use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.
the class DefaultRealmPullResultHandler method delete.
private List<ProvisioningReport> delete(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
if (!profile.getTask().isPerformDelete()) {
LOG.debug("PullTask not configured for delete");
finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, delta);
return Collections.<ProvisioningReport>emptyList();
}
LOG.debug("About to delete {}", keys);
List<ProvisioningReport> results = new ArrayList<>();
for (String key : keys) {
Object output;
Result resultStatus = Result.FAILURE;
ProvisioningReport result = new ProvisioningReport();
try {
result.setKey(key);
result.setOperation(ResourceOperation.DELETE);
result.setAnyType(REALM_TYPE);
result.setStatus(ProvisioningReport.Status.SUCCESS);
Realm realm = realmDAO.find(key);
RealmTO before = binder.getRealmTO(realm, true);
if (before == null) {
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(String.format("Realm '%s' not found", key));
} else {
result.setName(before.getFullPath());
}
if (!profile.isDryRun()) {
for (PullActions action : profile.getActions()) {
action.beforeDelete(profile, delta, before);
}
try {
if (!realmDAO.findChildren(realm).isEmpty()) {
throw SyncopeClientException.build(ClientExceptionType.HasChildren);
}
Set<String> adminRealms = Collections.singleton(realm.getFullPath());
AnyCond keyCond = new AnyCond(AttributeCond.Type.ISNOTNULL);
keyCond.setSchema("key");
SearchCond allMatchingCond = SearchCond.getLeafCond(keyCond);
int users = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.USER);
int groups = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.GROUP);
int anyObjects = searchDAO.count(adminRealms, allMatchingCond, AnyTypeKind.ANY_OBJECT);
if (users + groups + anyObjects > 0) {
SyncopeClientException containedAnys = SyncopeClientException.build(ClientExceptionType.AssociatedAnys);
containedAnys.getElements().add(users + " user(s)");
containedAnys.getElements().add(groups + " group(s)");
containedAnys.getElements().add(anyObjects + " anyObject(s)");
throw containedAnys;
}
PropagationByResource propByRes = new PropagationByResource();
for (String resource : realm.getResourceKeys()) {
propByRes.add(ResourceOperation.DELETE, resource);
}
List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
taskExecutor.execute(tasks, false);
realmDAO.delete(realm);
output = null;
resultStatus = Result.SUCCESS;
for (PullActions action : profile.getActions()) {
action.after(profile, delta, before, result);
}
} catch (Exception e) {
throwIgnoreProvisionException(delta, e);
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(ExceptionUtils.getRootCauseMessage(e));
LOG.error("Could not delete {}", realm, e);
output = e;
}
finalize(ResourceOperation.DELETE.name().toLowerCase(), resultStatus, before, output, delta);
}
results.add(result);
} catch (DelegatedAdministrationException e) {
LOG.error("Not allowed to read Realm {}", key, e);
} catch (Exception e) {
LOG.error("Could not delete Realm {}", key, e);
}
}
return results;
}
use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.
the class DefaultRealmPullResultHandler method update.
private List<ProvisioningReport> update(final SyncDelta delta, final List<String> keys) throws JobExecutionException {
if (!profile.getTask().isPerformUpdate()) {
LOG.debug("PullTask not configured for update");
finalize(MatchingRule.toEventName(MatchingRule.UPDATE), Result.SUCCESS, null, null, delta);
return Collections.<ProvisioningReport>emptyList();
}
LOG.debug("About to update {}", keys);
List<ProvisioningReport> results = new ArrayList<>();
for (String key : keys) {
LOG.debug("About to update {}", key);
ProvisioningReport result = new ProvisioningReport();
result.setOperation(ResourceOperation.UPDATE);
result.setAnyType(REALM_TYPE);
result.setStatus(ProvisioningReport.Status.SUCCESS);
result.setKey(key);
Realm realm = realmDAO.find(key);
RealmTO before = binder.getRealmTO(realm, true);
if (before == null) {
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(String.format("Realm '%s' not found", key));
} else {
result.setName(before.getFullPath());
}
if (!profile.isDryRun()) {
Result resultStatus;
Object output;
if (before == null) {
resultStatus = Result.FAILURE;
output = null;
} else {
try {
for (PullActions action : profile.getActions()) {
action.beforeUpdate(profile, delta, before, null);
}
PropagationByResource propByRes = binder.update(realm, before);
realm = realmDAO.save(realm);
RealmTO updated = binder.getRealmTO(realm, true);
List<PropagationTaskTO> tasks = propagationManager.createTasks(realm, propByRes, null);
taskExecutor.execute(tasks, false);
for (PullActions action : profile.getActions()) {
action.after(profile, delta, updated, result);
}
output = updated;
resultStatus = Result.SUCCESS;
result.setName(updated.getFullPath());
LOG.debug("{} successfully updated", updated);
} catch (PropagationException e) {
// A propagation failure doesn't imply a pull failure.
