use of org.apache.syncope.core.spring.security.DelegatedAdministrationException in project syncope by apache.
the class AbstractPullResultHandler method delete.
protected List<ProvisioningReport> delete(final SyncDelta delta, final List<String> anyKeys, final Provision provision) throws JobExecutionException {
if (!profile.getTask().isPerformDelete()) {
LOG.debug("PullTask not configured for delete");
finalize(ResourceOperation.DELETE.name().toLowerCase(), Result.SUCCESS, null, null, delta);
return Collections.<ProvisioningReport>emptyList();
}
LOG.debug("About to delete {}", anyKeys);
List<ProvisioningReport> results = new ArrayList<>();
for (String key : anyKeys) {
Object output;
Result resultStatus = Result.FAILURE;
ProvisioningReport result = new ProvisioningReport();
try {
AnyTO before = getAnyTO(key);
result.setKey(key);
result.setName(getName(before));
result.setOperation(ResourceOperation.DELETE);
result.setAnyType(provision.getAnyType().getKey());
result.setStatus(ProvisioningReport.Status.SUCCESS);
if (!profile.isDryRun()) {
for (PullActions action : profile.getActions()) {
action.beforeDelete(profile, delta, before);
}
try {
doDelete(provision.getAnyType().getKind(), key);
output = null;
resultStatus = Result.SUCCESS;
for (PullActions action : profile.getActions()) {
action.after(profile, delta, before, result);
}
} catch (Exception e) {
throwIgnoreProvisionException(delta, e);
result.setStatus(ProvisioningReport.Status.FAILURE);
result.setMessage(ExceptionUtils.getRootCauseMessage(e));
LOG.error("Could not delete {} {}", provision.getAnyType().getKey(), key, e);
output = e;
if (profile.getTask().isRemediation()) {
Remediation entity = entityFactory.newEntity(Remediation.class);
entity.setAnyType(provision.getAnyType());
entity.setOperation(ResourceOperation.DELETE);
entity.setPayload(key);
entity.setError(result.getMessage());
entity.setInstant(new Date());
entity.setRemoteName(delta.getObject().getName().getNameValue());
entity.setPullTask(profile.getTask());
remediationDAO.save(entity);
}
}
finalize(ResourceOperation.DELETE.name().toLowerCase(), resultStatus, before, output, delta);
}
results.add(result);
} catch (NotFoundException e) {
LOG.error("Could not find {} {}", provision.getAnyType().getKey(), key, e);
} catch (DelegatedAdministrationException e) {
LOG.error("Not allowed to read {} {}", provision.getAnyType().getKey(), key, e);
} catch (Exception e) {
LOG.error("Could not delete {} {}", provision.getAnyType().getKey(), key, e);
}
}
return results;
}
use of org.apache.syncope.core.spring.security.DelegatedAdministrationException in project syncope by apache.
the class JPAConnInstanceDAO method authFind.
@Override
public ConnInstance authFind(final String key) {
ConnInstance connInstance = find(key);
if (connInstance == null) {
return null;
}
Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.CONNECTOR_READ);
if (authRealms == null || authRealms.isEmpty() || !authRealms.stream().anyMatch(realm -> connInstance.getAdminRealm().getFullPath().startsWith(realm))) {
throw new DelegatedAdministrationException(connInstance.getAdminRealm().getFullPath(), ConnInstance.class.getSimpleName(), connInstance.getKey());
}
return connInstance;
}
use of org.apache.syncope.core.spring.security.DelegatedAdministrationException in project syncope by apache.
the class JPAExternalResourceDAO method authFind.
@Override
public ExternalResource authFind(final String key) {
ExternalResource resource = find(key);
if (resource == null) {
return null;
}
Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.RESOURCE_READ);
if (authRealms == null || authRealms.isEmpty() || !authRealms.stream().anyMatch(realm -> resource.getConnector() != null && resource.getConnector().getAdminRealm().getFullPath().startsWith(realm))) {
throw new DelegatedAdministrationException(resource.getConnector().getAdminRealm().getFullPath(), ExternalResource.class.getSimpleName(), resource.getKey());
}
return resource;
}
use of org.apache.syncope.core.spring.security.DelegatedAdministrationException in project syncope by apache.
the class ResourceTest method findById.
@Test
public void findById() {
ExternalResource resource = resourceDAO.find("ws-target-resource-1");
assertNotNull(resource);
ConnInstance connector = resource.getConnector();
assertNotNull(connector);
assertEquals("net.tirasa.connid.bundles.soap.WebServiceConnector", connector.getConnectorName());
assertEquals("net.tirasa.connid.bundles.soap", connector.getBundleName());
Mapping mapping = resource.getProvision(anyTypeDAO.findUser()).get().getMapping();
assertFalse(mapping.getItems().isEmpty());
assertTrue(mapping.getItems().stream().anyMatch(item -> "7f55b09c-b573-41dc-a9eb-ccd80bd3ea7a".equals(item.getKey())));
try {
resourceDAO.authFind("ws-target-resource-1");
fail("This should not happen");
} catch (DelegatedAdministrationException e) {
assertNotNull(e);
}
}
Aggregations