.

private void setDynMembership(final Group group, final AnyType anyType, final String dynMembershipFIQL) {
    SearchCond dynMembershipCond = SearchCondConverter.convert(dynMembershipFIQL);
    if (!dynMembershipCond.isValid()) {
        SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidSearchExpression);
        sce.getElements().add(dynMembershipFIQL);
        throw sce;
    }
    if (anyType.getKind() == AnyTypeKind.GROUP) {
        SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidAnyType);
        sce.getElements().add(anyType.getKind().name());
        throw sce;
    }
    DynGroupMembership<?> dynMembership;
    if (anyType.getKind() == AnyTypeKind.ANY_OBJECT && !group.getADynMembership(anyType).isPresent()) {
        dynMembership = entityFactory.newEntity(ADynGroupMembership.class);
        dynMembership.setGroup(group);
        ((ADynGroupMembership) dynMembership).setAnyType(anyType);
        group.add((ADynGroupMembership) dynMembership);
    } else if (anyType.getKind() == AnyTypeKind.USER && group.getUDynMembership() == null) {
        dynMembership = entityFactory.newEntity(UDynGroupMembership.class);
        dynMembership.setGroup(group);
        group.setUDynMembership((UDynGroupMembership) dynMembership);
    } else {
        dynMembership = anyType.getKind() == AnyTypeKind.ANY_OBJECT ? group.getADynMembership(anyType).get() : group.getUDynMembership();
    }
    dynMembership.setFIQLCond(dynMembershipFIQL);
}
Also used : UDynGroupMembership(org.apache.syncope.core.persistence.api.entity.user.UDynGroupMembership) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond) ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership)

Example 2 with ADynGroupMembership

use of org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership in project syncope by apache.

the class GroupTest method adynMembership.

