use of org.opends.server.types.Entry in project midpoint by Evolveum.
the class TestUnix method assertPosixAccount.
private String assertPosixAccount(PrismObject<ShadowType> shadow, Integer expectedUid) throws DirectoryException {
ShadowType shadowType = shadow.asObjectable();
assertEquals("Wrong objectclass in " + shadow, OPENDJ_ACCOUNT_STRUCTURAL_OBJECTCLASS_NAME, shadowType.getObjectClass());
PrismAsserts.assertEqualsCollectionUnordered("Wrong auxiliary objectclasses in " + shadow, shadowType.getAuxiliaryObjectClass(), OPENDJ_ACCOUNT_POSIX_AUXILIARY_OBJECTCLASS_NAME);
String dn = (String) ShadowUtil.getSecondaryIdentifiers(shadow).iterator().next().getRealValue();
if (expectedUid != null) {
ResourceAttribute<Integer> uidNumberAttr = ShadowUtil.getAttribute(shadow, new QName(RESOURCE_OPENDJ_NAMESPACE, OPENDJ_UIDNUMBER_ATTRIBUTE_NAME));
PrismAsserts.assertPropertyValue(uidNumberAttr, expectedUid);
ResourceAttribute<Integer> gidNumberAttr = ShadowUtil.getAttribute(shadow, new QName(RESOURCE_OPENDJ_NAMESPACE, OPENDJ_GIDNUMBER_ATTRIBUTE_NAME));
PrismAsserts.assertPropertyValue(gidNumberAttr, expectedUid);
}
Entry entry = openDJController.fetchEntry(dn);
assertNotNull("No ou LDAP entry for " + dn);
display("Posix account entry", entry);
openDJController.assertObjectClass(entry, OPENDJ_ACCOUNT_STRUCTURAL_OBJECTCLASS_NAME.getLocalPart());
openDJController.assertObjectClass(entry, OPENDJ_ACCOUNT_POSIX_AUXILIARY_OBJECTCLASS_NAME.getLocalPart());
if (expectedUid != null) {
openDJController.assertAttribute(entry, OPENDJ_UIDNUMBER_ATTRIBUTE_NAME, Integer.toString(expectedUid));
openDJController.assertAttribute(entry, OPENDJ_GIDNUMBER_ATTRIBUTE_NAME, Integer.toString(expectedUid));
}
return entry.getDN().toString();
}
use of org.opends.server.types.Entry in project midpoint by Evolveum.
the class TestUnix method test257RenameUserAndAccountsCheckGroupmembership.
@Test
public void test257RenameUserAndAccountsCheckGroupmembership() throws Exception {
final String TEST_NAME = "test257RenameUserAndAccountsCheckGroupmembership";
TestUtil.displayTestTile(this, TEST_NAME);
Task task = taskManager.createTaskInstance(TestUnix.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
PrismObject<UserType> userBefore = findUserByUsername(USER_RANGER_USERNAME);
// WHEN
TestUtil.displayWhen(TEST_NAME);
modifyUserReplace(userBefore.getOid(), UserType.F_NAME, task, result, new PolyString("usranger", "usranger"));
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
PrismObject<UserType> userAfter = findUserByUsername(USER_RANGER_USERNAME_RENAMED);
assertNotNull("User not renamed", userAfter);
display("User after rename", userAfter);
assertUserPosix(userAfter, USER_RANGER_USERNAME_RENAMED, USER_RANGER_FIST_NAME, USER_RANGER_LAST_NAME, USER_RANGER_UID_NUMBER);
String accountOid = getSingleLinkOid(userAfter);
PrismObject<ShadowType> shadow = getShadowModel(accountOid);
display("Shadow (model)", shadow);
assertPosixAccount(shadow, USER_RANGER_UID_NUMBER);
// account should still be in the rangers group, but renamed from
// ranger to usranger
PrismObject<ShadowType> shadowGroup = getShadowModel(groupRangersOid);
display("Shadow rangers group (model)", shadowGroup);
Entry groupRangers = openDJController.fetchEntry(groupRangersDn);
assertUnixGroup(shadowGroup, ROLE_RANGERS_GID);
openDJController.assertAttribute(groupRangers, "memberUid", USER_RANGER_USERNAME_RENAMED);
}
use of org.opends.server.types.Entry in project midpoint by Evolveum.
the class TestOrgSync method assertNoResponsibility.
