use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.
the class RealmDataBinderImpl method create.
@Override
public Realm create(final Realm parent, final RealmTO realmTO) {
Realm realm = entityFactory.newEntity(Realm.class);
realm.setName(realmTO.getName());
realm.setParent(parent);
if (realmTO.getPasswordPolicy() != null) {
Policy policy = policyDAO.find(realmTO.getPasswordPolicy());
if (policy instanceof PasswordPolicy) {
realm.setPasswordPolicy((PasswordPolicy) policy);
} else {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidPolicy);
sce.getElements().add("Expected " + PasswordPolicy.class.getSimpleName() + ", found " + policy.getClass().getSimpleName());
throw sce;
}
}
if (realmTO.getAccountPolicy() != null) {
Policy policy = policyDAO.find(realmTO.getAccountPolicy());
if (policy instanceof AccountPolicy) {
realm.setAccountPolicy((AccountPolicy) policy);
} else {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidPolicy);
sce.getElements().add("Expected " + AccountPolicy.class.getSimpleName() + ", found " + policy.getClass().getSimpleName());
throw sce;
}
}
realmTO.getActions().forEach(logicActionsKey -> {
Implementation logicAction = implementationDAO.find(logicActionsKey);
if (logicAction == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", logicActionsKey);
} else {
realm.add(logicAction);
}
});
setTemplates(realmTO, realm);
realmTO.getResources().forEach(resourceKey -> {
ExternalResource resource = resourceDAO.find(resourceKey);
if (resource == null) {
LOG.debug("Invalid " + ExternalResource.class.getSimpleName() + " {}, ignoring...", resourceKey);
} else {
realm.add(resource);
}
});
return realm;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.
the class RealmDataBinderImpl method update.
@Override
public PropagationByResource update(final Realm realm, final RealmTO realmTO) {
realm.setName(realmTO.getName());
realm.setParent(realmTO.getParent() == null ? null : realmDAO.find(realmTO.getParent()));
if (realmTO.getAccountPolicy() == null) {
realm.setAccountPolicy(null);
} else {
Policy policy = policyDAO.find(realmTO.getAccountPolicy());
if (policy instanceof AccountPolicy) {
realm.setAccountPolicy((AccountPolicy) policy);
} else {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidPolicy);
sce.getElements().add("Expected " + AccountPolicy.class.getSimpleName() + ", found " + policy.getClass().getSimpleName());
throw sce;
}
}
if (realmTO.getPasswordPolicy() == null) {
realm.setPasswordPolicy(null);
} else {
Policy policy = policyDAO.find(realmTO.getPasswordPolicy());
if (policy instanceof PasswordPolicy) {
realm.setPasswordPolicy((PasswordPolicy) policy);
} else {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidPolicy);
sce.getElements().add("Expected " + PasswordPolicy.class.getSimpleName() + ", found " + policy.getClass().getSimpleName());
throw sce;
}
}
realmTO.getActions().forEach(logicActionsKey -> {
Implementation logicActions = implementationDAO.find(logicActionsKey);
if (logicActions == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", logicActionsKey);
} else {
realm.add(logicActions);
}
});
// remove all implementations not contained in the TO
realm.getActions().removeIf(implementation -> !realmTO.getActions().contains(implementation.getKey()));
setTemplates(realmTO, realm);
PropagationByResource propByRes = new PropagationByResource();
realmTO.getResources().forEach(resourceKey -> {
ExternalResource resource = resourceDAO.find(resourceKey);
if (resource == null) {
LOG.debug("Invalid " + ExternalResource.class.getSimpleName() + " {}, ignoring...", resourceKey);
} else {
realm.add(resource);
propByRes.add(ResourceOperation.CREATE, resource.getKey());
}
});
// remove all resources not contained in the TO
realm.getResources().removeIf(resource -> {
boolean contained = realmTO.getResources().contains(resource.getKey());
if (!contained) {
propByRes.add(ResourceOperation.DELETE, resource.getKey());
}
return !contained;
});
return propByRes;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.
the class ResourceTest method createWithPasswordPolicy.
