From 675777b7502190eb9a35a3c7078a0a52554c0c74 Mon Sep 17 00:00:00 2001 From: Radovan Semancik Date: Thu, 10 Jul 2014 18:11:20 +0200 Subject: [PATCH] Fixing lockout support +test --- .../icf/dummy/connector/DummyConnector.java | 31 ++++-- .../icf/dummy/resource/DummyAccount.java | 10 ++ .../midpoint/schema/CapabilityUtil.java | 15 +++ .../schema/constants/SchemaConstants.java | 1 + .../schema/util/ResourceTypeUtil.java | 22 ++++ .../impl/ResourceObjectConverter.java | 27 ++++- .../ucf/api/AttributesToReturn.java | 9 ++ .../ucf/impl/ConnectorInstanceIcfImpl.java | 29 ++++- .../provisioning/util/ProvisioningUtil.java | 11 +- .../provisioning/test/impl/TestDummy.java | 104 ++++++++++++++++-- .../test/impl/TestDummyNoActivation.java | 61 +++++++++- 11 files changed, 294 insertions(+), 26 deletions(-) diff --git a/icf-connectors/dummy-connector/src/main/java/com/evolveum/icf/dummy/connector/DummyConnector.java b/icf-connectors/dummy-connector/src/main/java/com/evolveum/icf/dummy/connector/DummyConnector.java index ee103cba321..717cb7223ea 100644 --- a/icf-connectors/dummy-connector/src/main/java/com/evolveum/icf/dummy/connector/DummyConnector.java +++ b/icf-connectors/dummy-connector/src/main/java/com/evolveum/icf/dummy/connector/DummyConnector.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Evolveum + * Copyright (c) 2010-2014 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -282,13 +282,16 @@ public Uid update(ObjectClass objectClass, Uid uid, Set replaceAttrib changePassword(account,attr); } else if (attr.is(OperationalAttributes.ENABLE_NAME)) { - account.setEnabled(getEnable(attr)); + account.setEnabled(getBoolean(attr)); } else if (attr.is(OperationalAttributes.ENABLE_DATE_NAME)) { account.setValidFrom(getDate(attr)); } else if (attr.is(OperationalAttributes.DISABLE_DATE_NAME)) { account.setValidTo(getDate(attr)); + + } else if (attr.is(OperationalAttributes.LOCK_OUT_NAME)) { + account.setLockout(getBoolean(attr)); } else { String name = attr.getName(); @@ -333,7 +336,7 @@ public Uid update(ObjectClass objectClass, Uid uid, Set replaceAttrib throw new IllegalArgumentException("Attempt to change password on group"); } else if (attr.is(OperationalAttributes.ENABLE_NAME)) { - group.setEnabled(getEnable(attr)); + group.setEnabled(getBoolean(attr)); } else { String name = attr.getName(); @@ -750,6 +753,8 @@ private ObjectClassInfoBuilder createCommonObjectClassBuilder(String typeName, objClassBuilder.addAttributeInfo(OperationalAttributeInfos.ENABLE_DATE); objClassBuilder.addAttributeInfo(OperationalAttributeInfos.DISABLE_DATE); } + + objClassBuilder.addAttributeInfo(OperationalAttributeInfos.LOCK_OUT); } // __NAME__ will be added by default @@ -1091,6 +1096,10 @@ private ConnectorObject convertToConnectorObject(DummyAccount account, Collectio GuardedString gs = new GuardedString(account.getPassword().toCharArray()); builder.addAttribute(OperationalAttributes.PASSWORD_NAME,gs); } + + if (account.isLockout() != null) { + builder.addAttribute(OperationalAttributes.LOCK_OUT_NAME, account.isLockout()); + } return builder.build(); } @@ -1126,7 +1135,7 @@ private DummyAccount convertToAccount(Set createAttributes) throws Co changePassword(newAccount,attr); } else if (attr.is(OperationalAttributeInfos.ENABLE.getName())) { - enabled = getEnable(attr); + enabled = getBoolean(attr); newAccount.setEnabled(enabled); } else if (attr.is(OperationalAttributeInfos.ENABLE_DATE.getName())) { @@ -1141,7 +1150,11 @@ private DummyAccount convertToAccount(Set createAttributes) throws Co newAccount.setValidTo(getDate(attr)); } else { throw new IllegalArgumentException("DISABLE_DATE specified in the account attributes while not supporting it"); - } + } + + } else if (attr.is(OperationalAttributeInfos.LOCK_OUT.getName())) { + Boolean lockout = getBoolean(attr); + newAccount.setLockout(lockout); } else { String name = attr.getName(); @@ -1179,7 +1192,7 @@ private DummyGroup convertToGroup(Set createAttributes) throws Connec throw new IllegalArgumentException("Password specified for a group"); } else if (attr.is(OperationalAttributeInfos.ENABLE.getName())) { - enabled = getEnable(attr); + enabled = getBoolean(attr); newGroup.setEnabled(enabled); } else if (attr.is(OperationalAttributeInfos.ENABLE_DATE.getName())) { @@ -1240,13 +1253,13 @@ private DummyPrivilege convertToPriv(Set createAttributes) throws Con return newPriv; } - private boolean getEnable(Attribute attr) { + private boolean getBoolean(Attribute attr) { if (attr.getValue() == null || attr.getValue().isEmpty()) { - throw new IllegalArgumentException("Empty enable attribute was provided"); + throw new IllegalArgumentException("Empty "+attr.getName()+" attribute was provided"); } Object object = attr.getValue().get(0); if (!