You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2020/05/20 08:58:54 UTC
[syncope] branch master updated: [SYNCOPE-1567] Do not check for
allowed attributes for relationships mapping items
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new dbde3de [SYNCOPE-1567] Do not check for allowed attributes for relationships mapping items
dbde3de is described below
commit dbde3de847c52a7d6abfb62fa96ce8358afc2f4c
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Wed May 20 10:22:21 2020 +0200
[SYNCOPE-1567] Do not check for allowed attributes for relationships mapping items
---
.../java/data/ResourceDataBinderImpl.java | 1 +
.../syncope/fit/core/PropagationTaskITCase.java | 70 +++++++++++++++++++++-
2 files changed, 68 insertions(+), 3 deletions(-)
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
index 34fd19b..3ed7c08 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
@@ -426,6 +426,7 @@ public class ResourceDataBinderImpl implements ResourceDataBinder {
if (intAttrName.getSchemaType() != null
&& intAttrName.getEnclosingGroup() == null
&& intAttrName.getRelatedAnyObject() == null
+ && intAttrName.getRelationshipType() == null
&& intAttrName.getPrivilegesOfApplication() == null) {
switch (intAttrName.getSchemaType()) {
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
index 0a109ac..7cf873b 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
@@ -39,9 +39,12 @@ import org.apache.syncope.common.lib.request.AttrPatch;
import org.apache.syncope.common.lib.request.UserCR;
import org.apache.syncope.common.lib.request.UserUR;
import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
import org.apache.commons.lang3.SerializationUtils;
import org.apache.commons.lang3.StringUtils;
import org.apache.syncope.common.lib.SyncopeClientException;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.to.TaskTO;
import org.apache.syncope.common.lib.to.AnyObjectTO;
import org.apache.syncope.common.lib.Attr;
@@ -59,6 +62,7 @@ import org.apache.syncope.common.lib.to.MembershipTO;
import org.apache.syncope.common.lib.to.PlainSchemaTO;
import org.apache.syncope.common.lib.to.ProvisionTO;
import org.apache.syncope.common.lib.to.ProvisioningResult;
+import org.apache.syncope.common.lib.to.RelationshipTO;
import org.apache.syncope.common.lib.to.ResourceTO;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
@@ -542,7 +546,7 @@ public class PropagationTaskITCase extends AbstractTaskITCase {
GroupCR newGroupCR = new GroupCR();
newGroupCR.setName("NEWSYNCOPEGROUP1473-" + getUUIDString());
- newGroupCR.setRealm("/");
+ newGroupCR.setRealm(SyncopeConstants.ROOT_REALM);
newGroupCR.getResources().add(ldap.getKey());
GroupTO newGroupTO = createGroup(newGroupCR).getEntity();
@@ -557,9 +561,69 @@ public class PropagationTaskITCase extends AbstractTaskITCase {
ConnObjectTO connObject =
resourceService.readConnObject(ldap.getKey(), AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(connObject);
- assertNotNull(connObject.getAttr("ldapGroups"));
- assertTrue(connObject.getAttr("ldapGroups").get().getValues().size() == 2);
+ assertTrue(connObject.getAttr("ldapGroups").isPresent());
+ assertEquals(2, connObject.getAttr("ldapGroups").get().getValues().size());
+ } finally {
+ try {
+ resourceService.delete(ldap.getKey());
+ } catch (Exception ignore) {
+ // ignore
+ }
+ }
+ }
+
+ @Test
+ public void issueSYNCOPE1567() {
+ ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
+ try {
+ // 1. clone the LDAP resource and add the relationships mapping
+ ProvisionTO provisionUser =
+ SerializationUtils.clone(ldap.getProvision(AnyTypeKind.USER.name()).orElse(null));
+ assertNotNull(provisionUser);
+ provisionUser.getVirSchemas().clear();
+ ItemTO relationships = new ItemTO();
+ relationships.setPurpose(MappingPurpose.PROPAGATION);
+ relationships.setIntAttrName("relationships[neighborhood][PRINTER].model");
+ relationships.setExtAttrName("l");
+ provisionUser.getMapping().add(relationships);
+
+ ldap.getProvisions().clear();
+ ldap.getProvisions().add(provisionUser);
+ ldap.setKey(RESOURCE_NAME_LDAP + "1567" + getUUIDString());
+ resourceService.create(ldap);
+
+ // 1. create user with relationship and the new resource assigned
+ UserCR userCR = UserITCase.getUniqueSample("syncope1567@syncope.apache.org");
+ userCR.getRelationships().add(new RelationshipTO.Builder().
+ type("neighborhood").otherEnd(PRINTER, "fc6dbc3a-6c07-4965-8781-921e7401a4a5").build());
+ userCR.getResources().clear();
+ userCR.getResources().add(ldap.getKey());
+
+ UserTO userTO = createUser(userCR).getEntity();
+ assertNotNull(userTO);
+ assertFalse(userTO.getRelationships().isEmpty());
+
+ // 2. check attributes prepared for propagation
+ PagedResult<PropagationTaskTO> tasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).
+ resource(userCR.getResources().iterator().next()).
+ anyTypeKind(AnyTypeKind.USER).entityKey(userTO.getKey()).build());
+ assertEquals(1, tasks.getSize());
+
+ Set<Attribute> propagationAttrs = Stream.of(
+ POJOHelper.deserialize(tasks.getResult().get(0).getAttributes(), Attribute[].class)).
+ collect(Collectors.toSet());
+ Attribute attr = AttributeUtil.find("l", propagationAttrs);
+ assertNotNull(attr);
+ assertNotNull(attr.getValue());
+ assertEquals("Canon MFC8030", attr.getValue().get(0).toString());
+
+ // 3. check propagated value
+ ConnObjectTO connObject =
+ resourceService.readConnObject(ldap.getKey(), AnyTypeKind.USER.name(), userTO.getKey());
+ assertNotNull(connObject);
+ assertTrue(connObject.getAttr("l").isPresent());
+ assertEquals("Canon MFC8030", connObject.getAttr("l").get().getValues().get(0));
} finally {
try {
resourceService.delete(ldap.getKey());