Example 6 with AccountPolicy
use of org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy in project syncope by apache.
the class PolicyDataBinderImpl method getPolicyTO.
@SuppressWarnings("unchecked")
@Override
public <T extends PolicyTO> T getPolicyTO(final Policy policy) {
T policyTO = null;
if (policy instanceof PasswordPolicy) {
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(policy);
PasswordPolicyTO passwordPolicyTO = new PasswordPolicyTO();
policyTO = (T) passwordPolicyTO;
passwordPolicyTO.setAllowNullPassword(passwordPolicy.isAllowNullPassword());
passwordPolicyTO.setHistoryLength(passwordPolicy.getHistoryLength());
passwordPolicyTO.getRules().addAll(passwordPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof AccountPolicy) {
AccountPolicy accountPolicy = AccountPolicy.class.cast(policy);
AccountPolicyTO accountPolicyTO = new AccountPolicyTO();
policyTO = (T) accountPolicyTO;
accountPolicyTO.setMaxAuthenticationAttempts(accountPolicy.getMaxAuthenticationAttempts());
accountPolicyTO.setPropagateSuspension(accountPolicy.isPropagateSuspension());
accountPolicyTO.getRules().addAll(accountPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
accountPolicyTO.getPassthroughResources().addAll(accountPolicy.getResources().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof PullPolicy) {
PullPolicy pullPolicy = PullPolicy.class.cast(policy);
PullPolicyTO pullPolicyTO = new PullPolicyTO();
policyTO = (T) pullPolicyTO;
pullPolicyTO.setConflictResolutionAction(((PullPolicy) policy).getConflictResolutionAction());
pullPolicy.getCorrelationRules().forEach(rule -> {
pullPolicyTO.getCorrelationRules().put(rule.getAnyType().getKey(), rule.getImplementation().getKey());
});
}
if (policyTO != null) {
policyTO.setKey(policy.getKey());
policyTO.setDescription(policy.getDescription());
for (ExternalResource resource : resourceDAO.findByPolicy(policy)) {
policyTO.getUsedByResources().add(resource.getKey());
}
for (Realm realm : realmDAO.findByPolicy(policy)) {
policyTO.getUsedByRealms().add(realm.getFullPath());
}
}
return policyTO;
}
Also used :
Entity(org.apache.syncope.core.persistence.api.entity.Entity)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
PullPolicyTO(org.apache.syncope.common.lib.policy.PullPolicyTO)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
AccountPolicyTO(org.apache.syncope.common.lib.policy.AccountPolicyTO)
ExternalResource(org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)
Realm(org.apache.syncope.core.persistence.api.entity.Realm)
PasswordPolicyTO(org.apache.syncope.common.lib.policy.PasswordPolicyTO)
Example 7 with AccountPolicy
use of org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy in project syncope by apache.
the class ResourceDataBinderImpl method update.