(object instanceof Boolean)) { - throw new IllegalArgumentException("Enable attribute was provided as "+object.getClass().getName()+" while expecting boolean"); + throw new IllegalArgumentException("Attribute "+attr.getName()+" was provided as "+object.getClass().getName()+" while expecting boolean"); } return ((Boolean)object).booleanValue(); } diff --git a/icf-connectors/dummy-resource/src/main/java/com/evolveum/icf/dummy/resource/DummyAccount.java b/icf-connectors/dummy-resource/src/main/java/com/evolveum/icf/dummy/resource/DummyAccount.java index 0a4f520a11e..a6bffeb440c 100644 --- a/icf-connectors/dummy-resource/src/main/java/com/evolveum/icf/dummy/resource/DummyAccount.java +++ b/icf-connectors/dummy-resource/src/main/java/com/evolveum/icf/dummy/resource/DummyAccount.java @@ -40,6 +40,7 @@ public class DummyAccount extends DummyObject { public static final String ATTR_PRIVILEGES_NAME = "privileges"; private String password = null; + private Boolean lockout = null; public DummyAccount() { super(); @@ -57,6 +58,14 @@ public void setPassword(String password) { this.password = password; } + public Boolean isLockout() { + return lockout; + } + + public void setLockout(boolean lockout) { + this.lockout = lockout; + } + @Override protected DummyObjectClass getObjectClass() throws ConnectException, FileNotFoundException { return resource.getAccountObjectClass(); @@ -80,6 +89,7 @@ public String debugDump() { @Override protected void extendDebugDump(StringBuilder sb, int indent) { DebugUtil.debugDumpWithLabelToStringLn(sb, "Password", password, indent + 1); + DebugUtil.debugDumpWithLabelToStringLn(sb, "Lockout", lockout, indent + 1); } } diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/CapabilityUtil.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/CapabilityUtil.java index 1ca36ef39c6..e6a9112315d 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/CapabilityUtil.java +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/CapabilityUtil.java @@ -28,6 +28,7 @@ import com.evolveum.midpoint.util.JAXBUtil; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType; +import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType; @@ -157,4 +158,18 @@ public static boolean isActivationStatusReturnedByDefault(ActivationCapabilityTy } return statusCap.isReturnedByDefault(); } + + public static boolean isActivationLockoutStatusReturnedByDefault(ActivationCapabilityType capability) { + if (capability == null) { + return false; + } + ActivationLockoutStatusCapabilityType statusCap = capability.getLockoutStatus(); + if (statusCap == null) { + return false; + } + if (statusCap.isReturnedByDefault() == null) { + return true; + } + return statusCap.isReturnedByDefault(); + } } diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java index c3640aa7fbb..a667d93a5a7 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/constants/SchemaConstants.java @@ -133,6 +133,7 @@ public abstract class SchemaConstants { public static final ItemPath PATH_ACTIVATION_VALID_FROM = new ItemPath(C_ACTIVATION, ActivationType.F_VALID_FROM); public static final ItemPath PATH_ACTIVATION_VALID_TO = new ItemPath(C_ACTIVATION, ActivationType.F_VALID_TO); public static final ItemPath PATH_ACTIVATION_DISABLE_REASON = new ItemPath(ShadowType.F_ACTIVATION, ActivationType.F_DISABLE_REASON); + public static final ItemPath PATH_ACTIVATION_LOCKOUT_STATUS = new ItemPath(C_ACTIVATION, ActivationType.F_LOCKOUT_STATUS); public static final ItemPath PATH_ATTRIBUTES = new ItemPath(C_ATTRIBUTES); public static final ItemPath PATH_ASSOCIATION = new ItemPath(C_ASSOCIATION); public static final ItemPath PATH_TRIGGER = new ItemPath(ObjectType.F_TRIGGER); diff --git a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java index f90bc8c350e..01dd78fb8d3 100644 --- a/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java +++ b/infra/schema/src/main/java/com/evolveum/midpoint/schema/util/ResourceTypeUtil.java @@ -26,6 +26,7 @@ + import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -57,6 +58,7 @@ import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType; import com.evolveum.midpoint.xml.ns._public.common.common_3.XmlSchemaType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType; +import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CreateCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType; @@ -331,6 +333,26 @@ public static boolean hasResourceNativeActivationCapability(ResourceType resourc return true; } + public static boolean hasResourceNativeActivationLockoutCapability(ResourceType resource) { + ActivationCapabilityType activationCapability = null; + // check resource native capabilities. if resource cannot do + // activation, it sholud be null.. + if (resource.getCapabilities() != null && resource.getCapabilities().getNative() != null) { + activationCapability = CapabilityUtil.getCapability(resource.getCapabilities().getNative().getAny(), + ActivationCapabilityType.class); + } + if (activationCapability == null) { + return false; + } + + ActivationLockoutStatusCapabilityType lockoutStatus = activationCapability.getLockoutStatus(); + if (lockoutStatus == null) { + return false; + } + + return true; + } + public static boolean hasResourceConfiguredActivationCapability(ResourceType resource) { if (resource.getCapabilities() == null) { return false; diff --git a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ResourceObjectConverter.java b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ResourceObjectConverter.java index 75eaa0d2121..c73d7eeec50 100644 --- a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ResourceObjectConverter.java +++ b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/ResourceObjectConverter.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Evolveum + * Copyright (c) 2010-2014 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -87,6 +87,7 @@ import com.evolveum.midpoint.util.logging.TraceManager; import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType; +import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType; import com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptType; import com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ProvisioningOperationTypeType; @@ -821,6 +822,30 @@ private Collection determineActivationChange(ShadowType shadow, Colle } } + PropertyDelta lockoutPropertyDelta = PropertyDelta.findPropertyDelta(objectChange, + SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS); + if (lockoutPropertyDelta != null) { + if (activationCapabilityType == null) { + throw new SchemaException("Attempt to change activation lockoutStatus on "+resource+" which does not have the capability"); + } + LockoutStatusType status = lockoutPropertyDelta.getPropertyNew().getRealValue(); + LOGGER.trace("Found activation lockoutStatus change to: {}", status); + + // TODO: simulated + if (ResourceTypeUtil.hasResourceNativeActivationLockoutCapability(resource)) { + // Native lockout, need to check if there is not also change to simulated activation which may be in conflict +// checkSimulatedActivation(objectChange, status, shadow, resource, objectClassDefinition); + operations.add(new PropertyModificationOperation(lockoutPropertyDelta)); + } else { + // Try to simulate activation capability + + // TODO +// PropertyModificationOperation activationAttribute = convertToSimulatedActivationAttribute(lockoutPropertyDelta, shadow, resource, +// status, objectClassDefinition); +// operations.add(activationAttribute); + } + } + return operations; } diff --git a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/api/AttributesToReturn.java b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/api/AttributesToReturn.java index 7fc7d16d253..ed266016bc6 100644 --- a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/api/AttributesToReturn.java +++ b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/api/AttributesToReturn.java @@ -30,6 +30,7 @@ public class AttributesToReturn implements Serializable { private boolean returnDefaultAttributes = true; private boolean returnPasswordExplicit = false; private boolean returnAdministrativeStatusExplicit = false; + private boolean returnLockoutStatusExplicit = false; Collection attributesToReturn = null; public boolean isReturnDefaultAttributes() { @@ -64,6 +65,14 @@ public void setReturnAdministrativeStatusExplicit(boolean returnAdministrativeSt this.returnAdministrativeStatusExplicit = returnAdministrativeStatusExplicit; } + public boolean isReturnLockoutStatusExplicit() { + return returnLockoutStatusExplicit; + } + + public void setReturnLockoutStatusExplicit(boolean returnLockoutStatusExplicit) { + this.returnLockoutStatusExplicit = returnLockoutStatusExplicit; + } + @Override public String toString() { return "AttributesToReturn(returnDefaultAttributes=" + returnDefaultAttributes + ", returnPasswordExplicit=" diff --git