syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgro...@apache.org
Subject svn commit: r1409754 - in /incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src: main/java/org/apache/syncope/core/rest/controller/ main/java/org/apache/syncope/core/util/ test/java/org/apache/syncope/core/rest/ test/resources/
Date Thu, 15 Nov 2012 12:28:57 GMT
Author: ilgrosso
Date: Thu Nov 15 12:28:55 2012
New Revision: 1409754

URL: http://svn.apache.org/viewvc?rev=1409754&view=rev
Log:
Initial support for propagating role owner (via derived attribute)

Modified:
    incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/controller/ResourceController.java
    incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
    incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java
    incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
    incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml

Modified: incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/controller/ResourceController.java
URL: http://svn.apache.org/viewvc/incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/controller/ResourceController.java?rev=1409754&r1=1409753&r2=1409754&view=diff
==============================================================================
--- incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/controller/ResourceController.java
(original)
+++ incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/controller/ResourceController.java
Thu Nov 15 12:28:55 2012
@@ -31,12 +31,13 @@ import org.apache.syncope.core.persisten
 import org.apache.syncope.core.persistence.beans.ExternalResource;
 import org.apache.syncope.core.persistence.dao.ConnInstanceDAO;
 import org.apache.syncope.core.persistence.dao.ResourceDAO;
-import org.apache.syncope.core.persistence.dao.RoleDAO;
 import org.apache.syncope.core.propagation.ConnectorFacadeProxy;
 import org.apache.syncope.core.rest.data.ResourceDataBinder;
+import org.apache.syncope.core.util.AttributableUtil;
 import org.apache.syncope.core.util.ConnBundleManager;
 import org.apache.syncope.core.util.ConnObjectUtil;
 import org.apache.syncope.core.util.NotFoundException;
+import org.apache.syncope.types.AttributableType;
 import org.apache.syncope.types.AuditElements;
 import org.apache.syncope.types.AuditElements.Category;
 import org.apache.syncope.types.AuditElements.ResourceSubCategory;
@@ -72,9 +73,6 @@ public class ResourceController extends 
     private ConnInstanceDAO connInstanceDAO;
 
     @Autowired
-    private RoleDAO roleDAO;
-
-    @Autowired
     private ResourceDataBinder binder;
 
     @Autowired
@@ -204,9 +202,9 @@ public class ResourceController extends 
 
     @PreAuthorize("hasRole('RESOURCE_GETOBJECT')")
     @Transactional(readOnly = true)
-    @RequestMapping(method = RequestMethod.GET, value = "/{resourceName}/read/{objectId}")
+    @RequestMapping(method = RequestMethod.GET, value = "/{resourceName}/read/{type}/{objectId}")
     public ConnObjectTO getObject(@PathVariable("resourceName") final String resourceName,
-            @PathVariable("objectId") final String objectId)
+            @PathVariable("type") final AttributableType type, @PathVariable("objectId")
final String objectId)
             throws NotFoundException {
 
         ExternalResource resource = resourceDAO.find(resourceName);
@@ -214,10 +212,16 @@ public class ResourceController extends 
             throw new NotFoundException("Resource '" + resourceName + "'");
         }
 
+        if (AttributableType.MEMBERSHIP == type) {
+        }
+
+        AttributableUtil attrUtil = AttributableUtil.getInstance(type);
+        ObjectClass objectClass = AttributableType.USER == type ? ObjectClass.ACCOUNT : ObjectClass.GROUP;
+
         final ConnectorFacadeProxy connector = connLoader.getConnector(resource);
 
-        final ConnectorObject connectorObject = connector.getObject(ObjectClass.ACCOUNT,
new Uid(objectId),
-                connector.getOperationOptions(resource.getUmapping().getItems()));
+        final ConnectorObject connectorObject = connector.getObject(objectClass, new Uid(objectId),
+                connector.getOperationOptions(attrUtil.getMappingItems(resource)));
 
         if (connectorObject == null) {
             throw new NotFoundException("Object " + objectId + " not found on resource "
+ resourceName);