@Test
public void adynMembership() {
    // 0. create any object matching the condition below
    AnyObject anyObject = entityFactory.newEntity(AnyObject.class);
    anyObject.setName("name");
    anyObject.setType(anyTypeDAO.find("PRINTER"));
    anyObject.setRealm(realmDAO.findByFullPath("/even/two"));
    APlainAttr attr = entityFactory.newEntity(APlainAttr.class);
    attr.setOwner(anyObject);
    attr.setSchema(plainSchemaDAO.find("model"));
    attr.add("Canon MFC8030", anyUtilsFactory.getInstance(AnyTypeKind.ANY_OBJECT));
    anyObject.add(attr);
    anyObject = anyObjectDAO.save(anyObject);
    String newAnyObjectKey = anyObject.getKey();
    assertNotNull(newAnyObjectKey);
    // 1. create group with dynamic membership
    Group group = entityFactory.newEntity(Group.class);
    group.setRealm(realmDAO.getRoot());
    group.setName("new");
    ADynGroupMembership dynMembership = entityFactory.newEntity(ADynGroupMembership.class);
    dynMembership.setAnyType(anyTypeDAO.find("PRINTER"));
    dynMembership.setFIQLCond("model==Canon MFC8030");
    dynMembership.setGroup(group);
    group.add(dynMembership);
    Group actual = groupDAO.save(group);
    assertNotNull(actual);
    groupDAO.flush();
    // 2. verify that dynamic membership is there
    actual = groupDAO.find(actual.getKey());
    assertNotNull(actual);
    assertNotNull(actual.getADynMembership(anyTypeDAO.find("PRINTER")).get());
    assertNotNull(actual.getADynMembership(anyTypeDAO.find("PRINTER")).get().getKey());
    assertEquals(actual, actual.getADynMembership(anyTypeDAO.find("PRINTER")).get().getGroup());
    // 3. verify that expected any objects have the created group dynamically assigned
    List<String> members = groupDAO.findADynMembers(actual).stream().filter(object -> "PRINTER".equals(anyObjectDAO.find(object).getType().getKey())).collect(Collectors.toList());
    assertEquals(2, members.size());
    assertEquals(new HashSet<>(Arrays.asList("fc6dbc3a-6c07-4965-8781-921e7401a4a5", newAnyObjectKey)), new HashSet<>(members));
    anyObject = anyObjectDAO.find("fc6dbc3a-6c07-4965-8781-921e7401a4a5");
    assertNotNull(anyObject);
    Collection<Group> dynGroupMemberships = findDynGroups(anyObject);
    assertEquals(1, dynGroupMemberships.size());
    assertTrue(dynGroupMemberships.contains(actual.getADynMembership(anyTypeDAO.find("PRINTER")).get().getGroup()));
    // 4. delete the new any object and verify that dynamic membership was updated
    anyObjectDAO.delete(newAnyObjectKey);
    anyObjectDAO.flush();
    actual = groupDAO.find(actual.getKey());
    members = groupDAO.findADynMembers(actual).stream().filter(object -> "PRINTER".equals(anyObjectDAO.find(object).getType().getKey())).collect(Collectors.toList());
    assertEquals(1, members.size());
    assertEquals("fc6dbc3a-6c07-4965-8781-921e7401a4a5", members.get(0));
    // 5. delete group and verify that dynamic membership was also removed
    String dynMembershipKey = actual.getADynMembership(anyTypeDAO.find("PRINTER")).get().getKey();
    groupDAO.delete(actual);
    groupDAO.flush();
    assertNull(entityManager().find(JPAADynGroupMembership.class, dynMembershipKey));
    dynGroupMemberships = findDynGroups(anyObject);
    assertTrue(dynGroupMemberships.isEmpty());
}
Also used : Assertions.assertThrows(org.junit.jupiter.api.Assertions.assertThrows) Assertions.assertNotNull(org.junit.jupiter.api.Assertions.assertNotNull) Arrays(java.util.Arrays) UDynGroupMembership(org.apache.syncope.core.persistence.api.entity.user.UDynGroupMembership) Assertions.assertNull(org.junit.jupiter.api.Assertions.assertNull) Autowired(org.springframework.beans.factory.annotation.Autowired) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) GPlainAttrValue(org.apache.syncope.core.persistence.api.entity.group.GPlainAttrValue) GroupDAO(org.apache.syncope.core.persistence.api.dao.GroupDAO) Assertions.assertFalse(org.junit.jupiter.api.Assertions.assertFalse) AnyObjectDAO(org.apache.syncope.core.persistence.api.dao.AnyObjectDAO) Assertions.assertEquals(org.junit.jupiter.api.Assertions.assertEquals) RealmDAO(org.apache.syncope.core.persistence.api.dao.RealmDAO) JPAADynGroupMembership(org.apache.syncope.core.persistence.jpa.entity.anyobject.JPAADynGroupMembership) SyncopeConstants(org.apache.syncope.common.lib.SyncopeConstants) TypeExtension(org.apache.syncope.core.persistence.api.entity.group.TypeExtension) UserDAO(org.apache.syncope.core.persistence.api.dao.UserDAO) AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject) Collection(java.util.Collection) PlainSchemaDAO(org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO) ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership) User(org.apache.syncope.core.persistence.api.entity.user.User) GPlainAttr(org.apache.syncope.core.persistence.api.entity.group.GPlainAttr) JPAUDynGroupMembership(org.apache.syncope.core.persistence.jpa.entity.user.JPAUDynGroupMembership) JPAGroupDAO(org.apache.syncope.core.persistence.jpa.dao.JPAGroupDAO) Collectors(java.util.stream.Collectors) AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO) PlainAttrValueDAO(org.apache.syncope.core.persistence.api.dao.PlainAttrValueDAO) InvalidEntityException(org.apache.syncope.core.persistence.api.attrvalue.validation.InvalidEntityException) Test(org.junit.jupiter.api.Test) List(java.util.List) Query(javax.persistence.Query) Assertions.assertTrue(org.junit.jupiter.api.Assertions.assertTrue) Group(org.apache.syncope.core.persistence.api.entity.group.Group) AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest) AnyTypeClassDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeClassDAO) PlainAttrDAO(org.apache.syncope.core.persistence.api.dao.PlainAttrDAO) APlainAttr(org.apache.syncope.core.persistence.api.entity.anyobject.APlainAttr) UPlainAttr(org.apache.syncope.core.persistence.api.entity.user.UPlainAttr) Transactional(org.springframework.transaction.annotation.Transactional) JPAADynGroupMembership(org.apache.syncope.core.persistence.jpa.entity.anyobject.JPAADynGroupMembership) Group(org.apache.syncope.core.persistence.api.entity.group.Group) AnyObject(org.apache.syncope.core.persistence.api.entity.anyobject.AnyObject) APlainAttr(org.apache.syncope.core.persistence.api.entity.anyobject.APlainAttr) JPAADynGroupMembership(org.apache.syncope.core.persistence.jpa.entity.anyobject.JPAADynGroupMembership) ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership) Test(org.junit.jupiter.api.Test) AbstractTest(org.apache.syncope.core.persistence.jpa.AbstractTest)

