syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ilgro...@apache.org
Subject [02/27] syncope git commit: [SYNCOPE-119] Renaming Role to Group
Date Mon, 06 Apr 2015 16:13:58 GMT
http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/RoleITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/RoleITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/RoleITCase.java
deleted file mode 100644
index 5363e4b..0000000
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/RoleITCase.java
+++ /dev/null
@@ -1,889 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements.  See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership.  The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License.  You may obtain a copy of the License at
- *
- *   http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied.  See the License for the
- * specific language governing permissions and limitations
- * under the License.
- */
-package org.apache.syncope.fit.core.reference;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
-import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.AccessControlException;
-import java.util.List;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.ws.rs.core.Response;
-import org.apache.commons.io.IOUtils;
-import org.apache.commons.lang3.StringUtils;
-import org.apache.syncope.client.lib.SyncopeClient;
-import org.apache.syncope.common.lib.SyncopeClientException;
-import org.apache.syncope.common.lib.mod.ReferenceMod;
-import org.apache.syncope.common.lib.mod.RoleMod;
-import org.apache.syncope.common.lib.to.BulkActionResult;
-import org.apache.syncope.common.lib.to.ConnObjectTO;
-import org.apache.syncope.common.lib.to.MappingItemTO;
-import org.apache.syncope.common.lib.to.PagedResult;
-import org.apache.syncope.common.lib.to.PlainSchemaTO;
-import org.apache.syncope.common.lib.to.ResourceTO;
-import org.apache.syncope.common.lib.to.RoleTO;
-import org.apache.syncope.common.lib.to.UserTO;
-import org.apache.syncope.common.lib.types.AttributableType;
-import org.apache.syncope.common.lib.types.ClientExceptionType;
-import org.apache.syncope.common.lib.types.IntMappingType;
-import org.apache.syncope.common.lib.types.MappingPurpose;
-import org.apache.syncope.common.lib.types.ResourceAssociationActionType;
-import org.apache.syncope.common.lib.types.ResourceDeassociationActionType;
-import org.apache.syncope.common.lib.types.SchemaType;
-import org.apache.syncope.common.lib.types.SubjectType;
-import org.apache.syncope.common.lib.wrap.ResourceName;
-import org.apache.syncope.common.rest.api.CollectionWrapper;
-import org.apache.syncope.common.rest.api.Preference;
-import org.apache.syncope.common.rest.api.RESTHeaders;
-import org.apache.syncope.common.rest.api.service.RoleService;
-import org.identityconnectors.framework.common.objects.Name;
-import org.junit.FixMethodOrder;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.runners.MethodSorters;
-
-@FixMethodOrder(MethodSorters.JVM)
-public class RoleITCase extends AbstractITCase {
-
-    private RoleTO buildBasicRoleTO(final String name) {
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName(name + getUUIDString());
-        roleTO.setParent(8L);
-        return roleTO;
-    }
-
-    private RoleTO buildRoleTO(final String name) {
-        RoleTO roleTO = buildBasicRoleTO(name);
-
-        // verify inheritance password and account policies
-        roleTO.setInheritAccountPolicy(false);
-        // not inherited so setter execution shouldn't be ignored
-        roleTO.setAccountPolicy(6L);
-
-        roleTO.setInheritPasswordPolicy(true);
-        // inherited so setter execution should be ignored
-        roleTO.setPasswordPolicy(2L);
-
-        roleTO.getRPlainAttrTemplates().add("icon");
-        roleTO.getPlainAttrs().add(attrTO("icon", "anIcon"));
-
-        roleTO.getResources().add(RESOURCE_NAME_LDAP);
-        return roleTO;
-    }
-
-    @Test
-    public void createWithException() {
-        RoleTO newRoleTO = new RoleTO();
-        newRoleTO.getPlainAttrs().add(attrTO("attr1", "value1"));
-
-        try {
-            createRole(newRoleTO);
-            fail();
-        } catch (SyncopeClientException e) {
-            assertEquals(ClientExceptionType.InvalidRole, e.getType());
-        }
-    }
-
-    @Test
-    @Ignore
-    public void create() {
-        RoleTO roleTO = buildRoleTO("lastRole");
-        roleTO.getRVirAttrTemplates().add("rvirtualdata");
-        roleTO.getVirAttrs().add(attrTO("rvirtualdata", "rvirtualvalue"));
-        roleTO.setRoleOwner(8L);
-
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
-
-        assertNotNull(roleTO.getVirAttrMap());
-        assertNotNull(roleTO.getVirAttrMap().get("rvirtualdata").getValues());
-        assertFalse(roleTO.getVirAttrMap().get("rvirtualdata").getValues().isEmpty());
-        assertEquals("rvirtualvalue", roleTO.getVirAttrMap().get("rvirtualdata").getValues().get(0));
-
-        assertNotNull(roleTO.getAccountPolicy());
-        assertEquals(6L, (long) roleTO.getAccountPolicy());
-
-        assertNotNull(roleTO.getPasswordPolicy());
-        assertEquals(4L, (long) roleTO.getPasswordPolicy());
-
-        assertTrue(roleTO.getResources().contains(RESOURCE_NAME_LDAP));
-
-        ConnObjectTO connObjectTO =
-                resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, roleTO.getKey());
-        assertNotNull(connObjectTO);
-        assertNotNull(connObjectTO.getPlainAttrMap().get("owner"));
-
-        // SYNCOPE-515: remove ownership
-        final RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.setRoleOwner(new ReferenceMod());
-
-        assertNull(updateRole(roleMod).getRoleOwner());
-    }
-
-    @Test
-    public void createWithPasswordPolicy() {
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName("roleWithPassword" + getUUIDString());
-        roleTO.setParent(8L);
-        roleTO.setPasswordPolicy(4L);
-
-        RoleTO actual = createRole(roleTO);
-        assertNotNull(actual);
-
-        actual = roleService.read(actual.getKey());
-        assertNotNull(actual);
-        assertNotNull(actual.getPasswordPolicy());
-        assertEquals(4L, (long) actual.getPasswordPolicy());
-    }
-
-    @Test
-    public void delete() {
-        try {
-            roleService.delete(0L);
-        } catch (SyncopeClientException e) {
-            assertEquals(Response.Status.NOT_FOUND, e.getType().getResponseStatus());
-        }
-
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName("toBeDeleted" + getUUIDString());
-        roleTO.setParent(8L);
-
-        roleTO.getResources().add(RESOURCE_NAME_LDAP);
-
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
-
-        RoleTO deletedRole = deleteRole(roleTO.getKey());
-        assertNotNull(deletedRole);
-
-        try {
-            roleService.read(deletedRole.getKey());
-        } catch (SyncopeClientException e) {
-            assertEquals(Response.Status.NOT_FOUND, e.getType().getResponseStatus());
-        }
-    }
-
-    @Test
-    public void list() {
-        PagedResult<RoleTO> roleTOs = roleService.list();
-        assertNotNull(roleTOs);
-        assertTrue(roleTOs.getResult().size() >= 8);
-        for (RoleTO roleTO : roleTOs.getResult()) {
-            assertNotNull(roleTO);
-        }
-    }
-
-    @Test
-    public void parent() {
-        RoleTO roleTO = roleService.parent(7L);
-
-        assertNotNull(roleTO);
-        assertEquals(roleTO.getKey(), 6L);
-    }
-
-    @Test
-    public void read() {
-        RoleTO roleTO = roleService.read(1L);
-
-        assertNotNull(roleTO);
-        assertNotNull(roleTO.getPlainAttrs());
-        assertFalse(roleTO.getPlainAttrs().isEmpty());
-    }
-
-    @Test
-    public void selfRead() {
-        UserTO userTO = userService.read(1L);
-        assertNotNull(userTO);
-
-        assertTrue(userTO.getMembershipMap().containsKey(1L));
-        assertFalse(userTO.getMembershipMap().containsKey(3L));
-
-        RoleService roleService2 = clientFactory.create("rossini", ADMIN_PWD).getService(RoleService.class);
-
-        try {
-            roleService2.readSelf(3L);
-            fail();
-        } catch (SyncopeClientException e) {
-            assertEquals(ClientExceptionType.UnauthorizedRole, e.getType());
-        }
-
-        RoleTO roleTO = roleService2.readSelf(1L);
-        assertNotNull(roleTO);
-        assertNotNull(roleTO.getPlainAttrs());
-        assertFalse(roleTO.getPlainAttrs().isEmpty());
-    }
-
-    @Test
-    public void update() {
-        RoleTO roleTO = buildRoleTO("latestRole" + getUUIDString());
-        roleTO.getRPlainAttrTemplates().add("show");
-        roleTO = createRole(roleTO);
-
-        assertEquals(1, roleTO.getPlainAttrs().size());
-
-        assertNotNull(roleTO.getAccountPolicy());
-        assertEquals(6L, (long) roleTO.getAccountPolicy());
-
-        assertNotNull(roleTO.getPasswordPolicy());
-        assertEquals(4L, (long) roleTO.getPasswordPolicy());
-
-        RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        String modName = "finalRole" + getUUIDString();
-        roleMod.setName(modName);
-        roleMod.getPlainAttrsToUpdate().add(attrMod("show", "FALSE"));
-
-        // change password policy inheritance
-        roleMod.setInheritPasswordPolicy(Boolean.FALSE);
-
-        roleTO = updateRole(roleMod);
-
-        assertEquals(modName, roleTO.getName());
-        assertEquals(2, roleTO.getPlainAttrs().size());
-
-        // changes ignored because not requested (null ReferenceMod)
-        assertNotNull(roleTO.getAccountPolicy());
-        assertEquals(6L, (long) roleTO.getAccountPolicy());
-
-        // password policy null because not inherited
-        assertNull(roleTO.getPasswordPolicy());
-    }
-
-    @Test
-    public void updateRemovingVirAttribute() {
-        RoleTO roleTO = buildBasicRoleTO("withvirtual" + getUUIDString());
-        roleTO.getRVirAttrTemplates().add("rvirtualdata");
-        roleTO.getVirAttrs().add(attrTO("rvirtualdata", null));
-
-        roleTO = createRole(roleTO);
-
-        assertNotNull(roleTO);
-        assertEquals(1, roleTO.getVirAttrs().size());
-
-        final RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.getVirAttrsToRemove().add("rvirtualdata");
-
-        roleTO = updateRole(roleMod);
