You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by fm...@apache.org on 2012/03/23 15:35:31 UTC
svn commit: r1304375 - in /incubator/syncope/trunk/core/src:
main/java/org/syncope/core/init/ActivitiWorkflowLoader.java
main/java/org/syncope/core/rest/data/UserDataBinder.java
main/java/org/syncope/core/util/ConnObjectUtil.java test/resources/test.csv
Author: fmartelli
Date: Fri Mar 23 14:35:31 2012
New Revision: 1304375
URL: http://svn.apache.org/viewvc?rev=1304375&view=rev
Log:
SYNCOPE-47 #user templated used to be not applied in case of update coming from synchronization
Modified:
incubator/syncope/trunk/core/src/main/java/org/syncope/core/init/ActivitiWorkflowLoader.java
incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/UserDataBinder.java
incubator/syncope/trunk/core/src/main/java/org/syncope/core/util/ConnObjectUtil.java
incubator/syncope/trunk/core/src/test/resources/test.csv
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/init/ActivitiWorkflowLoader.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/init/ActivitiWorkflowLoader.java?rev=1304375&r1=1304374&r2=1304375&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/init/ActivitiWorkflowLoader.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/init/ActivitiWorkflowLoader.java Fri Mar 23 14:35:31 2012
@@ -49,15 +49,15 @@ public class ActivitiWorkflowLoader {
wfDefinitionStream = getClass().getResourceAsStream(
"/" + ActivitiUserWorkflowAdapter.WF_PROCESS_RESOURCE);
- repositoryService.createDeployment().addInputStream(ActivitiUserWorkflowAdapter.WF_PROCESS_RESOURCE,
- wfDefinitionStream).deploy();
+ repositoryService.createDeployment().addInputStream(
+ ActivitiUserWorkflowAdapter.WF_PROCESS_RESOURCE, wfDefinitionStream).deploy();
} finally {
if (wfDefinitionStream != null) {
try {
wfDefinitionStream.close();
} catch (IOException e) {
- LOG.error("While closing input stream for {}", ActivitiUserWorkflowAdapter.WF_PROCESS_RESOURCE,
- e);
+ LOG.error("While closing input stream for {}",
+ ActivitiUserWorkflowAdapter.WF_PROCESS_RESOURCE, e);
}
}
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/UserDataBinder.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/UserDataBinder.java?rev=1304375&r1=1304374&r2=1304375&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/UserDataBinder.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/rest/data/UserDataBinder.java Fri Mar 23 14:35:31 2012
@@ -59,17 +59,18 @@ import org.syncope.types.PropagationOper
import org.syncope.types.SyncopeClientExceptionType;
@Component
-@Transactional(rollbackFor = { Throwable.class })
+@Transactional(rollbackFor = {Throwable.class})
public class UserDataBinder extends AbstractAttributableDataBinder {
- private static final String[] IGNORE_USER_PROPERTIES = { "memberships", "attributes", "derivedAttributes",
- "virtualAttributes", "resources" };
+ private static final String[] IGNORE_USER_PROPERTIES = {"memberships", "attributes", "derivedAttributes",
+ "virtualAttributes", "resources"};
@Autowired
private ConnObjectUtil connObjectUtil;
@Transactional(readOnly = true)
- public SyncopeUser getUserFromId(final Long userId) throws NotFoundException, UnauthorizedRoleException {
+ public SyncopeUser getUserFromId(final Long userId)
+ throws NotFoundException, UnauthorizedRoleException {
if (userId == null) {
throw new NotFoundException("Null user id");
@@ -103,7 +104,18 @@ public class UserDataBinder extends Abst
}
@Transactional(readOnly = true)
- public SyncopeUser getUserFromUsername(final String username) throws NotFoundException, UnauthorizedRoleException {
+ public boolean verifyPassword(final SyncopeUser user, final String password)
