From 4efa5319dd1dc18d19274de0db22bda6bc7e530c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Francesco=20Chicchiricc=C3=B2?= Date: Tue, 28 Feb 2023 12:32:40 +0100 Subject: [PATCH 1/2] [SYNCOPE-1736] Update template handling --- .../java/utils/TemplateUtils.java | 96 ++++++++++++++----- 1 file changed, 71 insertions(+), 25 deletions(-) diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/TemplateUtils.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/TemplateUtils.java index 873287a73f1..7d063de1f8d 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/TemplateUtils.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/TemplateUtils.java @@ -19,6 +19,7 @@ package org.apache.syncope.core.provisioning.java.utils; import java.util.Map; +import java.util.Objects; import java.util.Optional; import org.apache.commons.jexl3.MapContext; import org.apache.commons.lang3.StringUtils; @@ -37,8 +38,6 @@ import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; import org.apache.syncope.core.persistence.api.entity.AnyTemplate; -import org.apache.syncope.core.persistence.api.entity.group.Group; -import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.provisioning.api.jexl.JexlUtils; import org.springframework.transaction.annotation.Transactional; @@ -179,11 +178,32 @@ public void apply(final RealmMember realmMember, final AnyTO template) { fillRelationships((GroupableRelatableTO) realmMember, ((GroupableRelatableTO) template)); fillMemberships((GroupableRelatableTO) realmMember, ((GroupableRelatableTO) template)); - if (realmMember instanceof UserTO) { - ((UserTO) realmMember).getRoles().addAll(((UserTO) template).getRoles()); - } else if (realmMember instanceof UserCR) { - ((UserCR) realmMember).getRoles().addAll(((UserTO) template).getRoles()); - } + + ((UserTO) template).getRoles().forEach(role -> { + if (realmMember instanceof UserTO + && !((UserTO) realmMember).getRoles().contains(role)) { + + ((UserTO) realmMember).getRoles().add(role); + } else if (realmMember instanceof UserCR + && !((UserCR) realmMember).getRoles().contains(role)) { + + ((UserCR) realmMember).getRoles().add(role); + } + }); + + ((UserTO) template).getLinkedAccounts().forEach(account -> { + if (realmMember instanceof UserTO && ((UserTO) realmMember).getLinkedAccounts().stream(). + noneMatch(a -> Objects.equals(account.getConnObjectKeyValue(), a.getConnObjectKeyValue()) + && Objects.equals(account.getResource(), a.getResource()))) { + + ((UserTO) realmMember).getLinkedAccounts().add(account); + } else if (realmMember instanceof UserCR && ((UserCR) realmMember).getLinkedAccounts().stream(). + noneMatch(a -> Objects.equals(account.getConnObjectKeyValue(), a.getConnObjectKeyValue()) + && Objects.equals(account.getResource(), a.getResource()))) { + + ((UserCR) realmMember).getLinkedAccounts().add(account); + } + }); } else if (template instanceof GroupTO) { if (StringUtils.isNotBlank(((GroupTO) template).getName())) { String evaluated = JexlUtils.evaluate(((GroupTO) template).getName(), jexlContext).toString(); @@ -196,26 +216,52 @@ public void apply(final RealmMember realmMember, final AnyTO template) { } } - if (((GroupTO) template).getUserOwner() != null) { - final User userOwner = userDAO.find(((GroupTO) template).getUserOwner()); - if (userOwner != null) { - if (realmMember instanceof GroupTO) { - ((GroupTO) realmMember).setUserOwner(userOwner.getKey()); - } else if (realmMember instanceof GroupCR) { - ((GroupCR) realmMember).setUserOwner(userOwner.getKey()); - } + Optional.ofNullable(((GroupTO) template).getUserOwner()).map(userDAO::find).ifPresent(userOwner -> { + if (realmMember instanceof GroupTO) { + ((GroupTO) realmMember).setUserOwner(userOwner.getKey()); + } else if (realmMember instanceof GroupCR) { + ((GroupCR) realmMember).setUserOwner(userOwner.getKey()); } - } - if (((GroupTO) template).getGroupOwner() != null) { - final Group groupOwner = groupDAO.find(((GroupTO) template).getGroupOwner()); - if (groupOwner != null) { - if (realmMember instanceof GroupTO) { - ((GroupTO) realmMember).setGroupOwner(groupOwner.getKey()); - } else if (realmMember instanceof GroupCR) { - ((GroupCR) realmMember).setGroupOwner(groupOwner.getKey()); - } + }); + Optional.ofNullable(((GroupTO) template).getGroupOwner()).map(groupDAO::find).ifPresent(groupOwner -> { + if (realmMember instanceof GroupTO) { + ((GroupTO) realmMember).setGroupOwner(groupOwner.getKey()); + } else if (realmMember instanceof GroupCR) { + ((GroupCR) realmMember).setGroupOwner(groupOwner.getKey()); } - } + }); + + Optional.ofNullable(((GroupTO) template).getUDynMembershipCond()).ifPresent(udynMembershipCond -> { + if (realmMember instanceof GroupTO) { + ((GroupTO) realmMember).setUDynMembershipCond(udynMembershipCond); + } else if (realmMember instanceof GroupCR) { + ((GroupCR) realmMember).setUDynMembershipCond(udynMembershipCond); + } + }); + + ((GroupTO) template).getADynMembershipConds().forEach((anyType, cond) -> { + if (realmMember instanceof GroupTO + && !((GroupTO) realmMember).getADynMembershipConds().containsKey(anyType)) { + + ((GroupTO) realmMember).getADynMembershipConds().put(anyType, cond); + } else if (realmMember instanceof GroupCR + && !((GroupCR) realmMember).getADynMembershipConds().containsKey(anyType)) { + + ((GroupCR) realmMember).getADynMembershipConds().put(anyType, cond); + } + }); + + ((GroupTO) template).getTypeExtensions().forEach(typeExt -> { + if (realmMember instanceof GroupTO + && !((GroupTO) realmMember).getTypeExtensions().contains(typeExt)) { + + ((GroupTO) realmMember).getTypeExtensions().add(typeExt); + } else if (realmMember instanceof GroupCR + && !((GroupCR) realmMember).getTypeExtensions().contains(typeExt)) { + + ((GroupCR) realmMember).getTypeExtensions().add(typeExt); + } + }); } } From 8175a3a0896cf5e879e76ee3cb1e6be98ccc01b5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Francesco=20Chicchiricc=C3=B2?= Date: Tue, 28 Feb 2023 12:33:27 +0100 Subject: [PATCH 2/2] Bump github/codeql-action from 1 to 2 --- .github/workflows/codeql-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 910d9f37394..ce4d8507b60 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -85,4 +85,4 @@ jobs: mvn -T 1C -PskipTests,all - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v1 + uses: github/codeql-action/analyze@v2