Example 3 with ADynGroupMembership

use of org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership in project syncope by apache.

the class GroupDataBinderImpl method update.

@Override
public PropagationByResource update(final Group toBeUpdated, final GroupPatch groupPatch) {
    // Re-merge any pending change from workflow tasks
    Group group = groupDAO.save(toBeUpdated);
    PropagationByResource propByRes = new PropagationByResource();
    SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
    AnyUtils anyUtils = anyUtilsFactory.getInstance(AnyTypeKind.GROUP);
    // fetch connObjectKeys before update
    Map<String, String> oldConnObjectKeys = getConnObjectKeys(group, anyUtils);
    // realm
    setRealm(group, groupPatch);
    // name
    if (groupPatch.getName() != null && StringUtils.isNotBlank(groupPatch.getName().getValue())) {
        propByRes.addAll(ResourceOperation.UPDATE, groupDAO.findAllResourceKeys(group.getKey()));
        group.setName(groupPatch.getName().getValue());
    }
    // owner
    if (groupPatch.getUserOwner() != null) {
        group.setUserOwner(groupPatch.getUserOwner().getValue() == null ? null : userDAO.find(groupPatch.getUserOwner().getValue()));
    }
    if (groupPatch.getGroupOwner() != null) {
        group.setGroupOwner(groupPatch.getGroupOwner().getValue() == null ? null : groupDAO.find(groupPatch.getGroupOwner().getValue()));
    }
    // attributes and resources
    propByRes.merge(fill(group, groupPatch, anyUtils, scce));
    // check if some connObjectKey was changed by the update above
    Map<String, String> newConnObjectKeys = getConnObjectKeys(group, anyUtils);
    oldConnObjectKeys.entrySet().stream().filter(entry -> newConnObjectKeys.containsKey(entry.getKey()) && !entry.getValue().equals(newConnObjectKeys.get(entry.getKey()))).forEach(entry -> {
        propByRes.addOldConnObjectKey(entry.getKey(), entry.getValue());
        propByRes.add(ResourceOperation.UPDATE, entry.getKey());
    });
    group = groupDAO.save(group);
    // dynamic membership
    if (groupPatch.getUDynMembershipCond() == null) {
        if (group.getUDynMembership() != null) {
            group.getUDynMembership().setGroup(null);
            group.setUDynMembership(null);
            groupDAO.clearUDynMembers(group);
        }
    } else {
        setDynMembership(group, anyTypeDAO.findUser(), groupPatch.getUDynMembershipCond());
    }
    for (Iterator<? extends ADynGroupMembership> itor = group.getADynMemberships().iterator(); itor.hasNext(); ) {
        ADynGroupMembership memb = itor.next();
        memb.setGroup(null);
        itor.remove();
    }
    groupDAO.clearADynMembers(group);
    for (Map.Entry<String, String> entry : groupPatch.getADynMembershipConds().entrySet()) {
        AnyType anyType = anyTypeDAO.find(entry.getKey());
        if (anyType == null) {
            LOG.warn("Ignoring invalid {}: {}", AnyType.class.getSimpleName(), entry.getKey());
        } else {
            setDynMembership(group, anyType, entry.getValue());
        }
    }
    // type extensions
    for (TypeExtensionTO typeExtTO : groupPatch.getTypeExtensions()) {
        AnyType anyType = anyTypeDAO.find(typeExtTO.getAnyType());
        if (anyType == null) {
            LOG.warn("Ignoring invalid {}: {}", AnyType.class.getSimpleName(), typeExtTO.getAnyType());
        } else {
            TypeExtension typeExt = group.getTypeExtension(anyType).orElse(null);
            if (typeExt == null) {
                typeExt = entityFactory.newEntity(TypeExtension.class);
                typeExt.setAnyType(anyType);
                typeExt.setGroup(group);
                group.add(typeExt);
            }
            // add all classes contained in the TO
            for (String name : typeExtTO.getAuxClasses()) {
                AnyTypeClass anyTypeClass = anyTypeClassDAO.find(name);
                if (anyTypeClass == null) {