-        assertNotNull(roleTO);
-        assertTrue(roleTO.getVirAttrs().isEmpty());
-    }
-
-    @Test
-    public void updateRemovingDerAttribute() {
-        RoleTO roleTO = buildBasicRoleTO("withderived" + getUUIDString());
-        roleTO.getRDerAttrTemplates().add("rderivedschema");
-        roleTO.getDerAttrs().add(attrTO("rderivedschema", null));
-
-        roleTO = createRole(roleTO);
-
-        assertNotNull(roleTO);
-        assertEquals(1, roleTO.getDerAttrs().size());
-
-        final RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.getDerAttrsToRemove().add("rderivedschema");
-
-        roleTO = updateRole(roleMod);
-        assertNotNull(roleTO);
-        assertTrue(roleTO.getDerAttrs().isEmpty());
-    }
-
-    @Test
-    public void updateAsRoleOwner() {
-        // 1. read role as admin
-        RoleTO roleTO = roleService.read(7L);
-
-        // issue SYNCOPE-15
-        assertNotNull(roleTO.getCreationDate());
-        assertNotNull(roleTO.getLastChangeDate());
-        assertEquals("admin", roleTO.getCreator());
-        assertEquals("admin", roleTO.getLastModifier());
-
-        // 2. prepare update
-        RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.setName("Managing Director");
-
-        // 3. try to update as verdi, not owner of role 7 - fail
-        RoleService roleService2 = clientFactory.create("verdi", ADMIN_PWD).getService(RoleService.class);
-
-        try {
-            roleService2.update(roleMod.getKey(), roleMod);
-            fail();
-        } catch (SyncopeClientException e) {
-            assertEquals(Response.Status.UNAUTHORIZED, e.getType().getResponseStatus());
-        } catch (AccessControlException e) {
-            assertNotNull(e);
-        }
-
-        // 4. update as puccini, owner of role 7 because owner of role 6 with inheritance - success
-        RoleService roleService3 = clientFactory.create("puccini", ADMIN_PWD).getService(RoleService.class);
-
-        roleTO = roleService3.update(roleMod.getKey(), roleMod).readEntity(RoleTO.class);
-        assertEquals("Managing Director", roleTO.getName());
-
-        // issue SYNCOPE-15
-        assertNotNull(roleTO.getCreationDate());
-        assertNotNull(roleTO.getLastChangeDate());
-        assertEquals("admin", roleTO.getCreator());
-        assertEquals("puccini", roleTO.getLastModifier());
-        assertTrue(roleTO.getCreationDate().before(roleTO.getLastChangeDate()));
-    }
-
-    /**
-     * Role rename used to fail in case of parent null.
-     *
-     * http://code.google.com/p/syncope/issues/detail?id=178
-     */
-    @Test
-    public void issue178() {
-        RoleTO roleTO = new RoleTO();
-        String roleName = "torename" + getUUIDString();
-        roleTO.setName(roleName);
-
-        RoleTO actual = createRole(roleTO);
-
-        assertNotNull(actual);
-        assertEquals(roleName, actual.getName());
-        assertEquals(0L, actual.getParent());
-
-        RoleMod roleMod = new RoleMod();
-        roleMod.setKey(actual.getKey());
-        String renamedRole = "renamed" + getUUIDString();
-        roleMod.setName(renamedRole);
-
-        actual = updateRole(roleMod);
-        assertNotNull(actual);
-        assertEquals(renamedRole, actual.getName());
-        assertEquals(0L, actual.getParent());
-    }
-
-    @Test
-    public void issueSYNCOPE228() {
-        RoleTO roleTO = buildRoleTO("issueSYNCOPE228");
-        roleTO.getEntitlements().add("USER_READ");
-        roleTO.getEntitlements().add("SCHEMA_READ");
-
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
-        assertNotNull(roleTO.getEntitlements());
-        assertFalse(roleTO.getEntitlements().isEmpty());
-
-        List<String> entitlements = roleTO.getEntitlements();
-
-        RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.setInheritDerAttrs(Boolean.TRUE);
-
-        roleTO = updateRole(roleMod);
-        assertNotNull(roleTO);
-        assertEquals(entitlements, roleTO.getEntitlements());
-
-        roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.setModEntitlements(true);
-        roleMod.getEntitlements().clear();
-
-        roleTO = updateRole(roleMod);
-        assertNotNull(roleTO);
-        assertTrue(roleTO.getEntitlements().isEmpty());
-    }
-
-    @Test
-    public void unlink() {
-        RoleTO actual = createRole(buildRoleTO("unlink"));
-        assertNotNull(actual);
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-
-        assertNotNull(roleService.bulkDeassociation(actual.getKey(),
-                ResourceDeassociationActionType.UNLINK,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertNotNull(actual);
-        assertTrue(actual.getResources().isEmpty());
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-    }
-
-    @Test
-    public void link() {
-        RoleTO roleTO = buildRoleTO("link");
-        roleTO.getResources().clear();
-
-        RoleTO actual = createRole(roleTO);
-        assertNotNull(actual);
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-
-        assertNotNull(roleService.bulkAssociation(actual.getKey(),
-                ResourceAssociationActionType.LINK,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertFalse(actual.getResources().isEmpty());
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-    }
-
-    @Test
-    public void unassign() {
-        RoleTO actual = createRole(buildRoleTO("unassign"));
-        assertNotNull(actual);
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-
-        assertNotNull(roleService.bulkDeassociation(actual.getKey(),
-                ResourceDeassociationActionType.UNASSIGN,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertNotNull(actual);
-        assertTrue(actual.getResources().isEmpty());
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-    }
-
-    @Test
-    public void assign() {
-        RoleTO roleTO = buildRoleTO("assign");
-        roleTO.getResources().clear();
-
-        RoleTO actual = createRole(roleTO);
-        assertNotNull(actual);
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-
-        assertNotNull(roleService.bulkAssociation(actual.getKey(),
-                ResourceAssociationActionType.ASSIGN,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertFalse(actual.getResources().isEmpty());
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-    }
-
-    @Test
-    public void deprovision() {
-        RoleTO actual = createRole(buildRoleTO("deprovision"));
-        assertNotNull(actual);
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-
-        assertNotNull(roleService.bulkDeassociation(actual.getKey(),
-                ResourceDeassociationActionType.DEPROVISION,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertNotNull(actual);
-        assertFalse(actual.getResources().isEmpty());
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-    }
-
-    @Test
-    public void provision() {
-        RoleTO roleTO = buildRoleTO("assign");
-        roleTO.getResources().clear();
-
-        RoleTO actual = createRole(roleTO);
-        assertNotNull(actual);
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-
-        assertNotNull(roleService.bulkAssociation(actual.getKey(),
-                ResourceAssociationActionType.PROVISION,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertTrue(actual.getResources().isEmpty());
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-    }
-
-    @Test
-    public void deprovisionUnlinked() {
-        RoleTO roleTO = buildRoleTO("assign");
-        roleTO.getResources().clear();
-
-        RoleTO actual = createRole(roleTO);
-        assertNotNull(actual);
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-
-        assertNotNull(roleService.bulkAssociation(actual.getKey(),
-                ResourceAssociationActionType.PROVISION,
-                CollectionWrapper.wrap("resource-ldap", ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertTrue(actual.getResources().isEmpty());
-
-        assertNotNull(resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey()));
-
-        assertNotNull(roleService.bulkDeassociation(actual.getKey(),
-                ResourceDeassociationActionType.DEPROVISION,
-                CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class)).
-                readEntity(BulkActionResult.class));
-
-        actual = roleService.read(actual.getKey());
-        assertNotNull(actual);
-        assertTrue(actual.getResources().isEmpty());
-
-        try {
-            resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, actual.getKey());
-            fail();
-        } catch (Exception e) {
-            assertNotNull(e);
-        }
-    }
-
-    @Test
-    public void createWithMandatorySchemaNotTemplate() {
-        // 1. create a role mandatory schema
-        PlainSchemaTO badge = new PlainSchemaTO();
-        badge.setKey("badge");
-        badge.setMandatoryCondition("true");
-        schemaService.create(AttributableType.ROLE, SchemaType.PLAIN, badge);
-
-        // 2. create a role *without* an attribute for that schema: it works
-        RoleTO roleTO = buildRoleTO("lastRole");
-        assertFalse(roleTO.getPlainAttrMap().containsKey(badge.getKey()));
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
-        assertFalse(roleTO.getPlainAttrMap().containsKey(badge.getKey()));
-
-        // 3. add a template for badge to the role just created - 
-        // failure since no values are provided and it is mandatory
-        RoleMod roleMod = new RoleMod();
-        roleMod.setKey(roleTO.getKey());
-        roleMod.setModRAttrTemplates(true);
-        roleMod.getRPlainAttrTemplates().add("badge");
-
-        try {
-            updateRole(roleMod);
-            fail();
-        } catch (SyncopeClientException e) {
-            assertEquals(ClientExceptionType.RequiredValuesMissing, e.getType());
-        }
-
-        // 4. also add an actual attribute for badge - it will work        
-        roleMod.getPlainAttrsToUpdate().add(attrMod(badge.getKey(), "xxxxxxxxxx"));
-
-        roleTO = updateRole(roleMod);
-        assertNotNull(roleTO);
-        assertTrue(roleTO.getPlainAttrMap().containsKey(badge.getKey()));
-    }
-
-    @Test
-    public void anonymous() {
-        RoleService unauthenticated = clientFactory.createAnonymous().getService(RoleService.class);
