You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by md...@apache.org on 2013/11/15 12:03:48 UTC
svn commit: r1542229 - in /syncope/branches/1_1_X:
build-tools/src/main/resources/
core/src/main/java/org/apache/syncope/core/rest/data/
core/src/main/java/org/apache/syncope/core/util/
core/src/test/java/org/apache/syncope/core/persistence/dao/ core/s...
Author: mdisabatino
Date: Fri Nov 15 11:03:47 2013
New Revision: 1542229
URL: http://svn.apache.org/r1542229
Log:
SYNCOPE436 Read-only virtual attribute values not retrieved from external resource
Modified:
syncope/branches/1_1_X/build-tools/src/main/resources/content.ldif
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java
syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/persistence/dao/VirSchemaTest.java
syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java
syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
syncope/branches/1_1_X/core/src/test/resources/content.xml
Modified: syncope/branches/1_1_X/build-tools/src/main/resources/content.ldif
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/build-tools/src/main/resources/content.ldif?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/build-tools/src/main/resources/content.ldif (original)
+++ syncope/branches/1_1_X/build-tools/src/main/resources/content.ldif Fri Nov 15 11:03:47 2013
@@ -43,3 +43,4 @@ mail: syncFromLDAP@syncope.apache.org
sn: Surname
uid: syncFromLDAP
userpassword:: cGFzc3dvcmQxMjM=
+givenname: syncFromLDAP
Modified: syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java (original)
+++ syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java Fri Nov 15 11:03:47 2013
@@ -26,8 +26,6 @@ import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.validation.ValidationException;
-import org.apache.commons.jexl2.JexlContext;
-import org.apache.commons.jexl2.MapContext;
import org.apache.commons.lang.StringUtils;
import org.apache.syncope.common.mod.AbstractAttributableMod;
import org.apache.syncope.common.mod.AttributeMod;
@@ -155,13 +153,9 @@ public abstract class AbstractAttributab
if (virtualSchema == null) {
LOG.debug("Ignoring invalid virtual schema {}", virSchemaName);
- } else if (virtualSchema.isReadonly()) {
- virtualSchema = null;
-
- LOG.debug("Ignoring readonly virtual schema {}", virtualSchema);
}
}
-
+
return virtualSchema;
}
Modified: syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java (original)
+++ syncope/branches/1_1_X/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java Fri Nov 15 11:03:47 2013
@@ -32,6 +32,8 @@ import org.apache.commons.lang.StringUti
import org.apache.syncope.common.mod.AttributeMod;
import org.apache.syncope.common.types.IntMappingType;
import org.apache.syncope.common.types.AttributeSchemaType;
+import static org.apache.syncope.common.types.IntMappingType.RoleVirtualSchema;
+import static org.apache.syncope.common.types.IntMappingType.UserVirtualSchema;
import org.apache.syncope.core.connid.PasswordGenerator;
import org.apache.syncope.core.persistence.beans.AbstractAttr;
import org.apache.syncope.core.persistence.beans.AbstractAttrValue;
@@ -40,6 +42,7 @@ import org.apache.syncope.core.persisten
import org.apache.syncope.core.persistence.beans.AbstractMappingItem;
import org.apache.syncope.core.persistence.beans.AbstractSchema;
import org.apache.syncope.core.persistence.beans.AbstractVirAttr;
+import org.apache.syncope.core.persistence.beans.AbstractVirSchema;
import org.apache.syncope.core.persistence.beans.ExternalResource;
import org.apache.syncope.core.persistence.beans.membership.MDerSchema;
import org.apache.syncope.core.persistence.beans.membership.MSchema;
@@ -55,6 +58,7 @@ import org.apache.syncope.core.persisten
import org.apache.syncope.core.persistence.beans.user.USchema;
import org.apache.syncope.core.persistence.beans.user.UVirSchema;
import org.apache.syncope.core.persistence.dao.SchemaDAO;
+import org.apache.syncope.core.persistence.dao.VirSchemaDAO;
import org.identityconnectors.framework.common.FrameworkUtil;
import org.identityconnectors.framework.common.objects.Attribute;
import org.identityconnectors.framework.common.objects.AttributeBuilder;
@@ -163,17 +167,27 @@ public final class MappingUtil {
AbstractSchema schema = null;
