MID-6610 test written, no assertions yet

model/model-intest/src/test/java/com/evolveum/midpoint/model/intest/TestPreviewChanges.java

@@ -6,23 +6,18 @@
  */
 package com.evolveum.midpoint.model.intest;
 
-import static com.evolveum.midpoint.schema.constants.SchemaConstants.RI_ACCOUNT_OBJECT_CLASS;
-import static com.evolveum.midpoint.test.DummyResourceContoller.*;
-import static com.evolveum.midpoint.test.util.MidPointAsserts.assertSerializable;
-
 import static java.util.Collections.singleton;
 import static org.testng.AssertJUnit.*;
 
 import static com.evolveum.midpoint.schema.constants.SchemaConstants.PATH_ACTIVATION_DISABLE_TIMESTAMP;
+import static com.evolveum.midpoint.schema.constants.SchemaConstants.RI_ACCOUNT_OBJECT_CLASS;
+import static com.evolveum.midpoint.test.DummyResourceContoller.*;
+import static com.evolveum.midpoint.test.util.MidPointAsserts.assertSerializable;
 
 import java.io.File;
 import java.io.IOException;
 import java.util.Collection;
 
-import com.evolveum.midpoint.schema.processor.ResourceObjectDefinition;
-
-import com.evolveum.midpoint.util.MiscUtil;
-
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
@@ -42,14 +37,13 @@
 import com.evolveum.midpoint.prism.util.PrismAsserts;
 import com.evolveum.midpoint.prism.util.PrismTestUtil;
 import com.evolveum.midpoint.schema.constants.SchemaConstants;
+import com.evolveum.midpoint.schema.processor.ResourceObjectDefinition;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.schema.util.MiscSchemaUtil;
 import com.evolveum.midpoint.task.api.Task;
-import com.evolveum.midpoint.test.DummyResourceContoller;
-import com.evolveum.midpoint.test.IntegrationTestTools;
-import com.evolveum.midpoint.test.ObjectChecker;
-import com.evolveum.midpoint.test.ObjectSource;
+import com.evolveum.midpoint.test.*;
 import com.evolveum.midpoint.test.util.TestUtil;
+import com.evolveum.midpoint.util.MiscUtil;
 import com.evolveum.midpoint.util.exception.*;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
 
@@ -63,26 +57,37 @@ public class TestPreviewChanges extends AbstractInitializedModelIntegrationTest
     public static final File TEST_DIR = new File("src/test/resources/preview");
 
     // LEMON dummy resource has a STRICT dependency on default dummy resource
-    private static final File RESOURCE_DUMMY_LEMON_FILE = new File(TEST_DIR, "resource-dummy-lemon.xml");
-    protected static final String RESOURCE_DUMMY_LEMON_OID = "10000000-0000-0000-0000-000000000504";
+    private static final TestResource<ResourceType> RESOURCE_DUMMY_LEMON = new TestResource<>(TEST_DIR, "resource-dummy-lemon.xml", "10000000-0000-0000-0000-000000000504");
     private static final String RESOURCE_DUMMY_LEMON_NAME = "lemon";
 
-    private static final File USER_ROGERS_FILE = new File(TEST_DIR, "user-rogers.xml");
+    private static final TestResource<UserType> USER_ROGERS = new TestResource<>(TEST_DIR, "user-rogers.xml", "c0c010c0-d34d-b33f-f00d-11d2d2d2d22d");
     private static final File ACCOUNT_ROGERS_DUMMY_DEFAULT_FILE = new File(TEST_DIR, "account-rogers-dummy-default.xml");
     private static final File ACCOUNT_ROGERS_DUMMY_LEMON_FILE = new File(TEST_DIR, "account-rogers-dummy-lemon.xml");
 
+    private static final TestResource<SecurityPolicyType> SECURITY_POLICY = new TestResource<>(TEST_DIR, "security-policy.xml", "a013bf3e-68b2-42b7-923e-c4d55e40e486");
+    private static final TestResource<ValuePolicyType> VALUE_POLICY_PASSWORD = new TestResource<>(TEST_DIR, "value-policy-password.xml", "fd0d70ea-ef5a-4e20-8bf0-3b367ff85f1c");
+    private static final TestResource<UserType> USER_JOE = new TestResource<>(TEST_DIR, "user-joe.xml", "33f7ec34-4d5e-4640-8224-eb7d55ed86fa");
+    private static final TestResource<RoleType> ROLE_SIMPLE = new TestResource<>(TEST_DIR, "role-simple.xml", "e681fa58-cf53-452d-99d0-4f1377a06a54");
+    private static final DummyTestResource RESOURCE_SIMPLE = new DummyTestResource(TEST_DIR, "resource-simple.xml", "64d8b7f9-28a0-43a9-bec7-d5a1a327a740",
+            "resource-preview-simple", TestPreviewChanges::createSimpleAttributeDefinitions);
+
     private String accountGuybrushOid;
 
