use of org.opends.server.core.ModifyOperation in project OpenAM by OpenRock.
the class SMSEmbeddedLdapObject method modify.
/**
* Save the entry using the token provided. The principal provided will be
* used to get the proxy connection.
*/
public void modify(SSOToken token, String dn, ModificationItem[] mods) throws SMSException, SSOException {
SMSAuditor auditor = newAuditor(token, dn, readCurrentState(dn));
List modList = copyModItemsToLDAPModList(mods);
ModifyOperation mo = icConn.processModify(dn, modList);
ResultCode resultCode = mo.getResultCode();
if (resultCode == ResultCode.SUCCESS) {
if (debug.messageEnabled()) {
debug.message("SMSEmbeddedLdapObject.modify: Successfully " + "modified entry: " + dn);
}
if (auditor != null) {
auditor.auditModify(mods);
}
} else {
debug.error("SMSEmbeddedLdapObject.modify: Error modifying entry " + dn + " by Principal: " + token.getPrincipal().getName() + ", error code = " + resultCode);
throw new SMSException("", "sms-entry-cannot-modify");
}
}
use of org.opends.server.core.ModifyOperation in project midpoint by Evolveum.
the class TestSanityLegacy method test440ReconcileResourceOpenDj.
@Test
public void test440ReconcileResourceOpenDj() throws Exception {
final String TEST_NAME = "test440ReconcileResourceOpenDj";
TestUtil.displayTestTile(TEST_NAME);
// GIVEN
final OperationResult result = new OperationResult(TestSanityLegacy.class.getName() + "." + TEST_NAME);
// Create LDAP account without an owner. The liveSync is off, so it will not be picked up
Entry ldifEntry = openDJController.addEntryFromLdifFile(LDIF_ELAINE_FILENAME);
display("Entry from LDIF", ldifEntry);
// Guybrush's attributes were set up by a role in the previous test. Let's mess the up a bit. Recon should sort it out.
List<RawModification> modifications = new ArrayList<RawModification>();
// Expect that a correct title will be added to this one
RawModification titleMod = RawModification.create(ModificationType.REPLACE, "title", "Scurvy earthworm");
modifications.add(titleMod);
// Expect that the correct location will replace this one
RawModification lMod = RawModification.create(ModificationType.REPLACE, "l", "Davie Jones' locker");
modifications.add(lMod);
// Expect that this will be untouched
RawModification poMod = RawModification.create(ModificationType.REPLACE, "postOfficeBox", "X marks the spot");
modifications.add(poMod);
ModifyOperation modifyOperation = openDJController.getInternalConnection().processModify(USER_GUYBRUSH_LDAP_DN, modifications);
if (ResultCode.SUCCESS != modifyOperation.getResultCode()) {
AssertJUnit.fail("LDAP operation failed: " + modifyOperation.getErrorMessage());
}
// TODO: setup more "inconsistent" state
// Add reconciliation task. This will trigger reconciliation
repoAddObjectFromFile(TASK_OPENDJ_RECON_FILENAME, result);
// We need to wait for a sync interval, so the task scanner has a chance
// to pick up this
// task
waitFor("Waiting for task to finish first run", new Checker() {
public boolean check() throws ObjectNotFoundException, SchemaException {
Task task = taskManager.getTask(TASK_OPENDJ_RECON_OID, result);
display("Task while waiting for task manager to pick up the task", task);
// wait until the task is finished
return task.getLastRunFinishTimestamp() != null;
}
@Override
public void timeout() {
// No reaction, the test will fail right after return from this
}
}, 180000);
// Check task status
Task task = taskManager.getTask(TASK_OPENDJ_RECON_OID, result);
result.computeStatus();
display("getTask result", result);
TestUtil.assertSuccess("getTask has failed", result);
AssertJUnit.assertNotNull(task);