AttributeSchemaType schemaType;
+ Map.Entry<String, Attribute> result = null;
+ final ConfigurableApplicationContext context = ApplicationContextProvider.getApplicationContext();
switch (mapItem.getIntMappingType()) {
case UserSchema:
case RoleSchema:
case MembershipSchema:
- final ConfigurableApplicationContext context = ApplicationContextProvider.getApplicationContext();
final SchemaDAO schemaDAO = context.getBean(SchemaDAO.class);
schema = schemaDAO.find(mapItem.getIntAttrName(),
MappingUtil.getIntMappingTypeClass(mapItem.getIntMappingType()));
schemaType = schema == null ? AttributeSchemaType.String : schema.getType();
break;
-
+ case UserVirtualSchema:
+ case RoleVirtualSchema:
+ final VirSchemaDAO virSchemaDAO = context.getBean(VirSchemaDAO.class);
+ final AbstractVirSchema virSchema = virSchemaDAO.find(mapItem.getIntAttrName(),
+ MappingUtil.getIntMappingTypeClass(mapItem.getIntMappingType()));
+ if (virSchema.isReadonly()) {
+ return result;
+ }
+ schemaType = AttributeSchemaType.String;
+ break;
default:
schemaType = AttributeSchemaType.String;
}
@@ -200,8 +214,6 @@ public final class MappingUtil {
}
}
- Map.Entry<String, Attribute> result;
-
if (mapItem.isAccountid()) {
result = new AbstractMap.SimpleEntry<String, Attribute>(objValues.iterator().next().toString(), null);
} else if (mapItem.isPassword() && subject instanceof SyncopeUser) {
Modified: syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/persistence/dao/VirSchemaTest.java
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/persistence/dao/VirSchemaTest.java?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/persistence/dao/VirSchemaTest.java (original)
+++ syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/persistence/dao/VirSchemaTest.java Fri Nov 15 11:03:47 2013
@@ -43,7 +43,7 @@ public class VirSchemaTest extends Abstr
@Test
public void findAll() {
List<UVirSchema> list = virSchemaDAO.findAll(UVirSchema.class);
- assertEquals(1, list.size());
+ assertEquals(2, list.size());
}
@Test
Modified: syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java (original)
+++ syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java Fri Nov 15 11:03:47 2013
@@ -57,6 +57,7 @@ import org.apache.syncope.common.types.P
import org.apache.syncope.common.types.PropagationTaskExecStatus;
import org.apache.syncope.common.types.TaskType;
import org.apache.syncope.common.types.TraceLevel;
+import static org.apache.syncope.core.rest.AbstractTest.attributeTO;
import org.apache.syncope.core.sync.TestSyncActions;
import org.apache.syncope.core.sync.TestSyncRule;
import org.apache.syncope.core.sync.impl.SyncJob;
@@ -380,19 +381,26 @@ public class TaskTestITCase extends Abst
SyncTaskTO task = taskService.read(TaskType.SYNCHRONIZATION, 11L);
assertNotNull(task);
- // add user template
- RoleTO template = new RoleTO();
- template.setParent(8L);
- template.addAttribute(attributeTO("show", "'true'"));
+ // add role template
+ final UserTO userTemplate = task.getUserTemplate();
+ userTemplate.setResources(Collections.singleton("resource-ldap"));
+ userTemplate.addVirtualAttribute(attributeTO("virtualReadOnly", ""));
+
+ task.setUserTemplate(userTemplate);
+
+ // add role template
+ final RoleTO roleTemplate = new RoleTO();
+ roleTemplate.setParent(8L);
+ roleTemplate.addAttribute(attributeTO("show", "'true'"));
- task.setRoleTemplate(template);
+ task.setRoleTemplate(roleTemplate);
taskService.update(task.getId(), task);
SyncTaskTO actual = taskService.read(TaskType.SYNCHRONIZATION, task.getId());
assertNotNull(actual);
assertEquals(task.getId(), actual.getId());
- assertEquals(template, actual.getRoleTemplate());
- assertEquals(new UserTO(), actual.getUserTemplate());
+ assertEquals(roleTemplate, actual.getRoleTemplate());
+ assertEquals(userTemplate, actual.getUserTemplate());
TaskExecTO execution = execSyncTask(actual.getId(), 20, false);
@@ -929,4 +937,35 @@ public class TaskTestITCase extends Abst
}
}
}
+
+ @Test
+ public void issueSYNCOPE436() throws InvalidSearchConditionException {
+
+ SyncTaskTO task = taskService.read(TaskType.SYNCHRONIZATION, 11L);
+ assertNotNull(task);
+
+ final UserTO template = task.getUserTemplate();
+ template.setResources(Collections.singleton("resource-ldap"));