@Test
public void createWithPasswordPolicy() {
final String resourceName = "resourceWithPasswordPolicy";
PasswordPolicy policy = policyDAO.find("986d1236-3ac5-4a19-810c-5ab21d79cba1");
ExternalResource resource = entityFactory.newEntity(ExternalResource.class);
resource.setKey(resourceName);
resource.setPasswordPolicy(policy);
ConnInstance connector = connInstanceDAO.find("88a7a819-dab5-46b4-9b90-0b9769eabdb8");
assertNotNull(connector);
resource.setConnector(connector);
ExternalResource actual = resourceDAO.save(resource);
assertNotNull(actual);
actual = resourceDAO.find(actual.getKey());
assertNotNull(actual);
assertNotNull(actual.getPasswordPolicy());
resourceDAO.delete(resourceName);
assertNull(resourceDAO.find(resourceName));
assertNotNull(policyDAO.find("986d1236-3ac5-4a19-810c-5ab21d79cba1"));
}
use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.
the class PolicyDataBinderImpl method getPolicyTO.
@SuppressWarnings("unchecked")
@Override
public <T extends PolicyTO> T getPolicyTO(final Policy policy) {
T policyTO = null;
if (policy instanceof PasswordPolicy) {
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(policy);
PasswordPolicyTO passwordPolicyTO = new PasswordPolicyTO();
policyTO = (T) passwordPolicyTO;
passwordPolicyTO.setAllowNullPassword(passwordPolicy.isAllowNullPassword());
passwordPolicyTO.setHistoryLength(passwordPolicy.getHistoryLength());
passwordPolicyTO.getRules().addAll(passwordPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof AccountPolicy) {
AccountPolicy accountPolicy = AccountPolicy.class.cast(policy);
AccountPolicyTO accountPolicyTO = new AccountPolicyTO();
policyTO = (T) accountPolicyTO;
accountPolicyTO.setMaxAuthenticationAttempts(accountPolicy.getMaxAuthenticationAttempts());
accountPolicyTO.setPropagateSuspension(accountPolicy.isPropagateSuspension());
accountPolicyTO.getRules().addAll(accountPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
accountPolicyTO.getPassthroughResources().addAll(accountPolicy.getResources().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof PullPolicy) {
PullPolicy pullPolicy = PullPolicy.class.cast(policy);
PullPolicyTO pullPolicyTO = new PullPolicyTO();
policyTO = (T) pullPolicyTO;
pullPolicyTO.setConflictResolutionAction(((PullPolicy) policy).getConflictResolutionAction());
pullPolicy.getCorrelationRules().forEach(rule -> {
pullPolicyTO.getCorrelationRules().put(rule.getAnyType().getKey(), rule.getImplementation().getKey());
});
}
if (policyTO != null) {
policyTO.setKey(policy.getKey());
policyTO.setDescription(policy.getDescription());
for (ExternalResource resource : resourceDAO.findByPolicy(policy)) {
policyTO.getUsedByResources().add(resource.getKey());
}
for (Realm realm : realmDAO.findByPolicy(policy)) {
policyTO.getUsedByRealms().add(realm.getFullPath());
}
}
return policyTO;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy in project syncope by apache.
the class ResourceDataBinderImpl method update.