display("Task after pickup", task);
PrismObject<TaskType> o = repositoryService.getObject(TaskType.class, TASK_OPENDJ_RECON_OID, null, result);
display("Task after pickup in the repository", o.asObjectable());
// .. it should be running
AssertJUnit.assertEquals(TaskExecutionStatus.RUNNABLE, task.getExecutionStatus());
// .. and claimed
// AssertJUnit.assertEquals(TaskExclusivityStatus.CLAIMED, task.getExclusivityStatus());
// .. and last run should not be zero
assertNotNull("Null last run start in recon task", task.getLastRunStartTimestamp());
AssertJUnit.assertFalse("Zero last run start in recon task", task.getLastRunStartTimestamp().longValue() == 0);
assertNotNull("Null last run finish in recon task", task.getLastRunFinishTimestamp());
AssertJUnit.assertFalse("Zero last run finish in recon task", task.getLastRunFinishTimestamp().longValue() == 0);
// The progress should be 0, as there were no changes yet
// [pm] commented out, as progress in recon task is now determined not only using # of changes
//AssertJUnit.assertEquals(0, task.getProgress());
// Test for presence of a result. It should be there and it should
// indicate success
OperationResult taskResult = task.getResult();
AssertJUnit.assertNotNull(taskResult);
// STOP the task. We don't need it any more and we don't want to give it a chance to run more than once
taskManager.deleteTask(TASK_OPENDJ_RECON_OID, result);
// CHECK RESULT: account for user guybrush should be still there and unchanged
// Check if user object was modified in the repo
OperationResult repoResult = new OperationResult("getObject");
PrismObject<UserType> uObject = repositoryService.getObject(UserType.class, USER_GUYBRUSH_OID, null, repoResult);
UserType repoUser = uObject.asObjectable();
repoResult.computeStatus();
displayJaxb("User (repository)", repoUser, new QName("user"));
List<ObjectReferenceType> accountRefs = repoUser.getLinkRef();
assertEquals("Guybrush has wrong number of accounts", 1, accountRefs.size());
ObjectReferenceType accountRef = accountRefs.get(0);
accountShadowOidGuybrushOpendj = accountRef.getOid();
assertFalse(accountShadowOidGuybrushOpendj.isEmpty());
// Check if shadow was created in the repo
repoResult = new OperationResult("getObject");
PrismObject<ShadowType> repoShadow = repositoryService.getObject(ShadowType.class, accountShadowOidGuybrushOpendj, null, repoResult);
ShadowType repoShadowType = repoShadow.asObjectable();
repoResult.computeStatus();
TestUtil.assertSuccess("getObject has failed", repoResult);
displayJaxb("Shadow (repository)", repoShadowType, new QName("shadow"));
assertNotNull(repoShadowType);
assertEquals(RESOURCE_OPENDJ_OID, repoShadowType.getResourceRef().getOid());
accountGuybrushOpendjEntryUuuid = checkRepoShadow(repoShadow);
// check if account was created in LDAP
Entry entry = openDJController.searchAndAssertByEntryUuid(accountGuybrushOpendjEntryUuuid);
display("LDAP account", entry);
OpenDJController.assertAttribute(entry, "uid", "guybrush");
OpenDJController.assertAttribute(entry, "givenName", "Guybrush");
OpenDJController.assertAttribute(entry, "sn", "Threepwood");
OpenDJController.assertAttribute(entry, "cn", "Guybrush Threepwood");
OpenDJController.assertAttribute(entry, "displayName", "Guybrush Threepwood");
// The "l" attribute is assigned indirectly through schemaHandling and
// config object. It is not tolerant, therefore the other value should be gone now
OpenDJController.assertAttribute(entry, "l", "Deep in the Caribbean");
// Set by the role
OpenDJController.assertAttribute(entry, "employeeType", "sailor");
