Search in sources :

Example 11 with BaseScimResource

use of org.gluu.oxtrust.model.scim2.BaseScimResource in project oxTrust by GluuFederation.

the class ExtensionService method getFieldOfExtendedAttribute.

public ExtensionField getFieldOfExtendedAttribute(Class<? extends BaseScimResource> cls, String attribute) {
    List<Extension> extensions = getResourceExtensions(cls);
    ExtensionField field = null;
    try {
        for (Extension ext : extensions) {
            if (attribute.startsWith(ext.getUrn() + ":")) {
                attribute = attribute.substring(ext.getUrn().length() + 1);
                for (ExtensionField f : ext.getFields().values()) if (attribute.equals(f.getName())) {
                    field = f;
                    break;
                }
            }
        }
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
    return field;
}
Also used : Extension(org.gluu.oxtrust.model.scim2.extensions.Extension) ExtensionField(org.gluu.oxtrust.model.scim2.extensions.ExtensionField)

Example 12 with BaseScimResource

use of org.gluu.oxtrust.model.scim2.BaseScimResource in project oxTrust by GluuFederation.

the class Scim2GroupService method searchGroups.

public ListViewResponse<BaseScimResource> searchGroups(String filter, String sortBy, SortOrder sortOrder, int startIndex, int count, String groupsUrl, String usersUrl, int maxCount) throws Exception {
    Filter ldapFilter = scimFilterParserService.createLdapFilter(filter, "inum=*", GroupResource.class);
    log.info("Executing search for groups using: ldapfilter '{}', sortBy '{}', sortOrder '{}', startIndex '{}', count '{}'", ldapFilter.toString(), sortBy, sortOrder.getValue(), startIndex, count);
    ListViewResponse<GluuGroup> list = ldapEntryManager.findListViewResponse(groupService.getDnForGroup(null), GluuGroup.class, ldapFilter, startIndex, count, maxCount, sortBy, sortOrder, null);
    List<BaseScimResource> resources = new ArrayList<BaseScimResource>();
    for (GluuGroup group : list.getResult()) {
        GroupResource scimGroup = new GroupResource();
        transferAttributesToGroupResource(group, scimGroup, groupsUrl, usersUrl);
        // TODO: Delete this IF in the future - added for backwards compatibility with SCIM-Client <= 3.1.2.
        if (scimGroup.getMembers() == null)
            scimGroup.setMembers(new HashSet<Member>());
        resources.add(scimGroup);
    }
    log.info("Found {} matching entries - returning {}", list.getTotalResults(), list.getResult().size());
    ListViewResponse<BaseScimResource> result = new ListViewResponse<BaseScimResource>();
    result.setResult(resources);
    result.setTotalResults(list.getTotalResults());
    return result;
}
Also used : Filter(org.gluu.search.filter.Filter) ListViewResponse(org.gluu.persist.model.ListViewResponse) BaseScimResource(org.gluu.oxtrust.model.scim2.BaseScimResource) ArrayList(java.util.ArrayList) GluuGroup(org.gluu.oxtrust.model.GluuGroup) GroupResource(org.gluu.oxtrust.model.scim2.group.GroupResource) HashSet(java.util.HashSet)

Example 13 with BaseScimResource

use of org.gluu.oxtrust.model.scim2.BaseScimResource in project oxTrust by GluuFederation.

the class Scim2PatchService method applyPatchOperationWithValueFilter.