+ throws NotFoundException, UnauthorizedRoleException {
+
+ SyncopeUser passwordUser = new SyncopeUser();
+ passwordUser.setPassword(password, user.getCipherAlgoritm(), 0);
+
+ return user.getPassword().equalsIgnoreCase(passwordUser.getPassword());
+ }
+
+ @Transactional(readOnly = true)
+ public SyncopeUser getUserFromUsername(final String username)
+ throws NotFoundException, UnauthorizedRoleException {
if (username == null) {
throw new NotFoundException("Null username");
@@ -129,7 +141,8 @@ public class UserDataBinder extends Abst
return CipherAlgorithm.valueOf(confDAO.find("password.cipher.algorithm", "AES").getValue());
}
- public void create(final SyncopeUser user, final UserTO userTO) throws SyncopeClientCompositeErrorException {
+ public void create(final SyncopeUser user, final UserTO userTO)
+ throws SyncopeClientCompositeErrorException {
SyncopeClientCompositeErrorException scce = new SyncopeClientCompositeErrorException(HttpStatus.BAD_REQUEST);
@@ -332,8 +345,8 @@ public class UserDataBinder extends Abst
propByRes.addAll(PropagationOperation.UPDATE, role.getResourceNames());
}
- propByRes.merge(fill(membership, membershipMod, AttributableUtil
- .getInstance(AttributableType.MEMBERSHIP), scce));
+ propByRes.merge(fill(membership, membershipMod,
+ AttributableUtil.getInstance(AttributableType.MEMBERSHIP), scce));
}
}
@@ -363,8 +376,8 @@ public class UserDataBinder extends Abst
// retrieve virtual values
connObjectUtil.retrieveVirAttrValues(user);
- fillTO(userTO, user.getAttributes(), user.getDerivedAttributes(), user.getVirtualAttributes(), user
- .getResources());
+ fillTO(userTO, user.getAttributes(), user.getDerivedAttributes(), user.getVirtualAttributes(),
+ user.getResources());
MembershipTO membershipTO;
for (Membership membership : user.getMemberships()) {
@@ -373,8 +386,8 @@ public class UserDataBinder extends Abst
membershipTO.setRoleId(membership.getSyncopeRole().getId());
membershipTO.setRoleName(membership.getSyncopeRole().getName());
- fillTO(membershipTO, membership.getAttributes(), membership.getDerivedAttributes(), membership
- .getVirtualAttributes(), membership.getResources());
+ fillTO(membershipTO, membership.getAttributes(), membership.getDerivedAttributes(), membership.
+ getVirtualAttributes(), membership.getResources());
userTO.addMembership(membershipTO);
}
@@ -383,13 +396,15 @@ public class UserDataBinder extends Abst
}
@Transactional(readOnly = true)
- public UserTO getUserTO(final String username) throws NotFoundException, UnauthorizedRoleException {
+ public UserTO getUserTO(final String username)
+ throws NotFoundException, UnauthorizedRoleException {
return getUserTO(getUserFromUsername(username));
}
@Transactional(readOnly = true)
- public UserTO getUserTO(final Long userId) throws NotFoundException, UnauthorizedRoleException {
+ public UserTO getUserTO(final Long userId)
+ throws NotFoundException, UnauthorizedRoleException {
return getUserTO(getUserFromId(userId));
}
Modified: incubator/syncope/trunk/core/src/main/java/org/syncope/core/util/ConnObjectUtil.java
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/main/java/org/syncope/core/util/ConnObjectUtil.java?rev=1304375&r1=1304374&r2=1304375&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/main/java/org/syncope/core/util/ConnObjectUtil.java (original)
+++ incubator/syncope/trunk/core/src/main/java/org/syncope/core/util/ConnObjectUtil.java Fri Mar 23 14:35:31 2012
@@ -22,7 +22,6 @@ import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
-import java.util.List;
import java.util.Map;
import java.util.Set;
import javassist.NotFoundException;
@@ -34,26 +33,27 @@ import org.identityconnectors.framework.
