Skip to content

Commit

Permalink
Merge remote-tracking branch 'origin/master'
Browse files Browse the repository at this point in the history
  • Loading branch information
@mederly
mederly committed Jan 18, 2020
2 parents 56e0a08 + 30e2e92 commit c33d808
Show file tree
Hide file tree
Showing 5 changed files with 94 additions and 18 deletions.
2 changes: 2 additions & 0 deletions model/report-impl/src/main/java/com/evolveum/midpoint/report/impl/ReportServiceImpl.java
View file
Expand Up @@ -179,8 +179,10 @@ public Collection<PrismObject<? extends ObjectType>> searchObjects(ObjectQuery q
// SelectorOptions(GetOperationOptions.createResolveNames()));
GetOperationOptions getOptions = GetOperationOptions.createResolveNames();
if (ShadowType.class.isAssignableFrom(clazz) && securityEnforcer.isAuthorized(ModelAuthorizationAction.RAW_OPERATION.getUrl(), null, AuthorizationParameters.EMPTY, null, task, parentResult)) {
LOGGER.trace("Setting searching in raw mode.");
getOptions.setRaw(Boolean.TRUE); // shadows in non-raw mode require specifying resource OID and kind (at least) - todo research this further
} else {
LOGGER.trace("Setting searching in noFetch mode. Shadows in non-raw mode require specifying resource OID and objectClass (kind) at least.");
getOptions.setNoFetch(Boolean.TRUE);
}
options = SelectorOptions.createCollection(getOptions);
Expand Down
4 changes: 4 additions & 0 deletions provisioning/provisioning-impl/pom.xml
View file
Expand Up @@ -121,6 +121,10 @@
<groupId>javax.annotation</groupId>
<artifactId>javax.annotation-api</artifactId>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-collections4</artifactId>
</dependency>

<!-- Testing dependencies -->
<dependency>
Expand Down
5 changes: 5 additions & 0 deletions ...ning-impl/src/main/java/com/evolveum/midpoint/provisioning/impl/EntitlementConverter.java
View file
Expand Up @@ -17,6 +17,7 @@
import com.evolveum.midpoint.prism.path.ItemName;
import com.evolveum.midpoint.prism.path.ItemPath;
import com.evolveum.midpoint.schema.processor.*;
import org.apache.commons.collections4.CollectionUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

Expand Down Expand Up @@ -339,6 +340,10 @@ public void collectEntitlementChange(ProvisioningContext ctx, ContainerDelta<Sha
Collection<Operation> operations) throws SchemaException, ConfigurationException, ObjectNotFoundException, CommunicationException, ExpressionEvaluationException {
Map<QName, PropertyModificationOperation> operationsMap = new HashMap<>();

if (CollectionUtils.isNotEmpty(itemDelta.getValuesToReplace())) {
LOGGER.error("Replace delta not supported for association, modifications {},\n provisioning context: ", itemDelta, ctx);
throw new SchemaException("Cannot perform replace delta for association, replace values: " + itemDelta.getValuesToReplace());
}
collectEntitlementToAttrsDelta(ctx, operationsMap, itemDelta.getValuesToAdd(), ModificationType.ADD);
collectEntitlementToAttrsDelta(ctx, operationsMap, itemDelta.getValuesToDelete(), ModificationType.DELETE);
collectEntitlementToAttrsDelta(ctx, operationsMap, itemDelta.getValuesToReplace(), ModificationType.REPLACE);
Expand Down
74 changes: 56 additions & 18 deletions ...sioning-impl/src/test/java/com/evolveum/midpoint/provisioning/impl/opendj/TestOpenDj.java
View file
Expand Up @@ -35,6 +35,7 @@
import com.evolveum.midpoint.prism.query.*;
import com.evolveum.midpoint.schema.processor.*;

import com.evolveum.midpoint.xml.ns._public.common.common_3.*;
import org.apache.commons.lang.StringUtils;
import org.opends.server.types.Entry;
import org.opends.server.util.LDIFException;
Expand Down Expand Up @@ -78,7 +79,6 @@
import com.evolveum.midpoint.test.util.MidPointAsserts;
import com.evolveum.midpoint.test.util.TestUtil;
import com.evolveum.midpoint.util.DOMUtil;
import com.evolveum.midpoint.util.DebugUtil;
import com.evolveum.midpoint.util.JAXBUtil;
import com.evolveum.midpoint.util.MiscUtil;
import com.evolveum.midpoint.util.exception.CommunicationException;
Expand All @@ -89,23 +89,6 @@
import com.evolveum.midpoint.util.logging.TraceManager;
import com.evolveum.midpoint.xml.ns._public.common.api_types_3.ObjectModificationType;
import com.evolveum.midpoint.xml.ns._public.common.api_types_3.PropertyReferenceListType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CachingMetadataType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CapabilityCollectionType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ConnectorType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.CredentialsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.LockoutStatusType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ObjectType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.OperationProvisioningScriptsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.PasswordType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ProvisioningScriptHostType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ResourceType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.SchemaGenerationConstraintsType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowAssociationType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowKindType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.ShadowType;
import com.evolveum.midpoint.xml.ns._public.common.common_3.XmlSchemaType;
import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType;
import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CreateCapabilityType;
import com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.CredentialsCapabilityType;
Expand Down Expand Up @@ -141,6 +124,7 @@
public class TestOpenDj extends AbstractOpenDjTest {

