Return-Path: X-Original-To: apmail-syncope-commits-archive@www.apache.org Delivered-To: apmail-syncope-commits-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 174D617923 for ; Tue, 21 Apr 2015 07:49:21 +0000 (UTC) Received: (qmail 29710 invoked by uid 500); 21 Apr 2015 07:49:18 -0000 Delivered-To: apmail-syncope-commits-archive@syncope.apache.org Received: (qmail 29647 invoked by uid 500); 21 Apr 2015 07:49:18 -0000 Mailing-List: contact commits-help@syncope.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@syncope.apache.org Delivered-To: mailing list commits@syncope.apache.org Received: (qmail 28739 invoked by uid 99); 21 Apr 2015 07:49:17 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 Apr 2015 07:49:17 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 53BCDE0990; Tue, 21 Apr 2015 07:49:17 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: ilgrosso@apache.org To: commits@syncope.apache.org Date: Tue, 21 Apr 2015 07:49:44 -0000 Message-Id: <79ba3b6c079d4c9d92777b24167d5a8c@git.apache.org> In-Reply-To: <8fc77f2fcee04167a6800184b8060333@git.apache.org> References: <8fc77f2fcee04167a6800184b8060333@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [29/40] syncope git commit: [SYNCOPE-119] New security model implemented http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/group/JPAGroup.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/group/JPAGroup.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/group/JPAGroup.java index e6dcc7b..720b875 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/group/JPAGroup.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/group/JPAGroup.java @@ -19,14 +19,12 @@ package org.apache.syncope.core.persistence.jpa.entity.group; import java.util.ArrayList; -import java.util.HashMap; import java.util.HashSet; import java.util.List; -import java.util.Map; import java.util.Set; -import javax.persistence.Basic; import javax.persistence.Cacheable; import javax.persistence.CascadeType; +import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.FetchType; import javax.persistence.Id; @@ -36,50 +34,35 @@ import javax.persistence.ManyToMany; import javax.persistence.ManyToOne; import javax.persistence.OneToMany; import javax.persistence.Table; -import javax.persistence.UniqueConstraint; import javax.validation.Valid; -import javax.validation.constraints.Max; -import javax.validation.constraints.Min; import javax.validation.constraints.NotNull; import org.apache.commons.collections4.CollectionUtils; import org.apache.commons.collections4.Predicate; import org.apache.commons.collections4.Transformer; -import org.apache.syncope.core.persistence.api.entity.AccountPolicy; import org.apache.syncope.core.persistence.api.entity.AttrTemplate; -import org.apache.syncope.core.persistence.api.entity.DerSchema; -import org.apache.syncope.core.persistence.api.entity.Entitlement; import org.apache.syncope.core.persistence.api.entity.ExternalResource; -import org.apache.syncope.core.persistence.api.entity.PasswordPolicy; -import org.apache.syncope.core.persistence.api.entity.PlainSchema; import org.apache.syncope.core.persistence.api.entity.Schema; -import org.apache.syncope.core.persistence.api.entity.VirSchema; import org.apache.syncope.core.persistence.api.entity.membership.MDerAttrTemplate; import org.apache.syncope.core.persistence.api.entity.membership.MPlainAttrTemplate; import org.apache.syncope.core.persistence.api.entity.membership.MVirAttrTemplate; import org.apache.syncope.core.persistence.api.entity.group.GDerAttr; import org.apache.syncope.core.persistence.api.entity.group.GDerAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.group.GDerSchema; import org.apache.syncope.core.persistence.api.entity.group.GPlainAttr; import org.apache.syncope.core.persistence.api.entity.group.GPlainAttrTemplate; import org.apache.syncope.core.persistence.api.entity.group.GVirAttr; import org.apache.syncope.core.persistence.api.entity.group.GVirAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.group.GVirSchema; import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.persistence.jpa.validation.entity.GroupCheck; import org.apache.syncope.core.persistence.jpa.entity.AbstractSubject; -import org.apache.syncope.core.persistence.jpa.entity.JPAAccountPolicy; -import org.apache.syncope.core.persistence.jpa.entity.JPAEntitlement; import org.apache.syncope.core.persistence.jpa.entity.JPAExternalResource; -import org.apache.syncope.core.persistence.jpa.entity.JPAPasswordPolicy; import org.apache.syncope.core.persistence.jpa.entity.membership.JPAMPlainAttrTemplate; import org.apache.syncope.core.persistence.jpa.entity.membership.JPAMDerAttrTemplate; import org.apache.syncope.core.persistence.jpa.entity.membership.JPAMVirAttrTemplate; import org.apache.syncope.core.persistence.jpa.entity.user.JPAUser; @Entity -@Table(name = JPAGroup.TABLE, uniqueConstraints = - @UniqueConstraint(columnNames = { "name", "parent_id" })) +@Table(name = JPAGroup.TABLE) @Cacheable @GroupCheck public class JPAGroup extends AbstractSubject implements Group { @@ -91,36 +74,27 @@ public class JPAGroup extends AbstractSubject im @Id private Long id; + @Column(unique = true) @NotNull private String name; - @ManyToOne(optional = true) - private JPAGroup parent; - - @ManyToOne(optional = true) + @ManyToOne private JPAUser userOwner; - @ManyToOne(optional = true) + @ManyToOne private JPAGroup groupOwner; - @ManyToMany(fetch = FetchType.EAGER) - @JoinTable(joinColumns = - @JoinColumn(name = "group_id"), - inverseJoinColumns = - @JoinColumn(name = "entitlement_name")) - private Set entitlements; - @OneToMany(cascade = CascadeType.ALL, mappedBy = "owner") @Valid - private List rAttrTemplates; + private List gAttrTemplates; @OneToMany(cascade = CascadeType.ALL, mappedBy = "owner") @Valid - private List rDerAttrTemplates; + private List gDerAttrTemplates; @OneToMany(cascade = CascadeType.ALL, mappedBy = "owner") @Valid - private List rVirAttrTemplates; + private List gVirAttrTemplates; @OneToMany(cascade = CascadeType.ALL, mappedBy = "owner") @Valid @@ -146,47 +120,6 @@ public class JPAGroup extends AbstractSubject im @Valid private List virAttrs; - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritOwner; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritTemplates; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritPlainAttrs; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritDerAttrs; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritVirAttrs; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritPasswordPolicy; - - @Basic(optional = true) - @Min(0) - @Max(1) - private Integer inheritAccountPolicy; - - @ManyToOne(fetch = FetchType.EAGER, optional = true) - private JPAPasswordPolicy passwordPolicy; - - @ManyToOne(fetch = FetchType.EAGER, optional = true) - private JPAAccountPolicy accountPolicy; - /** * Provisioning external resources. */ @@ -201,11 +134,9 @@ public class JPAGroup extends AbstractSubject im public JPAGroup() { super(); - entitlements = new HashSet<>(); - - rAttrTemplates = new ArrayList<>(); - rDerAttrTemplates = new ArrayList<>(); - rVirAttrTemplates = new ArrayList<>(); + gAttrTemplates = new ArrayList<>(); + gDerAttrTemplates = new ArrayList<>(); + gVirAttrTemplates = new