// "title" is tolerant, so it will retain the original value as well as the one provided by the role
OpenDJController.assertAttribute(entry, "title", "Scurvy earthworm", "Honorable Captain");
OpenDJController.assertAttribute(entry, "carLicense", "C4PT41N");
OpenDJController.assertAttribute(entry, "businessCategory", "cruise");
// No setting for "postOfficeBox", so the value should be unchanged
OpenDJController.assertAttribute(entry, "postOfficeBox", "X marks the spot");
String guybrushPassword = OpenDJController.getAttributeValue(entry, "userPassword");
assertNotNull("Pasword was not set on create", guybrushPassword);
// QueryType query = QueryUtil.createNameQuery(ELAINE_NAME);
// ObjectQuery query = ObjectQuery.createObjectQuery(EqualsFilter.createEqual(UserType.class, prismContext, UserType.F_NAME, ELAINE_NAME));
ObjectQuery query = ObjectQueryUtil.createNameQuery(ELAINE_NAME, prismContext);
List<PrismObject<UserType>> users = repositoryService.searchObjects(UserType.class, query, null, repoResult);
assertEquals("Wrong number of Elaines", 1, users.size());
repoUser = users.get(0).asObjectable();
repoResult.computeStatus();
displayJaxb("User Elaine (repository)", repoUser, new QName("user"));
assertNotNull(repoUser.getOid());
assertEquals(PrismTestUtil.createPolyStringType(ELAINE_NAME), repoUser.getName());
PrismAsserts.assertEqualsPolyString("wrong repo givenName", "Elaine", repoUser.getGivenName());
PrismAsserts.assertEqualsPolyString("wrong repo familyName", "Marley", repoUser.getFamilyName());
PrismAsserts.assertEqualsPolyString("wrong repo fullName", "Elaine Marley", repoUser.getFullName());
accountRefs = repoUser.getLinkRef();
assertEquals("Elaine has wrong number of accounts", 1, accountRefs.size());
accountRef = accountRefs.get(0);
String accountShadowOidElaineOpendj = accountRef.getOid();
assertFalse(accountShadowOidElaineOpendj.isEmpty());
// Check if shadow was created in the repo
repoResult = new OperationResult("getObject");
repoShadow = repositoryService.getObject(ShadowType.class, accountShadowOidElaineOpendj, null, repoResult);
repoShadowType = repoShadow.asObjectable();
repoResult.computeStatus();
TestUtil.assertSuccess("getObject has failed", repoResult);
displayJaxb("Shadow (repository)", repoShadowType, new QName("shadow"));
assertNotNull(repoShadowType);
assertEquals(RESOURCE_OPENDJ_OID, repoShadowType.getResourceRef().getOid());
String accountElainehOpendjEntryUuuid = checkRepoShadow(repoShadow);
// check if account is still in LDAP
entry = openDJController.searchAndAssertByEntryUuid(accountElainehOpendjEntryUuuid);
display("LDAP account", entry);
OpenDJController.assertAttribute(entry, "uid", ELAINE_NAME);
OpenDJController.assertAttribute(entry, "givenName", "Elaine");
OpenDJController.assertAttribute(entry, "sn", "Marley");
OpenDJController.assertAttribute(entry, "cn", "Elaine Marley");
OpenDJController.assertAttribute(entry, "displayName", "Elaine Marley");
// The "l" attribute is assigned indirectly through schemaHandling and
// config object
// FIXME
//OpenDJController.assertAttribute(entry, "l", "middle of nowhere");
// Set by the role
OpenDJController.assertAttribute(entry, "employeeType", "governor");
OpenDJController.assertAttribute(entry, "title", "Governor");
OpenDJController.assertAttribute(entry, "businessCategory", "state");
String elainePassword = OpenDJController.getAttributeValue(entry, "userPassword");
assertNotNull("Password of Elaine has disappeared", elainePassword);
checkAllShadows();
}
use of org.opends.server.core.ModifyOperation in project midpoint by Evolveum.
the class TestSanity method test440ReconcileResourceOpenDj.
