diff --git a/grouper/src/test/edu/internet2/middleware/grouper/app/ldapProvisioning/LdapProvisionerDiagnosticsTest.java b/grouper/src/test/edu/internet2/middleware/grouper/app/ldapProvisioning/LdapProvisionerDiagnosticsTest.java index 35254f15d51b..0453845951a8 100644 --- a/grouper/src/test/edu/internet2/middleware/grouper/app/ldapProvisioning/LdapProvisionerDiagnosticsTest.java +++ b/grouper/src/test/edu/internet2/middleware/grouper/app/ldapProvisioning/LdapProvisionerDiagnosticsTest.java @@ -38,7 +38,7 @@ public class LdapProvisionerDiagnosticsTest extends GrouperTest { * @param args */ public static void main(String[] args) { - TestRunner.run(new LdapProvisionerDiagnosticsTest("testGroupAndMembershipInsertAndDelete")); + TestRunner.run(new LdapProvisionerDiagnosticsTest("testGroupAndMembershipWithoutEntitiesInsertAndDelete")); } public LdapProvisionerDiagnosticsTest() { @@ -475,6 +475,295 @@ public void testGroupAndMembershipInsertAndDelete() { } } + public void testGroupAndMembershipWithoutEntitiesInsertAndDelete() { + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.fieldName", "name"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.isFieldElseAttribute", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.valueType", "string"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.insert", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.select", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.update", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.translateExpressionType", "grouperProvisioningGroupField"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.translateFromGrouperProvisioningGroupField", "name"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.translateToGroupSyncField", "groupToId2"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.name", "gidNumber"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.isFieldElseAttribute", "false"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.valueType", "long"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.insert", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.select", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.matchingId", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.searchAttribute", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.translateExpressionType", "grouperProvisioningGroupField"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.1.translateFromGrouperProvisioningGroupField", "idIndex"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.name", "cn"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.isFieldElseAttribute", "false"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.valueType", "string"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.insert", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.select", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.translateExpressionType", "grouperProvisioningGroupField"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.2.translateFromGrouperProvisioningGroupField", "extension"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.name", "objectClass"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.isFieldElseAttribute", "false"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.valueType", "string"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.insert", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.select", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.multiValued", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.translateExpressionType", "translationScript"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.3.translateExpression", "${grouperUtil.toSet('top', 'posixGroup')}"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.name", "description"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.isFieldElseAttribute", "false"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.valueType", "string"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.multiValued", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.membershipAttribute", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.4.translateFromMemberSyncField", "subjectId"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.class", LdapSync.class.getName()); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.ldapExternalSystemConfigId", "personLdap"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.subjectSourcesToProvision", "jdbc"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.provisioningType", "groupAttributes"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.groupSearchBaseDn", "ou=Groups,dc=example,dc=edu"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.groupDnType", "bushy"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.hasTargetGroupLink", "true"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.operateOnGrouperGroups", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.operateOnGrouperEntities", "false"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.operateOnGrouperMemberships", "true"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.selectGroups", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.insertGroups", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.updateGroups", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.deleteGroups", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.deleteGroupsIfNotExistInGrouper", "true"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.selectMemberships", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.insertMemberships", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.deleteMemberships", "true"); + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.deleteMembershipsIfNotExistInGrouper", "true"); + + GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.logAllObjectsVerbose", "true"); + + GrouperConfig.retrieveConfig().propertiesOverrideMap().put("provisioningInUi.enable", "true"); + + Stem testStem = new StemSave(this.grouperSession).assignName("test").save(); + + final