private BaseScimResource applyPatchOperationWithValueFilter(BaseScimResource resource, PatchOperation operation, String valSelFilter, String attribute, String subAttribute) throws SCIMException, InvalidAttributeValueException {
    String path = operation.getPath();
    ObjectMapper mapper = new ObjectMapper();
    Class<? extends BaseScimResource> cls = resource.getClass();
    Map<String, Object> resourceAsMap = mapper.convertValue(resource, new TypeReference<Map<String, Object>>() {
    });
    List<Map<String, Object>> list;
    Attribute attrAnnot = IntrospectUtil.getFieldAnnotation(attribute, cls, Attribute.class);
    if (attrAnnot != null) {
        if (!attrAnnot.multiValueClass().equals(NullType.class) && attrAnnot.type().equals(AttributeDefinition.Type.COMPLEX)) {
            Object colObject = resourceAsMap.get(attribute);
            list = colObject == null ? null : new ArrayList<Map<String, Object>>((Collection<Map<String, Object>>) colObject);
        } else
            throw new SCIMException(String.format("Attribute '%s' expected to be complex multi-valued", attribute));
    } else
        throw new SCIMException(String.format("Attribute '%s' not recognized or expected to be complex multi-valued", attribute));
    if (list == null)
        log.info("applyPatchOperationWithValueFilter. List of values for {} is empty. Operation has no effect", attribute);
    else {
        try {
            valSelFilter = FilterUtil.preprocess(valSelFilter, cls);
            ParseTree parseTree = filterService.getParseTree(valSelFilter);
            List<Integer> matchingIndexes = new ArrayList<Integer>();
            for (int i = 0; i < list.size(); i++) {
                if (filterService.complexAttributeMatch(parseTree, list.get(i), attribute, cls))
                    // Important: add so that resulting list is reverse-ordered
                    matchingIndexes.add(0, i);
            }
            if (subAttribute.length() > 0 && matchingIndexes.size() > 0 && operation.getType().equals(PatchOperationType.REMOVE)) {
                // per spec (section 3.5.2.2 RFC 7644) subAttribute must not be required or read-only
                Attribute subAttrAnnot = IntrospectUtil.getFieldAnnotation(attribute + "." + subAttribute, cls, Attribute.class);
                if (subAttrAnnot != null && (subAttrAnnot.mutability().equals(READ_ONLY) || subAttrAnnot.isRequired()))
                    throw new InvalidAttributeValueException("Cannot remove read-only or required attribute " + attribute + "." + subAttribute);
            }
            /*
                Here we differ from spec (see section 3.5.2.3/4 of RFC7644. If no record match is made, we are supposed to
                return error 400 with scimType of noTarget. But this is clearly inconvenient
                */
            log.info("There are {} entries matching the filter '{}'", matchingIndexes.size(), path);
            for (Integer index : matchingIndexes) {
                if (operation.getType().equals(PatchOperationType.REMOVE)) {
                    if (// Remove the whole item
                    subAttribute.length() == 0)
                        // If intValue is not used, the remove(Object) method is called!
                        list.remove(index.intValue());
                    else
                        // remove subattribute only
                        list.get(index).remove(subAttribute);
                } else
                    applyPartialUpdate(attribute, subAttribute, list, index, operation.getValue(), cls);
            }
            log.trace("New {} list is:\n{}", attribute, mapper.writeValueAsString(list));
            resourceAsMap.put(attribute, list.size() == 0 ? null : list);
            resource = mapper.convertValue(resourceAsMap, cls);
        } catch (InvalidAttributeValueException ei) {
            throw ei;
        } catch (Exception e) {
            log.info("Error processing Patch operation with value selection path '{}'", path);
            log.error(e.getMessage(), e);
            throw new SCIMException(e.getMessage(), e);
        }
    }
    return resource;
}
Also used : Attribute(org.gluu.oxtrust.model.scim2.annotations.Attribute) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) SCIMException(org.gluu.oxtrust.model.exception.SCIMException) ObjectMapper(org.codehaus.jackson.map.ObjectMapper) ParseTree(org.antlr.v4.runtime.tree.ParseTree)

Example 14 with BaseScimResource

use of org.gluu.oxtrust.model.scim2.BaseScimResource in project oxTrust by GluuFederation.

the class Scim2UserService method transferExtendedAttributesToResource.

private void transferExtendedAttributesToResource(GluuCustomPerson person, BaseScimResource resource) {
    log.debug("transferExtendedAttributesToResource of type {}", ScimResourceUtil.getType(resource.getClass()));
    // Gets the list of extensions associated to the resource passed. In practice, this will be at most a singleton list
    List<Extension> extensions = extService.getResourceExtensions(resource.getClass());
    // Iterate over every extension to copy extended attributes from person to resource
    for (Extension extension : extensions) {
        Map<String, ExtensionField> fields = extension.getFields();
        // Create empty map to store the values of the extended attributes found for current extension in object person
        Map<String, Object> map = new HashMap<String, Object>();
        log.debug("transferExtendedAttributesToResource. Revising attributes of extension '{}'", extension.getUrn());
        // Iterate over every attribute part of this extension
        for (String attr : fields.keySet()) {
            // Gets the values associated to this attribute that were found in LDAP
            String[] values = person.getAttributes(attr);
            if (values != null) {
                log.debug("transferExtendedAttributesToResource. Copying to resource the value(s) for attribute '{}'", attr);
                ExtensionField field = fields.get(attr);
                if (field.isMultiValued())
                    map.put(attr, extService.convertValues(field, values));
                else
                    map.put(attr, extService.convertValues(field, values).get(0));
            }
        }
        // Stores all extended attributes (with their values) in the resource object
        if (map.size() > 0) {
            resource.addCustomAttributes(extension.getUrn(), map);
        }
    }
    for (String urn : resource.getCustomAttributes().keySet()) resource.getSchemas().add(urn);
}
Also used : Extension(org.gluu.oxtrust.model.scim2.extensions.Extension) ExtensionField(org.gluu.oxtrust.model.scim2.extensions.ExtensionField) HashMap(java.util.HashMap)