@Test
public void test440ReconcileResourceOpenDj() throws Exception {
final String TEST_NAME = "test440ReconcileResourceOpenDj";
TestUtil.displayTestTile(TEST_NAME);
// GIVEN
final OperationResult result = new OperationResult(TestSanity.class.getName() + "." + TEST_NAME);
// Create LDAP account without an owner. The liveSync is off, so it will not be picked up
Entry ldifEntry = openDJController.addEntryFromLdifFile(LDIF_ELAINE_FILENAME);
display("Entry from LDIF", ldifEntry);
// Guybrush's attributes were set up by a role in the previous test. Let's mess the up a bit. Recon should sort it out.
List<RawModification> modifications = new ArrayList<RawModification>();
// Expect that a correct title will be added to this one
RawModification titleMod = RawModification.create(ModificationType.REPLACE, "title", "Scurvy earthworm");
modifications.add(titleMod);
// Expect that the correct location will replace this one
RawModification lMod = RawModification.create(ModificationType.REPLACE, "l", "Davie Jones' locker");
modifications.add(lMod);
// Expect that this will be untouched
RawModification poMod = RawModification.create(ModificationType.REPLACE, "postOfficeBox", "X marks the spot");
modifications.add(poMod);
ModifyOperation modifyOperation = openDJController.getInternalConnection().processModify(USER_GUYBRUSH_LDAP_DN, modifications);
if (ResultCode.SUCCESS != modifyOperation.getResultCode()) {
AssertJUnit.fail("LDAP operation failed: " + modifyOperation.getErrorMessage());
}
// TODO: setup more "inconsistent" state
// Add reconciliation task. This will trigger reconciliation
repoAddObjectFromFile(TASK_OPENDJ_RECON_FILENAME, result);
// We need to wait for a sync interval, so the task scanner has a chance
// to pick up this
// task
waitFor("Waiting for task to finish first run", new Checker() {
public boolean check() throws ObjectNotFoundException, SchemaException {
Task task = taskManager.getTask(TASK_OPENDJ_RECON_OID, result);
display("Task while waiting for task manager to pick up the task", task);
// wait until the task is finished
return task.getLastRunFinishTimestamp() != null;
}
@Override
public void timeout() {
// No reaction, the test will fail right after return from this
}
}, 180000);
// Check task status
Task task = taskManager.getTask(TASK_OPENDJ_RECON_OID, result);
result.computeStatus();
display("getTask result", result);
TestUtil.assertSuccess("getTask has failed", result);
AssertJUnit.assertNotNull(task);
display("Task after pickup", task);
PrismObject<TaskType> o = repositoryService.getObject(TaskType.class, TASK_OPENDJ_RECON_OID, null, result);
display("Task after pickup in the repository", o.asObjectable());
// .. it should be running
AssertJUnit.assertEquals(TaskExecutionStatus.RUNNABLE, task.getExecutionStatus());
// .. and claimed
// AssertJUnit.assertEquals(TaskExclusivityStatus.CLAIMED, task.getExclusivityStatus());
// .. and last run should not be zero
assertNotNull("Null last run start in recon task", task.getLastRunStartTimestamp());
AssertJUnit.assertFalse("Zero last run start in recon task", task.getLastRunStartTimestamp().longValue() == 0);
assertNotNull("Null last run finish in recon task", task.getLastRunFinishTimestamp());
AssertJUnit.assertFalse("Zero last run finish in recon task", task.getLastRunFinishTimestamp().longValue() == 0);
// The progress should be 0, as there were no changes yet
// [pm] commented out, as progress in recon task is now determined not only using # of changes
//AssertJUnit.assertEquals(0, task.getProgress());
// Test for presence of a result. It should be there and it should
// indicate success
OperationResult taskResult = task.getResult();
AssertJUnit.assertNotNull(taskResult);