@Override
public ExternalResource update(final ExternalResource resource, final ResourceTO resourceTO) {
if (resource.getKey() != null) {
ResourceTO current = getResourceTO(resource);
if (!current.equals(resourceTO)) {
// 1. save the current configuration, before update
ExternalResourceHistoryConf resourceHistoryConf = entityFactory.newEntity(ExternalResourceHistoryConf.class);
resourceHistoryConf.setCreator(AuthContextUtils.getUsername());
resourceHistoryConf.setCreation(new Date());
resourceHistoryConf.setEntity(resource);
resourceHistoryConf.setConf(current);
resourceHistoryConfDAO.save(resourceHistoryConf);
// 2. ensure the maximum history size is not exceeded
List<ExternalResourceHistoryConf> history = resourceHistoryConfDAO.findByEntity(resource);
long maxHistorySize = confDAO.find("resource.conf.history.size", 10L);
if (maxHistorySize < history.size()) {
// always remove the last item since history was obtained by a query with ORDER BY creation DESC
for (int i = 0; i < history.size() - maxHistorySize; i++) {
resourceHistoryConfDAO.delete(history.get(history.size() - 1).getKey());
}
}
}
}
resource.setKey(resourceTO.getKey());
if (resourceTO.getConnector() != null) {
ConnInstance connector = connInstanceDAO.find(resourceTO.getConnector());
resource.setConnector(connector);
if (!connector.getResources().contains(resource)) {
connector.add(resource);
}
}
resource.setEnforceMandatoryCondition(resourceTO.isEnforceMandatoryCondition());
resource.setPropagationPriority(resourceTO.getPropagationPriority());
resource.setRandomPwdIfNotProvided(resourceTO.isRandomPwdIfNotProvided());
// 1. add or update all (valid) provisions from TO
resourceTO.getProvisions().forEach(provisionTO -> {
AnyType anyType = anyTypeDAO.find(provisionTO.getAnyType());
if (anyType == null) {
LOG.debug("Invalid {} specified {}, ignoring...", AnyType.class.getSimpleName(), provisionTO.getAnyType());
} else {
Provision provision = resource.getProvision(anyType).orElse(null);
if (provision == null) {
provision = entityFactory.newEntity(Provision.class);
provision.setResource(resource);
resource.add(provision);
provision.setAnyType(anyType);
}
if (provisionTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidProvision);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
provision.setObjectClass(new ObjectClass(provisionTO.getObjectClass()));
// add all classes contained in the TO
for (String name : provisionTO.getAuxClasses()) {
AnyTypeClass anyTypeClass = anyTypeClassDAO.find(name);
if (anyTypeClass == null) {
LOG.warn("Ignoring invalid {}: {}", AnyTypeClass.class.getSimpleName(), name);
} else {
provision.add(anyTypeClass);
}
}
// remove all classes not contained in the TO
provision.getAuxClasses().removeIf(anyTypeClass -> !provisionTO.getAuxClasses().contains(anyTypeClass.getKey()));
if (provisionTO.getMapping() == null) {
provision.setMapping(null);
} else {
Mapping mapping = provision.getMapping();
if (mapping == null) {
mapping = entityFactory.newEntity(Mapping.class);
mapping.setProvision(provision);
provision.setMapping(mapping);
} else {
mapping.getItems().clear();
}
AnyTypeClassTO allowedSchemas = new AnyTypeClassTO();
for (Iterator<AnyTypeClass> itor = new IteratorChain<>(provision.getAnyType().getClasses().iterator(), provision.getAuxClasses().iterator()); itor.hasNext(); ) {
AnyTypeClass anyTypeClass = itor.next();
allowedSchemas.getPlainSchemas().addAll(anyTypeClass.getPlainSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getDerSchemas().addAll(anyTypeClass.getDerSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getVirSchemas().addAll(anyTypeClass.getVirSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
}
populateMapping(provisionTO.getMapping(), mapping, allowedSchemas);
}
if (provisionTO.getVirSchemas().isEmpty()) {
for (VirSchema schema : virSchemaDAO.findByProvision(provision)) {
virSchemaDAO.delete(schema.getKey());
}
} else {
for (String schemaName : provisionTO.getVirSchemas()) {
VirSchema schema = virSchemaDAO.find(schemaName);
if (schema == null) {
LOG.debug("Invalid {} specified: {}, ignoring...", VirSchema.class.getSimpleName(), schemaName);
} else {
schema.setProvision(provision);
}
}
}
}
});
// 2. remove all provisions not contained in the TO
for (Iterator<? extends Provision> itor = resource.getProvisions().iterator(); itor.hasNext(); ) {
Provision provision = itor.next();
if (resourceTO.getProvision(provision.getAnyType().getKey()) == null) {