import org.identityconnectors.framework.common.objects.ConnectorObject;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.identityconnectors.framework.common.objects.OperationOptionsBuilder;
-import org.identityconnectors.framework.common.objects.OperationalAttributes;
import org.identityconnectors.framework.common.objects.Uid;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ConfigurableApplicationContext;
import org.springframework.stereotype.Component;
-import org.syncope.client.mod.AttributeMod;
+import org.springframework.transaction.annotation.Transactional;
import org.syncope.client.mod.UserMod;
import org.syncope.client.to.AbstractAttributableTO;
import org.syncope.client.to.AttributeTO;
import org.syncope.client.to.ConnObjectTO;
import org.syncope.client.to.MembershipTO;
import org.syncope.client.to.UserTO;
+import org.syncope.client.util.AttributableOperations;
import org.syncope.core.init.ConnInstanceLoader;
import org.syncope.core.persistence.beans.AbstractAttributable;
import org.syncope.core.persistence.beans.AbstractVirAttr;
import org.syncope.core.persistence.beans.ExternalResource;
import org.syncope.core.persistence.beans.SchemaMapping;
import org.syncope.core.persistence.beans.SyncTask;
+import org.syncope.core.persistence.beans.user.SyncopeUser;
import org.syncope.core.propagation.ConnectorFacadeProxy;
import org.syncope.core.rest.controller.UnauthorizedRoleException;
import org.syncope.core.rest.data.UserDataBinder;
@@ -84,8 +84,47 @@ public class ConnObjectUtil {
* @param obj connector object
* @return UserTO for the user to be created
*/
+ @Transactional(readOnly = true)
public UserTO getUserTO(final ConnectorObject obj, final SyncTask syncTask) {
+ UserTO userTO = getUserTOFromConnObject(obj, syncTask);
+
+ // 3. if password was not set above, generate a random string
+ if (StringUtils.isBlank(userTO.getPassword())) {
+ userTO.setPassword(RandomStringUtils.randomAlphanumeric(16));
+ }
+
+ return userTO;
+ }
+
+ /**
+ * Build an UserMod out of connector object attributes and schema mapping.
+ *
+ * @param userId user to be updated
+ * @param obj connector object
+ * @return UserMod for the user to be updated
+ */
+ @Transactional(readOnly = true)
+ public UserMod getUserMod(final Long userId, final ConnectorObject obj, final SyncTask syncTask)
+ throws NotFoundException, UnauthorizedRoleException {
+
+ final SyncopeUser user = userDataBinder.getUserFromId(userId);
+ final UserTO original = userDataBinder.getUserTO(user);
+
+ final UserTO updated = getUserTOFromConnObject(obj, syncTask);
+ updated.setId(userId);
+
+ if (StringUtils.isNotBlank(updated.getPassword())) {
+ // update password if and only if password has really changed
+ if (userDataBinder.verifyPassword(user, updated.getPassword())) {
+ updated.setPassword(null);
+ }
+ }
+
+ return AttributableOperations.diff(updated, original);
+ }
+
+ private UserTO getUserTOFromConnObject(final ConnectorObject obj, final SyncTask syncTask) {
final UserTO userTO = new UserTO();
// 1. fill with data from connector object
@@ -182,99 +221,10 @@ public class ConnObjectUtil {
}
}
- // 3. if password was not set above, generate a random string
- if (StringUtils.isBlank(userTO.getPassword())) {
- userTO.setPassword(RandomStringUtils.randomAlphanumeric(16));
- }
-
return userTO;
}
/**
- * Build an UserMod out of connector object attributes and schema mapping.