// The propagation exception status will be reported into the propagation task execution.
LOG.error("Could not propagate Realm {}", delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
} catch (Exception e) {
throwIgnoreProvisionException(delta, e);
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(ExceptionUtils.getRootCauseMessage(e));
LOG.error("Could not update Realm {}", delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
}
}
finalize(MatchingRule.toEventName(MatchingRule.UPDATE), resultStatus, before, output, delta);
}
results.add(result);
}
return results;
}
use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.
the class DefaultRealmPullResultHandler method doHandle.
private void doHandle(final SyncDelta delta, final OrgUnit orgUnit) throws JobExecutionException {
LOG.debug("Process {} for {} as {}", delta.getDeltaType(), delta.getUid().getUidValue(), delta.getObject().getObjectClass());
SyncDelta processed = delta;
for (PullActions action : profile.getActions()) {
processed = action.preprocess(profile, processed);
}
LOG.debug("Transformed {} for {} as {}", processed.getDeltaType(), processed.getUid().getUidValue(), processed.getObject().getObjectClass());
List<String> keys = pullUtils.match(processed.getObject(), orgUnit);
LOG.debug("Match found for {} as {}: {}", processed.getUid().getUidValue(), processed.getObject().getObjectClass(), keys);
if (keys.size() > 1) {
switch(profile.getResAct()) {
case IGNORE:
throw new IllegalStateException("More than one match " + keys);
case FIRSTMATCH:
keys = keys.subList(0, 1);
break;
case LASTMATCH:
keys = keys.subList(keys.size() - 1, keys.size());
break;
default:
}
}
try {
if (SyncDeltaType.CREATE_OR_UPDATE == processed.getDeltaType()) {
if (keys.isEmpty()) {
switch(profile.getTask().getUnmatchingRule()) {
case ASSIGN:
profile.getResults().addAll(assign(processed, orgUnit));
break;
case PROVISION:
profile.getResults().addAll(provision(processed, orgUnit));
break;
case IGNORE:
profile.getResults().add(ignore(processed, false));
break;
default:
}
} else {
switch(profile.getTask().getMatchingRule()) {
case UPDATE:
profile.getResults().addAll(update(processed, keys));
break;
case DEPROVISION:
profile.getResults().addAll(deprovision(processed, keys, false));
break;
case UNASSIGN:
profile.getResults().addAll(deprovision(processed, keys, true));
break;
case LINK:
profile.getResults().addAll(link(processed, keys, false));
break;
case UNLINK:
profile.getResults().addAll(link(processed, keys, true));
break;
case IGNORE:
profile.getResults().add(ignore(processed, true));
break;
default:
}
}
} else if (SyncDeltaType.DELETE == processed.getDeltaType()) {
if (keys.isEmpty()) {
finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, processed);
LOG.debug("No match found for deletion");
} else {
profile.getResults().addAll(delete(processed, keys));
}
}
} catch (IllegalStateException | IllegalArgumentException e) {
LOG.warn(e.getMessage());
}
}
use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.
the class AbstractPullResultHandler method link.