virSchemaDAO.findByProvision(provision).forEach(schema -> {
virSchemaDAO.delete(schema.getKey());
});
itor.remove();
}
}
// 3. orgUnit
if (resourceTO.getOrgUnit() == null && resource.getOrgUnit() != null) {
resource.getOrgUnit().setResource(null);
resource.setOrgUnit(null);
} else if (resourceTO.getOrgUnit() != null) {
OrgUnitTO orgUnitTO = resourceTO.getOrgUnit();
OrgUnit orgUnit = resource.getOrgUnit();
if (orgUnit == null) {
orgUnit = entityFactory.newEntity(OrgUnit.class);
orgUnit.setResource(resource);
resource.setOrgUnit(orgUnit);
}
if (orgUnitTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
orgUnit.setObjectClass(new ObjectClass(orgUnitTO.getObjectClass()));
if (orgUnitTO.getConnObjectLink() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null connObjectLink");
throw sce;
}
orgUnit.setConnObjectLink(orgUnitTO.getConnObjectLink());
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
SyncopeClientException invalidMapping = SyncopeClientException.build(ClientExceptionType.InvalidMapping);
SyncopeClientException requiredValuesMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
orgUnit.getItems().clear();
for (ItemTO itemTO : orgUnitTO.getItems()) {
if (itemTO == null) {
LOG.error("Null {}", ItemTO.class.getSimpleName());
invalidMapping.getElements().add("Null " + ItemTO.class.getSimpleName());
} else if (itemTO.getIntAttrName() == null) {
requiredValuesMissing.getElements().add("intAttrName");
scce.addException(requiredValuesMissing);
} else {
if (!"name".equals(itemTO.getIntAttrName()) && !"fullpath".equals(itemTO.getIntAttrName())) {
LOG.error("Only 'name' and 'fullpath' are supported for Realms");
invalidMapping.getElements().add("Only 'name' and 'fullpath' are supported for Realms");
} else {
// no mandatory condition implies mandatory condition false
if (!JexlUtils.isExpressionValid(itemTO.getMandatoryCondition() == null ? "false" : itemTO.getMandatoryCondition())) {
SyncopeClientException invalidMandatoryCondition = SyncopeClientException.build(ClientExceptionType.InvalidValues);
invalidMandatoryCondition.getElements().add(itemTO.getMandatoryCondition());
scce.addException(invalidMandatoryCondition);
}
OrgUnitItem item = entityFactory.newEntity(OrgUnitItem.class);
BeanUtils.copyProperties(itemTO, item, ITEM_IGNORE_PROPERTIES);
item.setOrgUnit(orgUnit);
if (item.isConnObjectKey()) {
orgUnit.setConnObjectKeyItem(item);
} else {
orgUnit.add(item);
}
itemTO.getTransformers().forEach(transformerKey -> {
Implementation transformer = implementationDAO.find(transformerKey);
if (transformer == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", transformerKey);
} else {
item.add(transformer);
}
});
// remove all implementations not contained in the TO
item.getTransformers().removeIf(implementation -> !itemTO.getTransformers().contains(implementation.getKey()));
}
}
}
if (!invalidMapping.getElements().isEmpty()) {
scce.addException(invalidMapping);
}
if (scce.hasExceptions()) {
throw scce;
}
}
resource.setCreateTraceLevel(resourceTO.getCreateTraceLevel());
resource.setUpdateTraceLevel(resourceTO.getUpdateTraceLevel());
resource.setDeleteTraceLevel(resourceTO.getDeleteTraceLevel());
resource.setProvisioningTraceLevel(resourceTO.getProvisioningTraceLevel());
resource.setPasswordPolicy(resourceTO.getPasswordPolicy() == null ? null : (PasswordPolicy) policyDAO.find(resourceTO.getPasswordPolicy()));
resource.setAccountPolicy(resourceTO.getAccountPolicy() == null ? null : (AccountPolicy) policyDAO.find(resourceTO.getAccountPolicy()));
resource.setPullPolicy(resourceTO.getPullPolicy() == null ? null : (PullPolicy) policyDAO.find(resourceTO.getPullPolicy()));
resource.setConfOverride(new HashSet<>(resourceTO.getConfOverride()));
resource.setOverrideCapabilities(resourceTO.isOverrideCapabilities());
resource.getCapabilitiesOverride().clear();
resource.getCapabilitiesOverride().addAll(resourceTO.getCapabilitiesOverride());
resourceTO.getPropagationActions().forEach(propagationActionKey -> {
Implementation propagationAction = implementationDAO.find(propagationActionKey);
if (propagationAction == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", propagationActionKey);
} else {
resource.add(propagationAction);
}
});
// remove all implementations not contained in the TO
resource.getPropagationActions().removeIf(implementation -> !resourceTO.getPropagationActions().contains(implementation.getKey()));
return resource;
}
Aggregations