use of org.apache.syncope.core.persistence.api.entity.policy.PullPolicy in project syncope by apache.
the class PolicyDataBinderImpl method getPolicy.
@SuppressWarnings("unchecked")
private <T extends Policy> T getPolicy(final T policy, final PolicyTO policyTO) {
T result = policy;
if (policyTO instanceof PasswordPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PasswordPolicy.class);
}
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(result);
PasswordPolicyTO passwordPolicyTO = PasswordPolicyTO.class.cast(policyTO);
passwordPolicy.setAllowNullPassword(passwordPolicyTO.isAllowNullPassword());
passwordPolicy.setHistoryLength(passwordPolicyTO.getHistoryLength());
passwordPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
passwordPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
passwordPolicy.getRules().removeIf(implementation -> !passwordPolicyTO.getRules().contains(implementation.getKey()));
} else if (policyTO instanceof AccountPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(AccountPolicy.class);
}
AccountPolicy accountPolicy = AccountPolicy.class.cast(result);
AccountPolicyTO accountPolicyTO = AccountPolicyTO.class.cast(policyTO);
accountPolicy.setMaxAuthenticationAttempts(accountPolicyTO.getMaxAuthenticationAttempts());
accountPolicy.setPropagateSuspension(accountPolicyTO.isPropagateSuspension());
accountPolicyTO.getRules().forEach(ruleKey -> {
Implementation rule = implementationDAO.find(ruleKey);
if (rule == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", ruleKey);
} else {
accountPolicy.add(rule);
}
});
// remove all implementations not contained in the TO
accountPolicy.getRules().removeIf(implementation -> !accountPolicyTO.getRules().contains(implementation.getKey()));
accountPolicy.getResources().clear();
accountPolicyTO.getPassthroughResources().forEach(resourceName -> {
ExternalResource resource = resourceDAO.find(resourceName);
if (resource == null) {
LOG.debug("Ignoring invalid resource {} ", resourceName);
} else {
accountPolicy.add(resource);
}
});
} else if (policyTO instanceof PullPolicyTO) {
if (result == null) {
result = (T) entityFactory.newEntity(PullPolicy.class);
}
PullPolicy pullPolicy = PullPolicy.class.cast(result);
PullPolicyTO pullPolicyTO = PullPolicyTO.class.cast(policyTO);
pullPolicy.setConflictResolutionAction(pullPolicyTO.getConflictResolutionAction());
pullPolicyTO.getCorrelationRules().forEach((type, impl) -> {
AnyType anyType = anyTypeDAO.find(type);
if (anyType == null) {
LOG.debug("Invalid AnyType {} specified, ignoring...", type);
} else {
CorrelationRule correlationRule = pullPolicy.getCorrelationRule(anyType).orElse(null);
if (correlationRule == null) {
correlationRule = entityFactory.newEntity(CorrelationRule.class);
correlationRule.setAnyType(anyType);
correlationRule.setPullPolicy(pullPolicy);
pullPolicy.add(correlationRule);
}
Implementation rule = implementationDAO.find(impl);
if (rule == null) {
throw new NotFoundException("Implementation " + type);
}
correlationRule.setImplementation(rule);
}
});
// remove all rules not contained in the TO
pullPolicy.getCorrelationRules().removeIf(anyFilter -> !pullPolicyTO.getCorrelationRules().containsKey(anyFilter.getAnyType().getKey()));
}
if (result != null) {
result.setDescription(policyTO.getDescription());
}
return result;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PullPolicy in project syncope by apache.
the class PolicyTest method findByKey.
@Test
public void findByKey() {
PullPolicy policy = policyDAO.find("880f8553-069b-4aed-9930-2cd53873f544");
assertNotNull(policy);
CorrelationRule rule = policy.getCorrelationRule(anyTypeDAO.findUser()).orElse(null);
assertNotNull(rule);
DefaultPullCorrelationRuleConf ruleConf = POJOHelper.deserialize(rule.getImplementation().getBody(), DefaultPullCorrelationRuleConf.class);
assertNotNull(ruleConf);
assertEquals(2, ruleConf.getSchemas().size());
assertTrue(ruleConf.getSchemas().contains("username"));
assertTrue(ruleConf.getSchemas().contains("firstname"));
}
use of org.apache.syncope.core.persistence.api.entity.policy.PullPolicy in project syncope by apache.
the class PolicyDataBinderImpl method getPolicyTO.