                    LOG.warn("Ignoring invalid {}: {}", AnyTypeClass.class.getSimpleName(), name);
                } else {
                    typeExt.add(anyTypeClass);
                }
            }
            // remove all classes not contained in the TO
            typeExt.getAuxClasses().removeIf(anyTypeClass -> !typeExtTO.getAuxClasses().contains(anyTypeClass.getKey()));
            // only consider non-empty type extensions
            if (typeExt.getAuxClasses().isEmpty()) {
                group.getTypeExtensions().remove(typeExt);
                typeExt.setGroup(null);
            }
        }
    }
    // remove all type extensions not contained in the TO
    group.getTypeExtensions().removeIf(typeExt -> !groupPatch.getTypeExtension(typeExt.getAnyType().getKey()).isPresent());
    // Throw composite exception if there is at least one element set in the composing exceptions
    if (scce.hasExceptions()) {
        throw scce;
    }
    return propByRes;
}
Also used : SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) Realm(org.apache.syncope.core.persistence.api.entity.Realm) UDynGroupMembership(org.apache.syncope.core.persistence.api.entity.user.UDynGroupMembership) AnyType(org.apache.syncope.core.persistence.api.entity.AnyType) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) Entity(org.apache.syncope.core.persistence.api.entity.Entity) ResourceOperation(org.apache.syncope.common.lib.types.ResourceOperation) StringUtils(org.apache.commons.lang3.StringUtils) GroupDataBinder(org.apache.syncope.core.provisioning.api.data.GroupDataBinder) AnyTypeKind(org.apache.syncope.common.lib.types.AnyTypeKind) GroupPatch(org.apache.syncope.common.lib.patch.GroupPatch) DerSchema(org.apache.syncope.core.persistence.api.entity.DerSchema) Map(java.util.Map) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) SearchCondConverter(org.apache.syncope.core.persistence.api.search.SearchCondConverter) SyncopeClientCompositeException(org.apache.syncope.common.lib.SyncopeClientCompositeException) ClientExceptionType(org.apache.syncope.common.lib.types.ClientExceptionType) AnyTypeClass(org.apache.syncope.core.persistence.api.entity.AnyTypeClass) TypeExtension(org.apache.syncope.core.persistence.api.entity.group.TypeExtension) Iterator(java.util.Iterator) SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond) User(org.apache.syncope.core.persistence.api.entity.user.User) ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership) GroupTO(org.apache.syncope.common.lib.to.GroupTO) Collectors(java.util.stream.Collectors) AnyTypeDAO(org.apache.syncope.core.persistence.api.dao.AnyTypeDAO) DynGroupMembership(org.apache.syncope.core.persistence.api.entity.DynGroupMembership) VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema) List(java.util.List) Component(org.springframework.stereotype.Component) TypeExtensionTO(org.apache.syncope.common.lib.to.TypeExtensionTO) Group(org.apache.syncope.core.persistence.api.entity.group.Group) AnyUtils(org.apache.syncope.core.persistence.api.entity.AnyUtils) Collections(java.util.Collections) Any(org.apache.syncope.core.persistence.api.entity.Any) Transactional(org.springframework.transaction.annotation.Transactional) Group(org.apache.syncope.core.persistence.api.entity.group.Group) SyncopeClientCompositeException(org.apache.syncope.common.lib.SyncopeClientCompositeException) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) TypeExtension(org.apache.syncope.core.persistence.api.entity.group.TypeExtension) ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership) TypeExtensionTO(org.apache.syncope.common.lib.to.TypeExtensionTO) AnyUtils(org.apache.syncope.core.persistence.api.entity.AnyUtils) HashMap(java.util.HashMap) Map(java.util.Map) AnyType(org.apache.syncope.core.persistence.api.entity.AnyType) AnyTypeClass(org.apache.syncope.core.persistence.api.entity.AnyTypeClass)

