Merge remote-tracking branch 'origin/support-3.7' into support-3.7

Evolveum · Apr 16, 2018 · 4fe22fc · 4fe22fc
2 parents 3d247b4 + 02f7c5e
commit 4fe22fc
Show file tree

Hide file tree

Showing 2 changed files with 237 additions and 27 deletions.
diff --git a/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestReconNullValue.java b/testing/story/src/test/java/com/evolveum/midpoint/testing/story/TestReconNullValue.java
@@ -26,21 +26,14 @@
 import java.util.Collections;
 import java.util.List;
 
-import javax.xml.namespace.QName;
-
 import org.opends.server.types.DirectoryException;
-import org.opends.server.types.Entry;
 import org.springframework.test.annotation.DirtiesContext;
 import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
-import org.testng.AssertJUnit;
 import org.testng.annotations.AfterClass;
 import org.testng.annotations.Test;
 
-import com.evolveum.midpoint.util.exception.PolicyViolationException;
-import com.evolveum.midpoint.prism.PrismContainer;
 import com.evolveum.midpoint.prism.PrismObject;
-import com.evolveum.midpoint.prism.delta.ItemDelta;
 import com.evolveum.midpoint.prism.delta.ObjectDelta;
 import com.evolveum.midpoint.prism.util.PrismAsserts;
 import com.evolveum.midpoint.prism.util.PrismTestUtil;
@@ -54,15 +47,10 @@
 import com.evolveum.midpoint.util.exception.CommunicationException;
 import com.evolveum.midpoint.util.exception.ConfigurationException;
 import com.evolveum.midpoint.util.exception.ExpressionEvaluationException;
-import com.evolveum.midpoint.util.exception.ObjectAlreadyExistsException;
 import com.evolveum.midpoint.util.exception.ObjectNotFoundException;
 import com.evolveum.midpoint.util.exception.SchemaException;
 import com.evolveum.midpoint.util.exception.SecurityViolationException;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
-import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType;
 import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
@@ -71,13 +59,15 @@
 
 /**
  * 
- * Recon should delete resourceAttribute 
+ * Recon should delete resourceAttributes
  * 
- * Users and the roles being assigned in tests:
- * User0: IT-Role-HR
-
- *
+ * resourceAttributes title and givenName have strong mappings
+ * title has source honorificPrefix
+ * givenName has source givenName
  * 
+ * focus attributes honorificPrefix and/or givenName do not exist and resourceAttributes  title and givenName are added manually
+ * -> reconcile should remove resourceAtributes
+ * as of git-v3.7.1-57-gc5757c3b0d this seems to work for honorificPrefix/title but not for givenName/givenName
  * 
  * @author michael gruber
  *
@@ -91,8 +81,6 @@ public class TestReconNullValue extends AbstractStoryTest {
 
 	private static final String RESOURCE_OPENDJ_OID = "10000000-0000-0000-0000-000000000003";
 	private static final String RESOURCE_OPENDJ_NAMESPACE = MidPointConstants.NS_RI;
-	/// private static final QName OPENDJ_ASSOCIATION_GROUP_NAME = new
-	/// QName(RESOURCE_OPENDJ_NAMESPACE, "group");
 
 	public static final String ORG_TOP_OID = "00000000-8888-6666-0000-100000000001";
 	public static final String OBJECT_TEMPLATE_USER_OID = "10000000-0000-0000-0000-000000000222";
@@ -102,6 +90,7 @@ public class TestReconNullValue extends AbstractStoryTest {
 	private static final String LDAP_INTENT_DEFAULT = "default";
 
 	private static final String ACCOUNT_ATTRIBUTE_TITLE = "title";
+	private static final String ACCOUNT_ATTRIBUTE_GIVENNAME = "givenName";
 
 
 	private ResourceType resourceOpenDjType;
@@ -187,6 +176,9 @@ public void test100CreateUsers() throws Exception {
 		display("user0 after", user0After);
 
 		dumpOrgTree();
+
+		assertShadowAttribute(user0After, ShadowKindType.ACCOUNT, LDAP_INTENT_DEFAULT, ACCOUNT_ATTRIBUTE_GIVENNAME,	"givenName0");		
+
 