protected static final String USER_JACK_FULL_NAME = "Jack Sparrow";
private static final File FILE_MODIFY_ASSOCIATION_REPLACE = new File(TEST_DIR, "account-modify-association.xml");

private static final String[] JACK_FULL_NAME_LANG_EN_SK = {
"en", "Jack Sparrow",
Expand Down Expand Up @@ -2532,6 +2516,60 @@ public void test402AddAccountMorganWithAssociation() throws Exception {
assertShadows(19);
}

@Test
public void test403modifyMorganReplaceAssociation() throws Exception {
final String TEST_NAME = "test403modifyMorganReplaceAssociation";
displayTestTitle(TEST_NAME);

Task task = createTask(TEST_NAME);
OperationResult result = task.getResult();

// WHEN
displayWhen(TEST_NAME);
ObjectModificationType modification = prismContext.parserFor(FILE_MODIFY_ASSOCIATION_REPLACE).parseRealValue(ObjectModificationType.class);
ObjectDelta<ShadowType> delta = DeltaConvertor.createObjectDelta(modification, ShadowType.class, prismContext);
try {
provisioningService.modifyObject(ShadowType.class, ACCOUNT_MORGAN_OID, delta.getModifications(), null, null, task, result);
assertNotReached();
} catch (SchemaException e) {
//expected exception because replace delta is not supported for association
}

// THEN
displayThen(TEST_NAME);

assertRepoShadow(ACCOUNT_MORGAN_OID)
.assertName(ACCOUNT_MORGAN_DN);

ShadowAsserter<Void> provisioningShadowAsserter = assertShadowProvisioning(ACCOUNT_MORGAN_OID)
.assertName(ACCOUNT_MORGAN_DN)
.associations()
.assertSize(1)
.association(ASSOCIATION_GROUP_NAME)
.assertShadowOids(GROUP_SWASHBUCKLERS_OID)
.end()
.end();

String uid = provisioningShadowAsserter
.attributes()
.getValue(getPrimaryIdentifierQName());
assertNotNull(uid);

Entry accountEntry = openDJController.searchAndAssertByEntryUuid(uid);
display("LDAP account", accountEntry);
assertNotNull("No LDAP account entry");
String accountDn = accountEntry.getDN().toString();
assertEquals("Wrong account DN", ACCOUNT_MORGAN_DN, accountDn);

Entry groupEntry = openDJController.fetchEntry(GROUP_SWASHBUCKLERS_DN);
display("LDAP group", groupEntry);
assertNotNull("No LDAP group entry");
openDJController.assertUniqueMember(groupEntry, accountDn);

assertShadows(19);
}


@Test
public void test405GetGroupSwashbucklers() throws Exception {
final String TEST_NAME = "test405GetGroupSwashbucklers";
Expand Down
27 changes: 27 additions & 0 deletions provisioning/provisioning-impl/src/test/resources/opendj/account-modify-association.xml
View file
@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ Copyright (c) 2010-2017 Evolveum and contributors
~
~ This work is dual-licensed under the Apache License 2.0
~ and European Union Public License. See LICENSE file for details.
-->

<objectModification
xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'
xmlns='http://midpoint.evolveum.com/xml/ns/public/common/api-types-3'
xmlns:c='http://midpoint.evolveum.com/xml/ns/public/common/common-3'
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance/ef2bc95b-76e0-59e2-86d6-3d4f02d3ffff">
<oid>c0c010c0-d34d-b44f-f11d-333222444566</oid>
<itemDelta>
<t:modificationType>replace</t:modificationType>
<t:path>association</t:path>
<t:value>
<c:name>group</c:name>
<c:identifiers>
<ri:dn xsi:type="xsd:string">cn=anygroup,ou=groups,dc=example,dc=com</ri:dn>
</c:identifiers>
</t:value>
</itemDelta>
</objectModification>

0 comments on commit c33d808

Please sign in to comment.