You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2017/07/11 15:46:51 UTC
[3/4] syncope git commit: [SYNCOPE-1152] Cleanup complete
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/SyncopeService.java
----------------------------------------------------------------------
diff --git a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/SyncopeService.java b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/SyncopeService.java
index c60b974..1ec31f2 100644
--- a/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/SyncopeService.java
+++ b/common/rest-api/src/main/java/org/apache/syncope/common/rest/api/service/SyncopeService.java
@@ -18,13 +18,22 @@
*/
package org.apache.syncope.common.rest.api.service;
+import javax.validation.constraints.Min;
+import javax.validation.constraints.NotNull;
+import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
+import javax.ws.rs.POST;
import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import org.apache.syncope.common.lib.info.NumbersInfo;
import org.apache.syncope.common.lib.info.SystemInfo;
import org.apache.syncope.common.lib.info.PlatformInfo;
+import org.apache.syncope.common.lib.to.GroupTO;
+import org.apache.syncope.common.lib.to.PagedResult;
+import org.apache.syncope.common.lib.to.TypeExtensionTO;
/**
* General info about this Apache Syncope deployment.
@@ -63,4 +72,34 @@ public interface SyncopeService extends JAXRSService {
@Path("/numbers")
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
NumbersInfo numbers();
+
+ /**
+ * Returns the list of Groups, according to provided paging instructions, assignable to Users and Any Objects of
+ * the provided Realm.
+ *
+ * @param realm of the User and Any Objects assignable to the returned Groups
+ * @param page search page
+ * @param size search page size
+ * @return list of Groups, according to provided paging instructions, assignable to Users and Any Objects of
+ * the provided Realm
+ */
+ @POST
+ @Path("/assignableGroups/{realm:.*}")
+ @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
+ PagedResult<GroupTO> searchAssignableGroups(
+ @NotNull @PathParam("realm") String realm,
+ @Min(1) @QueryParam(PARAM_PAGE) @DefaultValue("1") int page,
+ @Min(1) @QueryParam(PARAM_SIZE) @DefaultValue("25") int size);
+
+ /**
+ * Extracts User type extension information, for the provided group.
+ *
+ * @param groupName group name
+ * @return User type extension information, for the provided group
+ */
+ @GET
+ @Path("/userTypeExtension/{groupName}")
+ @Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
+ TypeExtensionTO readUserTypeExtension(
+ @NotNull @PathParam("groupName") String groupName);
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeClassLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeClassLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeClassLogic.java
index 180035f..babe255 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeClassLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeClassLogic.java
@@ -37,6 +37,7 @@ import org.apache.syncope.core.provisioning.api.data.AnyTypeClassDataBinder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
@Component
public class AnyTypeClassLogic extends AbstractTransactionalLogic<AnyTypeClassTO> {
@@ -47,7 +48,8 @@ public class AnyTypeClassLogic extends AbstractTransactionalLogic<AnyTypeClassTO
@Autowired
private AnyTypeClassDAO anyTypeClassDAO;
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ANYTYPECLASS_READ + "')")
+ @Transactional(readOnly = true)
public AnyTypeClassTO read(final String key) {
AnyTypeClass anyType = anyTypeClassDAO.find(key);
if (anyType == null) {
@@ -59,7 +61,8 @@ public class AnyTypeClassLogic extends AbstractTransactionalLogic<AnyTypeClassTO
return binder.getAnyTypeClassTO(anyType);
}
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ANYTYPECLASS_LIST + "')")
+ @Transactional(readOnly = true)
public List<AnyTypeClassTO> list() {
return CollectionUtils.collect(anyTypeClassDAO.findAll(), new Transformer<AnyTypeClass, AnyTypeClassTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeLogic.java
index b21ab45..f967da8 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/AnyTypeLogic.java
@@ -37,6 +37,7 @@ import org.apache.syncope.core.provisioning.api.data.AnyTypeDataBinder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
@Component
public class AnyTypeLogic extends AbstractTransactionalLogic<AnyTypeTO> {
@@ -47,7 +48,8 @@ public class AnyTypeLogic extends AbstractTransactionalLogic<AnyTypeTO> {
@Autowired
private AnyTypeDAO anyTypeDAO;
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ANYTYPE_READ + "')")
+ @Transactional(readOnly = true)
public AnyTypeTO read(final String key) {
AnyType anyType = anyTypeDAO.find(key);
if (anyType == null) {
@@ -59,7 +61,8 @@ public class AnyTypeLogic extends AbstractTransactionalLogic<AnyTypeTO> {
return binder.getAnyTypeTO(anyType);
}
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.ANYTYPE_LIST + "')")
