generate value rest api operation - some fixes and support for polySt…

…ring and protectedString..added tests
Evolveum · May 11, 2017 · d08156e · d08156e
1 parent 3acc265
commit d08156e
Show file tree

Hide file tree

Showing 9 changed files with 168 additions and 11 deletions.
diff --git a/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelRestService.java b/model/model-impl/src/main/java/com/evolveum/midpoint/model/impl/ModelRestService.java
@@ -240,7 +240,20 @@ public <O extends ObjectType> Response generateValue(@PathParam("type") String t
 
 				if (BooleanUtils.isTrue(policyItemDefinition.isExecute())) {
 					executeImmediatelly = true;
-					PropertyDelta propertyDelta = PropertyDelta.createModificationReplaceProperty(policyItemDefinition.getTarget().getPath().getItemPath(), object.getDefinition(), policyItemDefinition.getValue());
+					ItemPath path = policyItemDefinition.getTarget().getPath().getItemPath();
+					PrismProperty item = object.findOrCreateProperty(path);
+					Object value = policyItemDefinition.getValue();
+					if (item.getDefinition() != null) {
+						if (item.getDefinition().getTypeName().equals(ProtectedStringType.COMPLEX_TYPE)) {
+							ProtectedStringType pst = new ProtectedStringType();
+							pst.setClearValue((String) policyItemDefinition.getValue()); 
+							value = pst;
+						} else if (item.getDefinition().getTypeName().equals(PolyStringType.COMPLEX_TYPE)) {
+							PolyString polyString = new PolyString((String) policyItemDefinition.getValue());
+							value = polyString;
+						}
+					}
+					PropertyDelta propertyDelta = PropertyDelta.createModificationReplaceProperty(path, object.getDefinition(), value);
 					propertyDeltas.add(propertyDelta);
 				}
 

diff --git a/.../src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java b/.../src/main/java/com/evolveum/midpoint/model/impl/security/AuthenticationEvaluatorImpl.java
@@ -332,11 +332,11 @@ private void checkPasswordValidityAndAge(ConnectionEnvironment connEnv, @NotNull
 	}
 
 
-	protected boolean matchDecryptedValue(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, String decryptedValue,
-			String enteredPassword){
-		return enteredPassword.equals(decryptedValue);
-	}
-
+//	protected boolean matchDecryptedValue(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, String decryptedValue,
+//			String enteredPassword){
+//		return enteredPassword.equals(decryptedValue);
+//	}
+//	
 	protected boolean decryptAndMatch(ConnectionEnvironment connEnv, @NotNull MidPointPrincipal principal, ProtectedStringType protectedString,
 			String enteredPassword) {
 		ProtectedStringType entered = new ProtectedStringType();

diff --git a/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestAbstractRestService.java b/testing/rest/src/test/java/com/evolveum/midpoint/testing/rest/TestAbstractRestService.java
@@ -81,6 +81,8 @@ public abstract class TestAbstractRestService extends RestServiceInitializer{
 	public static final String POLICY_ITEM_DEFINITION_GENERATE = "policy-generate"; 	
 	public static final String POLICY_ITEM_DEFINITION_GENERATE_BAD_PATH = "policy-generate-bad-path"; 
 	public static final String POLICY_ITEM_DEFINITION_GENERATE_EXECUTE = "policy-generate-execute";
+	public static final String POLICY_ITEM_DEFINITION_GENERATE_PASSWORD_EXECUTE = "policy-generate-password-execute";
+	public static final String POLICY_ITEM_DEFINITION_GENERATE_HONORIFIC_PREFIX_EXECUTE = "policy-generate-honorific-prefix-execute";
 	public static final String POLICY_ITEM_DEFINITION_VALIDATE_EXPLICIT = "policy-validate-explicit";
 	public static final String POLICY_ITEM_DEFINITION_VALIDATE_EXPLICIT_CONFLICT = "policy-validate-explicit-conflict";
 	public static final String POLICY_ITEM_DEFINITION_VALIDATE_IMPLICIT_SINGLE = "policy-validate-implicit-single";
@@ -868,6 +870,69 @@ public void test504checkGeneratedValue() throws Exception {
 		assertNotNull("EmployeeNumber must not be null", user.getEmployeeNumber());
 	}
 