Modified: incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
URL: http://svn.apache.org/viewvc/incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java?rev=1409754&r1=1409753&r2=1409754&view=diff
==============================================================================
--- incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
(original)
+++ incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
Thu Nov 15 12:28:55 2012
@@ -37,6 +37,7 @@ import org.apache.syncope.core.persisten
 import org.apache.syncope.core.persistence.beans.membership.MDerSchema;
 import org.apache.syncope.core.persistence.beans.membership.MSchema;
 import org.apache.syncope.core.persistence.beans.membership.MVirSchema;
+import org.apache.syncope.core.persistence.beans.role.RAttrValue;
 import org.apache.syncope.core.persistence.beans.role.RDerSchema;
 import org.apache.syncope.core.persistence.beans.role.RSchema;
 import org.apache.syncope.core.persistence.beans.role.RVirSchema;
@@ -158,9 +159,9 @@ public final class MappingUtil {
             case MembershipDerivedSchema:
                 for (AbstractAttributable attributable : attributables) {
                     AbstractDerAttr derAttr = attributable.getDerivedAttribute(mapping.getIntAttrName());
-
                     if (derAttr != null) {
-                        AbstractAttrValue attrValue = new UAttrValue();
+                        AbstractAttrValue attrValue = (attributable instanceof SyncopeRole)
+                                ? new RAttrValue() : new UAttrValue();
                         attrValue.setStringValue(derAttr.getValue(attributable.getAttributes()));
                         values.add(attrValue);
                     }

Modified: incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java
URL: http://svn.apache.org/viewvc/incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java?rev=1409754&r1=1409753&r2=1409754&view=diff
==============================================================================
--- incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java
(original)
+++ incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java
Thu Nov 15 12:28:55 2012
@@ -29,6 +29,7 @@ import org.apache.syncope.client.http.Pr
 import org.apache.syncope.client.mod.AttributeMod;
 import org.apache.syncope.client.mod.RoleMod;
 import org.apache.syncope.client.to.AttributeTO;
+import org.apache.syncope.client.to.ConnObjectTO;
 import org.apache.syncope.client.to.RoleTO;
 import org.apache.syncope.client.to.UserTO;
 import org.apache.syncope.client.validation.SyncopeClientCompositeErrorException;
@@ -79,22 +80,29 @@ public class RoleTestITCase extends Abst
         icon.addValue("anIcon");
         roleTO.addAttribute(icon);
 
+        AttributeTO ownerDN = new AttributeTO();
+        ownerDN.setSchema("ownerDN");
+        roleTO.addDerivedAttribute(ownerDN);
+
+        roleTO.setRoleOwner(8L);
+
         roleTO.addResource("resource-ldap");
 
-        RoleTO actual = restTemplate.postForObject(BASE_URL + "role/create", roleTO, RoleTO.class);
+        roleTO = restTemplate.postForObject(BASE_URL + "role/create", roleTO, RoleTO.class);
+        assertNotNull(roleTO);
 
-        roleTO.setId(actual.getId());
-        roleTO.setPasswordPolicy(4L);
-        roleTO.setPropagationTOs(actual.getPropagationTOs());
-        assertEquals(roleTO, actual);
+        assertNotNull(roleTO.getAccountPolicy());
+        assertEquals(6L, (long) roleTO.getAccountPolicy());
 
-        assertNotNull(actual.getAccountPolicy());
-        assertEquals(6L, (long) actual.getAccountPolicy());
+        assertNotNull(roleTO.getPasswordPolicy());
+        assertEquals(4L, (long) roleTO.getPasswordPolicy());
 
-        assertNotNull(actual.getPasswordPolicy());
-        assertEquals(4L, (long) actual.getPasswordPolicy());
+        assertTrue(roleTO.getResources().contains("resource-ldap"));
 
-        assertTrue(actual.getResources().contains("resource-ldap"));
+        ConnObjectTO connObjectTO = restTemplate.getForObject(BASE_URL
+                + "/resource/resource-ldap/read/ROLE/lastRole.json", ConnObjectTO.class);
+        assertNotNull(connObjectTO);
+        assertNotNull(connObjectTO.getAttributeMap().get("owner"));
     }
 
     @Test
@@ -129,7 +137,7 @@ public class RoleTestITCase extends Abst
 
         roleTO = restTemplate.postForObject(BASE_URL + "role/create", roleTO, RoleTO.class);
         assertNotNull(roleTO);
-        
+
         RoleTO deletedRole = restTemplate.getForObject(BASE_URL + "role/delete/{roleId}",
RoleTO.class, roleTO.getId());
         assertNotNull(deletedRole);
 

