Merge branch 'master' of https://github.com/Evolveum/midpoint

Evolveum · Nov 2, 2016 · 1e1ccc1 · 1e1ccc1
2 parents db789bd + 33fad97
commit 1e1ccc1
Show file tree

Hide file tree

Showing 5 changed files with 206 additions and 13 deletions.
diff --git a/...l/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java b/...l/model-impl/src/main/java/com/evolveum/midpoint/model/impl/lens/AssignmentEvaluator.java
@@ -51,6 +51,7 @@
 import com.evolveum.midpoint.security.api.Authorization;
 import com.evolveum.midpoint.task.api.Task;
 import com.evolveum.midpoint.util.DOMUtil;
+import com.evolveum.midpoint.util.QNameUtil;
 import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
 import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
@@ -67,6 +68,7 @@
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.SystemConfigurationType;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
 import com.evolveum.prism.xml.ns._public.query_3.SearchFilterType;
 
 /**
@@ -509,8 +511,16 @@ private void evaluateTarget(EvaluatedAssignmentImpl<F> assignment, AssignmentPat
 					assignment.addOrgRefVal(refVal);
 				}
 			}
+		} else if (targetType instanceof UserType) {
+			if (QNameUtil.match(relation, SchemaConstants.ORG_DEPUTY)) {
+
+				// TODO MID-3472
+
+			} else {
+				throw new SchemaException("Unsuppoted relation " + relation + " for assignment of target type " + targetType + " in " + sourceDescription);
+			}
 		} else {
-			throw new SchemaException("Unknown assignment target type "+ObjectTypeUtil.toShortString(targetType)+" in "+sourceDescription);
+			throw new SchemaException("Unknown assignment target type " + targetType + " in " + sourceDescription);
 		}
 	}
 

diff --git a/model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestAudit.java b/model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestAudit.java
@@ -130,7 +130,7 @@ public void test100ModifyUserJackKid() throws Exception {
 		final String TEST_NAME = "test100ModifyUserJackKid";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         initialTs = clock.currentTimeXMLGregorianCalendar();
@@ -159,7 +159,7 @@ public void test105CreateUserHerman() throws Exception {
 		final String TEST_NAME = "test105CreateUserHerman";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         PrismObject<UserType> userHermanBefore = PrismTestUtil.parseObject(USER_HERMAN_FILE);
@@ -191,7 +191,7 @@ public void test110ModifyUserJackSailor() throws Exception {
 		final String TEST_NAME = "test110ModifyUserJackSailor";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
 
@@ -224,7 +224,7 @@ public void test115ModifyUserHermanMarooned() throws Exception {
 		final String TEST_NAME = "test115ModifyUserHermanMarooned";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         ObjectDelta<UserType> objectDelta = createModifyUserReplaceDelta(USER_HERMAN_OID, UserType.F_TITLE, 
@@ -256,7 +256,7 @@ public void test120ModifyUserJackCaptain() throws Exception {
 		final String TEST_NAME = "test120ModifyUserJackCaptain";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         ObjectDelta<UserType> objectDelta = createModifyUserReplaceDelta(USER_JACK_OID, UserType.F_TITLE, 
@@ -288,7 +288,7 @@ public void test125ModifyUserHermanHermit() throws Exception {
 		final String TEST_NAME = "test125ModifyUserHermanHermit";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         ObjectDelta<UserType> objectDelta = createModifyUserReplaceDelta(USER_HERMAN_OID, UserType.F_TITLE, 
@@ -326,7 +326,7 @@ public void test135ModifyUserHermanCivilisedHermit() throws Exception {
 		final String TEST_NAME = "test135ModifyUserHermanCivilisedHermit";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         ObjectDelta<UserType> objectDelta = createModifyUserReplaceDelta(USER_HERMAN_OID, UserType.F_TITLE, 
@@ -359,7 +359,7 @@ public void test200ReconstructJackSailor() throws Exception {
 		final String TEST_NAME = "test200ReconstructJackSailor";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         PrismObject<UserType> userBefore = getUser(USER_JACK_OID);
@@ -391,7 +391,7 @@ public void test210ReconstructJackKid() throws Exception {
 		final String TEST_NAME = "test210ReconstructJackKid";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         PrismObject<UserType> userBefore = getUser(USER_JACK_OID);
@@ -425,7 +425,7 @@ public void test250ReconstructHermanCreated() throws Exception {
 		final String TEST_NAME = "test250ReconstructHermanCreated";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         PrismObject<UserType> userBefore = getUser(USER_HERMAN_OID);
@@ -466,7 +466,7 @@ public void test252ReconstructHermanMarooned() throws Exception {
 		final String TEST_NAME = "test252ReconstructHermanMarooned";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         // WHEN
@@ -500,7 +500,7 @@ public void test254ReconstructHermanHermit() throws Exception {
 		final String TEST_NAME = "test254ReconstructHermanHermit";
         TestUtil.displayTestTile(this, TEST_NAME);
 