@SuppressWarnings("unchecked")
@Override
public <T extends PolicyTO> T getPolicyTO(final Policy policy) {
T policyTO = null;
if (policy instanceof PasswordPolicy) {
PasswordPolicy passwordPolicy = PasswordPolicy.class.cast(policy);
PasswordPolicyTO passwordPolicyTO = new PasswordPolicyTO();
policyTO = (T) passwordPolicyTO;
passwordPolicyTO.setAllowNullPassword(passwordPolicy.isAllowNullPassword());
passwordPolicyTO.setHistoryLength(passwordPolicy.getHistoryLength());
passwordPolicyTO.getRules().addAll(passwordPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof AccountPolicy) {
AccountPolicy accountPolicy = AccountPolicy.class.cast(policy);
AccountPolicyTO accountPolicyTO = new AccountPolicyTO();
policyTO = (T) accountPolicyTO;
accountPolicyTO.setMaxAuthenticationAttempts(accountPolicy.getMaxAuthenticationAttempts());
accountPolicyTO.setPropagateSuspension(accountPolicy.isPropagateSuspension());
accountPolicyTO.getRules().addAll(accountPolicy.getRules().stream().map(Entity::getKey).collect(Collectors.toList()));
accountPolicyTO.getPassthroughResources().addAll(accountPolicy.getResources().stream().map(Entity::getKey).collect(Collectors.toList()));
} else if (policy instanceof PullPolicy) {
PullPolicy pullPolicy = PullPolicy.class.cast(policy);
PullPolicyTO pullPolicyTO = new PullPolicyTO();
policyTO = (T) pullPolicyTO;
pullPolicyTO.setConflictResolutionAction(((PullPolicy) policy).getConflictResolutionAction());
pullPolicy.getCorrelationRules().forEach(rule -> {
pullPolicyTO.getCorrelationRules().put(rule.getAnyType().getKey(), rule.getImplementation().getKey());
});
}
if (policyTO != null) {
policyTO.setKey(policy.getKey());
policyTO.setDescription(policy.getDescription());
for (ExternalResource resource : resourceDAO.findByPolicy(policy)) {
policyTO.getUsedByResources().add(resource.getKey());
}
for (Realm realm : realmDAO.findByPolicy(policy)) {
policyTO.getUsedByRealms().add(realm.getFullPath());
}
}
return policyTO;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PullPolicy in project syncope by apache.
the class ResourceDataBinderImpl method update.
@Override
public ExternalResource update(final ExternalResource resource, final ResourceTO resourceTO) {
if (resource.getKey() != null) {
ResourceTO current = getResourceTO(resource);
if (!current.equals(resourceTO)) {
// 1. save the current configuration, before update
ExternalResourceHistoryConf resourceHistoryConf = entityFactory.newEntity(ExternalResourceHistoryConf.class);
resourceHistoryConf.setCreator(AuthContextUtils.getUsername());
resourceHistoryConf.setCreation(new Date());
resourceHistoryConf.setEntity(resource);
resourceHistoryConf.setConf(current);
resourceHistoryConfDAO.save(resourceHistoryConf);
// 2. ensure the maximum history size is not exceeded
List<ExternalResourceHistoryConf> history = resourceHistoryConfDAO.findByEntity(resource);
long maxHistorySize = confDAO.find("resource.conf.history.size", 10L);
if (maxHistorySize < history.size()) {
// always remove the last item since history was obtained by a query with ORDER BY creation DESC
for (int i = 0; i < history.size() - maxHistorySize; i++) {
resourceHistoryConfDAO.delete(history.get(history.size() - 1).getKey());
}
}
}
}
resource.setKey(resourceTO.getKey());
if (resourceTO.getConnector() != null) {
ConnInstance connector = connInstanceDAO.find(resourceTO.getConnector());
resource.setConnector(connector);
if (!connector.getResources().contains(resource)) {
connector.add(resource);
}
}
resource.setEnforceMandatoryCondition(resourceTO.isEnforceMandatoryCondition());
resource.setPropagationPriority(resourceTO.getPropagationPriority());
resource.setRandomPwdIfNotProvided(resourceTO.isRandomPwdIfNotProvided());
// 1. add or update all (valid) provisions from TO
resourceTO.getProvisions().forEach(provisionTO -> {
AnyType anyType = anyTypeDAO.find(provisionTO.getAnyType());
if (anyType == null) {
LOG.debug("Invalid {} specified {}, ignoring...", AnyType.class.getSimpleName(), provisionTO.getAnyType());
} else {
Provision provision = resource.getProvision(anyType).orElse(null);
if (provision == null) {
provision = entityFactory.newEntity(Provision.class);
provision.setResource(resource);
resource.add(provision);
provision.setAnyType(anyType);
}