// STOP the task. We don't need it any more and we don't want to give it a chance to run more than once
taskManager.deleteTask(TASK_OPENDJ_RECON_OID, result);
// CHECK RESULT: account for user guybrush should be still there and unchanged
// Check if user object was modified in the repo
OperationResult repoResult = new OperationResult("getObject");
PrismObject<UserType> uObject = repositoryService.getObject(UserType.class, USER_GUYBRUSH_OID, null, repoResult);
UserType repoUser = uObject.asObjectable();
repoResult.computeStatus();
displayJaxb("User (repository)", repoUser, new QName("user"));
List<ObjectReferenceType> accountRefs = repoUser.getLinkRef();
assertEquals("Guybrush has wrong number of accounts", 1, accountRefs.size());
ObjectReferenceType accountRef = accountRefs.get(0);
accountShadowOidGuybrushOpendj = accountRef.getOid();
assertFalse(accountShadowOidGuybrushOpendj.isEmpty());
// Check if shadow was created in the repo
repoResult = new OperationResult("getObject");
PrismObject<ShadowType> repoShadow = repositoryService.getObject(ShadowType.class, accountShadowOidGuybrushOpendj, null, repoResult);
ShadowType repoShadowType = repoShadow.asObjectable();
repoResult.computeStatus();
TestUtil.assertSuccess("getObject has failed", repoResult);
displayJaxb("Shadow (repository)", repoShadowType, new QName("shadow"));
assertNotNull(repoShadowType);
assertEquals(RESOURCE_OPENDJ_OID, repoShadowType.getResourceRef().getOid());
accountGuybrushOpendjEntryUuuid = checkRepoShadow(repoShadow);
// check if account was created in LDAP
Entry entry = openDJController.searchAndAssertByEntryUuid(accountGuybrushOpendjEntryUuuid);
display("LDAP account", entry);
OpenDJController.assertAttribute(entry, "uid", "guybrush");
OpenDJController.assertAttribute(entry, "givenName", "Guybrush");
OpenDJController.assertAttribute(entry, "sn", "Threepwood");
OpenDJController.assertAttribute(entry, "cn", "Guybrush Threepwood");
OpenDJController.assertAttribute(entry, "displayName", "Guybrush Threepwood");
// The "l" attribute is assigned indirectly through schemaHandling and
// config object. It is not tolerant, therefore the other value should be gone now
OpenDJController.assertAttribute(entry, "l", "Deep in the Caribbean");
// Set by the role
OpenDJController.assertAttribute(entry, "employeeType", "sailor");
// "title" is tolerant, so it will retain the original value as well as the one provided by the role
OpenDJController.assertAttribute(entry, "title", "Scurvy earthworm", "Honorable Captain");
OpenDJController.assertAttribute(entry, "carLicense", "C4PT41N");
OpenDJController.assertAttribute(entry, "businessCategory", "cruise");
// No setting for "postOfficeBox", so the value should be unchanged
OpenDJController.assertAttribute(entry, "postOfficeBox", "X marks the spot");
String guybrushPassword = OpenDJController.getAttributeValue(entry, "userPassword");
assertNotNull("Pasword was not set on create", guybrushPassword);
// QueryType query = QueryUtil.createNameQuery(ELAINE_NAME);
// ObjectQuery query = ObjectQuery.createObjectQuery(EqualsFilter.createEqual(UserType.class, prismContext, UserType.F_NAME, ELAINE_NAME));
ObjectQuery query = ObjectQueryUtil.createNameQuery(ELAINE_NAME, prismContext);
List<PrismObject<UserType>> users = repositoryService.searchObjects(UserType.class, query, null, repoResult);
assertEquals("Wrong number of Elaines", 1, users.size());
repoUser = users.get(0).asObjectable();
repoResult.computeStatus();
displayJaxb("User Elaine (repository)", repoUser, new QName("user"));
assertNotNull(repoUser.getOid());
assertEquals(PrismTestUtil.createPolyStringType(ELAINE_NAME), repoUser.getName());
