Search in sources :

Example 11 with PullActions

use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.

the class DefaultRealmPullResultHandler method delete.

private List<ProvisioningReport> delete(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
    if (!profile.getTask().isPerformDelete()) {
        LOG.debug("PullTask not configured for delete");
        finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    LOG.debug("About to delete {}", keys);
    List<ProvisioningReport> results = new ArrayList<>();
    for (String key : keys) {
        Object output;
        Result resultStatus = Result.FAILURE;
        ProvisioningReport result = new ProvisioningReport();
        try {
            result.setKey(key);
            result.setOperation(ResourceOperation.DELETE);
            result.setAnyType(REALM_TYPE);
            result.setStatus(ProvisioningReport.Status.SUCCESS);
            Realm realm = realmDAO.find(key);
            RealmTO before = binder.getRealmTO(realm, true);
            if (before == null) {
                result.setStatus(ProvisioningReport.Status.FAILURE);
                result.setMessage(String.format("Realm '%s' not found", key));
            } else {
                result.setName(before.getFullPath());
            }
            if (!profile.isDryRun()) {
                for (PullActions action : profile.getActions()) {
                    action.beforeDelete(profile, delta, before);
                }
                try {
                    if (!realmDAO.findChildren(realm).isEmpty()) {
                        throw SyncopeClientException.build(ClientExceptionType.HasChildren);
                    }
                    Set<String> adminRealms = Collections.singleton(realm.getFullPath());
                    AnyCond keyCond = new AnyCond(AttributeCond.Type.ISNOTNULL);
                    keyCond.setSchema("key");
                    SearchCond allMatchingCond = SearchCond.getLeafCond(keyCond);
                    int users = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.USER);
                    int groups = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.GROUP);
                    int anyObjects = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.ANY_OBJECT);
                    if (users + groups + anyObjects > 0) {
                        SyncopeClientException containedAnys = SyncopeClientException.build(ClientExceptionType.AssociatedAnys);
                        containedAnys.getElements().add(users + " user(s)");
                        containedAnys.getElements().add(groups + " group(s)");
                        containedAnys.getElements().add(anyObjects + " anyObject(s)");
                        throw containedAnys;
                    }
                    PropagationByResource propByRes = new PropagationByResource();
                    for (String resource : realm.getResourceKeys()) {
                        propByRes.add(ResourceOperation.DELETE, resource);
                    }
                    List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
                    taskExecutor.execute(tasks, false);
                    realmDAO.delete(realm);
                    output = null;
                    resultStatus = Result.SUCCESS;
                    for (PullActions action : profile.getActions()) {
                        action.after(profile, delta, before, result);
                    }
                } catch (Exception e) {
                    throwIgnoreProvisionException(delta, e);
                    result.setStatus(ProvisioningReport.Status.FAILURE);
                    result.setMessage(ExceptionUtils.getRootCauseMessage(e));
                    LOG.error("Could not delete {}", realm, e);
                    output = e;
                }
                finalize(ResourceOperation.DELETE.name().toLowerCase(), resultStatus, before, output, delta);
            }
            results.add(result);
        } catch (DelegatedAdministrationException e) {
            LOG.error("Not allowed to read Realm {}", key, e);
        } catch (Exception e) {
            LOG.error("Could not delete Realm {}", key, e);
        }
    }
    return results;
}
Also used : PropagationTaskTO(org.apache.syncope.common.lib.to.PropagationTaskTO) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) ArrayList(java.util.ArrayList) RealmTO(org.apache.syncope.common.lib.to.RealmTO) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) JobExecutionException(org.quartz.JobExecutionException) Result(org.apache.syncope.common.lib.types.AuditElements.Result) SearchCond(org.apache.syncope.core.persistence.api.dao.search.SearchCond) Realm(org.apache.syncope.core.persistence.api.entity.Realm) AnyCond(org.apache.syncope.core.persistence.api.dao.search.AnyCond)

Example 12 with PullActions

use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.

the class DefaultRealmPullResultHandler method update.