-        try {
-            unauthenticated.list();
-            fail();
-        } catch (AccessControlException e) {
-            assertNotNull(e);
-        }
-
-        RoleService anonymous = clientFactory.create(ANONYMOUS_UNAME, ANONYMOUS_KEY).getService(RoleService.class);
-        assertFalse(anonymous.list().getResult().isEmpty());
-    }
-
-    @Test
-    public void noContent() throws IOException {
-        SyncopeClient noContentclient = clientFactory.create(ADMIN_UNAME, ADMIN_PWD);
-        RoleService noContentService = noContentclient.prefer(RoleService.class, Preference.RETURN_NO_CONTENT);
-
-        RoleTO role = buildRoleTO("noContent");
-
-        Response response = noContentService.create(role);
-        assertEquals(Response.Status.CREATED.getStatusCode(), response.getStatus());
-        assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
-        assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity()));
-
-        role = getObject(response.getLocation(), RoleService.class, RoleTO.class);
-        assertNotNull(role);
-
-        RoleMod roleMod = new RoleMod();
-        roleMod.getPlainAttrsToUpdate().add(attrMod("badge", "xxxxxxxxxx"));
-
-        response = noContentService.update(role.getKey(), roleMod);
-        assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
-        assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
-        assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity()));
-
-        response = noContentService.delete(role.getKey());
-        assertEquals(Response.Status.NO_CONTENT.getStatusCode(), response.getStatus());
-        assertEquals(Preference.RETURN_NO_CONTENT.toString(), response.getHeaderString(RESTHeaders.PREFERENCE_APPLIED));
-        assertEquals(StringUtils.EMPTY, IOUtils.toString((InputStream) response.getEntity()));
-    }
-
-    @Test
-    public void issueSYNCOPE455() {
-        final String parentName = "issueSYNCOPE455-PRole";
-        final String childName = "issueSYNCOPE455-CRole";
-
-        // 1. create parent role
-        RoleTO parent = buildBasicRoleTO(parentName);
-        parent.getResources().add(RESOURCE_NAME_LDAP);
-
-        parent = createRole(parent);
-        assertTrue(parent.getResources().contains(RESOURCE_NAME_LDAP));
-
-        final ConnObjectTO parentRemoteObject =
-                resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, parent.getKey());
-        assertNotNull(parentRemoteObject);
-        assertNotNull(getLdapRemoteObject(parentRemoteObject.getPlainAttrMap().get(Name.NAME).getValues().get(0)));
-
-        // 2. create child role
-        RoleTO child = buildBasicRoleTO(childName);
-        child.getResources().add(RESOURCE_NAME_LDAP);
-        child.setParent(parent.getKey());
-
-        child = createRole(child);
-        assertTrue(child.getResources().contains(RESOURCE_NAME_LDAP));
-
-        final ConnObjectTO childRemoteObject =
-                resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, child.getKey());
-        assertNotNull(childRemoteObject);
-        assertNotNull(getLdapRemoteObject(childRemoteObject.getPlainAttrMap().get(Name.NAME).getValues().get(0)));
-
-        // 3. remove parent role
-        roleService.delete(parent.getKey());
-
-        // 4. asserts for issue 455
-        try {
-            roleService.read(parent.getKey());
-            fail();
-        } catch (SyncopeClientException scce) {
-            assertNotNull(scce);
-        }
-
-        try {
-            roleService.read(child.getKey());
-            fail();
-        } catch (SyncopeClientException scce) {
-            assertNotNull(scce);
-        }
-
-        assertNull(getLdapRemoteObject(parentRemoteObject.getPlainAttrMap().get(Name.NAME).getValues().get(0)));
-        assertNull(getLdapRemoteObject(childRemoteObject.getPlainAttrMap().get(Name.NAME).getValues().get(0)));
-    }
-
-    @Test
-    public void issueSYNCOPE543() {
-        final String ancestorName = "issueSYNCOPE543-ARole";
-        final String parentName = "issueSYNCOPE543-PRole";
-        final String childName = "issueSYNCOPE543-CRole";
-
-        // 1. create ancestor role
-        RoleTO ancestor = buildBasicRoleTO(ancestorName);
-        ancestor.setParent(0L);
-        ancestor.getRPlainAttrTemplates().add("icon");
-        ancestor.getPlainAttrs().add(attrTO("icon", "ancestorIcon"));
-        ancestor = createRole(ancestor);
-        assertEquals("ancestorIcon", ancestor.getPlainAttrMap().get("icon").getValues().get(0));
-
-        // 2. create parent role
-        RoleTO parent = buildBasicRoleTO(parentName);
-        parent.setParent(ancestor.getKey());
-        parent.getRPlainAttrTemplates().add("icon");
-        parent.getPlainAttrs().add(attrTO("icon", "parentIcon"));
-        parent = createRole(parent);
-        assertEquals("parentIcon", parent.getPlainAttrMap().get("icon").getValues().get(0));
-
-        // 3. create child role
-        RoleTO child = buildBasicRoleTO(childName);
-        child.setParent(parent.getKey());
-        child.getRPlainAttrTemplates().add("icon");
-        child.getPlainAttrs().add(attrTO("icon", "childIcon"));
-        child = createRole(child);
-        assertEquals("childIcon", child.getPlainAttrMap().get("icon").getValues().get(0));
-
-        final RoleMod roleChildMod = new RoleMod();
-        roleChildMod.setKey(child.getKey());
-        roleChildMod.setInheritPlainAttrs(Boolean.TRUE);
-        updateRole(roleChildMod);
-
-        child = roleService.read(child.getKey());
-        assertNotNull(child);
-        assertNotNull(child.getPlainAttrMap().get("icon").getValues());
-        assertEquals("parentIcon", child.getPlainAttrMap().get("icon").getValues().get(0));
-
-        final RoleMod roleParentMod = new RoleMod();
-        roleParentMod.setKey(parent.getKey());
-        roleParentMod.setInheritPlainAttrs(Boolean.TRUE);
-        updateRole(roleParentMod);
-
-        child = roleService.read(child.getKey());
-        assertNotNull(child);
-        assertNotNull(child.getPlainAttrMap().get("icon").getValues());
-        assertEquals("ancestorIcon", child.getPlainAttrMap().get("icon").getValues().get(0));
-
-        parent = roleService.read(parent.getKey());
-        assertNotNull(parent);
-        assertNotNull(parent.getPlainAttrMap().get("icon").getValues());
-        assertEquals("ancestorIcon", parent.getPlainAttrMap().get("icon").getValues().get(0));
-
-        roleParentMod.setInheritPlainAttrs(Boolean.FALSE);
-        updateRole(roleParentMod);
-
-        child = roleService.read(child.getKey());
-        assertNotNull(child);
-        assertNotNull(child.getPlainAttrMap().get("icon").getValues());
-        assertEquals("parentIcon", child.getPlainAttrMap().get("icon").getValues().get(0));
-    }
-
-    @Test
-    public void issueSYNCOPE632() {
-        RoleTO roleTO = null;
-        try {
-            // 1. create new LDAP resource having account id mapped to a derived attribute
-            ResourceTO newLDAP = resourceService.read(RESOURCE_NAME_LDAP);
-            newLDAP.setKey("new-ldap");
-            newLDAP.setPropagationPrimary(true);
-            MappingItemTO accountId = newLDAP.getRmapping().getAccountIdItem();
-            accountId.setIntMappingType(IntMappingType.RoleDerivedSchema);
-            accountId.setIntAttrName("displayProperty");
-            newLDAP.getRmapping().setAccountIdItem(accountId);
-            newLDAP.getRmapping().setAccountLink("'cn=' + displayProperty + ',ou=groups,o=isp'");
-
-            MappingItemTO description = new MappingItemTO();
-            description.setIntMappingType(IntMappingType.RoleId);
-            description.setExtAttrName("description");
-            description.setPurpose(MappingPurpose.BOTH);
-            newLDAP.getRmapping().addItem(description);
-
-            newLDAP = createResource(newLDAP);
-            assertNotNull(newLDAP);
-
-            // 2. create a role and give the resource created above
-            roleTO = buildRoleTO("lastRole");
-            roleTO.getRPlainAttrTemplates().add("icon");
-            roleTO.getPlainAttrs().add(attrTO("icon", "anIcon"));
-            roleTO.getRPlainAttrTemplates().add("show");
-            roleTO.getPlainAttrs().add(attrTO("show", "true"));
-            roleTO.getRDerAttrTemplates().add("displayProperty");
-            roleTO.getDerAttrs().add(attrTO("displayProperty", null));
-            roleTO.getResources().clear();
-            roleTO.getResources().add("new-ldap");
-
-            roleTO = createRole(roleTO);
-            assertNotNull(roleTO);
-
-            // 3. update the role
-            RoleMod roleMod = new RoleMod();
-            roleMod.setKey(roleTO.getKey());
-            roleMod.getPlainAttrsToRemove().add("icon");
-            roleMod.getPlainAttrsToUpdate().add(attrMod("icon", "anotherIcon"));
-
-            roleTO = updateRole(roleMod);
-            assertNotNull(roleTO);
-
-            // 4. check that a single group exists in LDAP for the role created and updated above
-            int entries = 0;
-            DirContext ctx = null;
-            try {
-                ctx = getLdapResourceDirContext(null, null);
-
-                SearchControls ctls = new SearchControls();
-                ctls.setReturningAttributes(new String[] { "*", "+" });
-                ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
-
-                NamingEnumeration<SearchResult> result =
-                        ctx.search("ou=groups,o=isp", "(description=" + roleTO.getKey() + ")", ctls);
-                while (result.hasMore()) {
-                    result.next();
-                    entries++;
-                }
-            } catch (Exception e) {
-                // ignore
-            } finally {
-                if (ctx != null) {
-                    try {
-                        ctx.close();
-                    } catch (NamingException e) {
-                        // ignore
-                    }
-                }
-            }
-
-            assertEquals(1, entries);
-        } finally {
-            if (roleTO != null) {
-                roleService.delete(roleTO.getKey());
-            }
-            resourceService.delete("new-ldap");
-        }
-    }
-}