+
+	@Test
+	public void test505generatePasswordExecute() throws Exception {
+		final String TEST_NAME = "test505generatePasswordExecute";
+		displayTestTile(this, TEST_NAME);
+
+		WebClient client = prepareClient();
+		client.path("/users/" + USER_DARTHADDER_OID + "/generate");
+
+		getDummyAuditService().clear();
+
+		TestUtil.displayWhen(TEST_NAME);
+		Response response = client.post(getRepoFile(POLICY_ITEM_DEFINITION_GENERATE_PASSWORD_EXECUTE));
+
+		TestUtil.displayThen(TEST_NAME);
+		displayResponse(response);
+
+		assertEquals("Expected 200 but got " + response.getStatus(), 200, response.getStatus());
+
+
+		IntegrationTestTools.display("Audit", getDummyAuditService());
+		getDummyAuditService().assertRecords(4);
+		getDummyAuditService().assertLoginLogout(SchemaConstants.CHANNEL_REST_URI);
+		getDummyAuditService().assertHasDelta(1, ChangeType.MODIFY, UserType.class);
+
+		//UserType user = loadObject(UserType.class, USER_DARTHADDER_OID);
+		//TODO assert changed items
+	}
+
+	@Test
+	public void test506generateHonorificPrefixNameExecute() throws Exception {
+		final String TEST_NAME = "test506generateHonorificPrefixNameExecute";
+		displayTestTile(this, TEST_NAME);
+
+		WebClient client = prepareClient();
+		client.path("/users/" + USER_DARTHADDER_OID + "/generate");
+
+		getDummyAuditService().clear();
+
+		TestUtil.displayWhen(TEST_NAME);
+		Response response = client.post(getRepoFile(POLICY_ITEM_DEFINITION_GENERATE_HONORIFIC_PREFIX_EXECUTE));
+
+		TestUtil.displayThen(TEST_NAME);
+		displayResponse(response);
+
+		if (response.getStatus() == 500) {
+			OperationResultType result = response.readEntity(OperationResultType.class);
+			LOGGER.info("####RESULT");
+			LOGGER.info(OperationResult.createOperationResult(result).debugDump());
+		}
+
+
+		assertEquals("Expected 200 but got " + response.getStatus(), 200, response.getStatus());
+
+		IntegrationTestTools.display("Audit", getDummyAuditService());
+		getDummyAuditService().assertRecords(4);
+		getDummyAuditService().assertLoginLogout(SchemaConstants.CHANNEL_REST_URI);
+		getDummyAuditService().assertHasDelta(1, ChangeType.MODIFY, UserType.class);
+
+		//UserType user = loadObject(UserType.class, USER_DARTHADDER_OID);
+		//TODO assert changed items
+	}
+
 	@Test
 	public void test510validateValueExplicit() throws Exception {
 		final String TEST_NAME = "test510validateValueExplicit";
@@ -1013,11 +1078,6 @@ public void test515validateValueImplicitPassword() throws Exception {
 		TestUtil.displayThen(TEST_NAME);
 		displayResponse(response);
 