private List<ProvisioningReport> update(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
    if (!profile.getTask().isPerformUpdate()) {
        LOG.debug("PullTask not configured for update");
        finalize(MatchingRule.toEventName(MatchingRule.UPDATE), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    LOG.debug("About to update {}", keys);
    List<ProvisioningReport> results = new ArrayList<>();
    for (String key : keys) {
        LOG.debug("About to update {}", key);
        ProvisioningReport result = new ProvisioningReport();
        result.setOperation(ResourceOperation.UPDATE);
        result.setAnyType(REALM_TYPE);
        result.setStatus(ProvisioningReport.Status.SUCCESS);
        result.setKey(key);
        Realm realm = realmDAO.find(key);
        RealmTO before = binder.getRealmTO(realm, true);
        if (before == null) {
            result.setStatus(ProvisioningReport.Status.FAILURE);
            result.setMessage(String.format("Realm '%s' not found", key));
        } else {
            result.setName(before.getFullPath());
        }
        if (!profile.isDryRun()) {
            Result resultStatus;
            Object output;
            if (before == null) {
                resultStatus = Result.FAILURE;
                output = null;
            } else {
                try {
                    for (PullActions action : profile.getActions()) {
                        action.beforeUpdate(profile, delta, before, null);
                    }
                    PropagationByResource propByRes = binder.update(realm, before);
                    realm = realmDAO.save(realm);
                    RealmTO updated = binder.getRealmTO(realm, true);
                    List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
                    taskExecutor.execute(tasks, false);
                    for (PullActions action : profile.getActions()) {
                        action.after(profile, delta, updated, result);
                    }
                    output = updated;
                    resultStatus = Result.SUCCESS;
                    result.setName(updated.getFullPath());
                    LOG.debug("{} successfully updated", updated);
                } catch (PropagationException e) {
                    // A propagation failure doesn't imply a pull failure.
                    // The propagation exception status will be reported into the propagation task execution.
                    LOG.error("Could not propagate Realm {}", delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                } catch (Exception e) {
                    throwIgnoreProvisionException(delta, e);
                    result.setStatus(ProvisioningReport.Status.FAILURE);
                    result.setMessage(ExceptionUtils.getRootCauseMessage(e));
                    LOG.error("Could not update Realm {}", delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                }
            }
            finalize(MatchingRule.toEventName(MatchingRule.UPDATE), resultStatus, before, output, delta);
        }
        results.add(result);
    }
    return results;
}
Also used : PropagationTaskTO(org.apache.syncope.common.lib.to.PropagationTaskTO) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) ArrayList(java.util.ArrayList) RealmTO(org.apache.syncope.common.lib.to.RealmTO) PropagationByResource(org.apache.syncope.core.provisioning.api.PropagationByResource) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport) SyncopeClientException(org.apache.syncope.common.lib.SyncopeClientException) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) JobExecutionException(org.quartz.JobExecutionException) Result(org.apache.syncope.common.lib.types.AuditElements.Result) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) Realm(org.apache.syncope.core.persistence.api.entity.Realm)

Example 13 with PullActions

use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.

the class DefaultRealmPullResultHandler method doHandle.

private void doHandle(final SyncDelta delta, final OrgUnit orgUnit) throws JobExecutionException {
    LOG.debug("Process {} for {} as {}", delta.getDeltaType(), delta.getUid().getUidValue(), delta.getObject().getObjectClass());
    SyncDelta processed = delta;
    for (PullActions action : profile.getActions()) {
        processed = action.preprocess(profile, processed);
    }
    LOG.debug("Transformed {} for {} as {}", processed.getDeltaType(), processed.getUid().getUidValue(), processed.getObject().getObjectClass());
    List<String> keys = pullUtils.match(processed.getObject(), orgUnit);
    LOG.debug("Match found for {} as {}: {}", processed.getUid().getUidValue(), processed.getObject().getObjectClass(), keys);
    if (keys.size() > 1) {
        switch(profile.getResAct()) {
            case IGNORE:
                throw new IllegalStateException("More than one match " + keys);
            case FIRSTMATCH:
                keys = keys.subList(0, 1);
                break;
            case LASTMATCH:
                keys = keys.subList(keys.size() - 1, keys.size());
                break;
            default:
        }
    }
    try {
        if (SyncDeltaType.CREATE_OR_UPDATE == processed.getDeltaType()) {
            if (keys.isEmpty()) {
                switch(profile.getTask().getUnmatchingRule()) {
                    case ASSIGN:
                        profile.getResults().addAll(assign(processed, orgUnit));
                        break;
                    case PROVISION:
                        profile.getResults().addAll(provision(processed, orgUnit));
                        break;
                    case IGNORE:
                        profile.getResults().add(ignore(processed, false));
                        break;
                    default:
                }
            } else {
                switch(profile.getTask().getMatchingRule()) {
                    case UPDATE:
                        profile.getResults().addAll(update(processed, keys));
                        break;
                    case DEPROVISION:
                        profile.getResults().addAll(deprovision(processed, keys, false));
                        break;
                    case UNASSIGN:
                        profile.getResults().addAll(deprovision(processed, keys, true));
                        break;
                    case LINK:
                        profile.getResults().addAll(link(processed, keys, false));
                        break;
                    case UNLINK:
                        profile.getResults().addAll(link(processed, keys, true));
                        break;
                    case IGNORE:
                        profile.getResults().add(ignore(processed, true));
                        break;
                    default:
                }
            }
        } else if (SyncDeltaType.DELETE == processed.getDeltaType()) {
            if (keys.isEmpty()) {
                finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, processed);
                LOG.debug("No match found for deletion");
            } else {
                profile.getResults().addAll(delete(processed, keys));
            }
        }
    } catch (IllegalStateException | IllegalArgumentException e) {
        LOG.warn(e.getMessage());
    }
}
Also used : SyncDelta(org.identityconnectors.framework.common.objects.SyncDelta) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions)