+ template.addVirtualAttribute(attributeTO("virtualReadOnly", ""));
+ task.setUserTemplate(template);
+
+ taskService.update(task.getId(), task);
+ TaskExecTO execution = execSyncTask(11L, 50, false);
+
+ final String status = execution.getStatus();
+ assertNotNull(status);
+ assertTrue(PropagationTaskExecStatus.valueOf(status).isSuccessful());
+
+ final AttributableCond usernameLeafCond = new AttributableCond(AttributeCond.Type.EQ);
+ usernameLeafCond.setSchema("username");
+ usernameLeafCond.setExpression("syncFromLDAP");
+
+ final List<UserTO> matchingUsers = userService.search(NodeCond.getLeafCond(usernameLeafCond));
+ assertNotNull(matchingUsers);
+ assertEquals(1, matchingUsers.size());
+
+ final UserTO syncUser = matchingUsers.iterator().next();
+ final AttributeTO virAttributeTO = syncUser.getVirtualAttributeMap().get("virtualReadOnly");
+ assertEquals("syncFromLDAP", virAttributeTO.getValues().get(0));
+ }
}
\ No newline at end of file
Modified: syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java (original)
+++ syncope/branches/1_1_X/core/src/test/java/org/apache/syncope/core/rest/UserTestITCase.java Fri Nov 15 11:03:47 2013
@@ -2281,13 +2281,13 @@ public class UserTestITCase extends Abst
//modify virtual attribute
userMod.addVirtualAttributeToBeRemoved("virtualdata");
userMod.addVirtualAttributeToBeUpdated(attributeMod("virtualdata", "test@testoneone.com"));
-
+
// check Syncope change password
PropagationRequestTO pwdPropRequest = new PropagationRequestTO();
pwdPropRequest.setOnSyncope(true);
pwdPropRequest.addResource("ws-target-resource-2");
userMod.setPwdPropRequest(pwdPropRequest);
-
+
toBeUpdated = userService.update(userMod.getId(), userMod);
assertNotNull(toBeUpdated);
assertEquals("test@testoneone.com", toBeUpdated.getVirtualAttributes().get(0).getValues().get(0));
@@ -2382,6 +2382,18 @@ public class UserTestITCase extends Abst
startsWith("Not attempted because there are mandatory attributes without value(s): [__PASSWORD__]"));
}
+ @Test
+ public void issueSYNCOPE436() {
+ UserTO userTO = getUniqueSampleTO("syncope436@syncope.apache.org");
+ userTO.getMemberships().clear();
+ userTO.getResources().clear();
+ userTO.addResource(RESOURCE_NAME_LDAP);
+ userTO.addVirtualAttribute(attributeTO("virtualReadOnly", "readOnly"));
+ userTO = createUser(userTO);
+ //Finding no values because the virtual attribute is readonly
+ assertTrue(userTO.getVirtualAttributeMap().get("virtualReadOnly").getValues().isEmpty());
+ }
+
private boolean getBooleanAttribute(final ConnObjectTO connObjectTO, final String attrName) {
return Boolean.parseBoolean(getStringAttribute(connObjectTO, attrName));
}
Modified: syncope/branches/1_1_X/core/src/test/resources/content.xml
URL: http://svn.apache.org/viewvc/syncope/branches/1_1_X/core/src/test/resources/content.xml?rev=1542229&r1=1542228&r2=1542229&view=diff
==============================================================================
--- syncope/branches/1_1_X/core/src/test/resources/content.xml (original)
+++ syncope/branches/1_1_X/core/src/test/resources/content.xml Fri Nov 15 11:03:47 2013
@@ -269,9 +269,11 @@ under the License.
<MDerSchema name="mderToBePropagated" expression="mderived_sx + '-' + mderived_dx"/>
- <UVirSchema name="virtualdata"/>
+ <UVirSchema name="virtualdata" READONLY="0"/>
<UVirAttr id="1000" virtualSchema_name="virtualdata" owner_id="3"/>
+ <UVirSchema name="virtualReadOnly" READONLY="1"/>
+
<UDerSchema name="cn" expression="surname + ', ' + firstname"/>
<UDerAttr id="100" derivedSchema_name="cn" owner_id="3"/>
<UDerAttr id="101" derivedSchema_name="cn" owner_id="1"/>
@@ -627,6 +629,9 @@ under the License.
<UMappingItem id="318" accountid="0" password="0" mapping_id="11"
extAttrName="mail" intAttrName="userId" intMappingType="UserSchema"
mandatoryCondition="false" purpose="BOTH"/>
+ <UMappingItem id="319" accountid="0" password="0" mapping_id="11"
+ extAttrName="givenname" intAttrName="virtualReadOnly" intMappingType="UserVirtualSchema"
+ mandatoryCondition="false" purpose="BOTH"/>
<RMapping id="1" resource_name="resource-ldap"
accountlink="'cn=' + name + ',ou=groups,o=isp'"/>
<RMappingItem id="1" accountid="1" password="0" mapping_id="1"