-        Task task = taskManager.createTaskInstance(TestEntitlements.class.getName() + "." + TEST_NAME);
+        Task task = taskManager.createTaskInstance(TestAudit.class.getName() + "." + TEST_NAME);
         OperationResult result = task.getResult();
 
         // WHEN

diff --git a/model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestDeputy.java b/model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestDeputy.java
@@ -0,0 +1,143 @@
+/*
+ * Copyright (c) 2016 Evolveum
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.evolveum.midpoint.model.intest;
+
+import static com.evolveum.midpoint.test.IntegrationTestTools.display;
+
+import java.io.File;
+
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.testng.annotations.Test;
+
+import com.evolveum.midpoint.prism.PrismObject;
+import com.evolveum.midpoint.schema.result.OperationResult;
+import com.evolveum.midpoint.task.api.Task;
+import com.evolveum.midpoint.test.util.TestUtil;
+import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;
+
+/**
+ * Test for deputy (delegation) mechanism.
+ * 
+ * MID-3472
+ * 
+ * @author Radovan Semancik
+ *
+ */
+@ContextConfiguration(locations = {"classpath:ctx-model-intest-test-main.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class TestDeputy extends AbstractInitializedModelIntegrationTest {
+
+	public static final File TEST_DIR = new File("src/test/resources/deputy");
+
+	@Override
+    public void initSystem(Task initTask, OperationResult initResult) throws Exception {
+        super.initSystem(initTask, initResult);
+    }
+
+	@Test
+    public void test000Sanity() throws Exception {
+		final String TEST_NAME = "test000Sanity";
+        TestUtil.displayTestTile(this, TEST_NAME);
+
+        PrismObject<UserType> userJack = getUser(USER_JACK_OID);
+        display("User Jack", userJack);
+        assertNoAssignments(userJack);
+        assertLinks(userJack, 0);
+        assertNoAuthorizations(userJack);
+
+        PrismObject<UserType> userBarbossa = getUser(USER_BARBOSSA_OID);
+        display("User Barbossa", userBarbossa);
+        assertNoAssignments(userBarbossa);
+        assertLinks(userBarbossa, 0);
+        assertNoAuthorizations(userBarbossa);
+	}
+
+	/**
+	 * Jack and Barbossa does not have any accounts or roles.
+	 * Assign Barbossa as Jack's deputy. Not much should happen.
+	 */
+    @Test
+    public void test100AssignDeputyNoBigDeal() throws Exception {
+		final String TEST_NAME = "test100AssignDeputyNoBigDeal";
+        TestUtil.displayTestTile(this, TEST_NAME);
+
+        Task task = taskManager.createTaskInstance(TestDeputy.class.getName() + "." + TEST_NAME);
+        OperationResult result = task.getResult();
+
+        // WHEN
+        TestUtil.displayWhen(TEST_NAME);
+
+        assignDeputy(USER_BARBOSSA_OID, USER_JACK_OID, task, result);
+
+        // THEN
+        TestUtil.displayThen(TEST_NAME);
+        result.computeStatus();
+        TestUtil.assertSuccess(result);
+
+        PrismObject<UserType> userBarbossaAfter = getUser(USER_BARBOSSA_OID);
+        display("User Barbossa after", userBarbossaAfter);
+        assertAssignedDeputy(userBarbossaAfter, USER_JACK_OID);
+        assertAssignments(userBarbossaAfter, 1);
+        assertLinks(userBarbossaAfter, 0);
+        assertNoAuthorizations(userBarbossaAfter);
+
+        PrismObject<UserType> userJackAfter = getUser(USER_JACK_OID);
+        display("User Jack after", userJackAfter);
+        assertNoAssignments(userJackAfter);
+        assertLinks(userBarbossaAfter, 0);
+        assertNoAuthorizations(userJackAfter);
+
+    }
+
+    /**
+	 * Jack and Barbossa does not have any accounts or roles.
+	 * Unassign Barbossa as Jack's deputy. Not much should happen.
+	 */
+    @Test
+    public void test109UnassignDeputyNoBigDeal() throws Exception {
+		final String TEST_NAME = "test109UnassignDeputyNoBigDeal";
+        TestUtil.displayTestTile(this, TEST_NAME);
+
+        Task task = taskManager.createTaskInstance(TestDeputy.class.getName() + "." + TEST_NAME);
+        OperationResult result = task.getResult();
+
+        // WHEN
+        TestUtil.displayWhen(TEST_NAME);
+
+        unassignDeputy(USER_BARBOSSA_OID, USER_JACK_OID, task, result);
+
+        // THEN
+        TestUtil.displayThen(TEST_NAME);
+        result.computeStatus();
+        TestUtil.assertSuccess(result);
+
+        PrismObject<UserType> userBarbossaAfter = getUser(USER_BARBOSSA_OID);
+        display("User Barbossa after", userBarbossaAfter);        
+        assertAssignments(userBarbossaAfter, 0);
+        assertLinks(userBarbossaAfter, 0);
+        assertNoAuthorizations(userBarbossaAfter);
+
+        PrismObject<UserType> userJackAfter = getUser(USER_JACK_OID);
+        display("User Jack after", userJackAfter);
+        assertNoAssignments(userJackAfter);
+        assertLinks(userBarbossaAfter, 0);
+        assertNoAuthorizations(userJackAfter);
+
+    }
+
+}
diff --git a/model/model-intest/testng-integration.xml b/model/model-intest/testng-integration.xml
@@ -59,6 +59,7 @@
             <class name="com.evolveum.midpoint.model.intest.TestConnectorMultiInstance"/>
             <class name="com.evolveum.midpoint.model.intest.TestMerge"/>
             <class name="com.evolveum.midpoint.model.intest.TestAudit"/>
+            <class name="com.evolveum.midpoint.model.intest.TestDeputy"/>
         </classes>
     </test>
     <test name="Synchronization" preserve-order="true" parallel="false" verbose="10">