if (provisionTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidProvision);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
provision.setObjectClass(new ObjectClass(provisionTO.getObjectClass()));
// add all classes contained in the TO
for (String name : provisionTO.getAuxClasses()) {
AnyTypeClass anyTypeClass = anyTypeClassDAO.find(name);
if (anyTypeClass == null) {
LOG.warn("Ignoring invalid {}: {}", AnyTypeClass.class.getSimpleName(), name);
} else {
provision.add(anyTypeClass);
}
}
// remove all classes not contained in the TO
provision.getAuxClasses().removeIf(anyTypeClass -> !provisionTO.getAuxClasses().contains(anyTypeClass.getKey()));
if (provisionTO.getMapping() == null) {
provision.setMapping(null);
} else {
Mapping mapping = provision.getMapping();
if (mapping == null) {
mapping = entityFactory.newEntity(Mapping.class);
mapping.setProvision(provision);
provision.setMapping(mapping);
} else {
mapping.getItems().clear();
}
AnyTypeClassTO allowedSchemas = new AnyTypeClassTO();
for (Iterator<AnyTypeClass> itor = new IteratorChain<>(provision.getAnyType().getClasses().iterator(), provision.getAuxClasses().iterator()); itor.hasNext(); ) {
AnyTypeClass anyTypeClass = itor.next();
allowedSchemas.getPlainSchemas().addAll(anyTypeClass.getPlainSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getDerSchemas().addAll(anyTypeClass.getDerSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
allowedSchemas.getVirSchemas().addAll(anyTypeClass.getVirSchemas().stream().map(s -> s.getKey()).collect(Collectors.toList()));
}
populateMapping(provisionTO.getMapping(), mapping, allowedSchemas);
}
if (provisionTO.getVirSchemas().isEmpty()) {
for (VirSchema schema : virSchemaDAO.findByProvision(provision)) {
virSchemaDAO.delete(schema.getKey());
}
} else {
for (String schemaName : provisionTO.getVirSchemas()) {
VirSchema schema = virSchemaDAO.find(schemaName);
if (schema == null) {
LOG.debug("Invalid {} specified: {}, ignoring...", VirSchema.class.getSimpleName(), schemaName);
} else {
schema.setProvision(provision);
}
}
}
}
});
// 2. remove all provisions not contained in the TO
for (Iterator<? extends Provision> itor = resource.getProvisions().iterator(); itor.hasNext(); ) {
Provision provision = itor.next();
if (resourceTO.getProvision(provision.getAnyType().getKey()) == null) {
virSchemaDAO.findByProvision(provision).forEach(schema -> {
virSchemaDAO.delete(schema.getKey());
});
itor.remove();
}
}
// 3. orgUnit
if (resourceTO.getOrgUnit() == null && resource.getOrgUnit() != null) {
resource.getOrgUnit().setResource(null);
resource.setOrgUnit(null);
} else if (resourceTO.getOrgUnit() != null) {
OrgUnitTO orgUnitTO = resourceTO.getOrgUnit();
OrgUnit orgUnit = resource.getOrgUnit();
if (orgUnit == null) {
orgUnit = entityFactory.newEntity(OrgUnit.class);
orgUnit.setResource(resource);
resource.setOrgUnit(orgUnit);
}
if (orgUnitTO.getObjectClass() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null " + ObjectClass.class.getSimpleName());
throw sce;
}
orgUnit.setObjectClass(new ObjectClass(orgUnitTO.getObjectClass()));
if (orgUnitTO.getConnObjectLink() == null) {
SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidOrgUnit);
sce.getElements().add("Null connObjectLink");
throw sce;
}
orgUnit.setConnObjectLink(orgUnitTO.getConnObjectLink());
SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
SyncopeClientException invalidMapping = SyncopeClientException.build(ClientExceptionType.InvalidMapping);
SyncopeClientException requiredValuesMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing);
orgUnit.getItems().clear();
for (ItemTO itemTO : orgUnitTO.getItems()) {
if (itemTO == null) {
LOG.error("Null {}", ItemTO.class.getSimpleName());
invalidMapping.getElements().add("Null " + ItemTO.class.getSimpleName());
} else if (itemTO.getIntAttrName() == null) {
requiredValuesMissing.getElements().add("intAttrName");
scce.addException(requiredValuesMissing);
} else {
if (!"name".equals(itemTO.getIntAttrName()) && !"fullpath".equals(itemTO.getIntAttrName())) {
LOG.error("Only 'name' and 'fullpath' are supported for Realms");
invalidMapping.getElements().add("Only 'name' and 'fullpath' are supported for Realms");
} else {
// no mandatory condition implies mandatory condition false
if (!JexlUtils.isExpressionValid(itemTO.getMandatoryCondition() == null ? "false" : itemTO.getMandatoryCondition())) {