ArrayList<>(); mAttrTemplates = new ArrayList<>(); mDerAttrTemplates = new ArrayList<>(); mVirAttrTemplates = new ArrayList<>(); @@ -214,14 +145,6 @@ public class JPAGroup extends AbstractSubject im derAttrs = new ArrayList<>(); virAttrs = new ArrayList<>(); - inheritOwner = getBooleanAsInteger(false); - inheritTemplates = getBooleanAsInteger(false); - inheritPlainAttrs = getBooleanAsInteger(false); - inheritDerAttrs = getBooleanAsInteger(false); - inheritVirAttrs = getBooleanAsInteger(false); - inheritPasswordPolicy = getBooleanAsInteger(false); - inheritAccountPolicy = getBooleanAsInteger(false); - resources = new HashSet<>(); } @@ -246,27 +169,6 @@ public class JPAGroup extends AbstractSubject im } @Override - public Group getParent() { - return parent; - } - - @Override - public void setParent(final Group parent) { - checkType(parent, JPAGroup.class); - this.parent = (JPAGroup) parent; - } - - @Override - public boolean isInheritOwner() { - return isBooleanAsInteger(inheritOwner); - } - - @Override - public void setInheritOwner(final boolean inheritOwner) { - this.inheritOwner = getBooleanAsInteger(inheritOwner); - } - - @Override public User getUserOwner() { return userOwner; } @@ -289,43 +191,16 @@ public class JPAGroup extends AbstractSubject im } @Override - public boolean addEntitlement(final Entitlement entitlement) { - checkType(entitlement, JPAEntitlement.class); - return entitlements.add((JPAEntitlement) entitlement); - } - - @Override - public boolean removeEntitlement(final Entitlement entitlement) { - checkType(entitlement, JPAEntitlement.class); - return entitlements.remove((JPAEntitlement) entitlement); - } - - @Override - public Set getEntitlements() { - return entitlements; - } - - @Override - public boolean isInheritTemplates() { - return isBooleanAsInteger(inheritTemplates); - } - - @Override - public void setInheritTemplates(final boolean inheritAttrTemplates) { - this.inheritTemplates = getBooleanAsInteger(inheritAttrTemplates); - } - - @Override @SuppressWarnings("unchecked") public , K extends Schema> List getAttrTemplates(final Class reference) { List result = new ArrayList<>(); if (GPlainAttrTemplate.class.isAssignableFrom(reference)) { - result = (List) rAttrTemplates; + result = (List) gAttrTemplates; } else if (GDerAttrTemplate.class.isAssignableFrom(reference)) { - result = (List) rDerAttrTemplates; + result = (List) gDerAttrTemplates; } else if (GVirAttrTemplate.class.isAssignableFrom(reference)) { - result = (List) rVirAttrTemplates; + result = (List) gVirAttrTemplates; } else if (MPlainAttrTemplate.class.isAssignableFrom(reference)) { result = (List) mAttrTemplates; } else if (MDerAttrTemplate.class.isAssignableFrom(reference)) { @@ -341,7 +216,7 @@ public class JPAGroup extends AbstractSubject im public , K extends Schema> T getAttrTemplate( final Class reference, final String schemaName) { - return CollectionUtils.find(findInheritedTemplates(reference), new Predicate() { + return CollectionUtils.find(getAttrTemplates(reference), new Predicate() { @Override public boolean evaluate(final T template) { @@ -352,7 +227,7 @@ public class JPAGroup extends AbstractSubject im @Override public , K extends Schema> List getAttrTemplateSchemas(final Class reference) { - return CollectionUtils.collect(findInheritedTemplates(reference), new Transformer() { + return CollectionUtils.collect(getAttrTemplates(reference), new Transformer() { @Override public K transform(final T input) { @@ -362,17 +237,6 @@ public class JPAGroup extends AbstractSubject im } @Override - public , K extends Schema> List findInheritedTemplates(final Class reference) { - final List result = new ArrayList<>(getAttrTemplates(reference)); - - if (isInheritTemplates() && getParent() != null) { - result.addAll(getParent().findInheritedTemplates(reference)); - } - - return result; - } - - @Override public boolean addPlainAttr(final GPlainAttr attr) { checkType(attr, JPAGPlainAttr.class); return plainAttrs.add((JPAGPlainAttr) attr); @@ -422,172 +286,4 @@ public class JPAGroup extends AbstractSubject im public List getVirAttrs() { return virAttrs; } - - @Override - public boolean isInheritPlainAttrs() { - return isBooleanAsInteger(inheritPlainAttrs); - } - - @Override - public void setInheritPlainAttrs(final boolean inheritPlainAttrs) { - this.inheritPlainAttrs = getBooleanAsInteger(inheritPlainAttrs); - } - - /** - * Get all inherited attributes from the ancestors. - * - * @return a list of inherited and only inherited attributes. - */ - @Override - public List findLastInheritedAncestorPlainAttrs() { - if (!isInheritPlainAttrs()) { - return plainAttrs; - } - - final Map result = new HashMap<>(); - if (isInheritPlainAttrs() && getParent() != null) { - final Map attrMap = getPlainAttrMap(); - - // Add inherit attributes - for (GPlainAttr attr : getParent().findLastInheritedAncestorPlainAttrs()) { - if (attrMap.containsKey(attr.getSchema())) { - result.remove((JPAGPlainSchema) attr.getSchema()); - } - result.put((JPAGPlainSchema) attr.getSchema(), attr); - } - } - return new ArrayList<>(result.values()); - } - - @Override - public boolean isInheritDerAttrs() { - return isBooleanAsInteger(inheritDerAttrs); - } - - @Override - public void setInheritDerAttrs(final boolean inheritDerAttrs) { - this.inheritDerAttrs = getBooleanAsInteger(inheritDerAttrs); - - } - - /** - * Get all inherited derived attributes from the ancestors. - * - * @return a list of inherited and only inherited attributes. - */ - @Override - public List findLastInheritedAncestorDerAttrs() { - if (!isInheritDerAttrs()) { - return derAttrs; - } - - final Map result = new HashMap<>(); - if (isInheritDerAttrs() && getParent() != null) { - Map derAttrMap = getDerAttrMap(); - - // Add inherit derived attributes - for (GDerAttr attr : getParent().findLastInheritedAncestorDerAttrs()) { - if (derAttrMap.containsKey(attr.getSchema())) { - result.remove(attr.getSchema()); - } - result.put(attr.getSchema(), attr); - } - } - return new ArrayList<>(result.values()); - } - - @Override - public boolean isInheritVirAttrs() { - return isBooleanAsInteger(inheritVirAttrs); - } - - @Override - public void setInheritVirAttrs(final boolean inheritVirAttrs) { - this.inheritVirAttrs = getBooleanAsInteger(inheritVirAttrs); - - } - - /** - * Get all inherited virtual attributes from the ancestors. - * - * @return a list of inherited and only inherited attributes. - */ - @Override - public List findLastInheritedAncestorVirAttrs() { - if (!isInheritVirAttrs()) { - return virAttrs; - } - - final Map result = new HashMap<>(); - if (isInheritVirAttrs() && getParent() != null) { - Map virAttrMap = getVirAttrMap(); - - // Add inherit virtual attributes - for (GVirAttr attr : getParent().findLastInheritedAncestorVirAttrs()) { - if (virAttrMap.containsKey(attr.getSchema())) { - result.remove(attr.getSchema()); - } - result.put(attr.getSchema(), attr); - } - } - return new ArrayList<>(result.values()); - } - - /** - * Get first valid password policy. - * - * @return parent password policy if isInheritPasswordPolicy is 'true' and parent is not null, local password policy - * otherwise - */ - @Override - public PasswordPolicy getPasswordPolicy() { - return isInheritPasswordPolicy() && getParent() != null - ? getParent().getPasswordPolicy() - : passwordPolicy; - } - - @Override - public void setPasswordPolicy(final PasswordPolicy passwordPolicy) { - checkType(passwordPolicy, JPAPasswordPolicy.class); - this.passwordPolicy = (JPAPasswordPolicy) passwordPolicy; - } - - @Override - public boolean isInheritPasswordPolicy() { - return isBooleanAsInteger(inheritPasswordPolicy); - } - - @Override - public void setInheritPasswordPolicy(final boolean inheritPasswordPolicy) { - this.inheritPasswordPolicy = getBooleanAsInteger(inheritPasswordPolicy); - } - - /** - * Get first valid account policy. - * - * @return parent account policy if isInheritAccountPolicy is 'true' and parent is not null, local account policy - * otherwise. - */ - @Override - public AccountPolicy getAccountPolicy() { - return isInheritAccountPolicy() && getParent() != null - ? getParent().getAccountPolicy() - : accountPolicy; - } - - @Override - public void setAccountPolicy(final AccountPolicy accountPolicy) { - checkType(accountPolicy, JPAAccountPolicy.class); - this.accountPolicy = (JPAAccountPolicy) accountPolicy; - } - - @Override - public boolean isInheritAccountPolicy() { - return isBooleanAsInteger(inheritAccountPolicy); - } - - @Override - public void setInheritAccountPolicy(boolean inheritAccountPolicy) { - this.inheritAccountPolicy = getBooleanAsInteger(inheritAccountPolicy); - } } http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/membership/JPAMembership.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/membership/JPAMembership.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/membership/JPAMembership.java index ad79250..dc02cf3 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/membership/JPAMembership.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/membership/JPAMembership.java @@ -37,6 +37,7 @@ import org.apache.syncope.core.persistence.api.entity.membership.MVirAttr; import org.apache.syncope.core.persistence.api.entity.membership.MVirAttrTemplate; import org.apache.syncope.core.persistence.api.entity.membership.Membership; import org.apache.syncope.core.persistence.api.entity.group.Group; +import org.apache.syncope.core.persistence.api.entity.membership.MPlainAttrTemplate; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.persistence.jpa.entity.AbstractAttributable; import org.apache.syncope.core.persistence.jpa.entity.group.JPAGroup; @@ -108,9 +109,28 @@ public class JPAMembership extends AbstractAttributable() { + + @Override + public boolean evaluate(final MPlainAttrTemplate template) { + return plainAttr.getSchema().equals(template.getSchema()); + } + + }); + if (found != null) { + plainAttr.setTemplate(found); + return plainAttrs.add((JPAMPlainAttr) plainAttr); + } + } + + LOG.warn("Attribute not added because either group was not yet set, " + + "schema was not specified or no template for that schema is available"); + return false; } @Override @@ -129,7 +149,7 @@ public class JPAMembership extends AbstractAttributable() { @Override @@ -166,7 +186,7 @@ public class JPAMembership extends AbstractAttributable getActionsClassNames() { return actionsClassNames; } http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtil.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtil.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtil.java deleted file mode 100644 index c2f5e86..0000000 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtil.java +++ /dev/null @@ -1,152 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.core.persistence.jpa.entity.task; - -import org.apache.syncope.common.lib.to.AbstractTaskTO; -import org.apache.syncope.common.lib.to.NotificationTaskTO; -import org.apache.syncope.common.lib.to.PropagationTaskTO; -import org.apache.syncope.common.lib.to.PushTaskTO; -import org.apache.syncope.common.lib.to.SchedTaskTO; -import org.apache.syncope.common.lib.to.SyncTaskTO; -import org.apache.syncope.common.lib.types.TaskType; -import org.apache.syncope.core.persistence.api.entity.task.NotificationTask; -import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; -import org.apache.syncope.core.persistence.api.entity.task.PushTask; -import org.apache.syncope.core.persistence.api.entity.task.SchedTask; -import org.apache.syncope.core.persistence.api.entity.task.SyncTask; -import org.apache.syncope.core.persistence.api.entity.task.Task; -import org.apache.syncope.core.persistence.api.entity.task.TaskUtil; - -@SuppressWarnings("unchecked") -public final class JPATaskUtil implements TaskUtil { - - private final TaskType type; - - protected JPATaskUtil(final TaskType type) { - this.type = type; - } - - @Override - public TaskType getType() { - return type; - } - - @Override - public Class taskClass() { - Class result = null; - - switch (type) { - case PROPAGATION: - result = (Class) PropagationTask.class; - break; - - case SCHEDULED: - result = (Class) SchedTask.class; - break; - - case SYNCHRONIZATION: - result = (Class) SyncTask.class; - break; - - case PUSH: - result = (Class) PushTask.class; - break; - - case NOTIFICATION: - result = (Class) NotificationTask.class; - break; - - default: - } - - return result; - } - - @Override - public T newTask() { - T result = null; - - switch (type) { - case PROPAGATION: - result = (T) new JPAPropagationTask(); - break; - - case SCHEDULED: - result = (T) new JPASchedTask(); - break; - - case SYNCHRONIZATION: - result = (T) new JPASyncTask(); - break; - - case PUSH: - result = (T) new JPAPushTask(); - break; - - case NOTIFICATION: - result = (T) new JPANotificationTask(); - break; - - default: - } - - return result; - } - - @Override - public Class taskTOClass() { - Class result = null; - - switch (type) { - case PROPAGATION: - result = (Class) PropagationTaskTO.class; - break; - - case SCHEDULED: - result = (Class) SchedTaskTO.class; - break; - - case SYNCHRONIZATION: - result = (Class) SyncTaskTO.class; - break; - - case PUSH: - result = (Class) PushTaskTO.class; - break; - - case NOTIFICATION: - result = (Class) NotificationTaskTO.class; - break; - - default: - } - - return result; - } - - @Override - public T newTaskTO() { - final Class taskClass = taskTOClass(); - try { - return taskClass == null ? null : taskClass.newInstance(); - } catch (Exception e) { - return null; - } - } -} http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilFactory.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilFactory.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilFactory.java deleted file mode 100644 index bdda208..0000000 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilFactory.java +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.core.persistence.jpa.entity.task; - -import org.apache.syncope.common.lib.to.AbstractTaskTO; -import org.apache.syncope.common.lib.to.NotificationTaskTO; -import org.apache.syncope.common.lib.to.PropagationTaskTO; -import org.apache.syncope.common.lib.to.PushTaskTO; -import org.apache.syncope.common.lib.to.SchedTaskTO; -import org.apache.syncope.common.lib.to.SyncTaskTO; -import org.apache.syncope.common.lib.types.TaskType; -import org.apache.syncope.core.persistence.api.entity.task.NotificationTask; -import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; -import org.apache.syncope.core.persistence.api.entity.task.PushTask; -import org.apache.syncope.core.persistence.api.entity.task.SchedTask; -import org.apache.syncope.core.persistence.api.entity.task.SyncTask; -import org.apache.syncope.core.persistence.api.entity.task.Task; -import org.apache.syncope.core.persistence.api.entity.task.TaskUtil; -import org.apache.syncope.core.persistence.api.entity.task.TaskUtilFactory; -import org.springframework.stereotype.Component; - -@Component -public class JPATaskUtilFactory implements TaskUtilFactory { - - @Override - public TaskUtil getInstance(final TaskType type) { - return new JPATaskUtil(type); - } - - @Override - public TaskUtil getInstance(final Task task) { - TaskType type; - if (task instanceof SyncTask) { - type = TaskType.SYNCHRONIZATION; - } else if (task instanceof PushTask) { - type = TaskType.PUSH; - } else if (task instanceof SchedTask) { - type = TaskType.SCHEDULED; - } else if (task instanceof PropagationTask) { - type = TaskType.PROPAGATION; - } else if (task instanceof NotificationTask) { - type = TaskType.NOTIFICATION; - } else { - throw new IllegalArgumentException("Invalid task: " + task); - } - - return getInstance(type); - } - - @Override - public TaskUtil getInstance(final Class taskClass) { - TaskType type; - if (taskClass == PropagationTaskTO.class) { - type = TaskType.PROPAGATION; - } else if (taskClass == NotificationTaskTO.class) { - type = TaskType.NOTIFICATION; - } else if (taskClass == SchedTaskTO.class) { - type = TaskType.SCHEDULED; - } else if (taskClass == SyncTaskTO.class) { - type = TaskType.SYNCHRONIZATION; - } else if (taskClass == PushTaskTO.class) { - type = TaskType.PUSH; - } else { - throw new IllegalArgumentException("Invalid TaskTO class: " + taskClass.getName()); - } - - return getInstance(type); - } - - @Override - public TaskUtil getInstance(final AbstractTaskTO taskTO) { - return getInstance(taskTO.getClass()); - } - -} http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtils.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtils.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtils.java new file mode 100644 index 0000000..484af1e --- /dev/null +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtils.java @@ -0,0 +1,152 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.core.persistence.jpa.entity.task; + +import org.apache.syncope.common.lib.to.AbstractTaskTO; +import org.apache.syncope.common.lib.to.NotificationTaskTO; +import org.apache.syncope.common.lib.to.PropagationTaskTO; +import org.apache.syncope.common.lib.to.PushTaskTO; +import org.apache.syncope.common.lib.to.SchedTaskTO; +import org.apache.syncope.common.lib.to.SyncTaskTO; +import org.apache.syncope.common.lib.types.TaskType; +import org.apache.syncope.core.persistence.api.entity.task.NotificationTask; +import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; +import org.apache.syncope.core.persistence.api.entity.task.PushTask; +import org.apache.syncope.core.persistence.api.entity.task.SchedTask; +import org.apache.syncope.core.persistence.api.entity.task.SyncTask; +import org.apache.syncope.core.persistence.api.entity.task.Task; +import org.apache.syncope.core.persistence.api.entity.task.TaskUtils; + +@SuppressWarnings("unchecked") +public final class JPATaskUtils implements TaskUtils { + + private final TaskType type; + + protected JPATaskUtils(final TaskType type) { + this.type = type; + } + + @Override + public TaskType getType() { + return type; + } + + @Override + public Class taskClass() { + Class result = null; + + switch (type) { + case PROPAGATION: + result = (Class) PropagationTask.class; + break; + + case SCHEDULED: + result = (Class) SchedTask.class; + break; + + case SYNCHRONIZATION: + result = (Class) SyncTask.class; + break; + + case PUSH: + result = (Class) PushTask.class; + break; + + case NOTIFICATION: + result = (Class) NotificationTask.class; + break; + + default: + } + + return result; + } + + @Override + public T newTask() { + T result = null; + + switch (type) { + case PROPAGATION: + result = (T) new JPAPropagationTask(); + break; + + case SCHEDULED: + result = (T) new JPASchedTask(); + break; + + case SYNCHRONIZATION: + result = (T) new JPASyncTask(); + break; + + case PUSH: + result = (T) new JPAPushTask(); + break; + + case NOTIFICATION: + result = (T) new JPANotificationTask(); + break; + + default: + } + + return result; + } + + @Override + public Class taskTOClass() { + Class result = null; + + switch (type) { + case PROPAGATION: + result = (Class) PropagationTaskTO.class; + break; + + case SCHEDULED: + result = (Class) SchedTaskTO.class; + break; + + case SYNCHRONIZATION: + result = (Class) SyncTaskTO.class; + break; + + case PUSH: + result = (Class) PushTaskTO.class; + break; + + case NOTIFICATION: + result = (Class) NotificationTaskTO.class; + break; + + default: + } + + return result; + } + + @Override + public T newTaskTO() { + final Class taskClass = taskTOClass(); + try { + return taskClass == null ? null : taskClass.newInstance(); + } catch (Exception e) { + return null; + } + } +} http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilsFactory.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilsFactory.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilsFactory.java new file mode 100644 index 0000000..26a1d4f --- /dev/null +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/task/JPATaskUtilsFactory.java @@ -0,0 +1,91 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.core.persistence.jpa.entity.task; + +import org.apache.syncope.common.lib.to.AbstractTaskTO; +import org.apache.syncope.common.lib.to.NotificationTaskTO; +import org.apache.syncope.common.lib.to.PropagationTaskTO; +import org.apache.syncope.common.lib.to.PushTaskTO; +import org.apache.syncope.common.lib.to.SchedTaskTO; +import org.apache.syncope.common.lib.to.SyncTaskTO; +import org.apache.syncope.common.lib.types.TaskType; +import org.apache.syncope.core.persistence.api.entity.task.NotificationTask; +import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; +import org.apache.syncope.core.persistence.api.entity.task.PushTask; +import org.apache.syncope.core.persistence.api.entity.task.SchedTask; +import org.apache.syncope.core.persistence.api.entity.task.SyncTask; +import org.apache.syncope.core.persistence.api.entity.task.Task; +import org.apache.syncope.core.persistence.api.entity.task.TaskUtils; +import org.apache.syncope.core.persistence.api.entity.task.TaskUtilsFactory; +import org.springframework.stereotype.Component; + +@Component +public class JPATaskUtilsFactory implements TaskUtilsFactory { + + @Override + public TaskUtils getInstance(final TaskType type) { + return new JPATaskUtils(type); + } + + @Override + public TaskUtils getInstance(final Task task) { + TaskType type; + if (task instanceof SyncTask) { + type = TaskType.SYNCHRONIZATION; + } else if (task instanceof PushTask) { + type = TaskType.PUSH; + } else if (task instanceof SchedTask) { + type = TaskType.SCHEDULED; + } else if (task instanceof PropagationTask) { + type = TaskType.PROPAGATION; + } else if (task instanceof NotificationTask) { + type = TaskType.NOTIFICATION; + } else { + throw new IllegalArgumentException("Invalid task: " + task); + } + + return getInstance(type); + } + + @Override + public TaskUtils getInstance(final Class taskClass) { + TaskType