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SearchITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SearchITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SearchITCase.java
index 6af2828..2fd4adb 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SearchITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SearchITCase.java
@@ -27,7 +27,7 @@ import java.util.HashSet;
 import java.util.Set;
 import org.apache.syncope.client.lib.SyncopeClient;
 import org.apache.syncope.common.lib.to.PagedResult;
-import org.apache.syncope.common.lib.to.RoleTO;
+import org.apache.syncope.common.lib.to.GroupTO;
 import org.apache.syncope.common.lib.to.UserTO;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
@@ -76,15 +76,15 @@ public class SearchITCase extends AbstractITCase {
     }
 
     @Test
-    public void searchByRolenameAndKey() {
-        final PagedResult<RoleTO> matchingRoles = roleService.search(
-                SyncopeClient.getRoleSearchConditionBuilder().
+    public void searchByGroupNameAndKey() {
+        final PagedResult<GroupTO> matchingGroups = groupService.search(
+                SyncopeClient.getGroupSearchConditionBuilder().
                 is("name").equalTo("root").and("key").lessThan(2).query());
 
-        assertNotNull(matchingRoles);
-        assertEquals(1, matchingRoles.getResult().size());
-        assertEquals("root", matchingRoles.getResult().iterator().next().getName());
-        assertEquals(1L, matchingRoles.getResult().iterator().next().getKey());
+        assertNotNull(matchingGroups);
+        assertEquals(1, matchingGroups.getResult().size());
+        assertEquals("root", matchingGroups.getResult().iterator().next().getName());
+        assertEquals(1L, matchingGroups.getResult().iterator().next().getKey());
     }
 
     @Test
@@ -131,29 +131,29 @@ public class SearchITCase extends AbstractITCase {
 
     @Test
     public void searchByBooleanSubjectCond() {
-        final PagedResult<RoleTO> matchingRoles = roleService.search(
-                SyncopeClient.getRoleSearchConditionBuilder().is("inheritPlainAttrs").equalTo("true").query());
-        assertNotNull(matchingRoles);
-        assertFalse(matchingRoles.getResult().isEmpty());
+        final PagedResult<GroupTO> matchingGroups = groupService.search(
+                SyncopeClient.getGroupSearchConditionBuilder().is("inheritPlainAttrs").equalTo("true").query());
+        assertNotNull(matchingGroups);
+        assertFalse(matchingGroups.getResult().isEmpty());
     }
 
     @Test
     public void searchByEntitlement() {
-        final PagedResult<RoleTO> matchingRoles = roleService.search(
-                SyncopeClient.getRoleSearchConditionBuilder().hasEntitlements("USER_LIST", "USER_READ").query());
-        assertNotNull(matchingRoles);
-        assertFalse(matchingRoles.getResult().isEmpty());
+        final PagedResult<GroupTO> matchingGroups = groupService.search(
+                SyncopeClient.getGroupSearchConditionBuilder().hasEntitlements("USER_LIST", "USER_READ").query());
+        assertNotNull(matchingGroups);
+        assertFalse(matchingGroups.getResult().isEmpty());
     }
 
     @Test
     public void searchByRelationshipSubjectCond() {
-        final PagedResult<RoleTO> matchingRoles = roleService.search(SyncopeClient.getRoleSearchConditionBuilder().
+        final PagedResult<GroupTO> matchingGroups = groupService.search(SyncopeClient.getGroupSearchConditionBuilder().
                 isNotNull("passwordPolicy").and("userOwner").equalTo(5).query());
 
-        assertNotNull(matchingRoles);
-        assertEquals(1, matchingRoles.getResult().size());
-        assertEquals("director", matchingRoles.getResult().iterator().next().getName());
-        assertEquals(6L, matchingRoles.getResult().iterator().next().getKey());
+        assertNotNull(matchingGroups);
+        assertEquals(1, matchingGroups.getResult().size());
+        assertEquals("director", matchingGroups.getResult().iterator().next().getName());
+        assertEquals(6L, matchingGroups.getResult().iterator().next().getKey());
     }
 
     @Test

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SyncTaskITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SyncTaskITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SyncTaskITCase.java
index eb35036..6b7443d 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SyncTaskITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/SyncTaskITCase.java
@@ -39,7 +39,7 @@ import org.apache.syncope.common.lib.to.ConnObjectTO;
 import org.apache.syncope.common.lib.to.MembershipTO;
 import org.apache.syncope.common.lib.to.PagedResult;
 import org.apache.syncope.common.lib.to.ResourceTO;
-import org.apache.syncope.common.lib.to.RoleTO;
+import org.apache.syncope.common.lib.to.GroupTO;
 import org.apache.syncope.common.lib.to.SyncPolicyTO;
 import org.apache.syncope.common.lib.to.SyncTaskTO;
 import org.apache.syncope.common.lib.to.TaskExecTO;
@@ -102,13 +102,13 @@ public class SyncTaskITCase extends AbstractTaskITCase {
         userTemplate.getResources().add(RESOURCE_NAME_WS2);
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         userTemplate.getMemberships().add(membershipTO);
         task.setUserTemplate(userTemplate);
 
-        RoleTO roleTemplate = new RoleTO();
-        roleTemplate.getResources().add(RESOURCE_NAME_LDAP);
-        task.setRoleTemplate(roleTemplate);
+        GroupTO groupTemplate = new GroupTO();
+        groupTemplate.getResources().add(RESOURCE_NAME_LDAP);
+        task.setGroupTemplate(groupTemplate);
 
         Response response = taskService.create(task);
         SyncTaskTO actual = getObject(response.getLocation(), TaskService.class, SyncTaskTO.class);
@@ -119,7 +119,7 @@ public class SyncTaskITCase extends AbstractTaskITCase {
         assertEquals(actual.getKey(), task.getKey());
         assertEquals(actual.getJobClassName(), task.getJobClassName());
         assertEquals(userTemplate, task.getUserTemplate());
-        assertEquals(roleTemplate, task.getRoleTemplate());
+        assertEquals(groupTemplate, task.getGroupTemplate());
     }
 
     @Test
@@ -254,14 +254,14 @@ public class SyncTaskITCase extends AbstractTaskITCase {
      * Clean Syncope and LDAP resource status.
      */
     private void ldapCleanup() {
-        PagedResult<RoleTO> matchingRoles = roleService.search(
-                SyncopeClient.getRoleSearchConditionBuilder().is("name").equalTo("testLDAPGroup").query());
-        if (matchingRoles.getSize() > 0) {
-            for (RoleTO role : matchingRoles.getResult()) {
-                roleService.bulkDeassociation(role.getKey(),
+        PagedResult<GroupTO> matchingGroups = groupService.search(
+                SyncopeClient.getGroupSearchConditionBuilder().is("name").equalTo("testLDAPGroup").query());
+        if (matchingGroups.getSize() > 0) {
+            for (GroupTO group : matchingGroups.getResult()) {
+                groupService.bulkDeassociation(group.getKey(),
                         ResourceDeassociationActionType.UNLINK,
                         CollectionWrapper.wrap(RESOURCE_NAME_LDAP, ResourceName.class));
-                roleService.delete(role.getKey());
+                groupService.delete(group.getKey());
             }
         }
         PagedResult<UserTO> matchingUsers = userService.search(
@@ -278,7 +278,7 @@ public class SyncTaskITCase extends AbstractTaskITCase {
 
     @Test
     public void reconcileFromLDAP() {
-        // First of all, clear any potential conflict with existing user / role
+        // First of all, clear any potential conflict with existing user / group
         ldapCleanup();
 
         // Update sync task
@@ -289,11 +289,11 @@ public class SyncTaskITCase extends AbstractTaskITCase {
         assertNotNull(status);
         assertTrue(PropagationTaskExecStatus.valueOf(status).isSuccessful());
 
-        // 2. verify that synchronized role is found, with expected attributes
-        final PagedResult<RoleTO> matchingRoles = roleService.search(
-                SyncopeClient.getRoleSearchConditionBuilder().is("name").equalTo("testLDAPGroup").query());
-        assertNotNull(matchingRoles);
-        assertEquals(1, matchingRoles.getResult().size());
+        // 2. verify that synchronized group is found, with expected attributes
+        final PagedResult<GroupTO> matchingGroups = groupService.search(
+                SyncopeClient.getGroupSearchConditionBuilder().is("name").equalTo("testLDAPGroup").query());
+        assertNotNull(matchingGroups);
+        assertEquals(1, matchingGroups.getResult().size());
 
         final PagedResult<UserTO> matchingUsers = userService.search(
                 SyncopeClient.getUserSearchConditionBuilder().is("username").equalTo("syncFromLDAP").query());
@@ -308,17 +308,17 @@ public class SyncTaskITCase extends AbstractTaskITCase {
         // Check for SYNCOPE-123
         assertNotNull(matchingUsers.getResult().get(0).getPlainAttrMap().get("photo"));
 