diff --git a/...del-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java b/...del-test/src/main/java/com/evolveum/midpoint/model/test/AbstractModelIntegrationTest.java
@@ -1371,6 +1371,18 @@ protected static <F extends FocusType> void assertAssignedRoles(PrismObject<F> u
 		MidPointAsserts.assertAssignedRoles(user, roleOids);
 	}
 
+	protected void assignDeputy(String userDeputyOid, String userTargetOid, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException {
+		modifyUserAssignment(userDeputyOid, userTargetOid, UserType.COMPLEX_TYPE, SchemaConstants.ORG_DEPUTY, task, null, null, true, result);
+	}
+
+	protected void unassignDeputy(String userDeputyOid, String userTargetOid, Task task, OperationResult result) throws ObjectNotFoundException, SchemaException, ExpressionEvaluationException, CommunicationException, ConfigurationException, ObjectAlreadyExistsException, PolicyViolationException, SecurityViolationException {
+		modifyUserAssignment(userDeputyOid, userTargetOid, UserType.COMPLEX_TYPE, SchemaConstants.ORG_DEPUTY, task, null, null, false, result);
+	}
+
+	protected <F extends FocusType> void assertAssignedDeputy(PrismObject<F> focus, String targetUserOid) {
+		MidPointAsserts.assertAssigned(focus, targetUserOid, UserType.COMPLEX_TYPE, SchemaConstants.ORG_DEPUTY);
+	}
+
 	protected static <F extends FocusType> void assertAssignedOrgs(PrismObject<F> user, String... orgOids) {
 		MidPointAsserts.assertAssignedOrgs(user, orgOids);
 	}
@@ -3172,6 +3184,33 @@ protected void assertNotAuthorized(MidPointPrincipal principal, String action, A
 		assertFalse("AuthorizationEvaluator.isAuthorized: Principal " + principal + " IS authorized for action " + action + " (" + phase + ") but he should not be", isAuthorized);
 	}
 
+	protected void assertAuthorizations(PrismObject<UserType> user, String... expectedAuthorizations) throws ObjectNotFoundException {
+		MidPointPrincipal principal = userProfileService.getPrincipal(user);
+		assertNotNull("No principal for "+user, principal);
+		assertAuthorizations(principal, expectedAuthorizations);
+	}
+
+	protected void assertAuthorizations(MidPointPrincipal principal, String... expectedAuthorizations) {
+		List<String> actualAuthorizations = new ArrayList<>();
+		for (Authorization authorization: principal.getAuthorities()) {
+			actualAuthorizations.addAll(authorization.getAction());
+		}
+		PrismAsserts.assertSets("Wrong authorizations in "+principal, actualAuthorizations, expectedAuthorizations);
+	}
+
+
+	protected void assertNoAuthorizations(PrismObject<UserType> user) throws ObjectNotFoundException {
+		MidPointPrincipal principal = userProfileService.getPrincipal(user);
+		assertNotNull("No principal for "+user, principal);
+		assertNoAuthorizations(principal);
+	}
+
+	protected void assertNoAuthorizations(MidPointPrincipal principal) {
+		if (principal.getAuthorities() != null && !principal.getAuthorities().isEmpty()) {
+			AssertJUnit.fail("Unexpected authorizations in "+principal+": "+principal.getAuthorities());
+		}
+	}
+
 	protected void assertAdminGuiConfigurations(MidPointPrincipal principal, int expectedMenuLinks, 
 			int expectedDashboardLinks, int expectedObjectForms) {
 		AdminGuiConfigurationType adminGuiConfiguration = principal.getAdminGuiConfiguration();