private String assertNoResponsibility(PrismObject<UserType> user, String respName) throws SchemaException, ObjectNotFoundException, SecurityViolationException, CommunicationException, ConfigurationException, DirectoryException, ExpressionEvaluationException {
String respRoleName = "R_" + respName;
PrismObject<RoleType> respRole = searchObjectByName(RoleType.class, respRoleName);
assertNotNull("No role for responsibility " + respName);
display("Responsibility role for " + respName, respRole);
assertNotAssignedRole(user, respRole.getOid());
PrismReferenceValue linkRef = getSingleLinkRef(respRole);
PrismObject<ShadowType> shadow = getShadowModel(linkRef.getOid());
display("Role " + respRoleName + " shadow", shadow);
// TODO assert shadow content
String groupDn = "cn=" + respRoleName + ",ou=groups," + openDJController.getSuffix();
Entry groupEntry = openDJController.fetchAndAssertEntry(groupDn, "groupOfUniqueNames");
display("Group entry", groupEntry);
PrismReferenceValue accountLinkRef = getLinkRef(user, RESOURCE_OPENDJ_OID);
PrismObject<ShadowType> accountShadow = getShadowModel(accountLinkRef.getOid());
String accountDn = IntegrationTestTools.getSecondaryIdentifier(accountShadow);
openDJController.assertNoUniqueMember(groupEntry, accountDn);
IntegrationTestTools.assertNoAssociation(accountShadow, OPENDJ_ASSOCIATION_GROUP_NAME, shadow.getOid());
return respRole.getOid();
}
use of org.opends.server.types.Entry in project midpoint by Evolveum.
the class TestUnix method test256UnAssignUserRangerSealsKeepRangers.
@Test
public void test256UnAssignUserRangerSealsKeepRangers() throws Exception {
final String TEST_NAME = "test256UnAssignUserRangerSealsKeepRangers";
TestUtil.displayTestTile(this, TEST_NAME);
Task task = taskManager.createTaskInstance(TestUnix.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
PrismObject<UserType> userBefore = findUserByUsername(USER_RANGER_USERNAME);
// WHEN
TestUtil.displayWhen(TEST_NAME);
unassignRole(userBefore.getOid(), roleSealsOid);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
PrismObject<UserType> userAfter = findUserByUsername(USER_RANGER_USERNAME);
assertNotNull("No user after", userAfter);
display("User after", userAfter);
assertUserPosix(userAfter, USER_RANGER_USERNAME, USER_RANGER_FIST_NAME, USER_RANGER_LAST_NAME, USER_RANGER_UID_NUMBER);
String accountOid = getSingleLinkOid(userAfter);
PrismObject<ShadowType> shadow = getShadowModel(accountOid);
display("Shadow (model)", shadow);
assertPosixAccount(shadow, USER_RANGER_UID_NUMBER);
// account should still be in the rangers group
Entry groupRangers = openDJController.fetchEntry(groupRangersDn);
//openDJController.assertAttribute(groupRangers, "memberUid", Integer.toString(USER_RANGER_UID_NUMBER));
openDJController.assertAttribute(groupRangers, "memberUid", USER_RANGER_USERNAME);
// account should not be in the group anymore. memberUid should be
// empty...
Entry groupSeals = openDJController.fetchEntry(groupSealsDn);
openDJController.assertNoAttribute(groupSeals, "memberUid");
}
use of org.opends.server.types.Entry in project midpoint by Evolveum.
the class TestUnix method test255AssignUserRangerSeals.
@Test
public void test255AssignUserRangerSeals() throws Exception {
final String TEST_NAME = "test255AssignUserRangerSeals";
TestUtil.displayTestTile(this, TEST_NAME);
Task task = taskManager.createTaskInstance(TestUnix.class.getName() + "." + TEST_NAME);
OperationResult result = task.getResult();
PrismObject<UserType> user = findUserByUsername(USER_RANGER_USERNAME);
// WHEN
TestUtil.displayWhen(TEST_NAME);
assignRole(user.getOid(), roleSealsOid);
// THEN
TestUtil.displayThen(TEST_NAME);
result.computeStatus();
TestUtil.assertSuccess(result);
PrismObject<UserType> userAfter = findUserByUsername(USER_RANGER_USERNAME);
assertNotNull("No user", userAfter);
display("User after", userAfter);
assertUser(userAfter, USER_RANGER_USERNAME, USER_RANGER_FIST_NAME, USER_RANGER_LAST_NAME);
String accountOid = getSingleLinkOid(userAfter);
PrismObject<ShadowType> shadow = getShadowModel(accountOid);
display("Shadow (model)", shadow);
String accountLArgoDn = assertPosixAccount(shadow, USER_RANGER_UID_NUMBER);
Entry groupSeals = openDJController.fetchEntry(groupSealsDn);
//openDJController.assertAttribute(groupSeals, "memberUid", Integer.toString(USER_RANGER_UID_NUMBER));
openDJController.assertAttribute(groupSeals, "memberUid", USER_RANGER_USERNAME);
assertGroupAssociation(shadow, groupRangersOid);
assertGroupAssociation(shadow, groupSealsOid);
}
Aggregations