+ @Transactional(readOnly = true)
public List<AnyTypeTO> list() {
return CollectionUtils.collect(anyTypeDAO.findAll(), new Transformer<AnyType, AnyTypeTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/ConfigurationLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/ConfigurationLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/ConfigurationLogic.java
index 200cc7a..eea22ad 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/ConfigurationLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/ConfigurationLogic.java
@@ -81,7 +81,8 @@ public class ConfigurationLogic extends AbstractTransactionalLogic<AttrTO> {
return binder.getConfTO();
}
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.CONFIGURATION_GET + "')")
+ @Transactional(readOnly = true)
public AttrTO get(final String schema) {
AttrTO result;
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/ConnectorLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/ConnectorLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/ConnectorLogic.java
index 6532936..9c92e29 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/ConnectorLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/ConnectorLogic.java
@@ -163,8 +163,7 @@ public class ConnectorLogic extends AbstractTransactionalLogic<ConnInstanceTO> {
try {
result = binder.getConnInstanceTO(connInstance);
} catch (NotFoundException e) {
- LOG.error("Connector '{}#{}' not found",
- connInstance.getBundleName(), connInstance.getVersion());
+ LOG.error("Connector '{}#{}' not found", connInstance.getBundleName(), connInstance.getVersion());
}
return result;
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
index 4420d4d..52946a6 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/GroupLogic.java
@@ -41,7 +41,6 @@ import org.apache.syncope.common.lib.to.ExecTO;
import org.apache.syncope.common.lib.to.GroupTO;
import org.apache.syncope.common.lib.to.PropagationStatus;
import org.apache.syncope.common.lib.to.ProvisioningResult;
-import org.apache.syncope.common.lib.to.TypeExtensionTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.BulkMembersActionType;
import org.apache.syncope.common.lib.types.ClientExceptionType;
@@ -161,19 +160,7 @@ public class GroupLogic extends AbstractAnyLogic<GroupTO, GroupPatch> {
}, new ArrayList<GroupTO>());
}
- @PreAuthorize("isAuthenticated()")
- @Transactional(readOnly = true)
- public TypeExtensionTO readTypeExtension(final String key, final String anyTypeKey) {
- Group group = groupDAO.find(key);
- if (group == null) {
- throw new NotFoundException("Group " + key);
- }
-
- GroupTO groupTO = binder.getGroupTO(group, false);
- return groupTO.getTypeExtension(anyTypeKey);
- }
-
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.GROUP_SEARCH + "')")
@Transactional(readOnly = true)
@Override
public Pair<Integer, List<GroupTO>> search(
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
index 1cde745..760b812 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/ResourceLogic.java
@@ -260,7 +260,7 @@ public class ResourceLogic extends AbstractTransactionalLogic<ResourceTO> {
return binder.getResourceTO(resource);
}
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.RESOURCE_LIST + "')")
@Transactional(readOnly = true)
public List<ResourceTO> list() {
return CollectionUtils.collect(resourceDAO.findAll(), new Transformer<ExternalResource, ResourceTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
index 13102a5..c5b3b9a 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/RoleLogic.java
@@ -34,6 +34,7 @@ import org.apache.syncope.core.provisioning.api.data.RoleDataBinder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
@Component
public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
@@ -45,6 +46,7 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
private RoleDAO roleDAO;
@PreAuthorize("hasRole('" + StandardEntitlement.ROLE_READ + "')")
+ @Transactional(readOnly = true)
public RoleTO read(final String key) {
Role role = roleDAO.find(key);
if (role == null) {
@@ -57,6 +59,7 @@ public class RoleLogic extends AbstractTransactionalLogic<RoleTO> {
}
@PreAuthorize("hasRole('" + StandardEntitlement.ROLE_LIST + "')")
+ @Transactional(readOnly = true)
public List<RoleTO> list() {
return CollectionUtils.collect(roleDAO.findAll(), new Transformer<Role, RoleTO>() {
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
index 5bbddc4..e3dae91 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/SecurityQuestionLogic.java
@@ -35,6 +35,7 @@ import org.apache.syncope.core.provisioning.api.data.SecurityQuestionDataBinder;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
@Component
public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQuestionTO> {
@@ -49,6 +50,7 @@ public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQu
private SecurityQuestionDataBinder binder;
@PreAuthorize("isAuthenticated()")
+ @Transactional(readOnly = true)
public List<SecurityQuestionTO> list() {