Modified: incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
URL: http://svn.apache.org/viewvc/incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java?rev=1409754&r1=1409753&r2=1409754&view=diff
==============================================================================
--- incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
(original)
+++ incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
Thu Nov 15 12:28:55 2012
@@ -1475,8 +1475,8 @@ public class UserTestITCase extends Abst
         assertNotNull(dbTableUID);
 
         ConnObjectTO connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, dbTable.getName(),
dbTableUID);
-
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
+                dbTable.getName(), dbTableUID);
         assertFalse(Boolean.parseBoolean(connObjectTO.getAttributeMap().get(OperationalAttributes.ENABLE_NAME).
                 getValues().
                 get(0)));
@@ -1484,21 +1484,18 @@ public class UserTestITCase extends Abst
         String ldapUID = userTO.getUsername();
         assertNotNull(ldapUID);
 
-        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                 ConnObjectTO.class, ldap.getName(), ldapUID);
-
         assertNotNull(connObjectTO);
 
         query = "?resourceNames=" + ldap.getName() + "&performLocally=false"; // check
also performLocally
 
         userTO = restTemplate.getForObject(BASE_URL + "user/reactivate/" + userTO.getId()
+ query, UserTO.class);
-
         assertNotNull(userTO);
         assertEquals("suspended", userTO.getStatus());
 
-        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                 ConnObjectTO.class, dbTable.getName(), dbTableUID);
-
         assertFalse(Boolean.parseBoolean(connObjectTO.getAttributeMap().get(OperationalAttributes.ENABLE_NAME).
                 getValues().
                 get(0)));
@@ -1506,13 +1503,11 @@ public class UserTestITCase extends Abst
         query = "?resourceNames=" + dbTable.getName() + "&performLocally=true"; // check
also performLocally
 
         userTO = restTemplate.getForObject(BASE_URL + "user/reactivate/" + userTO.getId()
+ query, UserTO.class);
-
         assertNotNull(userTO);
         assertEquals("active", userTO.getStatus());
 
-        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+        connObjectTO = restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                 ConnObjectTO.class, dbTable.getName(), dbTableUID);
-
         assertTrue(Boolean.parseBoolean(connObjectTO.getAttributeMap().get(OperationalAttributes.ENABLE_NAME).
                 getValues().
                 get(0)));
@@ -1730,11 +1725,9 @@ public class UserTestITCase extends Abst
         assertNotNull(actual.getDerivedAttributeMap().get("csvuserid"));
 
         ConnObjectTO connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, "resource-csv",
actual.
-                getDerivedAttributeMap().get("csvuserid").getValues().get(0));
-
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
+                actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
         assertNotNull(connObjectTO);
-
         assertEquals("sx-dx", connObjectTO.getAttributeMap().get("ROLE").getValues().get(0));
     }
 
@@ -1777,11 +1770,9 @@ public class UserTestITCase extends Abst
         assertNotNull(actual.getDerivedAttributeMap().get("csvuserid"));
 
         ConnObjectTO connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, "resource-csv",
actual.
-                getDerivedAttributeMap().get("csvuserid").getValues().get(0));
-
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
+                actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
         assertNotNull(connObjectTO);
-
         assertEquals("sx-dx", connObjectTO.getAttributeMap().get("MEMBERSHIP").getValues().get(0));
     }
 
@@ -1853,9 +1844,8 @@ public class UserTestITCase extends Abst
         assertEquals(1, actual.getResources().size());
 
         ConnObjectTO connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, "resource-csv",
actual.
-                getDerivedAttributeMap().get("csvuserid").getValues().get(0));
-
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
+                actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
         assertNotNull(connObjectTO);
 
         // -----------------------------------
@@ -1871,9 +1861,8 @@ public class UserTestITCase extends Abst
         assertEquals(1, actual.getMemberships().size());
 
         connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, "resource-csv",
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
                 actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
-
         assertNotNull(connObjectTO);
         // -----------------------------------
 