-        final RoleTO roleTO = matchingRoles.getResult().iterator().next();
-        assertNotNull(roleTO);
-        assertEquals("testLDAPGroup", roleTO.getName());
-        assertEquals(8L, roleTO.getParent());
-        assertEquals("true", roleTO.getPlainAttrMap().get("show").getValues().get(0));
-        assertEquals(matchingUsers.getResult().iterator().next().getKey(), (long) roleTO.getUserOwner());
-        assertNull(roleTO.getRoleOwner());
+        final GroupTO groupTO = matchingGroups.getResult().iterator().next();
+        assertNotNull(groupTO);
+        assertEquals("testLDAPGroup", groupTO.getName());
+        assertEquals(8L, groupTO.getParent());
+        assertEquals("true", groupTO.getPlainAttrMap().get("show").getValues().get(0));
+        assertEquals(matchingUsers.getResult().iterator().next().getKey(), (long) groupTO.getUserOwner());
+        assertNull(groupTO.getGroupOwner());
 
-        // 3. verify that LDAP group membership is propagated as Syncope role membership
+        // 3. verify that LDAP group membership is propagated as Syncope group membership
         final PagedResult<UserTO> members = userService.search(
-                SyncopeClient.getUserSearchConditionBuilder().hasRoles(roleTO.getKey()).query());
+                SyncopeClient.getUserSearchConditionBuilder().inGroups(groupTO.getKey()).query());
         assertNotNull(members);
         assertEquals(1, members.getResult().size());
     }
@@ -343,7 +343,7 @@ public class SyncTaskITCase extends AbstractTaskITCase {
         userTO.getResources().add(RESOURCE_NAME_NOPROPAGATION4);
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(7L);
+        membershipTO.setGroupId(7L);
 
         userTO.getMemberships().add(membershipTO);
 
@@ -361,7 +361,7 @@ public class SyncTaskITCase extends AbstractTaskITCase {
             UserTO template = new UserTO();
 
             membershipTO = new MembershipTO();
-            membershipTO.setRoleId(10L);
+            membershipTO.setGroupId(10L);
 
             template.getMemberships().add(membershipTO);
 
@@ -610,7 +610,7 @@ public class SyncTaskITCase extends AbstractTaskITCase {
 
     @Test
     public void issueSYNCOPE313LDAP() throws Exception {
-        // First of all, clear any potential conflict with existing user / role
+        // First of all, clear any potential conflict with existing user / group
         ldapCleanup();
 
         // 1. create user in LDAP

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserITCase.java
index 9b02e74..b77a11b 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserITCase.java
@@ -61,7 +61,7 @@ import org.apache.syncope.common.lib.to.PasswordPolicyTO;
 import org.apache.syncope.common.lib.to.PropagationStatus;
 import org.apache.syncope.common.lib.to.PropagationTaskTO;
 import org.apache.syncope.common.lib.to.ResourceTO;
-import org.apache.syncope.common.lib.to.RoleTO;
+import org.apache.syncope.common.lib.to.GroupTO;
 import org.apache.syncope.common.lib.to.UserTO;
 import org.apache.syncope.common.lib.types.CipherAlgorithm;
 import org.apache.syncope.common.lib.types.ClientExceptionType;
@@ -306,7 +306,7 @@ public class UserITCase extends AbstractITCase {
         userTO.setUsername("us");
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(7L);
+        membershipTO.setGroupId(7L);
 
         userTO.getMemberships().add(membershipTO);
 
@@ -324,14 +324,14 @@ public class UserITCase extends AbstractITCase {
     }
 
     @Test(expected = SyncopeClientException.class)
-    public void createWithInvalidPasswordByRole() {
-        UserTO userTO = getSampleTO("invalidPwdByRole@passwd.com");
+    public void createWithInvalidPasswordByGroup() {
+        UserTO userTO = getSampleTO("invalidPwdByGroup@passwd.com");
 
         // configured to be minLength=16
         userTO.setPassword("password1");
 
         final MembershipTO membership = new MembershipTO();
-        membership.setRoleId(8L);
+        membership.setGroupId(8L);
 
         userTO.getMemberships().add(membership);
 
@@ -362,7 +362,7 @@ public class UserITCase extends AbstractITCase {
 
         // add a membership
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         userTO.getMemberships().add(membershipTO);
 
         // add an attribute with no values: must be ignored
@@ -460,7 +460,7 @@ public class UserITCase extends AbstractITCase {
         userTO.getPlainAttrs().remove(type);
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         userTO.getMemberships().add(membershipTO);
 
         // 1. create user without type (mandatory by UserSchema)
@@ -647,7 +647,7 @@ public class UserITCase extends AbstractITCase {
         UserTO userTO = getUniqueSampleTO("g.h@t.com");
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         membershipTO.getPlainAttrs().add(attrTO("subscriptionDate", "2009-08-18T16:33:12.203+0200"));
         userTO.getMemberships().add(membershipTO);
 
@@ -657,7 +657,7 @@ public class UserITCase extends AbstractITCase {
         assertEquals(1, userTO.getMemberships().size());
 
         MembershipMod membershipMod = new MembershipMod();
-        membershipMod.setRole(8L);
+        membershipMod.setGroup(8L);
         membershipMod.getPlainAttrsToUpdate().add(attrMod("subscriptionDate", "2010-08-18T16:33:12.203+0200"));
 
         UserMod userMod = new UserMod();
@@ -704,7 +704,7 @@ public class UserITCase extends AbstractITCase {
 
         UserTO userTO = getUniqueSampleTO("pwdonly@t.com");
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         membershipTO.getPlainAttrs().add(attrTO("subscriptionDate", "2009-08-18T16:33:12.203+0200"));
         userTO.getMemberships().add(membershipTO);
 
@@ -742,7 +742,7 @@ public class UserITCase extends AbstractITCase {
 
         // add a membership
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         userTO.getMemberships().add(membershipTO);
 
         // 1. create user
@@ -811,7 +811,7 @@ public class UserITCase extends AbstractITCase {
         UserTO userTO = getUniqueSampleTO("createActivate@syncope.apache.org");
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(11L);
+        membershipTO.setGroupId(11L);
         userTO.getMemberships().add(membershipTO);
 
         userTO = createUser(userTO);
@@ -838,7 +838,7 @@ public class UserITCase extends AbstractITCase {
         UserTO userTO = getUniqueSampleTO("suspendReactivate@syncope.apache.org");
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(7L);
+        membershipTO.setGroupId(7L);
         userTO.getMemberships().add(membershipTO);
 
         userTO = createUser(userTO);
@@ -1105,8 +1105,8 @@ public class UserITCase extends AbstractITCase {
     }
 
     @Test
-    public void roleAttrPropagation() {
-        UserTO userTO = getUniqueSampleTO("checkRoleAttrPropagation@syncope.apache.org");
+    public void groupAttrPropagation() {
+        UserTO userTO = getUniqueSampleTO("checkGroupAttrPropagation@syncope.apache.org");
         userTO.getResources().clear();
         userTO.getMemberships().clear();
         userTO.getDerAttrs().clear();
@@ -1115,7 +1115,7 @@ public class UserITCase extends AbstractITCase {
         userTO.getDerAttrs().add(attrTO("csvuserid", null));
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(1L);
+        membershipTO.setGroupId(1L);
 
         userTO.getMemberships().add(membershipTO);
 
@@ -1128,7 +1128,7 @@ public class UserITCase extends AbstractITCase {
         ConnObjectTO connObjectTO =
                 resourceService.getConnectorObject(RESOURCE_NAME_CSV, SubjectType.USER, actual.getKey());
         assertNotNull(connObjectTO);
-        assertEquals("sx-dx", connObjectTO.getPlainAttrMap().get("ROLE").getValues().get(0));
+        assertEquals("sx-dx", connObjectTO.getPlainAttrMap().get("THEIRGROUP").getValues().get(0));
     }
 
     @Test
@@ -1141,7 +1141,7 @@ public class UserITCase extends AbstractITCase {
         userTO.getDerAttrs().add(attrTO("csvuserid", null));
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(1L);
+        membershipTO.setGroupId(1L);
         membershipTO.getPlainAttrs().add(attrTO("mderived_sx", "sx"));
         membershipTO.getPlainAttrs().add(attrTO("mderived_dx", "dx"));
         membershipTO.getDerAttrs().add(attrTO("mderToBePropagated", null));
@@ -1198,12 +1198,12 @@ public class UserITCase extends AbstractITCase {
         userTO.getDerAttrs().add(attrTO("csvuserid", null));
 
         MembershipTO memb12 = new MembershipTO();
-        memb12.setRoleId(12L);
+        memb12.setGroupId(12L);
 
         userTO.getMemberships().add(memb12);
 
         MembershipTO memb13 = new MembershipTO();
-        memb13.setRoleId(13L);
+        memb13.setGroupId(13L);
 
         userTO.getMemberships().add(memb13);
 
@@ -1282,12 +1282,12 @@ public class UserITCase extends AbstractITCase {
         userTO.getDerAttrs().add(attrTO("csvuserid", null));
 
         MembershipTO memb12 = new MembershipTO();
-        memb12.setRoleId(12L);
+        memb12.setGroupId(12L);
         memb12.getPlainAttrs().add(attrTO("postalAddress", "postalAddress"));
         userTO.getMemberships().add(memb12);
 
         MembershipTO memb13 = new MembershipTO();
-        memb13.setRoleId(13L);
+        memb13.setGroupId(13L);
         userTO.getMemberships().add(memb13);
 
         userTO.getResources().add(RESOURCE_NAME_LDAP);
@@ -1311,12 +1311,12 @@ public class UserITCase extends AbstractITCase {
         assertTrue(title.getValues().contains("r12") && title.getValues().contains("r13"));
 