type; + if (taskClass == PropagationTaskTO.class) { + type = TaskType.PROPAGATION; + } else if (taskClass == NotificationTaskTO.class) { + type = TaskType.NOTIFICATION; + } else if (taskClass == SchedTaskTO.class) { + type = TaskType.SCHEDULED; + } else if (taskClass == SyncTaskTO.class) { + type = TaskType.SYNCHRONIZATION; + } else if (taskClass == PushTaskTO.class) { + type = TaskType.PUSH; + } else { + throw new IllegalArgumentException("Invalid TaskTO class: " + taskClass.getName()); + } + + return getInstance(type); + } + + @Override + public TaskUtils getInstance(final AbstractTaskTO taskTO) { + return getInstance(taskTO.getClass()); + } + +} http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java index a5e3f28..d12f46f 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/entity/user/JPAUser.java @@ -67,7 +67,9 @@ import org.apache.syncope.core.persistence.jpa.entity.JPAExternalResource; import org.apache.syncope.core.persistence.jpa.entity.JPASecurityQuestion; import org.apache.syncope.core.persistence.jpa.entity.membership.JPAMembership; import org.apache.syncope.core.misc.security.Encryptor; -import org.apache.syncope.core.misc.security.SecureRandomUtil; +import org.apache.syncope.core.misc.security.SecureRandomUtils; +import org.apache.syncope.core.persistence.api.entity.Role; +import org.apache.syncope.core.persistence.jpa.entity.JPARole; /** * JPA user bean. @@ -91,6 +93,13 @@ public class JPAUser extends AbstractSubject imp @Transient private String clearPassword; + @ManyToMany(fetch = FetchType.EAGER) + @JoinTable(joinColumns = + @JoinColumn(name = "user_id"), + inverseJoinColumns = + @JoinColumn(name = "role_id")) + private List roles; + @OneToMany(cascade = CascadeType.MERGE, mappedBy = "user") @Valid private List memberships; @@ -124,8 +133,7 @@ public class JPAUser extends AbstractSubject imp @ElementCollection @Column(name = "passwordHistoryValue") - @CollectionTable(name = "SyncopeUser_passwordHistory", - joinColumns = + @CollectionTable(name = "SyncopeUser_passwordHistory", joinColumns = @JoinColumn(name = "SyncopeUser_id", referencedColumnName = "id")) private List passwordHistory; @@ -172,7 +180,7 @@ public class JPAUser extends AbstractSubject imp @Valid private Set resources; - @ManyToOne(fetch = FetchType.EAGER, optional = true) + @ManyToOne(fetch = FetchType.EAGER) private JPASecurityQuestion securityQuestion; @Column(nullable = true) @@ -181,6 +189,7 @@ public class JPAUser extends AbstractSubject imp public JPAUser() { super(); + roles = new ArrayList<>(); memberships = new ArrayList<>(); plainAttrs = new ArrayList<>(); derAttrs = new ArrayList<>(); @@ -202,6 +211,23 @@ public class JPAUser extends AbstractSubject imp } @Override + public boolean addRole(final Role role) { + checkType(role, JPARole.class); + return roles.contains((JPARole) role) || roles.add((JPARole) role); + } + + @Override + public boolean removeRole(final Role role) { + checkType(role, JPARole.class); + return roles.remove((JPARole) role); + } + + @Override + public List getRoles() { + return roles; + } + + @Override public boolean addMembership(final Membership membership) { checkType(membership, JPAMembership.class); return memberships.contains((JPAMembership) membership) || memberships.add((JPAMembership) membership); @@ -209,7 +235,8 @@ public class JPAUser extends AbstractSubject imp @Override public boolean removeMembership(final Membership membership) { - return memberships.remove(membership); + checkType(membership, JPAMembership.class); + return memberships.remove((JPAMembership) membership); } @Override @@ -387,7 +414,7 @@ public class JPAUser extends AbstractSubject imp @Override public void generateToken(final int tokenLength, final int tokenExpireTime) { - this.token = SecureRandomUtil.generateRandomPassword(tokenLength); + this.token = SecureRandomUtils.generateRandomPassword(tokenLength); Calendar calendar = Calendar.getInstance(); calendar.add(Calendar.MINUTE, tokenExpireTime); http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java index 2393975..1ce2190 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/ConnInstanceValidator.java @@ -21,8 +21,8 @@ package org.apache.syncope.core.persistence.jpa.validation.entity; import javax.validation.ConstraintValidatorContext; import org.apache.syncope.common.lib.types.EntityViolationType; import org.apache.syncope.core.persistence.api.entity.ConnInstance; -import org.apache.syncope.core.provisioning.api.URIUtil; -import org.apache.syncope.core.provisioning.api.ConnPoolConfUtil; +import org.apache.syncope.core.provisioning.api.URIUtils; +import org.apache.syncope.core.provisioning.api.ConnPoolConfUtils; public class ConnInstanceValidator extends AbstractValidator { @@ -31,7 +31,7 @@ public class ConnInstanceValidator extends AbstractValidator { boolean isValid = true; - if ("/".equals(object.getName())) { + if (SyncopeConstants.ROOT_REALM.equals(object.getName())) { if (object.getParent() != null) { isValid = false; http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/UserValidator.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/UserValidator.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/UserValidator.java index 0b5ac42..fac60cb 100644 --- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/UserValidator.java +++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/validation/entity/UserValidator.java @@ -30,12 +30,13 @@ import org.apache.syncope.core.persistence.api.entity.AccountPolicy; import org.apache.syncope.core.persistence.api.entity.ExternalResource; import org.apache.syncope.core.persistence.api.entity.PasswordPolicy; import org.apache.syncope.core.persistence.api.entity.Policy; -import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.misc.policy.AccountPolicyEnforcer; import org.apache.syncope.core.misc.policy.AccountPolicyException; import org.apache.syncope.core.misc.policy.PasswordPolicyEnforcer; import org.apache.syncope.core.misc.policy.PolicyEvaluator; +import org.apache.syncope.core.persistence.api.dao.RealmDAO; +import org.apache.syncope.core.persistence.api.entity.Realm; import org.springframework.beans.factory.annotation.Autowired; public class UserValidator extends AbstractValidator { @@ -50,6 +51,9 @@ public class UserValidator extends AbstractValidator { private PolicyDAO policyDAO; @Autowired + private RealmDAO realmDAO; + + @Autowired private PolicyEvaluator evaluator; @Autowired @@ -62,6 +66,15 @@ public class UserValidator extends AbstractValidator { public boolean isValid(final User user, final ConstraintValidatorContext context) { context.disableDefaultConstraintViolation(); + // need to treat it explicitly, otherwise policy evaluation will silently fail + if (user.getRealm() == null) { + context.buildConstraintViolationWithTemplate( + getTemplate(EntityViolationType.InvalidRealm, "realm not specified")). + addPropertyNode("realm").addConstraintViolation(); + + return false; + } + // ------------------------------ // Verify password policies // ------------------------------ @@ -71,7 +84,7 @@ public class UserValidator extends AbstractValidator { int maxPPSpecHistory = 0; for (Policy policy : getPasswordPolicies(user)) { // evaluate policy - final PasswordPolicySpec ppSpec = evaluator.evaluate(policy, user); + PasswordPolicySpec