 	}
 
@@ -197,7 +189,7 @@ public void test100CreateUsers() throws Exception {
 	 * 
 	 */
 	@Test
-	public void test140AddHonorificPrefix() throws Exception {
+	public void test130AddHonorificPrefix() throws Exception {
 		final String TEST_NAME = "test140AddHonorificPrefix";
 		displayTestTitle(TEST_NAME);
 
@@ -207,13 +199,71 @@ public void test140AddHonorificPrefix() throws Exception {
         dummyAuditService.clear();
 
 
+		//TODO: best way to set extension properties?
+        PrismObject<UserType> userBefore = getObjectByName(UserType.class, USER_0_NAME);
+        display("User before", userBefore);
+		PrismObject<UserType> userNewPrism = userBefore.clone();
+		prismContext.adopt(userNewPrism);
+		UserType userNew = userNewPrism.asObjectable();
+		userNew.setHonorificPrefix(new PolyStringType("Princess"));
+
+		ObjectDelta<UserType> delta = userBefore.diff(userNewPrism);
+		display("Modifying user with delta", delta);
+
+		Collection<ObjectDelta<? extends ObjectType>> deltas = MiscSchemaUtil.createCollection(delta);
+
+		// WHEN
+		displayWhen(TEST_NAME);
+		modelService.executeChanges(deltas, null, task, result);
+
+
+		// THEN
+		displayThen(TEST_NAME);
+        assertSuccess(result);
+
+        PrismObject<UserType> userAfter = getObjectByName(UserType.class, USER_0_NAME);
+        display("User after adding attribute honorificPrefix", userAfter);
+
+        String accountOid = getLinkRefOid(userAfter, RESOURCE_OPENDJ_OID);
+
+        // Check shadow
+        PrismObject<ShadowType> accountShadow = repositoryService.getObject(ShadowType.class, accountOid, null, result);
+        display("accountShadow after attribute deletion", accountShadow);
+
+        // Check account
+        PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountOid, null, task, result);
+        display("accountModel after attribute deletion", accountModel);
+
+        assertShadowAttribute(userAfter, ShadowKindType.ACCOUNT, LDAP_INTENT_DEFAULT, ACCOUNT_ATTRIBUTE_GIVENNAME,	"givenName0");
+        assertShadowAttribute(userAfter, ShadowKindType.ACCOUNT, LDAP_INTENT_DEFAULT, ACCOUNT_ATTRIBUTE_TITLE,	"Princess");
+
+	}
+
+	/**
+	 * delete honorificPrefix and givenName
+	 * 
+	 * in resource account value for title and givenName should have been deleted
+	 * 
+	 */
+	@Test
+	public void test140dDeleteHonorificPrefixGivenName() throws Exception {
+		final String TEST_NAME = "test140dDeleteHonorificPrefixGivenName";
+		displayTestTitle(TEST_NAME);
+
+		 // GIVEN
+		Task task = createTask(TEST_NAME);
+        OperationResult result = task.getResult();
+        dummyAuditService.clear();
+
+
 		//TODO: best way to set extension properties?
         PrismObject<UserType> userBefore = getObjectByName(UserType.class, USER_0_NAME);
         display("User before", userBefore);
 		PrismObject<UserType> userNewPrism = userBefore.clone();
 		prismContext.adopt(userNewPrism);
 		UserType userNew = userNewPrism.asObjectable();
 		userNew.setHonorificPrefix(null);
+		userNew.setGivenName(null);
 
 		ObjectDelta<UserType> delta = userBefore.diff(userNewPrism);
 		display("Modifying user with delta", delta);
@@ -244,17 +294,18 @@ public void test140AddHonorificPrefix() throws Exception {
         display("accountModel after attribute deletion", accountModel);
 
         PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath(ACCOUNT_ATTRIBUTE_TITLE));
+        PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath(ACCOUNT_ATTRIBUTE_GIVENNAME));
 