         // -----------------------------------
-        // Remove the first membership and check for membership attr propagation and role attr propagation
+        // Remove the first membership and check for membership attr propagation and group attr propagation
         // -----------------------------------
         UserMod userMod = new UserMod();
         userMod.setKey(actual.getKey());
 
-        MembershipTO membershipTO = actual.getMemberships().get(0).getRoleId() == 12L
+        MembershipTO membershipTO = actual.getMemberships().get(0).getGroupId() == 12L
                 ? actual.getMemberships().get(0)
                 : actual.getMemberships().get(1);
 
@@ -1649,14 +1649,14 @@ public class UserITCase extends AbstractITCase {
         assertEquals(10, res.getResultByStatus(Status.SUCCESS).size());
         assertEquals(1, res.getResultByStatus(Status.FAILURE).size());
         assertEquals("suspended", userService.read(
-                Long.parseLong(res.getResultByStatus(Status.SUCCESS).get(3).toString())).getStatus());
+                Long.parseLong(res.getResultByStatus(Status.SUCCESS).get(3))).getStatus());
 
         bulkAction.setOperation(BulkAction.Type.REACTIVATE);
         res = userService.bulk(bulkAction);
         assertEquals(10, res.getResultByStatus(Status.SUCCESS).size());
         assertEquals(1, res.getResultByStatus(Status.FAILURE).size());
         assertEquals("active", userService.read(
-                Long.parseLong(res.getResultByStatus(Status.SUCCESS).get(3).toString())).getStatus());
+                Long.parseLong(res.getResultByStatus(Status.SUCCESS).get(3))).getStatus());
 
         bulkAction.setOperation(BulkAction.Type.DELETE);
         res = userService.bulk(bulkAction);
@@ -1666,37 +1666,37 @@ public class UserITCase extends AbstractITCase {
 
     @Test
     public void issueSYNCOPE354() {
-        // change resource-ldap role mapping for including uniqueMember (need for assertions below)
+        // change resource-ldap group mapping for including uniqueMember (need for assertions below)
         ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
-        for (MappingItemTO item : ldap.getRmapping().getItems()) {
+        for (MappingItemTO item : ldap.getGmapping().getItems()) {
             if ("description".equals(item.getExtAttrName())) {
                 item.setExtAttrName("uniqueMember");
             }
         }
         resourceService.update(ldap.getKey(), ldap);
 
-        // 1. create role with LDAP resource
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName("SYNCOPE354-" + getUUIDString());
-        roleTO.setParent(8L);
-        roleTO.getResources().add(RESOURCE_NAME_LDAP);
+        // 1. create group with LDAP resource
+        GroupTO groupTO = new GroupTO();
+        groupTO.setName("SYNCOPE354-" + getUUIDString());
+        groupTO.setParent(8L);
+        groupTO.getResources().add(RESOURCE_NAME_LDAP);
 
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
+        groupTO = createGroup(groupTO);
+        assertNotNull(groupTO);
 
-        // 2. create user with LDAP resource and membership of the above role
+        // 2. create user with LDAP resource and membership of the above group
         UserTO userTO = getUniqueSampleTO("syncope354@syncope.apache.org");
         userTO.getResources().add(RESOURCE_NAME_LDAP);
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(roleTO.getKey());
+        membershipTO.setGroupId(groupTO.getKey());
         userTO.getMemberships().add(membershipTO);
 
         userTO = createUser(userTO);
         assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
 
-        // 3. read role on resource, check that user DN is included in uniqueMember
+        // 3. read group on resource, check that user DN is included in uniqueMember
         ConnObjectTO connObj = resourceService.getConnectorObject(
-                RESOURCE_NAME_LDAP, SubjectType.ROLE, roleTO.getKey());
+                RESOURCE_NAME_LDAP, SubjectType.GROUP, groupTO.getKey());
         assertNotNull(connObj);
         assertTrue(connObj.getPlainAttrMap().get("uniqueMember").getValues().
                 contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
@@ -1709,14 +1709,14 @@ public class UserITCase extends AbstractITCase {
         userTO = updateUser(userMod);
         assertTrue(userTO.getResources().contains(RESOURCE_NAME_LDAP));
 
-        // 5. read role on resource, check that user DN was removed from uniqueMember
-        connObj = resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.ROLE, roleTO.getKey());
+        // 5. read group on resource, check that user DN was removed from uniqueMember
+        connObj = resourceService.getConnectorObject(RESOURCE_NAME_LDAP, SubjectType.GROUP, groupTO.getKey());
         assertNotNull(connObj);
         assertFalse(connObj.getPlainAttrMap().get("uniqueMember").getValues().
                 contains("uid=" + userTO.getUsername() + ",ou=people,o=isp"));
 
-        // 6. restore original resource-ldap role mapping
-        for (MappingItemTO item : ldap.getRmapping().getItems()) {
+        // 6. restore original resource-ldap group mapping
+        for (MappingItemTO item : ldap.getGmapping().getItems()) {
             if ("uniqueMember".equals(item.getExtAttrName())) {
                 item.setExtAttrName("description");
             }
@@ -1726,22 +1726,22 @@ public class UserITCase extends AbstractITCase {
 
     @Test
     public void issueSYNCOPE357() throws IOException {
-        // 1. create role with LDAP resource
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName("SYNCOPE357-" + getUUIDString());
-        roleTO.setParent(8L);
-        roleTO.getResources().add(RESOURCE_NAME_LDAP);
+        // 1. create group with LDAP resource
+        GroupTO groupTO = new GroupTO();
+        groupTO.setName("SYNCOPE357-" + getUUIDString());
+        groupTO.setParent(8L);
+        groupTO.getResources().add(RESOURCE_NAME_LDAP);
 
-        roleTO = createRole(roleTO);
-        assertNotNull(roleTO);
+        groupTO = createGroup(groupTO);
+        assertNotNull(groupTO);
 
-        // 2. create user with membership of the above role
+        // 2. create user with membership of the above group
         UserTO userTO = getUniqueSampleTO("syncope357@syncope.apache.org");
         userTO.getPlainAttrs().add(attrTO("obscure", "valueToBeObscured"));
         userTO.getPlainAttrs().add(attrTO("photo",
                 Base64Utility.encode(IOUtils.readBytesFromStream(getClass().getResourceAsStream("/favicon.jpg")))));
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(roleTO.getKey());
+        membershipTO.setGroupId(groupTO.getKey());
         userTO.getMemberships().add(membershipTO);
 
         userTO = createUser(userTO);
@@ -1760,8 +1760,8 @@ public class UserITCase extends AbstractITCase {
         assertNotNull(jpegPhoto);
         assertEquals(userTO.getPlainAttrMap().get("photo").getValues(), jpegPhoto.getValues());
 
-        // 4. remove role
-        roleService.delete(roleTO.getKey());
+        // 4. remove group
+        groupService.delete(groupTO.getKey());
 
         // 5. try to read user on resource: fail
         try {
@@ -2232,7 +2232,7 @@ public class UserITCase extends AbstractITCase {
         }
 
         ws1.setUmapping(ws1NewUMapping);
-        ws1.setRmapping(ws1.getRmapping());
+        ws1.setGmapping(ws1.getGmapping());
 
         resourceService.update(RESOURCE_NAME_WS1, ws1);
         ResourceTO newWs1 = resourceService.read(ws1.getKey());
@@ -2270,7 +2270,7 @@ public class UserITCase extends AbstractITCase {
         }
 
         newWs1.setUmapping(ws1NewUMapping);
-        newWs1.setRmapping(newWs1.getRmapping());
+        newWs1.setGmapping(newWs1.getGmapping());
 
         resourceService.update(RESOURCE_NAME_WS1, newWs1);
     }
@@ -2478,7 +2478,7 @@ public class UserITCase extends AbstractITCase {
         userTO.getDerAttrs().add(attrTO("csvuserid", null));
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(12L);
+        membershipTO.setGroupId(12L);
         membershipTO.getPlainAttrs().add(attrTO("postalAddress", "postalAddress"));
         userTO.getMemberships().add(membershipTO);
 
@@ -2497,7 +2497,7 @@ public class UserITCase extends AbstractITCase {
         userMod.setKey(actual.getKey());
 
         MembershipMod membershipMod = new MembershipMod();
-        membershipMod.setRole(12L);
+        membershipMod.setGroup(12L);
         membershipMod.getPlainAttrsToUpdate().add(attrMod("postalAddress", "newPostalAddress"));
         userMod.getMembershipsToAdd().add(membershipMod);
         userMod.getMembershipsToRemove().add(actual.getMemberships().iterator().next().getKey());

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserSelfITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserSelfITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserSelfITCase.java
index 515e13d..68d8f3d 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserSelfITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserSelfITCase.java
@@ -89,7 +89,7 @@ public class UserSelfITCase extends AbstractITCase {
         // self-create user with membership: goes 'createApproval' with resources and membership but no propagation
         UserTO userTO = UserITCase.getUniqueSampleTO("anonymous@syncope.apache.org");
         MembershipTO membership = new MembershipTO();
-        membership.setRoleId(3L);
+        membership.setGroupId(3L);
         userTO.getMemberships().add(membership);
         userTO.getResources().add(RESOURCE_NAME_TESTDB);
 
@@ -169,7 +169,7 @@ public class UserSelfITCase extends AbstractITCase {
 
         // 2. self-update (username + memberships + resource) - works but needs approval
         MembershipMod membershipMod = new MembershipMod();
-        membershipMod.setRole(7L);
+        membershipMod.setGroup(7L);
         AttrMod testAttrMod = new AttrMod();
         testAttrMod.setSchema("testAttribute");
         testAttrMod.getValuesToBeAdded().add("a value");