Example 14 with PullActions

use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.

the class AbstractPullResultHandler method link.

protected List<ProvisioningReport> link(final SyncDelta delta, final List<String> anyKeys, final Provision provision, final boolean unlink) throws JobExecutionException {
    if (!profile.getTask().isPerformUpdate()) {
        LOG.debug("PullTask not configured for update");
        finalize(unlink ? MatchingRule.toEventName(MatchingRule.UNLINK) : MatchingRule.toEventName(MatchingRule.LINK), Result.SUCCESS, null, null, delta);
        return Collections.<ProvisioningReport>emptyList();
    }
    LOG.debug("About to update {}", anyKeys);
    final List<ProvisioningReport> results = new ArrayList<>();
    for (String key : anyKeys) {
        LOG.debug("About to unassign resource {}", key);
        ProvisioningReport result = new ProvisioningReport();
        result.setOperation(ResourceOperation.NONE);
        result.setAnyType(provision.getAnyType().getKey());
        result.setStatus(ProvisioningReport.Status.SUCCESS);
        result.setKey(key);
        AnyTO before = getAnyTO(key);
        if (before == null) {
            result.setStatus(ProvisioningReport.Status.FAILURE);
            result.setMessage(String.format("Any '%s(%s)' not found", provision.getAnyType().getKey(), key));
        }
        if (!profile.isDryRun()) {
            Result resultStatus;
            Object output;
            AnyPatch effectivePatch = null;
            if (before == null) {
                resultStatus = Result.FAILURE;
                output = null;
            } else {
                result.setName(getName(before));
                try {
                    if (unlink) {
                        for (PullActions action : profile.getActions()) {
                            action.beforeUnlink(profile, delta, before);
                        }
                    } else {
                        for (PullActions action : profile.getActions()) {
                            action.beforeLink(profile, delta, before);
                        }
                    }
                    AnyPatch anyPatch = newPatch(before.getKey());
                    anyPatch.getResources().add(new StringPatchItem.Builder().operation(unlink ? PatchOperation.DELETE : PatchOperation.ADD_REPLACE).value(profile.getTask().getResource().getKey()).build());
                    effectivePatch = update(anyPatch).getResult();
                    output = AnyOperations.patch(before, effectivePatch);
                    for (PullActions action : profile.getActions()) {
                        action.after(profile, delta, AnyTO.class.cast(output), result);
                    }
                    resultStatus = Result.SUCCESS;
                    LOG.debug("{} {} successfully updated", provision.getAnyType().getKey(), key);
                } catch (PropagationException e) {
                    // A propagation failure doesn't imply a pull failure.
                    // The propagation exception status will be reported into the propagation task execution.
                    LOG.error("Could not propagate {} {}", provision.getAnyType().getKey(), delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                } catch (Exception e) {
                    throwIgnoreProvisionException(delta, e);
                    result.setStatus(ProvisioningReport.Status.FAILURE);
                    result.setMessage(ExceptionUtils.getRootCauseMessage(e));
                    LOG.error("Could not update {} {}", provision.getAnyType().getKey(), delta.getUid().getUidValue(), e);
                    output = e;
                    resultStatus = Result.FAILURE;
                }
            }
            finalize(unlink ? MatchingRule.toEventName(MatchingRule.UNLINK) : MatchingRule.toEventName(MatchingRule.LINK), resultStatus, before, output, delta, effectivePatch);
        }
        results.add(result);
    }
    return results;
}
Also used : AnyTO(org.apache.syncope.common.lib.to.AnyTO) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) AnyPatch(org.apache.syncope.common.lib.patch.AnyPatch) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) ArrayList(java.util.ArrayList) ProvisioningReport(org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException) JobExecutionException(org.quartz.JobExecutionException) Result(org.apache.syncope.common.lib.types.AuditElements.Result)