 	}
 
 
 	/**
-	 * remove title in Resoure Attributer
-	 * 
-	 * in resource account value for title should have been removed
+	 * add title in resource account (not using midpoint)
+	 * do recompute
+	 * in resource account value for title should have been removed again
 	 * 
 	 */
-	@Test //MID-4567
+	@Test
 	public void test150RemoveTitleRA() throws Exception {
 		final String TEST_NAME = "test150RemoveTitleRA";
 		displayTestTitle(TEST_NAME);
@@ -274,12 +325,129 @@ public void test150RemoveTitleRA() throws Exception {
                 "changetype: modify\n"+
                 "add: title\n"+
                 "title: Earl");
+
+        display("LDAP after addition");
+        dumpLdap();
+
+		// WHEN
+		displayWhen(TEST_NAME);
+		modelService.recompute(UserType.class, userBefore.getOid(), null, task, result);
+
+		display("LDAP after reconcile");
+        dumpLdap();
+
+		// THEN
+		displayThen(TEST_NAME);
+        assertSuccess(result);
+
+        PrismObject<UserType> userAfter = getObjectByName(UserType.class, USER_0_NAME);
+        display("User smack after adding attribute title", userAfter);
+
+
+        String accountOid = getLinkRefOid(userAfter, RESOURCE_OPENDJ_OID);
+
+        // Check shadow
+        PrismObject<ShadowType> accountShadow = repositoryService.getObject(ShadowType.class, accountOid, null, result);
+        display("accountShadow after attribute addition", accountShadow);
+
+        // Check account
+        PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountOid, null, task, result);
+        display("accountModel after attribute addition", accountModel);
+
+        PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath( ACCOUNT_ATTRIBUTE_TITLE));
 
+	}
+
+	/**
+	 * add givenName in resource account (not using midpoint)
+	 * do recompute
+	 * in resource account value for givenName should have been removed again
+	 * See also https://wiki.evolveum.com/display/midPoint/Resource+Schema+Handling#ResourceSchemaHandling-AttributeTolerance
+	 * 
+	 */
+	@Test //MID-4567
+	public void test160SetGivenNameAttributeAndReconcile() throws Exception {
+		final String TEST_NAME = "test160SetGivenNameAttributeAndReconcile";
+		displayTestTitle(TEST_NAME);
+
+		 // GIVEN
+		Task task = createTask(TEST_NAME);
+        OperationResult result = task.getResult();
+        dummyAuditService.clear();
+
+
+		//TODO: best way to set extension properties?
+        PrismObject<UserType> userBefore = getObjectByName(UserType.class, USER_0_NAME);
+        display("User before", userBefore);
+
+
+        openDJController.executeLdifChange("dn: uid="+USER_0_NAME+",ou=people,dc=example,dc=com\n"+
+                "changetype: modify\n"+
+                "replace: givenName\n"+
+                "givenName: given0again");
+
+        display("LDAP after addition");
+        dumpLdap();
+
 		// WHEN
 		displayWhen(TEST_NAME);
 		modelService.recompute(UserType.class, userBefore.getOid(), null, task, result);
 
+		display("LDAP after reconcile");
+        dumpLdap();
+
+		// THEN
+		displayThen(TEST_NAME);
+        assertSuccess(result);
+
+        PrismObject<UserType> userAfter = getObjectByName(UserType.class, USER_0_NAME);
+        display("User smack after adding attribute title", userAfter);
+
+
+        String accountOid = getLinkRefOid(userAfter, RESOURCE_OPENDJ_OID);
+
+        // Check shadow
+        PrismObject<ShadowType> accountShadow = repositoryService.getObject(ShadowType.class, accountOid, null, result);
+        display("accountShadow after attribute addition", accountShadow);
+
+        // Check account
+        PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountOid, null, task, result);
+        display("accountModel after attribute addition", accountModel);
+
+        PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath(ACCOUNT_ATTRIBUTE_GIVENNAME));
+
+	}
+
+	/**
+	 * See also https://wiki.evolveum.com/display/midPoint/Resource+Schema+Handling#ResourceSchemaHandling-AttributeTolerance
+	 */
+	@Test //MID-4567
+	public void test170ReplaceGivenNameEmpty() throws Exception {
+		final String TEST_NAME = "test170ReplaceGivenNameEmpty";
+		displayTestTitle(TEST_NAME);
+
+		 // GIVEN
+		Task task = createTask(TEST_NAME);
+        OperationResult result = task.getResult();
+        dummyAuditService.clear();
+
+        PrismObject<UserType> userBefore = getObjectByName(UserType.class, USER_0_NAME);
+        display("User before", userBefore);
+
+        openDJController.executeLdifChange("dn: uid="+USER_0_NAME+",ou=people,dc=example,dc=com\n"+
+                "changetype: modify\n"+
+                "replace: givenName\n"+
+                "givenName: given1again");
+
+        display("LDAP after addition");
+        dumpLdap();
+
+		// WHEN
+		displayWhen(TEST_NAME);
+		modifyUserReplace(userBefore.getOid(), UserType.F_GIVEN_NAME, task, result /* no value */);
 