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserWorkflowITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserWorkflowITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserWorkflowITCase.java
index 05399c0..80c916a 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserWorkflowITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/UserWorkflowITCase.java
@@ -54,16 +54,16 @@ public class UserWorkflowITCase extends AbstractITCase {
         UserTO userTO = UserITCase.getUniqueSampleTO("createWithReject@syncope.apache.org");
         userTO.getResources().add(RESOURCE_NAME_TESTDB);
 
-        // User with role 9 are defined in workflow as subject to approval
+        // User with group 9 are defined in workflow as subject to approval
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(9L);
+        membershipTO.setGroupId(9L);
         userTO.getMemberships().add(membershipTO);
 
-        // 1. create user with role 9
+        // 1. create user with group 9
         userTO = createUser(userTO);
         assertNotNull(userTO);
         assertEquals(1, userTO.getMemberships().size());
-        assertEquals(9, userTO.getMemberships().get(0).getRoleId());
+        assertEquals(9, userTO.getMemberships().get(0).getGroupId());
         assertEquals("createApproval", userTO.getStatus());
 
         // 2. request if there is any pending task for user just created
@@ -74,7 +74,7 @@ public class UserWorkflowITCase extends AbstractITCase {
         assertNotNull(form.getTaskId());
         assertNull(form.getOwner());
 
-        // 3. claim task from rossini, not in role 7 (designated for approval in workflow definition): fail
+        // 3. claim task from rossini, not in group 7 (designated for approval in workflow definition): fail
         UserWorkflowService userService2 = clientFactory.create(
                 "rossini", ADMIN_PWD).getService(UserWorkflowService.class);
 
@@ -85,7 +85,7 @@ public class UserWorkflowITCase extends AbstractITCase {
             assertEquals(ClientExceptionType.Workflow, e.getType());
         }
 
-        // 4. claim task from bellini, in role 7
+        // 4. claim task from bellini, in group 7
         UserWorkflowService userService3 = clientFactory.create(
                 "bellini", ADMIN_PWD).getService(UserWorkflowService.class);
 
@@ -128,16 +128,16 @@ public class UserWorkflowITCase extends AbstractITCase {
         UserTO userTO = UserITCase.getUniqueSampleTO("createWithApproval@syncope.apache.org");
         userTO.getResources().add(RESOURCE_NAME_TESTDB);
 
-        // User with role 9 are defined in workflow as subject to approval
+        // User with group 9 are defined in workflow as subject to approval
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(9L);
+        membershipTO.setGroupId(9L);
         userTO.getMemberships().add(membershipTO);
 
-        // 1. create user with role 9 (and verify that no propagation occurred)
+        // 1. create user with group 9 (and verify that no propagation occurred)
         userTO = createUser(userTO);
         assertNotNull(userTO);
         assertEquals(1, userTO.getMemberships().size());
-        assertEquals(9, userTO.getMemberships().get(0).getRoleId());
+        assertEquals(9, userTO.getMemberships().get(0).getGroupId());
         assertEquals("createApproval", userTO.getStatus());
         assertEquals(Collections.singleton(RESOURCE_NAME_TESTDB), userTO.getResources());
 
@@ -214,12 +214,12 @@ public class UserWorkflowITCase extends AbstractITCase {
         userTO.getDerAttrs().clear();
         userTO.getMemberships().clear();
 
-        // User with role 9 are defined in workflow as subject to approval
+        // User with group 9 are defined in workflow as subject to approval
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(9L);
+        membershipTO.setGroupId(9L);
         userTO.getMemberships().add(membershipTO);
 
-        // 1. create user with role 9 (and verify that no propagation occurred)
+        // 1. create user with group 9 (and verify that no propagation occurred)
         userTO = createUser(userTO);
         assertNotNull(userTO);
         assertNotEquals(0L, userTO.getKey());

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirAttrITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirAttrITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirAttrITCase.java
index 68cfdcc..6ed3871 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirAttrITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirAttrITCase.java
@@ -38,7 +38,7 @@ import org.apache.syncope.common.lib.to.MappingItemTO;
 import org.apache.syncope.common.lib.to.MappingTO;
 import org.apache.syncope.common.lib.to.MembershipTO;
 import org.apache.syncope.common.lib.to.ResourceTO;
-import org.apache.syncope.common.lib.to.RoleTO;
+import org.apache.syncope.common.lib.to.GroupTO;
 import org.apache.syncope.common.lib.to.UserTO;
 import org.apache.syncope.common.lib.types.ConnConfProperty;
 import org.apache.syncope.common.lib.types.IntMappingType;
@@ -59,7 +59,7 @@ public class VirAttrITCase extends AbstractITCase {
         UserTO userTO = UserITCase.getUniqueSampleTO("issue16@apache.org");
 
         MembershipTO membershipTO = new MembershipTO();
-        membershipTO.setRoleId(8L);
+        membershipTO.setGroupId(8L);
         userTO.getMemberships().add(membershipTO);
 
         // 1. create user
@@ -442,7 +442,7 @@ public class VirAttrITCase extends AbstractITCase {
     @Test
     public void issueSYNCOPE453() {
         final String resourceName = "issueSYNCOPE453-Res-" + getUUIDString();
-        final String roleName = "issueSYNCOPE453-Role-" + getUUIDString();
+        final String groupName = "issueSYNCOPE453-Group-" + getUUIDString();
 
         // -------------------------------------------
         // Create a resource ad-hoc
@@ -457,7 +457,7 @@ public class VirAttrITCase extends AbstractITCase {
         MappingItemTO item = new MappingItemTO();
         item.setIntAttrName("aLong");
         item.setIntMappingType(IntMappingType.UserPlainSchema);
-        item.setExtAttrName(roleName);
+        item.setExtAttrName(groupName);
         item.setPurpose(MappingPurpose.PROPAGATION);
         item.setAccountid(true);
         mapping.setAccountIdItem(item);
@@ -472,7 +472,7 @@ public class VirAttrITCase extends AbstractITCase {
         item = new MappingItemTO();
         item.setExtAttrName("EMAIL");
         item.setIntAttrName("rvirtualdata");
-        item.setIntMappingType(IntMappingType.RoleVirtualSchema);
+        item.setIntMappingType(IntMappingType.GroupVirtualSchema);
         item.setPurpose(MappingPurpose.PROPAGATION);
         mapping.getItems().add(item);
 
@@ -482,17 +482,17 @@ public class VirAttrITCase extends AbstractITCase {
         // -------------------------------------------
 
         // -------------------------------------------
-        // Create a role ad-hoc
+        // Create a VirAttrITCase ad-hoc
         // -------------------------------------------
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName(roleName);
-        roleTO.setParent(8L);
-        roleTO.getRVirAttrTemplates().add("rvirtualdata");
-        roleTO.getVirAttrs().add(attrTO("rvirtualdata", "ml@role.it"));
-        roleTO.getResources().add(RESOURCE_NAME_LDAP);
-        roleTO = createRole(roleTO);
-        assertEquals(1, roleTO.getVirAttrs().size());
-        assertEquals("ml@role.it", roleTO.getVirAttrs().get(0).getValues().get(0));
+        GroupTO groupTO = new GroupTO();
+        groupTO.setName(groupName);
+        groupTO.setParent(8L);
+        groupTO.getGVirAttrTemplates().add("rvirtualdata");
+        groupTO.getVirAttrs().add(attrTO("rvirtualdata", "ml@group.it"));
+        groupTO.getResources().add(RESOURCE_NAME_LDAP);
+        groupTO = createGroup(groupTO);
+        assertEquals(1, groupTO.getVirAttrs().size());
+        assertEquals("ml@group.it", groupTO.getVirAttrs().get(0).getValues().get(0));
         // -------------------------------------------
 
         // -------------------------------------------
@@ -507,7 +507,7 @@ public class VirAttrITCase extends AbstractITCase {
         userTO.getMemberships().clear();
 
         final MembershipTO membership = new MembershipTO();
-        membership.setRoleId(roleTO.getKey());
+        membership.setGroupId(groupTO.getKey());
         membership.getVirAttrs().add(attrTO("mvirtualdata", "mvirtualvalue"));
         userTO.getMemberships().add(membership);
 
@@ -523,14 +523,14 @@ public class VirAttrITCase extends AbstractITCase {
                 new Object[] { Integer.parseInt(userTO.getPlainAttrMap().get("aLong").getValues().get(0)) });
 
         assertEquals(userTO.getPlainAttrMap().get("aLong").getValues().get(0), actuals.get("id").toString());
-        assertEquals("ml@role.it", actuals.get("email"));
+        assertEquals("ml@group.it", actuals.get("email"));
         // -------------------------------------------
 
         // -------------------------------------------
-        // Delete resource and role ad-hoc
+        // Delete resource and group ad-hoc
         // -------------------------------------------
         resourceService.delete(resourceName);
-        roleService.delete(roleTO.getKey());
+        groupService.delete(groupTO.getKey());
         // -------------------------------------------
     }
 
@@ -565,14 +565,14 @@ public class VirAttrITCase extends AbstractITCase {
     @Test
     public void issueSYNCOPE458() {
         // -------------------------------------------
-        // Create a role ad-hoc
+        // Create a group ad-hoc
         // -------------------------------------------
-        final String roleName = "issueSYNCOPE458-Role-" + getUUIDString();
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName(roleName);
-        roleTO.setParent(2L);
-        roleTO.setInheritTemplates(true);
-        roleTO = createRole(roleTO);
+        final String groupName = "issueSYNCOPE458-Group-" + getUUIDString();
+        GroupTO groupTO = new GroupTO();
+        groupTO.setName(groupName);
+        groupTO.setParent(2L);
+        groupTO.setInheritTemplates(true);
+        groupTO = createGroup(groupTO);
         // -------------------------------------------
 