a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/ConnectorInstanceIcfImpl.java b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/ConnectorInstanceIcfImpl.java index 4f21087dbe0..0487e4c4f31 100644 --- a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/ConnectorInstanceIcfImpl.java +++ b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/ucf/impl/ConnectorInstanceIcfImpl.java @@ -148,6 +148,7 @@ import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType; +import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationLockoutStatusCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationValidityCapabilityType; import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CreateCapabilityType; @@ -505,7 +506,7 @@ public Collection fetchCapabilities(OperationResult parentResult) throws // Result type for this operation OperationResult result = parentResult.createMinorSubresult(ConnectorInstance.class.getName() - + ".getCapabilities"); + + ".fetchCapabilities"); result.addContext("connector", connectorType); try { @@ -584,6 +585,7 @@ private void parseResourceSchema(org.identityconnectors.framework.common.objects AttributeInfo enableAttributeInfo = null; AttributeInfo enableDateAttributeInfo = null; AttributeInfo disableDateAttributeInfo = null; + AttributeInfo lockoutAttributeInfo = null; // New instance of midPoint schema object resourceSchema = new ResourceSchema(getSchemaNamespace(), prismContext); @@ -655,6 +657,12 @@ private void parseResourceSchema(org.identityconnectors.framework.common.objects // Skip this attribute, capability is sufficient continue; } + + if (OperationalAttributes.LOCK_OUT_NAME.equals(attributeInfo.getName())) { + lockoutAttributeInfo = attributeInfo; + // Skip this attribute, capability is sufficient + continue; + } QName attrXsdName = icfNameMapper.convertAttributeNameToQName(attributeInfo.getName(), getSchemaNamespace()); QName attrXsdType = icfTypeToXsdType(attributeInfo.getType(), false); @@ -760,6 +768,17 @@ private void parseResourceSchema(org.identityconnectors.framework.common.objects capValidTo.setReturnedByDefault(false); } } + + if (lockoutAttributeInfo != null) { + if (capAct == null) { + capAct = new ActivationCapabilityType(); + } + ActivationLockoutStatusCapabilityType capActStatus = new ActivationLockoutStatusCapabilityType(); + capAct.setLockoutStatus(capActStatus); + if (!lockoutAttributeInfo.isReturnedByDefault()) { + capActStatus.setReturnedByDefault(false); + } + } if (capAct != null) { capabilities.add(capabilityObjectFactory.createActivation(capAct)); @@ -1035,6 +1054,10 @@ private String[] convertToIcfAttrsToGet(ObjectClassComplexTypeDefinition objectC || (attributesToReturn.isReturnDefaultAttributes() && enabledReturnedByDefault())) { icfAttrsToGet.add(OperationalAttributes.ENABLE_NAME); } + if (attributesToReturn.isReturnLockoutStatusExplicit() + || (attributesToReturn.isReturnDefaultAttributes() && lockoutReturnedByDefault())) { + icfAttrsToGet.add(OperationalAttributes.LOCK_OUT_NAME); + } if (attrs != null) { for (ResourceAttributeDefinition attrDef: attrs) { String attrName = icfNameMapper.convertAttributeNameToIcf(attrDef.getName(), getSchemaNamespace()); @@ -1056,6 +1079,10 @@ private boolean enabledReturnedByDefault() { return CapabilityUtil.isActivationStatusReturnedByDefault(capability); } + private boolean lockoutReturnedByDefault() { + ActivationCapabilityType capability = CapabilityUtil.getCapability(capabilities, ActivationCapabilityType.class); + return CapabilityUtil.isActivationLockoutStatusReturnedByDefault(capability); + } @Override public Collection> addObject(PrismObject object, diff --git a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/util/ProvisioningUtil.java b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/util/ProvisioningUtil.java index d561912bf33..172f4b4aae6 100644 --- a/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/util/ProvisioningUtil.java +++ b/provisioning/provisioning-impl/src/main/java/com/evolveum/midpoint/provisioning/util/ProvisioningUtil.java @@ -1,5 +1,5 @@ /* - * Copyright (c) 2010-2013 Evolveum + * Copyright (c) 2010-2014 Evolveum * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -281,6 +281,15 @@ public static AttributesToReturn createAttributesToReturn(RefinedObjectClassDefi } } + if (CapabilityUtil.isActivationLockoutStatusReturnedByDefault(activationCapabilityType)) { + // There resource is capable of returning lockout flag but it does not do it by default + AttributeFetchStrategyType statusFetchStrategy = objectClassDefinition.getActivationFetchStrategy(ActivationType.F_LOCKOUT_STATUS); + if (statusFetchStrategy == AttributeFetchStrategyType.EXPLICIT) { + attributesToReturn.setReturnLockoutStatusExplicit(true); + apply = true; + } + } + if (apply) { return attributesToReturn; } else { diff --git a/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummy.java b/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummy.java index 53465972881..9857445012a 100644 --- a/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummy.java +++ b/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummy.java @@ -126,6 +126,7 @@ import com.evolveum.midpoint.xml.ns._public.common.common_3.CapabilitiesType; import com.evolveum.midpoint.xml.ns._public.common.common_3.CapabilityCollectionType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ConnectorType; +import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectReferenceType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType; import com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType; @@ -1934,8 +1935,8 @@ public void test150DisableAccount() throws Exception { } @Test - public void test152EnableAccount() throws Exception { - final String TEST_NAME = "test152EnableAccount"; + public void test151EnableAccount() throws Exception { + final String TEST_NAME = "test151EnableAccount"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -1978,8 +1979,8 @@ public void test152EnableAccount() throws Exception { } @Test - public void test155SetValidFrom() throws Exception { - final String TEST_NAME = "test155SetValidFrom"; + public void test152SetValidFrom() throws Exception { + final String TEST_NAME = "test152SetValidFrom"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -2025,8 +2026,8 @@ public void test155SetValidFrom() throws Exception { } @Test - public void test156SetValidTo() throws Exception { - final String TEST_NAME = "test156SetValidTo"; + public void test153SetValidTo() throws Exception { + final String TEST_NAME = "test153SetValidTo"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -2071,10 +2072,94 @@ public void test156SetValidTo() throws Exception { assertSteadyResource(); } + + @Test + public void test155GetLockedoutAccount() throws Exception { + final String TEST_NAME = "test155GetLockedoutAccount"; + TestUtil.displayTestTile(TEST_NAME); + // GIVEN + OperationResult result = new OperationResult(TestDummy.class.getName() + + "." + TEST_NAME); + + DummyAccount dummyAccount = getDummyAccountAssert(ACCOUNT_WILL_USERNAME, willIcfUid); + dummyAccount.setLockout(true); + + // WHEN + PrismObject shadow = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, null, result); + ShadowType shadowType = shadow.asObjectable(); + + // THEN + result.computeStatus(); + display("getObject result", result); + TestUtil.assertSuccess(result); + + display("Retrieved account shadow", shadowType); + + assertNotNull("No dummy account", shadowType); + + if (supportsActivation()) { + PrismAsserts.assertPropertyValue(shadow, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, + LockoutStatusType.LOCKED); + } else { + PrismAsserts.assertNoItem(shadow, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS); + } + + checkAccountWill(shadowType, result); + + checkConsistency(shadowType.asPrismObject()); + + assertSteadyResource(); + } + + @Test + public void test156UnlockAccount() throws Exception { + final String TEST_NAME = "test156UnlockAccount"; + TestUtil.displayTestTile(TEST_NAME); + // GIVEN + + Task task = taskManager.createTaskInstance(TestDummy.class.getName() + "." + TEST_NAME); + OperationResult result = task.getResult(); + + ShadowType accountType = provisioningService.getObject(ShadowType.class, ACCOUNT_WILL_OID, null, task, + result).asObjectable(); + assertNotNull(accountType); + display("Retrieved account shadow", accountType); + + DummyAccount dummyAccount = getDummyAccountAssert(ACCOUNT_WILL_USERNAME, willIcfUid); + assertTrue("Account is not locked", dummyAccount.isLockout()); + + syncServiceMock.reset(); + + ObjectDelta delta = ObjectDelta.createModificationReplaceProperty(ShadowType.class, + ACCOUNT_WILL_OID, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, prismContext, + LockoutStatusType.NORMAL); + display("ObjectDelta", delta); + delta.checkConsistence(); + + // WHEN + TestUtil.displayWhen(TEST_NAME); + provisioningService.modifyObject(ShadowType.class, delta.getOid(), delta.getModifications(), + new OperationProvisioningScriptsType(), null, task, result); + + // THEN + TestUtil.displayThen(TEST_NAME); + result.computeStatus(); + display("modifyObject result", result); + TestUtil.assertSuccess(result); + + delta.checkConsistence(); + // check if activation was changed + dummyAccount = getDummyAccountAssert(ACCOUNT_WILL_USERNAME, willIcfUid); + assertFalse("Dummy account "+ACCOUNT_WILL_USERNAME+" is locked, expected unlocked", dummyAccount.isLockout()); + + syncServiceMock.assertNotifySuccessOnly(); + + assertSteadyResource(); + } @Test - public void test158GetAccount() throws Exception { - final String TEST_NAME = "test158GetAccount"; + public void test159GetAccount() throws Exception { + final String TEST_NAME = "test159GetAccount"; TestUtil.displayTestTile(TEST_NAME); // GIVEN OperationResult result = new OperationResult(TestDummy.class.getName() @@ -2096,8 +2181,11 @@ public void test158GetAccount() throws Exception { if (supportsActivation()) { PrismAsserts.assertPropertyValue(shadow, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS, ActivationStatusType.ENABLED); + PrismAsserts.assertPropertyValue(shadow, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, + LockoutStatusType.NORMAL); } else { PrismAsserts.assertNoItem(shadow, SchemaConstants.PATH_ACTIVATION_ADMINISTRATIVE_STATUS); + PrismAsserts.assertNoItem(shadow, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS); } checkAccountWill(shadowType, result); diff --git a/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummyNoActivation.java b/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummyNoActivation.java index 4bbda2ead09..2f599b72c6c 100644 --- a/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummyNoActivation.java +++ b/provisioning/provisioning-impl/src/test/java/com/evolveum/midpoint/provisioning/test/impl/TestDummyNoActivation.java @@ -40,6 +40,7 @@ import com.evolveum.midpoint.test.util.TestUtil; import com.evolveum.midpoint.util.exception.SchemaException; import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType; +import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType; import com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType; import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType; @@ -125,8 +126,8 @@ public void test150DisableAccount() throws Exception { @Test @Override - public void test152EnableAccount() throws Exception { - final String TEST_NAME = "test152EnableAccount"; + public void test151EnableAccount() throws Exception { + final String TEST_NAME = "test151EnableAccount"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -169,8 +170,8 @@ public void test152EnableAccount() throws Exception { @Test @Override - public void test155SetValidFrom() throws Exception { - final String TEST_NAME = "test155SetValidFrom"; + public void test152SetValidFrom() throws Exception { + final String TEST_NAME = "test152SetValidFrom"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -215,8 +216,8 @@ public void test155SetValidFrom() throws Exception { @Test @Override - public void test156SetValidTo() throws Exception { - final String TEST_NAME = "test156SetValidTo"; + public void test153SetValidTo() throws Exception { + final String TEST_NAME = "test153SetValidTo"; TestUtil.displayTestTile(TEST_NAME); // GIVEN @@ -259,4 +260,52 @@ public void test156SetValidTo() throws Exception { assertSteadyResource(); } + @Test + @Override + public void test155GetLockedoutAccount() throws Exception { + // Not relevant + } + + @Test + @Override + public void test156UnlockAccount() throws Exception { + final String TEST_NAME = "test156UnlockAccount"; + TestUtil.displayTestTile(TEST_NAME); + // GIVEN + + Task task = taskManager.createTaskInstance(TestDummy.class.getName() + "." + TEST_NAME); + OperationResult result = task.getResult(); + + syncServiceMock.reset(); + + ObjectDelta delta = ObjectDelta.createModificationReplaceProperty(ShadowType.class, + ACCOUNT_WILL_OID, SchemaConstants.PATH_ACTIVATION_LOCKOUT_STATUS, prismContext, + LockoutStatusType.NORMAL); + display("ObjectDelta", delta); + delta.checkConsistence(); + + try { + // WHEN + provisioningService.modifyObject(ShadowType.class, delta.getOid(), + delta.getModifications(), new OperationProvisioningScriptsType(), null, task, result); + + AssertJUnit.fail("Unexpected success"); + } catch (SchemaException e) { + // This is expected + } + + + // THEN + TestUtil.displayThen(TEST_NAME); + result.computeStatus(); + display("modifyObject result", result); + TestUtil.assertFailure(result); + + delta.checkConsistence(); + + syncServiceMock.assertNotifyFailureOnly(); + + assertSteadyResource(); + } + }