@Override
public ExternalResource update(final ExternalResource resource, final ResourceTO resourceTO) {
if (resource.getKey() != null) {
ResourceTO current = getResourceTO(resource);
if (!current.equals(resourceTO)) {
// 1. save the current configuration, before update
ExternalResourceHistoryConf resourceHistoryConf = entityFactory.newEntity(ExternalResourceHistoryConf.class);
resourceHistoryConf.setCreator(AuthContextUtils.getUsername());
resourceHistoryConf.setCreation(new Date());
resourceHistoryConf.setEntity(resource);
resourceHistoryConf.setConf(current);
resourceHistoryConfDAO.save(resourceHistoryConf);
// 2. ensure the maximum history size is not exceeded
List<ExternalResourceHistoryConf> history = resourceHistoryConfDAO.findByEntity(resource);
long maxHistorySize = confDAO.find("resource.conf.history.size", 10L);
if (maxHistorySize < history.size()) {
// always remove the last item since history was obtained by a query with ORDER BY creation DESC
for (int i = 0; i < history.size() - maxHistorySize; i++) {
resourceHistoryConfDAO.delete(history.get(history.size() - 1).getKey());
}
}
}
}
resource.setKey(resourceTO.getKey());
if (resourceTO.getConnector() != null) {
ConnInstance connector = connInstanceDAO.find(resourceTO.getConnector());
resource.setConnector(connector);
if (!connector.getResources().contains(resource)) {
connector.add(resource);
}
}
resource.setEnforceMandatoryCondition(resourceTO.isEnforceMandatoryCondition());
resource.setPropagationPriority(resourceTO.getPropagationPriority());
resource.setRandomPwdIfNotProvided(resourceTO.isRandomPwdIfNotProvided());
// 1. add or update all (valid) provisions from TO
resourceTO.getProvisions().forEach(provisionTO -> {
AnyType anyType = anyTypeDAO.find(provisionTO.getAnyType());
if (anyType == null) {
LOG.debug("Invalid {} specified {}, ignoring...", AnyType.class.getSimpleName(), provisionTO.getAnyType());
} else {
Provision provision = resource.getProvision(anyType).orElse(null);
if (provision == null) {
provision = entityFactory.newEntity(Provision.class);
provision.setResource(resource);
resource.add(provision);
provision.setAnyType(anyType);
}
if (provisionTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidProvision);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
provision.setObjectClass(new ObjectClass(provisionTO.getObjectClass()));
// add all classes contained in the TO
for (String name : provisionTO.getAuxClasses()) {
AnyTypeClass anyTypeClass = anyTypeClassDAO.find(name);
if (anyTypeClass == null) {
LOG.warn("Ignoring invalid {}: {}", AnyTypeClass.class.getSimpleName(), name);
} else {
provision.add(anyTypeClass);
}
}
// remove all classes not contained in the TO
provision.getAuxClasses().removeIf(anyTypeClass -> !provisionTO.getAuxClasses().contains(anyTypeClass.getKey()));
if (provisionTO.getMapping() == null) {
provision.setMapping(null);
} else {
Mapping mapping = provision.getMapping();
if (mapping == null) {
mapping = entityFactory.newEntity(Mapping.class);
mapping.setProvision(provision);
provision.setMapping(mapping);
} else {
mapping.getItems().clear();
}
AnyTypeClassTO allowedSchemas = new AnyTypeClassTO();
for (Iterator<AnyTypeClass> itor = new IteratorChain<>(provision.getAnyType().getClasses().iterator(), provision.getAuxClasses().iterator()); itor.hasNext(); ) {
AnyTypeClass anyTypeClass = itor.next();
allowedSchemas.getPlainSchemas().addAll(anyTypeClass.getPlainSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getDerSchemas().addAll(anyTypeClass.getDerSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getVirSchemas().addAll(anyTypeClass.getVirSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
}
populateMapping(provisionTO.getMapping(), mapping, allowedSchemas);
}
if (provisionTO.getVirSchemas().isEmpty()) {
for (VirSchema schema : virSchemaDAO.findByProvision(provision)) {
virSchemaDAO.delete(schema.getKey());
}
} else {