@@ -1891,9 +1880,8 @@ public class UserTestITCase extends Abst
         assertFalse(actual.getResources().isEmpty());
 
         connObjectTO = restTemplate.getForObject(BASE_URL
-                + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class, "resource-csv",
actual.
-                getDerivedAttributeMap().get("csvuserid").getValues().get(0));
-
+                + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
+                actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
         assertNotNull(connObjectTO);
         // -----------------------------------
 
@@ -1914,8 +1902,8 @@ public class UserTestITCase extends Abst
 
         try {
             restTemplate.getForObject(BASE_URL
-                    + "/resource/{resourceName}/read/{objectId}.json", ConnObjectTO.class,
"resource-csv", actual.
-                    getDerivedAttributeMap().get("csvuserid").getValues().get(0));
+                    + "/resource/{resourceName}/read/USER/{objectId}.json", ConnObjectTO.class,
"resource-csv",
+                    actual.getDerivedAttributeMap().get("csvuserid").getValues().get(0));
         } catch (SyncopeClientCompositeErrorException e) {
             assertNotNull(e.getException(SyncopeClientExceptionType.NotFound));
             t = e;
@@ -1960,11 +1948,10 @@ public class UserTestITCase extends Abst
         assertEquals(2, actual.getMemberships().size());
 
         ConnObjectTO connObjectTO = restTemplate.getForObject(
-                BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+                BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                 ConnObjectTO.class,
                 "resource-ldap",
                 userTO.getUsername());
-
         assertNotNull(connObjectTO);
 
         postalAddress = connObjectTO.getAttributeMap().get("postalAddress");
@@ -1993,11 +1980,10 @@ public class UserTestITCase extends Abst
         assertEquals(1, actual.getMemberships().size());
 
         connObjectTO = restTemplate.getForObject(
-                BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+                BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                 ConnObjectTO.class,
                 "resource-ldap",
                 userTO.getUsername());
-
         assertNotNull(connObjectTO);
 
         postalAddress = connObjectTO.getAttributeMap().get("postalAddress");
@@ -2030,7 +2016,7 @@ public class UserTestITCase extends Abst
         // 3. try (and fail) to find this user on the external LDAP resource
         SyncopeClientException sce = null;
         try {
-            restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/{objectId}.json",
+            restTemplate.getForObject(BASE_URL + "/resource/{resourceName}/read/USER/{objectId}.json",
                     ConnObjectTO.class, "resource-ldap", userTO.getUsername());
             fail("This entry should not be present on this resource");
         } catch (SyncopeClientCompositeErrorException sccee) {

Modified: incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml
URL: http://svn.apache.org/viewvc/incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml?rev=1409754&r1=1409753&r2=1409754&view=diff
==============================================================================
--- incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml (original)
+++ incubator/syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml Thu
Nov 15 12:28:55 2012
@@ -209,6 +209,10 @@ under the License.
     
   <!-- rderiveddata is used to verify der schema deletion -->
   <RDerSchema name="rderivedschema" expression="rderived_sx + '-' + rderived_dx"/>
+
+  <!-- used for RMapping below -->  
+  <RDerSchema name="ownerDN" 
+              expression="!empty(roleOwner) ? 'cn=' + roleOwner.name + ',ou=groups,o=isp':
(!empty(userOwner) ? 'uid=' +  userOwner.username + ',ou=people,o=isp' : '')"/>
   
   <RAttr id="1004" owner_id="12" schema_name="title"/>
   <RAttrValue attribute_id="1004" id="94" stringValue="r12"/>
@@ -562,9 +566,9 @@ under the License.
   <RMappingItem id="1" accountid="1" password="0" mapping_id="1"
                 extAttrName="__NAME__" intAttrName="roleName" intMappingType="RoleName"
                 mandatoryCondition="true"/>
-  <!--<RMappingItem id="2" accountid="0" password="0" mapping_id="1"
-                extAttrName="owner" intAttrName="roleOwnerDN" intMappingType="RoleDerSchema"
-                mandatoryCondition="false"/>-->
+  <RMappingItem id="2" accountid="0" password="0" mapping_id="1"
+                extAttrName="owner" intAttrName="ownerDN" intMappingType="RoleDerivedSchema"
+                mandatoryCondition="false"/>
   <RMappingItem id="3" accountid="0" password="0" mapping_id="1"
                 extAttrName="description" intAttrName="title" intMappingType="RoleSchema"
                 mandatoryCondition="false"/>



Mime
View raw message