Example 15 with PullActions

use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.

the class AbstractPullResultHandler method create.

protected void create(final AnyTO anyTO, final SyncDelta delta, final String operation, final Provision provision, final ProvisioningReport result) throws JobExecutionException {
    Object output;
    Result resultStatus;
    try {
        AnyTO created = doCreate(anyTO, delta);
        output = created;
        result.setKey(created.getKey());
        result.setName(getName(created));
        resultStatus = Result.SUCCESS;
        for (PullActions action : profile.getActions()) {
            action.after(profile, delta, created, result);
        }
        LOG.debug("{} {} successfully created", created.getType(), created.getKey());
    } catch (PropagationException e) {
        // A propagation failure doesn't imply a pull failure.
        // The propagation exception status will be reported into the propagation task execution.
        LOG.error("Could not propagate {} {}", anyTO.getType(), delta.getUid().getUidValue(), e);
        output = e;
        resultStatus = Result.FAILURE;
    } catch (Exception e) {
        throwIgnoreProvisionException(delta, e);
        result.setStatus(ProvisioningReport.Status.FAILURE);
        result.setMessage(ExceptionUtils.getRootCauseMessage(e));
        LOG.error("Could not create {} {} ", anyTO.getType(), delta.getUid().getUidValue(), e);
        output = e;
        resultStatus = Result.FAILURE;
        if (profile.getTask().isRemediation()) {
            Remediation entity = entityFactory.newEntity(Remediation.class);
            entity.setAnyType(provision.getAnyType());
            entity.setOperation(ResourceOperation.CREATE);
            entity.setPayload(anyTO);
            entity.setError(result.getMessage());
            entity.setInstant(new Date());
            entity.setRemoteName(delta.getObject().getName().getNameValue());
            entity.setPullTask(profile.getTask());
            remediationDAO.save(entity);
        }
    }
    finalize(operation, resultStatus, null, output, delta);
}
Also used : AnyTO(org.apache.syncope.common.lib.to.AnyTO) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) PullActions(org.apache.syncope.core.provisioning.api.pushpull.PullActions) Remediation(org.apache.syncope.core.persistence.api.entity.Remediation) DelegatedAdministrationException(org.apache.syncope.core.spring.security.DelegatedAdministrationException) IgnoreProvisionException(org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException) PropagationException(org.apache.syncope.core.provisioning.api.propagation.PropagationException) NotFoundException(org.apache.syncope.core.persistence.api.dao.NotFoundException) JobExecutionException(org.quartz.JobExecutionException) Date(java.util.Date) Result(org.apache.syncope.common.lib.types.AuditElements.Result)

Aggregations

PullActions (org.apache.syncope.core.provisioning.api.pushpull.PullActions)19 ProvisioningReport (org.apache.syncope.core.provisioning.api.pushpull.ProvisioningReport)12 JobExecutionException (org.quartz.JobExecutionException)11 Result (org.apache.syncope.common.lib.types.AuditElements.Result)10 PropagationException (org.apache.syncope.core.provisioning.api.propagation.PropagationException)10 IgnoreProvisionException (org.apache.syncope.core.provisioning.api.pushpull.IgnoreProvisionException)10 DelegatedAdministrationException (org.apache.syncope.core.spring.security.DelegatedAdministrationException)10 ArrayList (java.util.ArrayList)9 AnyTO (org.apache.syncope.common.lib.to.AnyTO)7 RealmTO (org.apache.syncope.common.lib.to.RealmTO)7 NotFoundException (org.apache.syncope.core.persistence.api.dao.NotFoundException)6 SyncopeClientException (org.apache.syncope.common.lib.SyncopeClientException)5 Realm (org.apache.syncope.core.persistence.api.entity.Realm)5 PropagationByResource (org.apache.syncope.core.provisioning.api.PropagationByResource)5 Date (java.util.Date)3 AnyPatch (org.apache.syncope.common.lib.patch.AnyPatch)3 PropagationTaskTO (org.apache.syncope.common.lib.to.PropagationTaskTO)3 Remediation (org.apache.syncope.core.persistence.api.entity.Remediation)3 PullTask (org.apache.syncope.core.persistence.api.entity.task.PullTask)3 Implementation (org.apache.syncope.core.persistence.api.entity.Implementation)2