protected List<ProvisioningReport> link(final SyncDelta delta, final List<String> anyKeys, final Provision provision, final boolean unlink) throws JobExecutionException {
if (!profile.getTask().isPerformUpdate()) {
LOG.debug("PullTask not configured for update");
finalize(unlink ? MatchingRule.toEventName(MatchingRule.UNLINK) : MatchingRule.toEventName(MatchingRule.LINK), Result.SUCCESS, null, null, delta);
return Collections.<ProvisioningReport>emptyList();
}
LOG.debug("About to update {}", anyKeys);
final List<ProvisioningReport> results = new ArrayList<>();
for (String key : anyKeys) {
LOG.debug("About to unassign resource {}", key);
ProvisioningReport result = new ProvisioningReport();
result.setOperation(ResourceOperation.NONE);
result.setAnyType(provision.getAnyType().getKey());
result.setStatus(ProvisioningReport.Status.SUCCESS);
result.setKey(key);
AnyTO before = getAnyTO(key);
if (before == null) {
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(String.format("Any '%s(%s)' not found", provision.getAnyType().getKey(), key));
}
if (!profile.isDryRun()) {
Result resultStatus;
Object output;
AnyPatch effectivePatch = null;
if (before == null) {
resultStatus = Result.FAILURE;
output = null;
} else {
result.setName(getName(before));
try {
if (unlink) {
for (PullActions action : profile.getActions()) {
action.beforeUnlink(profile, delta, before);
}
} else {
for (PullActions action : profile.getActions()) {
action.beforeLink(profile, delta, before);
}
}
AnyPatch anyPatch = newPatch(before.getKey());
anyPatch.getResources().add(new StringPatchItem.Builder().operation(unlink ? PatchOperation.DELETE : PatchOperation.ADD_REPLACE).value(profile.getTask().getResource().getKey()).build());
effectivePatch = update(anyPatch).getResult();
output = AnyOperations.patch(before, effectivePatch);
for (PullActions action : profile.getActions()) {
action.after(profile, delta, AnyTO.class.cast(output), result);
}
resultStatus = Result.SUCCESS;
LOG.debug("{} {} successfully updated", provision.getAnyType().getKey(), key);
} catch (PropagationException e) {
// A propagation failure doesn't imply a pull failure.
// The propagation exception status will be reported into the propagation task execution.
LOG.error("Could not propagate {} {}", provision.getAnyType().getKey(), delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
} catch (Exception e) {
throwIgnoreProvisionException(delta, e);
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(ExceptionUtils.getRootCauseMessage(e));
LOG.error("Could not update {} {}", provision.getAnyType().getKey(), delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
}
}
finalize(unlink ? MatchingRule.toEventName(MatchingRule.UNLINK) : MatchingRule.toEventName(MatchingRule.LINK), resultStatus, before, output, delta, effectivePatch);
}
results.add(result);
}
return results;
}
use of org.apache.syncope.core.provisioning.api.pushpull.PullActions in project syncope by apache.
the class AbstractPullResultHandler method create.
protected void create(final AnyTO anyTO, final SyncDelta delta, final String operation, final Provision provision, final ProvisioningReport result) throws JobExecutionException {
Object output;
Result resultStatus;
try {
AnyTO created = doCreate(anyTO, delta);
output = created;
result.setKey(created.getKey());
result.setName(getName(created));
resultStatus = Result.SUCCESS;
for (PullActions action : profile.getActions()) {
action.after(profile, delta, created, result);
}
LOG.debug("{} {} successfully created", created.getType(), created.getKey());
} catch (PropagationException e) {
// A propagation failure doesn't imply a pull failure.
// The propagation exception status will be reported into the propagation task execution.
LOG.error("Could not propagate {} {}", anyTO.getType(), delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
} catch (Exception e) {
throwIgnoreProvisionException(delta, e);
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(ExceptionUtils.getRootCauseMessage(e));
LOG.error("Could not create {} {} ", anyTO.getType(), delta.getUid().getUidValue(), e);
output = e;
resultStatus = Result.FAILURE;
if (profile.getTask().isRemediation()) {
Remediation entity = entityFactory.newEntity(Remediation.class);
entity.setAnyType(provision.getAnyType());
entity.setOperation(ResourceOperation.CREATE);
entity.setPayload(anyTO);
entity.setError(result.getMessage());
entity.setInstant(new Date());
entity.setRemoteName(delta.getObject().getName().getNameValue());
entity.setPullTask(profile.getTask());
remediationDAO.save(entity);
}
}
finalize(operation, resultStatus, null, output, delta);
}
Aggregations