     @Override
     public void initSystem(Task initTask, OperationResult initResult) throws Exception {
         super.initSystem(initTask, initResult);
 
-        initDummyResourcePirate(RESOURCE_DUMMY_LEMON_NAME,
-                RESOURCE_DUMMY_LEMON_FILE, RESOURCE_DUMMY_LEMON_OID, initTask, initResult);
+        initDummyResourcePirate(RESOURCE_DUMMY_LEMON_NAME, RESOURCE_DUMMY_LEMON.file, RESOURCE_DUMMY_LEMON.oid, initTask, initResult);
 
         // Elaine is in inconsistent state. Account attributes do not match the mappings.
         // We do not want that here, as it would add noise to preview operations.
         reconcileUser(USER_ELAINE_OID, initTask, initResult);
+
+        RESOURCE_SIMPLE.initAndTest(this, initTask, initResult);
+    }
+
+    private static void createSimpleAttributeDefinitions(DummyResourceContoller controller) {
+
     }
 
     @Test
@@ -1836,7 +1841,7 @@ public void test630AddUserRogers() throws Exception {
         OperationResult result = task.getResult();
         assumeAssignmentPolicy(AssignmentPolicyEnforcementType.NONE);
 
-        PrismObject<UserType> user = PrismTestUtil.parseObject(USER_ROGERS_FILE);
+        PrismObject<UserType> user = PrismTestUtil.parseObject(USER_ROGERS.file);
         addAccountLinkRef(user, ACCOUNT_ROGERS_DUMMY_DEFAULT_FILE);
         addAccountLinkRef(user, ACCOUNT_ROGERS_DUMMY_LEMON_FILE);
         ObjectDelta<UserType> userDelta = DeltaFactory.Object.createAddDelta(user);
@@ -1889,7 +1894,7 @@ public void test630AddUserRogers() throws Exception {
         PrismAsserts.assertNoItemDelta(accountSecondaryDelta, DUMMY_ACCOUNT_ATTRIBUTE_FULLNAME_PATH);
 
         // LEMON dummy resource
-        accContext = findAccountContext(modelContext, RESOURCE_DUMMY_LEMON_OID);
+        accContext = findAccountContext(modelContext, RESOURCE_DUMMY_LEMON.oid);
         assertNotNull("Null model projection context (lemon)", accContext);
 
         assertEquals("Wrong policy decision", SynchronizationPolicyDecision.ADD, accContext.getSynchronizationPolicyDecision());
@@ -2041,4 +2046,31 @@ public void test710PreviewGuybrushHavingRoleSailorOwner() throws Exception {
         assertEquals("Wrong # of zero-set roles in evaluated assignment", 1, evaluatedAssignment.getRoles().getZeroSet().size());
         assertSerializable(modelContext);
     }
+
+    @Test
+    public void test750previewAddUserShadowInsufficientPassword() throws Exception {
+        given();
+
+        Task task = getTestTask();
+        OperationResult result = task.getResult();
+
+        addObject(SECURITY_POLICY, task, result);
+        addObject(VALUE_POLICY_PASSWORD, task, result);
+        addObject(ROLE_SIMPLE, task, result);
+        addObject(USER_JOE, task, result);
+
+        when();
+
+        AssignmentType a = new AssignmentType()
+                .targetRef(ROLE_SIMPLE.oid, RoleType.COMPLEX_TYPE);
+
+        ObjectDelta<UserType> delta = prismContext.deltaFor(UserType.class).asObjectDeltaCast(USER_JOE.oid);
+        delta.addModificationAddContainer(ItemPath.create(UserType.F_ASSIGNMENT), a.asPrismContainerValue());
+
+        ModelContext<UserType> modelContext = modelInteractionService.previewChanges(singleton(delta), null, task, result);
+
+        then();
+
+        AssertJUnit.assertNotNull(modelContext);
+    }
 }