         // -------------------------------------------
@@ -608,7 +608,7 @@ public class VirAttrITCase extends AbstractITCase {
 
         // add membership, with virtual attribute populated, to user
         MembershipTO membership = new MembershipTO();
-        membership.setRoleId(roleTO.getKey());
+        membership.setGroupId(groupTO.getKey());
         membership.getVirAttrs().add(attrTO("mvirtualdata", "syncope458@syncope.apache.org"));
         userTO.getMemberships().add(membership);
 
@@ -626,7 +626,7 @@ public class VirAttrITCase extends AbstractITCase {
 
         // 2. update membership virtual attribute
         MembershipMod membershipMod = new MembershipMod();
-        membershipMod.setRole(roleTO.getKey());
+        membershipMod.setGroup(groupTO.getKey());
         membershipMod.getVirAttrsToUpdate().add(attrMod("mvirtualdata", "syncope458_NEW@syncope.apache.org"));
 
         UserMod userMod = new UserMod();
@@ -657,7 +657,7 @@ public class VirAttrITCase extends AbstractITCase {
         connectorService.update(connInstanceBean.getKey(), connInstanceBean);
 
         membershipMod = new MembershipMod();
-        membershipMod.setRole(roleTO.getKey());
+        membershipMod.setGroup(groupTO.getKey());
         membershipMod.getVirAttrsToUpdate().add(attrMod("mvirtualdata", "syncope458_updated@syncope.apache.org"));
 
         userMod = new UserMod();
@@ -703,7 +703,7 @@ public class VirAttrITCase extends AbstractITCase {
 
         // 5. remove membership virtual attribute
         membershipMod = new MembershipMod();
-        membershipMod.setRole(roleTO.getKey());
+        membershipMod.setGroup(groupTO.getKey());
         membershipMod.getVirAttrsToRemove().add("mvirtualdata");
 
         userMod = new UserMod();
@@ -717,9 +717,9 @@ public class VirAttrITCase extends AbstractITCase {
         assertTrue(userTO.getMemberships().get(0).getVirAttrMap().isEmpty());
 
         // -------------------------------------------
-        // Delete role ad-hoc and restore resource mapping
+        // Delete group ad-hoc and restore resource mapping
         // -------------------------------------------
-        roleService.delete(roleTO.getKey());
+        groupService.delete(groupTO.getKey());
 
         resourceUMapping.removeItem(item);
         resourceDBVirAttr.setUmapping(resourceUMapping);
@@ -796,19 +796,19 @@ public class VirAttrITCase extends AbstractITCase {
         // -------------------------------------------
 
         // -------------------------------------------
-        // Create a role ad-hoc
+        // Create a group ad-hoc
         // -------------------------------------------
-        final String roleName = "issueSYNCOPE501-Role-" + getUUIDString();
-        RoleTO roleTO = new RoleTO();
-        roleTO.setName(roleName);
-        roleTO.setParent(2L);
-        roleTO.setInheritTemplates(true);
-        roleTO = createRole(roleTO);
+        final String groupName = "issueSYNCOPE501-Group-" + getUUIDString();
+        GroupTO groupTO = new GroupTO();
+        groupTO.setName(groupName);
+        groupTO.setParent(2L);
+        groupTO.setInheritTemplates(true);
+        groupTO = createGroup(groupTO);
         // -------------------------------------------
 
         // 1. add membership, with virtual attribute populated, to user
         MembershipMod membershipMod = new MembershipMod();
-        membershipMod.setRole(roleTO.getKey());
+        membershipMod.setGroup(groupTO.getKey());
         membershipMod.getVirAttrsToUpdate().add(attrMod("mvirtualdata", "syncope501membership@test.org"));
 
         userMod = new UserMod();
@@ -823,7 +823,7 @@ public class VirAttrITCase extends AbstractITCase {
 
         // 2. update only membership virtual attribute and propagate user
         membershipMod = new MembershipMod();
-        membershipMod.setRole(roleTO.getKey());
+        membershipMod.setGroup(groupTO.getKey());
         membershipMod.getVirAttrsToUpdate().add(attrMod("mvirtualdata",
                 "syncope501membership_updated@test.org"));
         membershipMod.getVirAttrsToRemove().add("syncope501membership@test.org");
@@ -860,9 +860,9 @@ public class VirAttrITCase extends AbstractITCase {
         // ----------------------------------------
 
         // -------------------------------------------
-        // Delete role ad-hoc and restore resource mapping
+        // Delete group ad-hoc and restore resource mapping
         // -------------------------------------------
-        roleService.delete(roleTO.getKey());
+        groupService.delete(groupTO.getKey());
 
         resourceUMapping.removeItem(item);
         resourceDBVirAttr.setUmapping(resourceUMapping);

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirSchemaITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirSchemaITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirSchemaITCase.java
index e66e51c..c8259f0 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirSchemaITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/VirSchemaITCase.java
@@ -69,13 +69,13 @@ public class VirSchemaITCase extends AbstractITCase {
 
     @Test
     public void delete() {
-        VirSchemaTO schema = schemaService.read(AttributableType.ROLE, SchemaType.VIRTUAL, "rvirtualdata");
+        VirSchemaTO schema = schemaService.read(AttributableType.GROUP, SchemaType.VIRTUAL, "rvirtualdata");
         assertNotNull(schema);
 
-        schemaService.delete(AttributableType.ROLE, SchemaType.VIRTUAL, schema.getKey());
+        schemaService.delete(AttributableType.GROUP, SchemaType.VIRTUAL, schema.getKey());
 
         try {
-            schemaService.read(AttributableType.ROLE, SchemaType.VIRTUAL, "rvirtualdata");
+            schemaService.read(AttributableType.GROUP, SchemaType.VIRTUAL, "rvirtualdata");
             fail();
         } catch (SyncopeClientException e) {
             assertEquals(ClientExceptionType.NotFound, e.getType());

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/WorkflowITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/WorkflowITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/WorkflowITCase.java
index 8bd844d..106b1f1 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/WorkflowITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/reference/WorkflowITCase.java
@@ -49,9 +49,9 @@ public class WorkflowITCase extends AbstractITCase {
     }
 
     @Test
-    public void getRoleDefinition() throws IOException {
-        Assume.assumeTrue(ActivitiDetector.isActivitiEnabledForRoles(syncopeService));
-        exportDefinition(SubjectType.ROLE);
+    public void getGroupDefinition() throws IOException {
+        Assume.assumeTrue(ActivitiDetector.isActivitiEnabledForGroups(syncopeService));
+        exportDefinition(SubjectType.GROUP);
     }
 
     private void importDefinition(final SubjectType type) throws IOException {
@@ -64,14 +64,12 @@ public class WorkflowITCase extends AbstractITCase {
     @Test
     public void updateUserDefinition() throws IOException {
         Assume.assumeTrue(ActivitiDetector.isActivitiEnabledForUsers(syncopeService));
-
         importDefinition(SubjectType.USER);
     }
 
     @Test
-    public void updateRoleDefinition() throws IOException {
-        Assume.assumeTrue(ActivitiDetector.isActivitiEnabledForRoles(syncopeService));
-
-        importDefinition(SubjectType.ROLE);
+    public void updateGroupDefinition() throws IOException {
+        Assume.assumeTrue(ActivitiDetector.isActivitiEnabledForGroups(syncopeService));
+        importDefinition(SubjectType.GROUP);
     }
 }

http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/fit/core-reference/src/test/resources/test.csv
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/resources/test.csv b/fit/core-reference/src/test/resources/test.csv
index f227366..100f71a 100644
--- a/fit/core-reference/src/test/resources/test.csv
+++ b/fit/core-reference/src/test/resources/test.csv
@@ -1,10 +1,10 @@
-test0,nome0,cognome0,test0@syncope.apache.org,password0,role1,membership1,true,false
-test1,nome1,cognome1,test1@syncope.apache.org,password1,role1,membership1,false,false
-test2,nome2,cognome2,test2@syncope.apache.org,notpermitted1,role1,membership1,true,false
-test3,nome3,cognome3,test3@syncope.apache.org,password3,role1,membership1,true,false
-test4,nome4,cognome4,test4@syncope.apache.org,password4,role1,membership1,true,false
-test5,nome5,cognome5,test5@syncope.apache.org,password5,role1,membership1,true,false
-test6,nome6,cognome6,test6@syncope.apache.org,password6,role1,membership1,true,false
-test7,nome7,cognome7,test7@syncope.apache.org,password7,role1,membership1,true,false
-test8,nome8,cognome8,test8@syncope.apache.org,password8,role1,membership1,true,false
-test9,nome9,cognome9,test9@syncope.apache.org,password999,role1,membership1,true,false
+test0,nome0,cognome0,test0@syncope.apache.org,password0,group1,membership1,true,false
+test1,nome1,cognome1,test1@syncope.apache.org,password1,group1,membership1,false,false
+test2,nome2,cognome2,test2@syncope.apache.org,notpermitted1,group1,membership1,true,false
+test3,nome3,cognome3,test3@syncope.apache.org,password3,group1,membership1,true,false
+test4,nome4,cognome4,test4@syncope.apache.org,password4,group1,membership1,true,false
+test5,nome5,cognome5,test5@syncope.apache.org,password5,group1,membership1,true,false
+test6,nome6,cognome6,test6@syncope.apache.org,password6,group1,membership1,true,false
+test7,nome7,cognome7,test7@syncope.apache.org,password7,group1,membership1,true,false
+test8,nome8,cognome8,test8@syncope.apache.org,password8,group1,membership1,true,false
+test9,nome9,cognome9,test9@syncope.apache.org,password999,group1,membership1,true,false


Mime
View raw message