Skip to content

Commit

Permalink
Fixes MID-4355: Global policy rules are applied even if they should n…
Browse files Browse the repository at this point in the history 
…ot be

(cherry picked from commit fdb6b57)
  • Loading branch information
@mederly
mederly committed Dec 20, 2017
1 parent 599eafa commit 66ee801
Show file tree
Hide file tree
Showing 19 changed files with 73 additions and 0 deletions.
3 changes: 3 additions & 0 deletions ...orkflow-impl/src/test/java/com/evolveum/midpoint/wf/impl/policy/AbstractWfTestPolicy.java
View file
Expand Up @@ -95,6 +95,7 @@ public class AbstractWfTestPolicy extends AbstractModelImplementationIntegration
public static final File USER_ADMINISTRATOR_FILE = new File(TEST_RESOURCE_DIR, "user-administrator.xml");

protected static final File USER_JACK_FILE = new File(TEST_RESOURCE_DIR, "user-jack.xml");
protected static final File USER_JACK_DEPUTY_FILE = new File(TEST_RESOURCE_DIR, "user-jack-deputy.xml"); // delegation is created only when needed
protected static final File USER_BOB_FILE = new File(TEST_RESOURCE_DIR, "user-bob.xml");
protected static final File USER_CHUCK_FILE = new File(TEST_RESOURCE_DIR, "user-chuck.xml");
protected static final File USER_LEAD1_FILE = new File(TEST_RESOURCE_DIR, "user-lead1.xml");
Expand Down Expand Up @@ -138,6 +139,7 @@ public class AbstractWfTestPolicy extends AbstractModelImplementationIntegration
protected static final String USER_ADMINISTRATOR_OID = SystemObjectsType.USER_ADMINISTRATOR.value();

protected String userJackOid;
protected String userJackDeputyOid;
protected String userBobOid;
protected String userChuckOid;
protected String userLead1Oid;
Expand Down Expand Up @@ -208,6 +210,7 @@ public void initSystem(Task initTask, OperationResult initResult) throws Excepti
metaroleApproveUnassign = repoAddObjectFromFile(METAROLE_APPROVE_UNASSIGN_FILE, initResult).getOid();

userJackOid = repoAddObjectFromFile(USER_JACK_FILE, initResult).getOid();
userJackDeputyOid = repoAddObjectFromFile(USER_JACK_DEPUTY_FILE, initResult).getOid();
userBobOid = repoAddObjectFromFile(USER_BOB_FILE, initResult).getOid();
userChuckOid = repoAddObjectFromFile(USER_CHUCK_FILE, initResult).getOid();
roleRole1Oid = repoAddObjectFromFile(ROLE_ROLE1_FILE, initResult).getOid();
Expand Down
24 changes: 24 additions & 0 deletions ...java/com/evolveum/midpoint/wf/impl/policy/assignments/AbstractTestAssignmentApproval.java
View file
Expand Up @@ -222,6 +222,30 @@ public void test072AddRoles123AssignmentYYYImmediate() throws Exception {
executeAssignRoles123ToJack(TEST_NAME, true, true, true, true);
}

@Test // MID-4355
public void test100AddCreateDelegation() throws Exception {
final String TEST_NAME = "test100AddCreateDelegation";
TestUtil.displayTestTitle(this, TEST_NAME);
login(userAdministrator);

Task task = createTask(TEST_NAME);
task.setOwner(userAdministrator);
OperationResult result = task.getResult();

// WHEN
assignDeputy(userJackDeputyOid, userJackOid, a -> {
//a.beginLimitTargetContent().allowTransitive(true);
}, task, result);

// THEN
PrismObject<UserType> deputy = getUser(userJackDeputyOid);
display("deputy after", deputy);

result.computeStatus();
assertSuccess(result);
assertAssignedDeputy(deputy, userJackOid);
}