PrismAsserts.assertEqualsPolyString("wrong repo givenName", "Elaine", repoUser.getGivenName());
PrismAsserts.assertEqualsPolyString("wrong repo familyName", "Marley", repoUser.getFamilyName());
PrismAsserts.assertEqualsPolyString("wrong repo fullName", "Elaine Marley", repoUser.getFullName());
accountRefs = repoUser.getLinkRef();
assertEquals("Elaine has wrong number of accounts", 1, accountRefs.size());
accountRef = accountRefs.get(0);
String accountShadowOidElaineOpendj = accountRef.getOid();
assertFalse(accountShadowOidElaineOpendj.isEmpty());
// Check if shadow was created in the repo
repoResult = new OperationResult("getObject");
repoShadow = repositoryService.getObject(ShadowType.class, accountShadowOidElaineOpendj, null, repoResult);
repoShadowType = repoShadow.asObjectable();
repoResult.computeStatus();
TestUtil.assertSuccess("getObject has failed", repoResult);
displayJaxb("Shadow (repository)", repoShadowType, new QName("shadow"));
assertNotNull(repoShadowType);
assertEquals(RESOURCE_OPENDJ_OID, repoShadowType.getResourceRef().getOid());
String accountElainehOpendjEntryUuuid = checkRepoShadow(repoShadow);
// check if account is still in LDAP
entry = openDJController.searchAndAssertByEntryUuid(accountElainehOpendjEntryUuuid);
display("LDAP account", entry);
OpenDJController.assertAttribute(entry, "uid", ELAINE_NAME);
OpenDJController.assertAttribute(entry, "givenName", "Elaine");
OpenDJController.assertAttribute(entry, "sn", "Marley");
OpenDJController.assertAttribute(entry, "cn", "Elaine Marley");
OpenDJController.assertAttribute(entry, "displayName", "Elaine Marley");
// The "l" attribute is assigned indirectly through schemaHandling and
// config object
// FIXME
//OpenDJController.assertAttribute(entry, "l", "middle of nowhere");
// Set by the role
OpenDJController.assertAttribute(entry, "employeeType", "governor");
OpenDJController.assertAttribute(entry, "title", "Governor");
OpenDJController.assertAttribute(entry, "businessCategory", "state");
String elainePassword = OpenDJController.getAttributeValue(entry, "userPassword");
assertNotNull("Password of Elaine has disappeared", elainePassword);
checkAllShadows();
}
use of org.opends.server.core.ModifyOperation in project midpoint by Evolveum.
the class OpenDJController method executeLdifChange.
public ChangeRecordEntry executeLdifChange(File file) throws IOException, LDIFException {
LDIFImportConfig importConfig = new LDIFImportConfig(file.getPath());
LDIFReader ldifReader = new LDIFReader(importConfig);
ChangeRecordEntry entry = ldifReader.readChangeRecord(false);
ModifyOperation modifyOperation = getInternalConnection().processModify((ModifyChangeRecordEntry) entry);
if (ResultCode.SUCCESS != modifyOperation.getResultCode()) {
throw new RuntimeException("LDAP operation error: " + modifyOperation.getResultCode() + ": " + modifyOperation.getErrorMessage());
}
return entry;
}
use of org.opends.server.core.ModifyOperation in project midpoint by Evolveum.
the class OpenDJController method executeLdifChange.
public ChangeRecordEntry executeLdifChange(String ldif) throws IOException, LDIFException {
InputStream ldifInputStream = IOUtils.toInputStream(ldif, "UTF-8");
LDIFImportConfig importConfig = new LDIFImportConfig(ldifInputStream);
LDIFReader ldifReader = new LDIFReader(importConfig);
ChangeRecordEntry entry = ldifReader.readChangeRecord(false);
ModifyOperation modifyOperation = getInternalConnection().processModify((ModifyChangeRecordEntry) entry);
if (ResultCode.SUCCESS != modifyOperation.getResultCode()) {
throw new RuntimeException("LDAP operation error: " + modifyOperation.getResultCode() + ": " + modifyOperation.getErrorMessage());
}
return entry;
}
Aggregations