ppSpec = evaluator.evaluate(policy, user); // enforce policy ppEnforcer.enforce(ppSpec, policy.getType(), user); @@ -117,7 +130,7 @@ public class UserValidator extends AbstractValidator { // invalid username for (Policy policy : getAccountPolicies(user)) { // evaluate policy - final AccountPolicySpec accountPolicy = evaluator.evaluate(policy, user); + AccountPolicySpec accountPolicy = evaluator.evaluate(policy, user); // enforce policy apEnforcer.enforce(accountPolicy, policy.getType(), user); @@ -137,13 +150,9 @@ public class UserValidator extends AbstractValidator { } private List getPasswordPolicies(final User user) { - final List policies = new ArrayList<>(); + List policies = new ArrayList<>(); - // Add global policy - PasswordPolicy policy = policyDAO.getGlobalPasswordPolicy(); - if (policy != null) { - policies.add(policy); - } + PasswordPolicy policy; // add resource policies for (ExternalResource resource : user.getResources()) { @@ -153,9 +162,9 @@ public class UserValidator extends AbstractValidator { } } - // add group policies - for (Group group : user.getGroups()) { - policy = group.getPasswordPolicy(); + // add realm policies + for (Realm realm : realmDAO.findAncestors(user.getRealm())) { + policy = realm.getPasswordPolicy(); if (policy != null) { policies.add(policy); } @@ -165,13 +174,9 @@ public class UserValidator extends AbstractValidator { } private List getAccountPolicies(final User user) { - final List policies = new ArrayList<>(); + List policies = new ArrayList<>(); - // add global policy - AccountPolicy policy = policyDAO.getGlobalAccountPolicy(); - if (policy != null) { - policies.add(policy); - } + AccountPolicy policy; // add resource policies for (ExternalResource resource : user.getResources()) { @@ -181,9 +186,9 @@ public class UserValidator extends AbstractValidator { } } - // add group policies - for (Group group : user.getGroups()) { - policy = group.getAccountPolicy(); + // add realm policies + for (Realm realm : realmDAO.findAncestors(user.getRealm())) { + policy = realm.getAccountPolicy(); if (policy != null) { policies.add(policy); } http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/resources/content.xml ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/resources/content.xml b/core/persistence-jpa/src/main/resources/content.xml index 6b6c287..0f4ab83 100644 --- a/core/persistence-jpa/src/main/resources/content.xml +++ b/core/persistence-jpa/src/main/resources/content.xml @@ -108,87 +108,6 @@ under the License. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/main/resources/views.xml ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/main/resources/views.xml b/core/persistence-jpa/src/main/resources/views.xml index aa0ec48..8cd392d 100644 --- a/core/persistence-jpa/src/main/resources/views.xml +++ b/core/persistence-jpa/src/main/resources/views.xml @@ -139,11 +139,5 @@ under the License. SELECT st.group_id AS subject_id, st.resource_name AS resource_name FROM SyncopeGroup_ExternalResource st - - CREATE VIEW group_search_entitlements AS - - SELECT st.group_id AS subject_id, st.entitlement_name AS entitlement_name - FROM SyncopeGroup_Entitlement st - http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java index 29a28de..668c868 100644 --- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java +++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/AbstractTest.java @@ -18,7 +18,7 @@ */ package org.apache.syncope.core.persistence.jpa; -import org.apache.syncope.core.persistence.api.entity.AttributableUtilFactory; +import org.apache.syncope.core.persistence.api.entity.AttributableUtilsFactory; import org.apache.syncope.core.persistence.api.entity.EntityFactory; import org.junit.runner.RunWith; import org.springframework.beans.factory.annotation.Autowired; @@ -33,6 +33,6 @@ public abstract class AbstractTest { protected EntityFactory entityFactory; @Autowired - protected AttributableUtilFactory attrUtilFactory; + protected AttributableUtilsFactory attrUtilsFactory; } http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttrTest.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttrTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttrTest.java index 39e4cd2..289f898 100644 --- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttrTest.java +++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttrTest.java @@ -87,15 +87,15 @@ public class AttrTest extends AbstractTest { Exception thrown = null; try { - attribute.addValue("john.doe@gmail.com", attrUtilFactory.getInstance(AttributableType.USER)); - attribute.addValue("mario.rossi@gmail.com", attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue("john.doe@gmail.com", attrUtilsFactory.getInstance(AttributableType.USER)); + attribute.addValue("mario.rossi@gmail.com", attrUtilsFactory.getInstance(AttributableType.USER)); } catch (ValidationException e) { thrown = e; } assertNull("no validation exception expected here ", thrown); try { - attribute.addValue("http://www.apache.org", attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue("http://www.apache.org", attrUtilsFactory.getInstance(AttributableType.USER)); } catch (ValidationException e) { thrown = e; } @@ -119,13 +119,13 @@ public class AttrTest extends AbstractTest { Exception thrown = null; try { - attribute.addValue("A", attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue("A", attrUtilsFactory.getInstance(AttributableType.USER)); } catch (ValidationException e) { thrown = e; } assertNotNull("validation exception expected here ", thrown); - attribute.addValue("M", attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue("M", attrUtilsFactory.getInstance(AttributableType.USER)); InvalidEntityException iee = null; try { @@ -183,7 +183,7 @@ public class AttrTest extends AbstractTest { UPlainAttr attribute = entityFactory.newEntity(UPlainAttr.class); attribute.setSchema(obscureSchema); - attribute.addValue("testvalue", attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue("testvalue", attrUtilsFactory.getInstance(AttributableType.USER)); attribute.setOwner(user); user.addPlainAttr(attribute); @@ -210,7 +210,7 @@ public class AttrTest extends AbstractTest { UPlainAttr attribute = entityFactory.newEntity(UPlainAttr.class); attribute.setSchema(photoSchema); - attribute.addValue(photoB64Value, attrUtilFactory.getInstance(AttributableType.USER)); + attribute.addValue(photoB64Value, attrUtilsFactory.getInstance(AttributableType.USER)); attribute.setOwner(user); user.addPlainAttr(attribute); http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttributableSearchTest.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttributableSearchTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttributableSearchTest.java index dc338b6..ea93dae 100644 --- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttributableSearchTest.java +++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/AttributableSearchTest.java @@ -28,9 +28,10 @@ import java.util.Collections; import java.util.HashSet; import java.util.List; import java.util.Set; +import org.apache.commons.collections4.CollectionUtils; +import org.apache.commons.collections4.Predicate; +import org.apache.syncope.common.lib.SyncopeConstants; import org.apache.syncope.common.lib.types.SubjectType; -import org.apache.syncope.core.persistence.api.GroupEntitlementUtil; -import org.apache.syncope.core.persistence.api.dao.EntitlementDAO; import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.SubjectSearchDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; @@ -59,9 +60,6 @@ public class AttributableSearchTest extends AbstractTest { @Autowired private SubjectSearchDAO searchDAO; - @Autowired - private EntitlementDAO entitlementDAO; - @Test public void userMatch() { User user = userDAO.find(1L); @@ -111,8 +109,7 @@ public class AttributableSearchTest extends AbstractTest { assertTrue(cond.isValid()); - List users = - searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), cond, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, cond, SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); } @@ -126,8 +123,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond cond = SearchCond.getNotLeafCond(fullnameLeafCond); assertTrue(cond.isValid()); - List users = - searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), cond, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, cond, SubjectType.USER); assertNotNull(users); assertEquals(4, users.size()); @@ -148,8 +144,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond cond = SearchCond.getLeafCond(coolLeafCond); assertTrue(cond.isValid()); - List users = - searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), cond, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, cond, SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); @@ -169,8 +164,8 @@ public class AttributableSearchTest extends AbstractTest { loginDateCond.setSchema("loginDate"); loginDateCond.setExpression("2009-05-26"); - SearchCond subCond = SearchCond.getAndCond(SearchCond.getLeafCond(fullnameLeafCond), SearchCond.getLeafCond( - membershipCond)); + SearchCond subCond = SearchCond.getAndCond( + SearchCond.getLeafCond(fullnameLeafCond), SearchCond.getLeafCond(membershipCond)); assertTrue(subCond.isValid()); @@ -178,13 +173,13 @@ public class AttributableSearchTest extends AbstractTest { assertTrue(cond.isValid()); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, cond, 1, 2, Collections.emptyList(), SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); - users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, cond, 2, 2, Collections.emptyList(), SubjectType.USER); assertNotNull(users); @@ -196,16 +191,16 @@ public class AttributableSearchTest extends AbstractTest { MembershipCond membershipCond = new MembershipCond(); membershipCond.setGroupId(1L); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), SearchCond.getLeafCond(membershipCond), - SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + SearchCond.getLeafCond(membershipCond), SubjectType.USER); assertNotNull(users); assertEquals(2, users.size()); membershipCond = new MembershipCond(); membershipCond.setGroupId(5L); - users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), SearchCond.getNotLeafCond(membershipCond), - SubjectType.USER); + users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + SearchCond.getNotLeafCond(membershipCond), SubjectType.USER); assertNotNull(users); assertEquals(5, users.size()); } @@ -215,16 +210,16 @@ public class AttributableSearchTest extends AbstractTest { AttributeCond coolLeafCond = new AttributeCond(AttributeCond.Type.ISNULL); coolLeafCond.setSchema("cool"); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), SearchCond.getLeafCond(coolLeafCond), - SubjectType.USER); + List users = searchDAO.search( + SyncopeConstants.FULL_ADMIN_REALMS, SearchCond.getLeafCond(coolLeafCond), SubjectType.USER); assertNotNull(users); assertEquals(4, users.size()); coolLeafCond = new AttributeCond(AttributeCond.Type.ISNOTNULL); coolLeafCond.setSchema("cool"); - users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), SearchCond.getLeafCond(coolLeafCond), - SubjectType.USER); + users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + SearchCond.getLeafCond(coolLeafCond), SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); } @@ -241,8 +236,7 @@ public class AttributableSearchTest extends AbstractTest { assertTrue(searchCondition.isValid()); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), searchCondition, - SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); @@ -250,14 +244,12 @@ public class AttributableSearchTest extends AbstractTest { @Test public void searchByBooleanSubjectCond() { - SubjectCond booleanCond = new SubjectCond(SubjectCond.Type.EQ); - booleanCond.setSchema("inheritPlainAttrs"); + AttributeCond booleanCond = new AttributeCond(SubjectCond.Type.EQ); + booleanCond.setSchema("show"); booleanCond.setExpression("true"); - SearchCond searchCondition = SearchCond.getLeafCond(booleanCond); - - List matchingGroups = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, SubjectType.GROUP); + List matchingGroups = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + SearchCond.getLeafCond(booleanCond), SubjectType.GROUP); assertNotNull(matchingGroups); assertFalse(matchingGroups.isEmpty()); } @@ -272,16 +264,17 @@ public class AttributableSearchTest extends AbstractTest { idRightCond.setSchema("key"); idRightCond.setExpression("2"); - SearchCond searchCondition = SearchCond.getAndCond(SearchCond.getLeafCond(usernameLeafCond), + SearchCond searchCondition = SearchCond.getAndCond( + SearchCond.getLeafCond(usernameLeafCond), SearchCond.getLeafCond(idRightCond)); - List matchingUsers = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + List matchingUsers = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(matchingUsers); assertEquals(1, matchingUsers.size()); assertEquals("rossini", matchingUsers.iterator().next().getUsername()); - assertEquals(1L, matchingUsers.iterator().next().getKey().longValue()); + assertEquals(1L, matchingUsers.iterator().next().getKey(), 0); } @Test @@ -294,18 +287,19 @@ public class AttributableSearchTest extends AbstractTest { idRightCond.setSchema("key"); idRightCond.setExpression("2"); - SearchCond searchCondition = SearchCond.getAndCond(SearchCond.getLeafCond(groupNameLeafCond), + SearchCond searchCondition = SearchCond.getAndCond( + SearchCond.getLeafCond(groupNameLeafCond), SearchCond.getLeafCond(idRightCond)); assertTrue(searchCondition.isValid()); - List matchingGroups = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + List matchingGroups = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.GROUP); assertNotNull(matchingGroups); assertEquals(1, matchingGroups.size()); assertEquals("root", matchingGroups.iterator().next().getName()); - assertEquals(1L, matchingGroups.iterator().next().getKey().longValue()); + assertEquals(1L, matchingGroups.iterator().next().getKey(), 0); } @Test @@ -318,13 +312,12 @@ public class AttributableSearchTest extends AbstractTest { idRightCond.setSchema("fullname"); idRightCond.setExpression("Giuseppe V%"); - SearchCond searchCondition = SearchCond.getOrCond(SearchCond.getLeafCond(usernameLeafCond), + SearchCond searchCondition = SearchCond.getOrCond( + SearchCond.getLeafCond(usernameLeafCond), SearchCond.getLeafCond(idRightCond)); - List matchingUsers = - searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), searchCondition, - SubjectType.USER); - + List matchingUsers = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + searchCondition, SubjectType.USER); assertNotNull(matchingUsers); assertEquals(2, matchingUsers.size()); } @@ -338,13 +331,10 @@ public class AttributableSearchTest extends AbstractTest { SearchCond searchCondition = SearchCond.getLeafCond(idLeafCond); assertTrue(searchCondition.isValid()); - List users = - searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), searchCondition, - SubjectType.USER); - + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); - assertEquals(1L, users.iterator().next().getKey().longValue()); + assertEquals(1L, users.iterator().next().getKey(), 0); idLeafCond = new SubjectCond(SubjectCond.Type.LT); idLeafCond.setSchema("id"); @@ -353,18 +343,16 @@ public class AttributableSearchTest extends AbstractTest { searchCondition = SearchCond.getNotLeafCond(idLeafCond); assertTrue(searchCondition.isValid()); - users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), searchCondition, - SubjectType.USER); - + users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertEquals(2, users.size()); - boolean found = false; - for (User user : users) { - if (user.getKey() == 4) { - found = true; + assertTrue(CollectionUtils.exists(users, new Predicate() { + + @Override + public boolean evaluate(User user) { + return user.getKey() == 4; } - } - assertTrue(found); + })); } @Test @@ -378,7 +366,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond searchCondition = SearchCond.getOrCond( SearchCond.getLeafCond(usernameLeafCond), SearchCond.getLeafCond(idRightCond)); - List orderByClauses = new ArrayList(); + List orderByClauses = new ArrayList<>(); OrderByClause orderByClause = new OrderByClause(); orderByClause.setField("username"); orderByClause.setDirection(OrderByClause.Direction.DESC); @@ -388,11 +376,9 @@ public class AttributableSearchTest extends AbstractTest { orderByClause.setDirection(OrderByClause.Direction.ASC); orderByClauses.add(orderByClause); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, Collections.singletonList(orderByClause), - SubjectType.USER); - assertEquals(searchDAO.count(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, SubjectType.USER), + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, + searchCondition, orderByClauses, SubjectType.USER); + assertEquals(searchDAO.count(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER), users.size()); } @@ -407,9 +393,9 @@ public class AttributableSearchTest extends AbstractTest { OrderByClause orderByClause = new OrderByClause(); orderByClause.setField("name"); - List groups = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + List groups = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, Collections.singletonList(orderByClause), SubjectType.GROUP); - assertEquals(searchDAO.count(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), + assertEquals(searchDAO.count(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.GROUP), groups.size()); } @@ -426,17 +412,16 @@ public class AttributableSearchTest extends AbstractTest { SearchCond.getAndCond(SearchCond.getNotLeafCond(ws2), SearchCond.getNotLeafCond(ws1)); assertTrue(searchCondition.isValid()); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertEquals(2, users.size()); - boolean found = false; - for (User user : users) { - if (user.getKey() == 4) { - found = true; + assertTrue(CollectionUtils.exists(users, new Predicate() { + + @Override + public boolean evaluate(User user) { + return user.getKey() == 4; } - } - assertTrue(found); + })); } @Test @@ -448,8 +433,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond searchCondition = SearchCond.getLeafCond(cond); assertTrue(searchCondition.isValid()); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertTrue(users.isEmpty()); } @@ -463,8 +447,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond searchCondition = SearchCond.getLeafCond(cond); assertTrue(searchCondition.isValid()); - List users = searchDAO.search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), - searchCondition, SubjectType.USER); + List users = searchDAO.search(SyncopeConstants.FULL_ADMIN_REALMS, searchCondition, SubjectType.USER); assertNotNull(users); assertEquals(1, users.size()); } @@ -481,8 +464,7 @@ public class AttributableSearchTest extends AbstractTest { SearchCond searchCond = SearchCond.getOrCond( SearchCond.getLeafCond(isNullCond), SearchCond.getLeafCond(likeCond)); - Integer count = searchDAO.count(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), searchCond, - SubjectType.USER); + Integer count = searchDAO.count(SyncopeConstants.FULL_ADMIN_REALMS, searchCond, SubjectType.USER); assertNotNull(count); assertTrue(count > 0); } http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/ConfTest.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/ConfTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/ConfTest.java index e5e1ecc..2539a44 100644 --- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/ConfTest.java +++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/ConfTest.java @@ -72,7 +72,7 @@ public class ConfTest extends AbstractTest { // 2. create conf CPlainAttr newConf = entityFactory.newEntity(CPlainAttr.class); newConf.setSchema(useless); - newConf.addValue("2014-06-20", attrUtilFactory.getInstance(AttributableType.CONFIGURATION)); + newConf.addValue("2014-06-20", attrUtilsFactory.getInstance(AttributableType.CONFIGURATION)); confDAO.save(newConf); CPlainAttr actual = confDAO.find("useless"); @@ -80,7 +80,7 @@ public class ConfTest extends AbstractTest { // 3. update conf newConf.getValues().clear(); - newConf.addValue("2014-06-20", attrUtilFactory.getInstance(AttributableType.CONFIGURATION)); + newConf.addValue("2014-06-20", attrUtilsFactory.getInstance(AttributableType.CONFIGURATION)); confDAO.save(newConf); actual = confDAO.find("useless"); http://git-wip-us.apache.org/repos/asf/syncope/blob/65d652af/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/DerSchemaTest.java ---------------------------------------------------------------------- diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/DerSchemaTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/DerSchemaTest.java index e7f7533..8b4090b 100644 --- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/DerSchemaTest.java +++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/entity/DerSchemaTest.java @@ -73,7 +73,7 @@ public class DerSchemaTest extends AbstractTest { UDerSchema cn = derSchemaDAO.find("cn", UDerSchema.class); assertNotNull(cn); - derSchemaDAO.delete(cn.getKey(), attrUtilFactory.getInstance(AttributableType.USER)); + derSchemaDAO.delete(cn.getKey(), attrUtilsFactory.getInstance(AttributableType.USER)); DerSchema actual = derSchemaDAO.find("cn", UDerSchema.class); assertNull("delete did not work", actual); @@ -82,7 +82,7 @@ public class DerSchemaTest extends AbstractTest { GDerSchema rderiveddata = derSchemaDAO.find("rderiveddata", GDerSchema.class); assertNotNull(rderiveddata); - derSchemaDAO.delete(rderiveddata.getKey(), attrUtilFactory.getInstance(AttributableType.GROUP)); + derSchemaDAO.delete(rderiveddata.getKey(), attrUtilsFactory.getInstance(AttributableType.GROUP)); actual = derSchemaDAO.find("rderiveddata", GDerSchema.class); assertNull("delete did not work", actual);