/**
* Assigning Role1 with two deputies present. (But approved by the delegator.)
*/
Expand Down
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role1.xml
View file
Expand Up @@ -23,4 +23,5 @@
<inducement>
<targetRef oid="00000001-d34d-b33f-f00d-000000000010" type="RoleType" />
</inducement>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role10.xml
View file
Expand Up @@ -17,4 +17,5 @@
<role oid="00000001-d34d-b33f-f00d-000000000010">
<name>Role10</name>
<description>Induced by Role1</description>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role10a.xml
View file
Expand Up @@ -18,4 +18,5 @@
<name>Role10a</name>
<description>Induced by Role1a</description>
<!-- approverRef will be set during the tests -->
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role10b.xml
View file
Expand Up @@ -20,4 +20,5 @@
<assignment> <!-- metarole 1 'default' -->
<targetRef oid="00000001-d34d-b33f-f00d-M00000000001" type="RoleType"/>
</assignment>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role15.xml
View file
Expand Up @@ -16,4 +16,5 @@

<role oid="00000001-d34d-b33f-f00d-000000000015">
<name>Role15</name>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role1a.xml
View file
Expand Up @@ -23,5 +23,6 @@
<inducement>
<targetRef oid="00000001-d34d-b33f-f00d-00000000010a" type="RoleType" />
</inducement>
<delegable>true</delegable>
<approverRef oid="00000001-d34d-b33f-f00d-L00000000001" type="UserType"/> <!-- lead1 -->
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role1b.xml
View file
Expand Up @@ -26,4 +26,5 @@
<inducement>
<targetRef oid="00000001-d34d-b33f-f00d-00000000010b" type="RoleType" />
</inducement>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role2.xml
View file
Expand Up @@ -17,4 +17,5 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-000000000002">
<name>Role2</name>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role2a.xml
View file
Expand Up @@ -17,5 +17,6 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-00000000002a">
<name>Role2a</name>
<delegable>true</delegable>
<approverRef oid="00000001-d34d-b33f-f00d-L00000000002" type="UserType"/> <!-- lead2 -->
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role2b.xml
View file
Expand Up @@ -20,4 +20,5 @@
<assignment> <!-- metarole 1 'default' -->
<targetRef oid="00000001-d34d-b33f-f00d-M00000000001" type="RoleType"/>
</assignment>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role3.xml
View file
Expand Up @@ -17,4 +17,5 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-000000000003">
<name>Role3</name>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role3a.xml
View file
Expand Up @@ -17,5 +17,6 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-00000000003a">
<name>Role3a</name>
<delegable>true</delegable>
<approverRef oid="00000001-d34d-b33f-f00d-L00000000003" type="UserType"/> <!-- lead3 -->
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role3b.xml
View file
Expand Up @@ -20,4 +20,5 @@
<assignment> <!-- metarole 1 'default' -->
<targetRef oid="00000001-d34d-b33f-f00d-M00000000001" type="RoleType"/>
</assignment>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role4.xml
View file
Expand Up @@ -17,4 +17,5 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-000000000004">
<name>Role4</name>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role4a.xml
View file
Expand Up @@ -17,4 +17,5 @@
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
oid="00000001-d34d-b33f-f00d-00000000004a">
<name>Role4a</name>
<delegable>true</delegable>
</role>
1 change: 1 addition & 0 deletions model/workflow-impl/src/test/resources/policy/role-role4b.xml
View file
Expand Up @@ -20,4 +20,5 @@
<assignment> <!-- metarole 1 'default' -->
<targetRef oid="00000001-d34d-b33f-f00d-M00000000001" type="RoleType"/>
</assignment>
<delegable>true</delegable>
</role>
30 changes: 30 additions & 0 deletions model/workflow-impl/src/test/resources/policy/user-jack-deputy.xml
View file
@@ -0,0 +1,30 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2010-2017 Evolveum
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE-2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
-->
<user oid="e44769f2-030b-4e9c-9ddf-76bb3a348f9c"
xmlns='http://midpoint.evolveum.com/xml/ns/public/common/common-3'
xmlns:c='http://midpoint.evolveum.com/xml/ns/public/common/common-3'
xmlns:t='http://prism.evolveum.com/xml/ns/public/types-3'
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
xmlns:xsd='http://www.w3.org/2001/XMLSchema'
xmlns:piracy='http://midpoint.evolveum.com/xml/ns/samples/piracy'>
<name>jack-deputy</name>
<fullName>Jack Deputy</fullName>
<givenName>Jack</givenName>
<familyName>Deputy</familyName>

<!-- delegation assignment is created only when needed -->
</user>

0 comments on commit 66ee801

Please sign in to comment.