for (String schemaName : provisionTO.getVirSchemas()) {
VirSchema schema = virSchemaDAO.find(schemaName);
if (schema == null) {
LOG.debug("Invalid {} specified: {}, ignoring...", VirSchema.class.getSimpleName(), schemaName);
} else {
schema.setProvision(provision);
}
}
}
}
});
// 2. remove all provisions not contained in the TO
for (Iterator<? extends Provision> itor = resource.getProvisions().iterator(); itor.hasNext(); ) {
Provision provision = itor.next();
if (resourceTO.getProvision(provision.getAnyType().getKey()) == null) {
virSchemaDAO.findByProvision(provision).forEach(schema -> {
virSchemaDAO.delete(schema.getKey());
});
itor.remove();
}
}
// 3. orgUnit
if (resourceTO.getOrgUnit() == null && resource.getOrgUnit() != null) {
resource.getOrgUnit().setResource(null);
resource.setOrgUnit(null);
} else if (resourceTO.getOrgUnit() != null) {
OrgUnitTO orgUnitTO = resourceTO.getOrgUnit();
OrgUnit orgUnit = resource.getOrgUnit();
if (orgUnit == null) {
orgUnit = entityFactory.newEntity(OrgUnit.class);
orgUnit.setResource(resource);
resource.setOrgUnit(orgUnit);
}
if (orgUnitTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
orgUnit.setObjectClass(new ObjectClass(orgUnitTO.getObjectClass()));
if (orgUnitTO.getConnObjectLink() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null connObjectLink");
throw sce;
}
orgUnit.setConnObjectLink(orgUnitTO.getConnObjectLink());
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
SyncopeClientException invalidMapping = SyncopeClientException.build(ClientExceptionType.InvalidMapping);
SyncopeClientException requiredValuesMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
orgUnit.getItems().clear();
for (ItemTO itemTO : orgUnitTO.getItems()) {
if (itemTO == null) {
LOG.error("Null {}", ItemTO.class.getSimpleName());
invalidMapping.getElements().add("Null " + ItemTO.class.getSimpleName());
} else if (itemTO.getIntAttrName() == null) {
requiredValuesMissing.getElements().add("intAttrName");
scce.addException(requiredValuesMissing);
} else {
if (!"name".equals(itemTO.getIntAttrName()) && !"fullpath".equals(itemTO.getIntAttrName())) {
LOG.error("Only 'name' and 'fullpath' are supported for Realms");
invalidMapping.getElements().add("Only 'name' and 'fullpath' are supported for Realms");
} else {
// no mandatory condition implies mandatory condition false
if (!JexlUtils.isExpressionValid(itemTO.getMandatoryCondition() == null ? "false" : itemTO.getMandatoryCondition())) {
SyncopeClientException invalidMandatoryCondition = SyncopeClientException.build(ClientExceptionType.InvalidValues);
invalidMandatoryCondition.getElements().add(itemTO.getMandatoryCondition());
scce.addException(invalidMandatoryCondition);
}
OrgUnitItem item = entityFactory.newEntity(OrgUnitItem.class);
BeanUtils.copyProperties(itemTO, item, ITEM_IGNORE_PROPERTIES);
item.setOrgUnit(orgUnit);
if (item.isConnObjectKey()) {
orgUnit.setConnObjectKeyItem(item);
} else {
orgUnit.add(item);
}
itemTO.getTransformers().forEach(transformerKey -> {
Implementation transformer = implementationDAO.find(transformerKey);
if (transformer == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", transformerKey);
} else {
item.add(transformer);
}
});
// remove all implementations not contained in the TO
item.getTransformers().removeIf(implementation -> !itemTO.getTransformers().contains(implementation.getKey()));
}
}
}
if (!invalidMapping.getElements().isEmpty()) {
scce.addException(invalidMapping);
}
if (scce.hasExceptions()) {
throw scce;
}
}
resource.setCreateTraceLevel(resourceTO.getCreateTraceLevel());
resource.setUpdateTraceLevel(resourceTO.getUpdateTraceLevel());
resource.setDeleteTraceLevel(resourceTO.getDeleteTraceLevel());
resource.setProvisioningTraceLevel(resourceTO.getProvisioningTraceLevel());
resource.setPasswordPolicy(resourceTO.getPasswordPolicy() == null ? null : (PasswordPolicy) policyDAO.find(resourceTO.getPasswordPolicy()));