Example 4 with ADynGroupMembership

use of org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership in project syncope by apache.

the class GroupValidator method isValid.

@Override
public boolean isValid(final Group group, final ConstraintValidatorContext context) {
    context.disableDefaultConstraintViolation();
    boolean isValid = true;
    if (group.getUserOwner() != null && group.getGroupOwner() != null) {
        isValid = false;
        context.buildConstraintViolationWithTemplate(getTemplate(EntityViolationType.InvalidGroupOwner, "A group must either be owned by an user or a group, not both")).addPropertyNode("owner").addConstraintViolation();
    }
    if (isValid && (group.getName() == null || !KEY_PATTERN.matcher(group.getName()).matches())) {
        isValid = false;
        context.buildConstraintViolationWithTemplate(getTemplate(EntityViolationType.InvalidName, "Invalid group name")).addPropertyNode("name").addConstraintViolation();
    }
    if (isValid) {
        Set<AnyType> anyTypes = new HashSet<>();
        for (ADynGroupMembership memb : group.getADynMemberships()) {
            anyTypes.add(memb.getAnyType());
            if (memb.getAnyType().getKind() != AnyTypeKind.ANY_OBJECT) {
                isValid = false;
                context.buildConstraintViolationWithTemplate(getTemplate(EntityViolationType.InvalidADynMemberships, "No user or group dynamic membership condition are allowed here")).addPropertyNode("aDynMemberships").addConstraintViolation();
            }
        }
        if (isValid && anyTypes.size() < group.getADynMemberships().size()) {
            context.buildConstraintViolationWithTemplate(getTemplate(EntityViolationType.InvalidADynMemberships, "Each dynamic membership condition requires a different " + AnyType.class.getSimpleName())).addPropertyNode("aDynMemberships").addConstraintViolation();
            return false;
        }
    }
    return isValid;
}
Also used : ADynGroupMembership(org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership) AnyType(org.apache.syncope.core.persistence.api.entity.AnyType) HashSet(java.util.HashSet)

Aggregations

ADynGroupMembership (org.apache.syncope.core.persistence.api.entity.anyobject.ADynGroupMembership)4 UDynGroupMembership (org.apache.syncope.core.persistence.api.entity.user.UDynGroupMembership)3 HashSet (java.util.HashSet)2 List (java.util.List)2 Collectors (java.util.stream.Collectors)2 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)2 AnyTypeKind (org.apache.syncope.common.lib.types.AnyTypeKind)2 AnyTypeDAO (org.apache.syncope.core.persistence.api.dao.AnyTypeDAO)2 SearchCond (org.apache.syncope.core.persistence.api.dao.search.SearchCond)2 AnyType (org.apache.syncope.core.persistence.api.entity.AnyType)2 Group (org.apache.syncope.core.persistence.api.entity.group.Group)2 TypeExtension (org.apache.syncope.core.persistence.api.entity.group.TypeExtension)2 User (org.apache.syncope.core.persistence.api.entity.user.User)2 Autowired (org.springframework.beans.factory.annotation.Autowired)2 Transactional (org.springframework.transaction.annotation.Transactional)2 ArrayList (java.util.ArrayList)1 Arrays (java.util.Arrays)1 Collection (java.util.Collection)1 Collections (java.util.Collections)1 HashMap (java.util.HashMap)1