Example 15 with BaseScimResource

use of org.gluu.oxtrust.model.scim2.BaseScimResource in project oxTrust by GluuFederation.

the class Scim2UserService method transferExtendedAttributesToPerson.

/**
 * Takes all extended attributes found in the SCIM resource and copies them to a GluuCustomPerson
 * This method is called after validations take place (see associated decorator for User Service), so all inputs are
 * OK and can go straight to LDAP with no runtime surprises
 * @param resource A SCIM resource used as origin of data
 * @param person a GluuCustomPerson used as destination
 */
private void transferExtendedAttributesToPerson(BaseScimResource resource, GluuCustomPerson person) {
    try {
        // Gets all the extended attributes for this resource
        Map<String, Object> extendedAttrs = resource.getCustomAttributes();
        // Iterates over all extensions this type of resource might have
        for (Extension extension : extService.getResourceExtensions(resource.getClass())) {
            Object val = extendedAttrs.get(extension.getUrn());
            if (val != null) {
                // Obtains the attribute/value(s) pairs in the current extension
                Map<String, Object> attrsMap = IntrospectUtil.strObjMap(val);
                for (String attribute : attrsMap.keySet()) {
                    Object value = attrsMap.get(attribute);
                    // Ignore if the attribute is unassigned in this resource: destination will not be changed in this regard
                    if (value != null) {
                        // Get properly formatted string representations for the value(s) associated to the attribute
                        List<String> values = extService.getStringAttributeValues(extension.getFields().get(attribute), value);
                        log.debug("transferExtendedAttributesToPerson. Setting attribute '{}' with values {}", attribute, values.toString());
                        person.setAttribute(attribute, values.toArray(new String[] {}));
                    }
                }
            }
        }
    } catch (Exception e) {
        log.error(e.getMessage(), e);
    }
}
Also used : Extension(org.gluu.oxtrust.model.scim2.extensions.Extension) InvalidAttributeValueException(javax.management.InvalidAttributeValueException) WebApplicationException(javax.ws.rs.WebApplicationException)

Aggregations

Extension (org.gluu.oxtrust.model.scim2.extensions.Extension)12 BaseScimResource (org.gluu.oxtrust.model.scim2.BaseScimResource)9 SCIMException (org.gluu.oxtrust.model.exception.SCIMException)7 InvalidAttributeValueException (javax.management.InvalidAttributeValueException)6 ListResponse (org.gluu.oxtrust.model.scim2.ListResponse)6 ExtensionField (org.gluu.oxtrust.model.scim2.extensions.ExtensionField)6 ListViewResponse (org.gluu.persist.model.ListViewResponse)6 Response (javax.ws.rs.core.Response)5 URI (java.net.URI)4 ArrayList (java.util.ArrayList)4 Attribute (org.gluu.oxtrust.model.scim2.annotations.Attribute)4 ApiOperation (com.wordnik.swagger.annotations.ApiOperation)3 DefaultValue (javax.ws.rs.DefaultValue)3 GET (javax.ws.rs.GET)3 HeaderParam (javax.ws.rs.HeaderParam)3 Produces (javax.ws.rs.Produces)3 ObjectMapper (org.codehaus.jackson.map.ObjectMapper)3 Meta (org.gluu.oxtrust.model.scim2.Meta)3 ProtectedApi (org.gluu.oxtrust.service.filter.ProtectedApi)3 RefAdjusted (org.gluu.oxtrust.service.scim2.interceptor.RefAdjusted)3