GrouperProvisioningAttributeValue attributeValue = new GrouperProvisioningAttributeValue(); + attributeValue.setDirectAssignment(true); + attributeValue.setDoProvision("ldapProvTest"); + attributeValue.setTargetName("ldapProvTest"); + attributeValue.setStemScopeString("sub"); + + // mark some folders to provision + GrouperProvisioningService.saveOrUpdateProvisioningAttributes(attributeValue, testStem); + + Group testGroup = new GroupSave(this.grouperSession).assignName("test:testGroup").save(); + Group testGroup2 = new GroupSave(this.grouperSession).assignName("test:testGroup2").save(); + + Subject testSubject0 = SubjectFinder.findById("test.subject.0", true); + RegistrySubject.add(GrouperSession.staticGrouperSession(), "banderson", "person", "banderson"); + Subject banderson = SubjectFinder.findById("banderson", true); + + testGroup.addMember(testSubject0, false); + + assertEquals(0, LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).size()); + + { + GrouperProvisioningOutput grouperProvisioningOutput = GrouperProvisioner.retrieveProvisioner("ldapProvTest").provision(GrouperProvisioningType.fullProvisionFull); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + } + + List ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + LdapEntry ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + assertTrue(ldapEntry.getAttribute("description").getStringValues().contains("test.subject.0")); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup2,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup2,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup2", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup2.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(0, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + + // delete group + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupDelete(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(1, ldapEntries.size()); + assertEquals("cn=testGroup2,ou=test,ou=Groups,dc=example,dc=edu", ldapEntries.get(0).getDn()); + + // insert group + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupInsert(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(0, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + + // add member + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsSubjectIdOrIdentifier("test.subject.0"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupAttributesMembershipInsert(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + assertTrue(ldapEntry.getAttribute("description").getStringValues().contains("test.subject.0")); + + // add another member + { + testGroup.addMember(banderson); + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsSubjectIdOrIdentifier("banderson"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupAttributesMembershipInsert(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(2, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + assertTrue(ldapEntry.getAttribute("description").getStringValues().contains("test.subject.0")); + assertTrue(ldapEntry.getAttribute("description").getStringValues().contains("banderson")); + + // delete member + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsSubjectIdOrIdentifier("banderson"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupAttributesMembershipDelete(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + assertTrue(ldapEntry.getAttribute("description").getStringValues().contains("test.subject.0")); + + // delete another member + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupName("test:testGroup"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsSubjectIdOrIdentifier("test.subject.0"); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupAttributesMembershipDelete(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + } + + ldapEntries = LdapSessionUtils.ldapSession().list("personLdap", "ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=posixGroup)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null); + assertEquals(2, ldapEntries.size()); + + ldapEntry = LdapSessionUtils.ldapSession().list("personLdap", "cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", LdapSearchScope.SUBTREE_SCOPE, "(objectClass=*)", new String[] {"objectClass", "cn", "description", "gidNumber"}, null).get(0); + assertEquals("cn=testGroup,ou=test,ou=Groups,dc=example,dc=edu", ldapEntry.getDn()); + assertEquals("testGroup", ldapEntry.getAttribute("cn").getStringValues().iterator().next()); + assertEquals(testGroup.getIdIndex().toString(), ldapEntry.getAttribute("gidNumber").getStringValues().iterator().next()); + assertEquals(2, ldapEntry.getAttribute("objectClass").getStringValues().size()); + assertEquals(0, ldapEntry.getAttribute("description").getStringValues().size()); + assertEquals(1, ldapEntry.getAttribute("cn").getStringValues().size()); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("top")); + assertTrue(ldapEntry.getAttribute("objectClass").getStringValues().contains("posixGroup")); + + // select all groups + { + GrouperProvisioner provisioner = GrouperProvisioner.retrieveProvisioner("ldapProvTest"); + provisioner.initialize(GrouperProvisioningType.diagnostics); + GrouperProvisioningDiagnosticsContainer grouperProvisioningDiagnosticsContainer = provisioner.retrieveGrouperProvisioningDiagnosticsContainer(); + grouperProvisioningDiagnosticsContainer.getGrouperProvisioningDiagnosticsSettings().setDiagnosticsGroupsAllSelect(true); + GrouperProvisioningOutput grouperProvisioningOutput = provisioner.provision(GrouperProvisioningType.diagnostics); + assertEquals(0, grouperProvisioningOutput.getRecordsWithErrors()); + validateNoErrors(grouperProvisioningDiagnosticsContainer); + assertTrue(grouperProvisioningDiagnosticsContainer.getReportFinal().contains("Selected 2 groups")); + } + } + public void testEntityAndMembershipInsertAndDelete() { GrouperLoaderConfig.retrieveConfig().propertiesOverrideMap().put("provisioner.ldapProvTest.targetGroupAttribute.0.name", "entitlementValue");