resource.setAccountPolicy(resourceTO.getAccountPolicy() == null ? null : (AccountPolicy) policyDAO.find(resourceTO.getAccountPolicy()));
resource.setPullPolicy(resourceTO.getPullPolicy() == null ? null : (PullPolicy) policyDAO.find(resourceTO.getPullPolicy()));
resource.setConfOverride(new HashSet<>(resourceTO.getConfOverride()));
resource.setOverrideCapabilities(resourceTO.isOverrideCapabilities());
resource.getCapabilitiesOverride().clear();
resource.getCapabilitiesOverride().addAll(resourceTO.getCapabilitiesOverride());
resourceTO.getPropagationActions().forEach(propagationActionKey -> {
Implementation propagationAction = implementationDAO.find(propagationActionKey);
if (propagationAction == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", propagationActionKey);
} else {
resource.add(propagationAction);
}
});
// remove all implementations not contained in the TO
resource.getPropagationActions().removeIf(implementation -> !resourceTO.getPropagationActions().contains(implementation.getKey()));
return resource;
}
Also used :
OrgUnit(org.apache.syncope.core.persistence.api.entity.resource.OrgUnit)
Mapping(org.apache.syncope.core.persistence.api.entity.resource.Mapping)
ItemTO(org.apache.syncope.common.lib.to.ItemTO)
ConnInstance(org.apache.syncope.core.persistence.api.entity.ConnInstance)
Implementation(org.apache.syncope.core.persistence.api.entity.Implementation)
PasswordPolicy(org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)
AnyTypeClassTO(org.apache.syncope.common.lib.to.AnyTypeClassTO)
PullPolicy(org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)
AnyType(org.apache.syncope.core.persistence.api.entity.AnyType)
AnyTypeClass(org.apache.syncope.core.persistence.api.entity.AnyTypeClass)
Provision(org.apache.syncope.core.persistence.api.entity.resource.Provision)
SyncopeClientCompositeException(org.apache.syncope.common.lib.SyncopeClientCompositeException)
ObjectClass(org.identityconnectors.framework.common.objects.ObjectClass)
ExternalResourceHistoryConf(org.apache.syncope.core.persistence.api.entity.resource.ExternalResourceHistoryConf)
VirSchema(org.apache.syncope.core.persistence.api.entity.VirSchema)
SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException)
OrgUnitItem(org.apache.syncope.core.persistence.api.entity.resource.OrgUnitItem)
IteratorChain(org.apache.syncope.common.lib.collections.IteratorChain)
Date(java.util.Date)
AccountPolicy(org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)
OrgUnitTO(org.apache.syncope.common.lib.to.OrgUnitTO)
ResourceTO(org.apache.syncope.common.lib.to.ResourceTO)
Aggregations
AccountPolicy (org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy)7
PasswordPolicy (org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy)7
Implementation (org.apache.syncope.core.persistence.api.entity.Implementation)5
Realm (org.apache.syncope.core.persistence.api.entity.Realm)4
ExternalResource (org.apache.syncope.core.persistence.api.entity.resource.ExternalResource)4
SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)3
Policy (org.apache.syncope.core.persistence.api.entity.policy.Policy)3
PullPolicy (org.apache.syncope.core.persistence.api.entity.policy.PullPolicy)3
AccountPolicyTO (org.apache.syncope.common.lib.policy.AccountPolicyTO)2
PasswordPolicyTO (org.apache.syncope.common.lib.policy.PasswordPolicyTO)2
PullPolicyTO (org.apache.syncope.common.lib.policy.PullPolicyTO)2
AnyType (org.apache.syncope.core.persistence.api.entity.AnyType)2
Entity (org.apache.syncope.core.persistence.api.entity.Entity)2
ArrayList (java.util.ArrayList)1
Date (java.util.Date)1
Collectors (java.util.stream.Collectors)1
NoResultException (javax.persistence.NoResultException)1
SyncopeClientCompositeException (org.apache.syncope.common.lib.SyncopeClientCompositeException)1
IteratorChain (org.apache.syncope.common.lib.collections.IteratorChain)1
PolicyTO (org.apache.syncope.common.lib.policy.PolicyTO)1