+		display("LDAP after reconcile");
+        dumpLdap();
 
 		// THEN
 		displayThen(TEST_NAME);
@@ -299,7 +467,7 @@ public void test150RemoveTitleRA() throws Exception {
         PrismObject<ShadowType> accountModel = modelService.getObject(ShadowType.class, accountOid, null, task, result);
         display("accountModel after attribute addition", accountModel);
 
-        PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath( ACCOUNT_ATTRIBUTE_TITLE));
+        PrismAsserts.assertNoItem(accountModel, openDJController.getAttributePath(ACCOUNT_ATTRIBUTE_GIVENNAME));
 
 	}
 
@@ -318,5 +486,38 @@ protected <F extends com.evolveum.midpoint.xml.ns._public.common.common_3.FocusT
 		PrismAsserts.assertPropertyValue(object, F.F_NAME, PrismTestUtil.createPolyString(name));
 		return object;
 	}
+
+	private void assertShadowAttribute(PrismObject focus, ShadowKindType kind, String intent, String attribute,
+			String... values) throws SchemaException, ObjectNotFoundException, SecurityViolationException,
+			CommunicationException, ConfigurationException, DirectoryException, ExpressionEvaluationException {
+		String focusName = focus.getName().toString();
+		display("assert focus " + focus.getCompileTimeClass(), focusName);
+
+		String objOid = getLinkRefOid(focus, RESOURCE_OPENDJ_OID, kind, intent);
+		PrismObject<ShadowType> objShadow = getShadowModel(objOid);
+		display("Focus " + focusName + " kind " + kind + " intent " + intent + " shadow", objShadow);
+
+		List<String> valuesList = new ArrayList<String>(Arrays.asList(values));
+
+		for (Object att : objShadow.asObjectable().getAttributes().asPrismContainerValue().getItems()) {
+			if (att instanceof ResourceAttribute) {
+				Collection propVals = ((ResourceAttribute) att).getRealValues();
+
+				if (attribute.equals(((ResourceAttribute) att).getNativeAttributeName())) {
+
+					List<String> propValsString = new ArrayList<String>(propVals.size());
+					for (Object pval : propVals) {
+						propValsString.add(pval.toString());
+					}
+
+					Collections.sort(propValsString);
+					Collections.sort(valuesList);
+
+					assertEquals(propValsString, valuesList);
+
+				}
+			}
+		}
+	}
 
 }
diff --git a/testing/story/src/test/resources/recon-null-value/resource-opendj.xml b/testing/story/src/test/resources/recon-null-value/resource-opendj.xml
@@ -126,7 +126,12 @@
 
 			<attribute>
 				<ref>ri:givenName</ref>
+				<limitations>
+					<maxOccurs>1</maxOccurs>
+				</limitations>
+				<tolerant>false</tolerant>
 				<outbound>
+					<strength>strong</strength>
 					<source>
 						<path>givenName</path>
 					</source>
@@ -173,8 +178,12 @@
 
 		</objectType>
 
-	</schemaHandling> 
-
+	</schemaHandling>
+
+	<projection>
+		<assignmentPolicyEnforcement>relative</assignmentPolicyEnforcement>
+	</projection> 
+
 	<capabilities>
 		<configured
 			xmlns:cap="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">