SyncopeClientException invalidMandatoryCondition = SyncopeClientException.build(ClientExceptionType.InvalidValues);
invalidMandatoryCondition.getElements().add(itemTO.getMandatoryCondition());
scce.addException(invalidMandatoryCondition);
}
OrgUnitItem item = entityFactory.newEntity(OrgUnitItem.class);
BeanUtils.copyProperties(itemTO, item, ITEM_IGNORE_PROPERTIES);
item.setOrgUnit(orgUnit);
if (item.isConnObjectKey()) {
orgUnit.setConnObjectKeyItem(item);
} else {
orgUnit.add(item);
}
itemTO.getTransformers().forEach(transformerKey -> {
Implementation transformer = implementationDAO.find(transformerKey);
if (transformer == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", transformerKey);
} else {
item.add(transformer);
}
});
// remove all implementations not contained in the TO
item.getTransformers().removeIf(implementation -> !itemTO.getTransformers().contains(implementation.getKey()));
}
}
}
if (!invalidMapping.getElements().isEmpty()) {
scce.addException(invalidMapping);
}
if (scce.hasExceptions()) {
throw scce;
}
}
resource.setCreateTraceLevel(resourceTO.getCreateTraceLevel());
resource.setUpdateTraceLevel(resourceTO.getUpdateTraceLevel());
resource.setDeleteTraceLevel(resourceTO.getDeleteTraceLevel());
resource.setProvisioningTraceLevel(resourceTO.getProvisioningTraceLevel());
resource.setPasswordPolicy(resourceTO.getPasswordPolicy() == null ? null : (PasswordPolicy) policyDAO.find(resourceTO.getPasswordPolicy()));
resource.setAccountPolicy(resourceTO.getAccountPolicy() == null ? null : (AccountPolicy) policyDAO.find(resourceTO.getAccountPolicy()));
resource.setPullPolicy(resourceTO.getPullPolicy() == null ? null : (PullPolicy) policyDAO.find(resourceTO.getPullPolicy()));
resource.setConfOverride(new HashSet<>(resourceTO.getConfOverride()));
resource.setOverrideCapabilities(resourceTO.isOverrideCapabilities());
resource.getCapabilitiesOverride().clear();
resource.getCapabilitiesOverride().addAll(resourceTO.getCapabilitiesOverride());
resourceTO.getPropagationActions().forEach(propagationActionKey -> {
Implementation propagationAction = implementationDAO.find(propagationActionKey);
if (propagationAction == null) {
LOG.debug("Invalid " + Implementation.class.getSimpleName() + " {}, ignoring...", propagationActionKey);
} else {
resource.add(propagationAction);
}
});
// remove all implementations not contained in the TO
resource.getPropagationActions().removeIf(implementation -> !resourceTO.getPropagationActions().contains(implementation.getKey()));
return resource;
}
use of org.apache.syncope.core.persistence.api.entity.policy.PullPolicy in project syncope by apache.
the class PolicyTest method create.
@Test
public void create() {
PullPolicy policy = entityFactory.newEntity(PullPolicy.class);
policy.setConflictResolutionAction(ConflictResolutionAction.IGNORE);
policy.setDescription("Pull policy");
final String pullURuleName = "net.tirasa.pull.correlation.TirasaURule";
final String pullGRuleName = "net.tirasa.pull.correlation.TirasaGRule";
Implementation impl1 = entityFactory.newEntity(Implementation.class);
impl1.setKey(pullURuleName);
impl1.setEngine(ImplementationEngine.JAVA);
impl1.setType(ImplementationType.PULL_CORRELATION_RULE);
impl1.setBody(PullCorrelationRule.class.getName());
impl1 = implementationDAO.save(impl1);
CorrelationRule rule1 = entityFactory.newEntity(CorrelationRule.class);
rule1.setAnyType(anyTypeDAO.findUser());
rule1.setPullPolicy(policy);
rule1.setImplementation(impl1);
policy.add(rule1);
Implementation impl2 = entityFactory.newEntity(Implementation.class);
impl2.setKey(pullGRuleName);
impl2.setEngine(ImplementationEngine.JAVA);
impl2.setType(ImplementationType.PULL_CORRELATION_RULE);
impl2.setBody(PullCorrelationRule.class.getName());
impl2 = implementationDAO.save(impl2);
CorrelationRule rule2 = entityFactory.newEntity(CorrelationRule.class);
rule2.setAnyType(anyTypeDAO.findGroup());
rule2.setPullPolicy(policy);
rule2.setImplementation(impl2);
policy.add(rule2);
policy = policyDAO.save(policy);
assertNotNull(policy);
assertEquals(pullURuleName, policy.getCorrelationRule(anyTypeDAO.findUser()).get().getImplementation().getKey());
assertEquals(pullGRuleName, policy.getCorrelationRule(anyTypeDAO.findGroup()).get().getImplementation().getKey());
}
Aggregations