-		if (response.getStatus() == 400) {
-			OperationResultType result = response.readEntity(OperationResultType.class);
-			LOGGER.info("####RESULT");
-			LOGGER.info(OperationResult.createOperationResult(result).debugDump());
-		}
 
 		assertEquals("Expected 200 but got " + response.getStatus(), 200, response.getStatus());
 

diff --git a/testing/rest/src/test/resources/repo/json/policy-generate-honorific-prefix-execute.json b/testing/rest/src/test/resources/repo/json/policy-generate-honorific-prefix-execute.json
@@ -0,0 +1,17 @@
+{
+"@ns": "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3",
+"policyItemsDefinition": {
+  "policyItemDefinition": [{
+
+  "target": {
+    	"path": "honorificPrefix"
+    },
+  "valuePolicyRef": {
+    "@ns": "http://midpoint.evolveum.com/xml/ns/public/common/common-3",
+    "type": "http://midpoint.evolveum.com/xml/ns/public/common/common-3#ValuePolicyType",
+    "oid": "81818181-76e0-0000-8888-3d4f02d3fffb"
+  },
+  "execute" : "true"
+ }]
+}
+}
diff --git a/testing/rest/src/test/resources/repo/json/policy-generate-password-execute.json b/testing/rest/src/test/resources/repo/json/policy-generate-password-execute.json
@@ -0,0 +1,16 @@
+{
+"@ns": "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3",
+"policyItemsDefinition": {
+  "policyItemDefinition": [{
+  "target": {
+    	"path": "credentials/password/value"
+    },
+  "valuePolicyRef": {
+    "@ns": "http://midpoint.evolveum.com/xml/ns/public/common/common-3",
+    "type": "http://midpoint.evolveum.com/xml/ns/public/common/common-3#ValuePolicyType",
+    "oid": "00000000-0000-0000-1111-000000000003"
+  },
+  "execute" : "true"
+ }]
+}
+}
diff --git a/testing/rest/src/test/resources/repo/xml/policy-generate-honorific-prefix-execute.xml b/testing/rest/src/test/resources/repo/xml/policy-generate-honorific-prefix-execute.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<policyItemsDefinition xmlns="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
+          xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+          xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+          xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
+          xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+          xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">
+	<policyItemDefinition>
+		<c:target>
+			<t:path>honorificPrefix</t:path>
+		</c:target>
+		<execute>true</execute>
+		<c:valuePolicyRef oid="81818181-76e0-0000-8888-3d4f02d3fffb" type="c:ValuePolicyType"/>
+	</policyItemDefinition>
+</policyItemsDefinition>
diff --git a/testing/rest/src/test/resources/repo/xml/policy-generate-password-execute.xml b/testing/rest/src/test/resources/repo/xml/policy-generate-password-execute.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<policyItemsDefinition xmlns="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
+          xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
+          xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+          xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
+          xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
+          xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">
+	<policyItemDefinition>
+		<c:target>
+			<t:path>credentials/password/value</t:path>
+		</c:target>
+		<execute>true</execute>
+		<c:valuePolicyRef oid="00000000-0000-0000-1111-000000000003" type="c:ValuePolicyType"/>
+	</policyItemDefinition>
+</policyItemsDefinition>
diff --git a/testing/rest/src/test/resources/repo/yaml/policy-generate-honorific-prefix-execute.yml b/testing/rest/src/test/resources/repo/yaml/policy-generate-honorific-prefix-execute.yml
@@ -0,0 +1,11 @@
+'@ns': "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
+policyItemsDefinition:
+  policyItemDefinition:
+  - target:
+      path: "honorificPrefix"
+    valuePolicyRef:
+      '@ns': "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+      type: "http://midpoint.evolveum.com/xml/ns/public/common/common-3#ValuePolicyType"
+      oid: "81818181-76e0-0000-8888-3d4f02d3fffb"
+    execute: true
+
diff --git a/testing/rest/src/test/resources/repo/yaml/policy-generate-password-execute.yml b/testing/rest/src/test/resources/repo/yaml/policy-generate-password-execute.yml
@@ -0,0 +1,10 @@
+'@ns': "http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
+policyItemsDefinition:
+  policyItemDefinition:
+  - target:
+      path: "credentials/password/value"
+    valuePolicyRef:
+      '@ns': "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
+      type: "http://midpoint.evolveum.com/xml/ns/public/common/common-3#ValuePolicyType"
+      oid: "00000000-0000-0000-1111-000000000003"
+    execute: true