You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2020/05/20 08:58:54 UTC
[syncope] branch master updated: [SYNCOPE-1567] Do not check for allowed attributes for relationships mapping items

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new dbde3de  [SYNCOPE-1567] Do not check for allowed attributes for relationships mapping items
dbde3de is described below

commit dbde3de847c52a7d6abfb62fa96ce8358afc2f4c
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Wed May 20 10:22:21 2020 +0200

    [SYNCOPE-1567] Do not check for allowed attributes for relationships mapping items
---
 .../java/data/ResourceDataBinderImpl.java          |  1 +
 .../syncope/fit/core/PropagationTaskITCase.java    | 70 +++++++++++++++++++++-
 2 files changed, 68 insertions(+), 3 deletions(-)

diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
index 34fd19b..3ed7c08 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
@@ -426,6 +426,7 @@ public class ResourceDataBinderImpl implements ResourceDataBinder {
                     if (intAttrName.getSchemaType() != null
                             && intAttrName.getEnclosingGroup() == null
                             && intAttrName.getRelatedAnyObject() == null
+                            && intAttrName.getRelationshipType() == null
                             && intAttrName.getPrivilegesOfApplication() == null) {
 
                         switch (intAttrName.getSchemaType()) {
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
index 0a109ac..7cf873b 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
@@ -39,9 +39,12 @@ import org.apache.syncope.common.lib.request.AttrPatch;
 import org.apache.syncope.common.lib.request.UserCR;
 import org.apache.syncope.common.lib.request.UserUR;
 import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
 import org.apache.commons.lang3.SerializationUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.syncope.common.lib.SyncopeClientException;
+import org.apache.syncope.common.lib.SyncopeConstants;
 import org.apache.syncope.common.lib.to.TaskTO;
 import org.apache.syncope.common.lib.to.AnyObjectTO;
 import org.apache.syncope.common.lib.Attr;
@@ -59,6 +62,7 @@ import org.apache.syncope.common.lib.to.MembershipTO;
 import org.apache.syncope.common.lib.to.PlainSchemaTO;
 import org.apache.syncope.common.lib.to.ProvisionTO;
 import org.apache.syncope.common.lib.to.ProvisioningResult;
+import org.apache.syncope.common.lib.to.RelationshipTO;
 import org.apache.syncope.common.lib.to.ResourceTO;
 import org.apache.syncope.common.lib.to.UserTO;
 import org.apache.syncope.common.lib.types.AnyTypeKind;
@@ -542,7 +546,7 @@ public class PropagationTaskITCase extends AbstractTaskITCase {
 
             GroupCR newGroupCR = new GroupCR();
             newGroupCR.setName("NEWSYNCOPEGROUP1473-" + getUUIDString());
-            newGroupCR.setRealm("/");
+            newGroupCR.setRealm(SyncopeConstants.ROOT_REALM);
             newGroupCR.getResources().add(ldap.getKey());
 
             GroupTO newGroupTO = createGroup(newGroupCR).getEntity();
@@ -557,9 +561,69 @@ public class PropagationTaskITCase extends AbstractTaskITCase {
             ConnObjectTO connObject =
                     resourceService.readConnObject(ldap.getKey(), AnyTypeKind.USER.name(), userTO.getKey());
             assertNotNull(connObject);
-            assertNotNull(connObject.getAttr("ldapGroups"));
-            assertTrue(connObject.getAttr("ldapGroups").get().getValues().size() == 2);
+            assertTrue(connObject.getAttr("ldapGroups").isPresent());
+            assertEquals(2, connObject.getAttr("ldapGroups").get().getValues().size());
+        } finally {
+            try {
+                resourceService.delete(ldap.getKey());
+            } catch (Exception ignore) {
+                // ignore
+            }
+        }
+    }
+
+    @Test
+    public void issueSYNCOPE1567() {
+        ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
+        try {
+            // 1. clone the LDAP resource and add the relationships mapping
+            ProvisionTO provisionUser =
+                    SerializationUtils.clone(ldap.getProvision(AnyTypeKind.USER.name()).orElse(null));
+            assertNotNull(provisionUser);
+            provisionUser.getVirSchemas().clear();
 
+            ItemTO relationships = new ItemTO();
+            relationships.setPurpose(MappingPurpose.PROPAGATION);
+            relationships.setIntAttrName("relationships[neighborhood][PRINTER].model");
+            relationships.setExtAttrName("l");
+            provisionUser.getMapping().add(relationships);
+
+            ldap.getProvisions().clear();
+            ldap.getProvisions().add(provisionUser);
+            ldap.setKey(RESOURCE_NAME_LDAP + "1567" + getUUIDString());
+            resourceService.create(ldap);
+
+            // 1. create user with relationship and the new resource assigned
+            UserCR userCR = UserITCase.getUniqueSample("syncope1567@syncope.apache.org");
+            userCR.getRelationships().add(new RelationshipTO.Builder().
+                    type("neighborhood").otherEnd(PRINTER, "fc6dbc3a-6c07-4965-8781-921e7401a4a5").build());
+            userCR.getResources().clear();
+            userCR.getResources().add(ldap.getKey());
+
+            UserTO userTO = createUser(userCR).getEntity();
+            assertNotNull(userTO);
+            assertFalse(userTO.getRelationships().isEmpty());
+
+            // 2. check attributes prepared for propagation
+            PagedResult<PropagationTaskTO> tasks = taskService.search(new TaskQuery.Builder(TaskType.PROPAGATION).
+                    resource(userCR.getResources().iterator().next()).
+                    anyTypeKind(AnyTypeKind.USER).entityKey(userTO.getKey()).build());
+            assertEquals(1, tasks.getSize());
+
+            Set<Attribute> propagationAttrs = Stream.of(
+                    POJOHelper.deserialize(tasks.getResult().get(0).getAttributes(), Attribute[].class)).
+                    collect(Collectors.toSet());
+            Attribute attr = AttributeUtil.find("l", propagationAttrs);
+            assertNotNull(attr);
+            assertNotNull(attr.getValue());
+            assertEquals("Canon MFC8030", attr.getValue().get(0).toString());
+
+            // 3. check propagated value
+            ConnObjectTO connObject =
+                    resourceService.readConnObject(ldap.getKey(), AnyTypeKind.USER.name(), userTO.getKey());
+            assertNotNull(connObject);
+            assertTrue(connObject.getAttr("l").isPresent());
+            assertEquals("Canon MFC8030", connObject.getAttr("l").get().getValues().get(0));
         } finally {
             try {
                 resourceService.delete(ldap.getKey());