model/model-intest/src/test/resources/preview/resource-simple.xml

@@ -0,0 +1,80 @@
+<!--
+  ~ Copyright (c) 2010-2022 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<resource xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+        xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+        xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
+        oid="64d8b7f9-28a0-43a9-bec7-d5a1a327a740">
+
+    <name>resource-preview-simple</name>
+
+    <connectorRef type="ConnectorType">
+        <filter>
+            <q:and>
+                <q:equal>
+                    <q:path>connectorType</q:path>
+                    <q:value>com.evolveum.icf.dummy.connector.DummyConnector</q:value>
+                </q:equal>
+                <q:equal>
+                    <q:path>connectorVersion</q:path>
+                    <q:value>2.0</q:value>
+                </q:equal>
+            </q:and>
+        </filter>
+    </connectorRef>
+
+    <connectorConfiguration xmlns:icfi="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.icf.dummy/com.evolveum.icf.dummy.connector.DummyConnector"
+            xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3">
+
+        <icfc:configurationProperties>
+            <icfi:instanceId>resource-preview-simple</icfi:instanceId>
+            <icfi:requireExplicitEnable>true</icfi:requireExplicitEnable>
+            <icfi:uselessGuardedString>
+                <clearValue>whatever</clearValue>
+            </icfi:uselessGuardedString>
+            <icfi:uselessString>Useless</icfi:uselessString>
+            <icfi:varyLetterCase>false</icfi:varyLetterCase>
+        </icfc:configurationProperties>
+
+        <icfc:resultsHandlerConfiguration>
+            <icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
+            <icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
+            <icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
+        </icfc:resultsHandlerConfiguration>
+
+    </connectorConfiguration>
+
+    <schemaHandling>
+        <objectType>
+            <kind>account</kind>
+            <intent>default</intent>
+            <displayName>Default Account</displayName>
+            <default>true</default>
+            <objectClass>ri:AccountObjectClass</objectClass>
+
+            <attribute>
+                <ref>icfs:name</ref>
+                <outbound>
+                    <source>
+                        <path>name</path>
+                    </source>
+                </outbound>
+            </attribute>
+            <attribute>
+                <ref>icfs:uid</ref>
+            </attribute>
+            <credentials>
+                <password>
+                    <outbound/>
+                </password>
+            </credentials>
+
+            <securityPolicyRef oid="a013bf3e-68b2-42b7-923e-c4d55e40e486"/>
+        </objectType>
+    </schemaHandling>
+</resource>

model/model-intest/src/test/resources/preview/role-simple.xml

@@ -0,0 +1,17 @@
+<!--
+  ~ Copyright (c) 2010-2022 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+oid="e681fa58-cf53-452d-99d0-4f1377a06a54">
+    <name>role simple</name>
+    <inducement>
+        <construction>
+            <resourceRef oid="64d8b7f9-28a0-43a9-bec7-d5a1a327a740"/>
+            <kind>account</kind>
+        </construction>
+    </inducement>
+</role>

model/model-intest/src/test/resources/preview/security-policy.xml

@@ -0,0 +1,18 @@
+<!--
+  ~ Copyright (c) 2010-2022 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<securityPolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+    oid="a013bf3e-68b2-42b7-923e-c4d55e40e486">
+
+    <name>security policy for resource simple</name>
+
+    <credentials>
+        <password>
+            <valuePolicyRef oid="fd0d70ea-ef5a-4e20-8bf0-3b367ff85f1c"/>
+        </password>
+    </credentials>
+</securityPolicy>

model/model-intest/src/test/resources/preview/user-joe.xml

@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2010-2018 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+<user xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        oid="33f7ec34-4d5e-4640-8224-eb7d55ed86fa">
+
+    <name>joe</name>
+
+    <credentials>
+        <password>
+            <value>
+                <clearValue>qwe123</clearValue>
+            </value>
+        </password>
+    </credentials>
+</user>

model/model-intest/src/test/resources/preview/value-policy-password.xml

@@ -0,0 +1,19 @@
+<!--
+  ~ Copyright (c) 2010-2022 Evolveum and contributors
+  ~
+  ~ This work is dual-licensed under the Apache License 2.0
+  ~ and European Union Public License. See LICENSE file for details.
+  -->
+
+<valuePolicy xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+        oid="fd0d70ea-ef5a-4e20-8bf0-3b367ff85f1c">
+    <name>Password policy</name>
+    <stringPolicy>
+        <description>Testing string policy</description>
+        <limitations>
+            <minLength>15</minLength>
+            <maxLength>18</maxLength>
+        </limitations>
+    </stringPolicy>
+</valuePolicy>
+