- *
- * @param userId user to be updated
- * @param obj connector object
- * @return UserMod for the user to be updated
- */
- public UserMod getUserMod(final Long userId, final ConnectorObject obj, final SyncTask syncTask) {
-
- final UserMod userMod = new UserMod();
- userMod.setId(userId);
-
- for (SchemaMapping mapping : syncTask.getResource().getMappings()) {
- Attribute attribute = obj.getAttributeByName(SchemaMappingUtil.getExtAttrName(mapping));
-
- List<Object> values = attribute == null
- ? Collections.EMPTY_LIST
- : attribute.getValue();
-
- AttributeMod attributeMod;
- switch (mapping.getIntMappingType()) {
- case SyncopeUserId:
- break;
-
- case Password:
- attribute = obj.getAttributeByName(OperationalAttributes.PASSWORD_NAME);
-
- if (attribute != null && attribute.getValue() != null && !attribute.getValue().isEmpty()) {
-
- String password = getPassword(attribute.getValue().get(0));
- // update password if and only if password has really
- // changed
- try {
- if (!userDataBinder.verifyPassword(userId, password)) {
-
- userMod.setPassword(password);
- }
- } catch (NotFoundException e) {
- LOG.error("Could not find user {}", userId, e);
- } catch (UnauthorizedRoleException e) {
- LOG.error("Not allowed to read user {}", userId, e);
- }
- }
- break;
-
- case Username:
- if (values != null && !values.isEmpty()) {
- userMod.setUsername(values.get(0).toString());
- }
- break;
-
- case UserSchema:
- userMod.addAttributeToBeRemoved(mapping.getIntAttrName());
-
- attributeMod = new AttributeMod();
- attributeMod.setSchema(mapping.getIntAttrName());
- for (Object value : values) {
- attributeMod.addValueToBeAdded(value.toString());
- }
- userMod.addAttributeToBeUpdated(attributeMod);
- break;
-
- case UserDerivedSchema:
- userMod.addDerivedAttributeToBeAdded(mapping.getIntAttrName());
- break;
-
- case UserVirtualSchema:
- userMod.addVirtualAttributeToBeRemoved(mapping.getIntAttrName());
-
- attributeMod = new AttributeMod();
- attributeMod.setSchema(mapping.getIntAttrName());
- for (Object value : values) {
- attributeMod.addValueToBeAdded(value.toString());
- }
- userMod.addVirtualAttributeToBeUpdated(attributeMod);
- break;
-
- default:
- }
- }
-
- return userMod;
- }
-
- /**
* Extract password value from passed value (if instance of GuardedString or GuardedByteArray).
*
* @param pwd received from the underlying connector
@@ -339,7 +289,8 @@ public class ConnObjectUtil {
final ConfigurableApplicationContext context = ApplicationContextManager.getApplicationContext();
final ConnInstanceLoader connInstanceLoader = context.getBean(ConnInstanceLoader.class);
- final Map<SchemaMappingUtil.SchemaMappingsWrapper, ConnectorObject> remoteObjects = new HashMap<SchemaMappingUtil.SchemaMappingsWrapper, ConnectorObject>();
+ final Map<SchemaMappingUtil.SchemaMappingsWrapper, ConnectorObject> remoteObjects =
+ new HashMap<SchemaMappingUtil.SchemaMappingsWrapper, ConnectorObject>();
for (ExternalResource resource : owner.getResources()) {
LOG.debug("Retrieve remote object from '{}'", resource.getName());
Modified: incubator/syncope/trunk/core/src/test/resources/test.csv
URL: http://svn.apache.org/viewvc/incubator/syncope/trunk/core/src/test/resources/test.csv?rev=1304375&r1=1304374&r2=1304375&view=diff
==============================================================================
--- incubator/syncope/trunk/core/src/test/resources/test.csv (original)
+++ incubator/syncope/trunk/core/src/test/resources/test.csv Fri Mar 23 14:35:31 2012
@@ -7,4 +7,4 @@ test5,nome5,cognome5,test5@syncope.org,p
test6,nome6,cognome6,test6@syncope.org,password6,role1,membership1,true,false
test7,nome7,cognome7,test7@syncope.org,password7,role1,membership1,true,false
test8,nome8,cognome8,test8@syncope.org,password8,role1,membership1,true,false
-test9,nome9,cognome9,test9@syncope.org,password9,role1,membership1,true,false
+test9,nome9,cognome9,test9@syncope.org,password999,role1,membership1,true,false