return CollectionUtils.collect(securityQuestionDAO.findAll(),
new Transformer<SecurityQuestion, SecurityQuestionTO>() {
@@ -60,7 +62,8 @@ public class SecurityQuestionLogic extends AbstractTransactionalLogic<SecurityQu
}, new ArrayList<SecurityQuestionTO>());
}
- @PreAuthorize("isAuthenticated()")
+ @PreAuthorize("hasRole('" + StandardEntitlement.SECURITY_QUESTION_READ + "')")
+ @Transactional(readOnly = true)
public SecurityQuestionTO read(final String key) {
SecurityQuestion securityQuestion = securityQuestionDAO.find(key);
if (securityQuestion == null) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
----------------------------------------------------------------------
diff --git a/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java b/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
index b975b53..2352813 100644
--- a/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
+++ b/core/logic/src/main/java/org/apache/syncope/core/logic/SyncopeLogic.java
@@ -21,27 +21,39 @@ package org.apache.syncope.core.logic;
import java.lang.management.ManagementFactory;
import java.lang.management.OperatingSystemMXBean;
import java.lang.management.RuntimeMXBean;
-import org.apache.syncope.core.provisioning.api.EntitlementsHolder;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.URI;
import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.Iterator;
+import java.util.List;
import java.util.Map;
import javax.annotation.Resource;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.collections4.Transformer;
+import org.apache.commons.lang3.tuple.Pair;
import org.apache.syncope.common.lib.AbstractBaseBean;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.info.NumbersInfo;
import org.apache.syncope.common.lib.info.SystemInfo;
import org.apache.syncope.common.lib.info.PlatformInfo;
+import org.apache.syncope.common.lib.to.GroupTO;
+import org.apache.syncope.common.lib.to.TypeExtensionTO;
+import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.TaskType;
import org.apache.syncope.core.spring.security.PasswordGenerator;
import org.apache.syncope.core.persistence.api.ImplementationLookup;
import org.apache.syncope.core.persistence.api.ImplementationLookup.Type;
import org.apache.syncope.core.persistence.api.dao.AnyObjectDAO;
import org.apache.syncope.core.persistence.api.dao.AnySearchDAO;
+import org.apache.syncope.core.persistence.api.dao.AnyTypeClassDAO;
+import org.apache.syncope.core.persistence.api.dao.AnyTypeDAO;
import org.apache.syncope.core.persistence.api.dao.ConfDAO;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
import org.apache.syncope.core.persistence.api.dao.GroupDAO;
+import org.apache.syncope.core.persistence.api.dao.NotFoundException;
import org.apache.syncope.core.persistence.api.dao.NotificationDAO;
import org.apache.syncope.core.persistence.api.dao.PolicyDAO;
import org.apache.syncope.core.persistence.api.dao.RoleDAO;
@@ -49,14 +61,23 @@ import org.apache.syncope.core.persistence.api.dao.SecurityQuestionDAO;
import org.apache.syncope.core.persistence.api.dao.TaskDAO;
import org.apache.syncope.core.persistence.api.dao.UserDAO;
import org.apache.syncope.core.persistence.api.dao.VirSchemaDAO;
+import org.apache.syncope.core.persistence.api.dao.search.AssignableCond;
+import org.apache.syncope.core.persistence.api.dao.search.OrderByClause;
+import org.apache.syncope.core.persistence.api.dao.search.SearchCond;
import org.apache.syncope.core.persistence.api.entity.AnyType;
+import org.apache.syncope.core.persistence.api.entity.group.Group;
+import org.apache.syncope.core.persistence.api.entity.group.TypeExtension;
import org.apache.syncope.core.persistence.api.entity.policy.AccountPolicy;
import org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy;
import org.apache.syncope.core.provisioning.api.AnyObjectProvisioningManager;
import org.apache.syncope.core.provisioning.api.ConnIdBundleManager;
+import org.apache.syncope.core.provisioning.api.EntitlementsHolder;
import org.apache.syncope.core.provisioning.api.GroupProvisioningManager;
import org.apache.syncope.core.provisioning.api.UserProvisioningManager;
import org.apache.syncope.core.provisioning.api.cache.VirAttrCache;
+import org.apache.syncope.core.provisioning.api.data.GroupDataBinder;
+import org.apache.syncope.core.provisioning.api.utils.EntityUtils;
+import org.apache.syncope.core.spring.security.AuthContextUtils;
import org.apache.syncope.core.workflow.api.AnyObjectWorkflowAdapter;
import org.apache.syncope.core.workflow.api.GroupWorkflowAdapter;
import org.apache.syncope.core.workflow.api.UserWorkflowAdapter;
@@ -79,6 +100,12 @@ public class SyncopeLogic extends AbstractLogic<AbstractBaseBean> {
private static SystemInfo SYSTEM_INFO;
@Autowired
+ private AnyTypeDAO anyTypeDAO;
+
+ @Autowired
+ private AnyTypeClassDAO anyTypeClassDAO;
+
+ @Autowired
private UserDAO userDAO;
@Autowired
@@ -111,6 +138,12 @@ public class SyncopeLogic extends AbstractLogic<AbstractBaseBean> {
@Autowired
private ConfDAO confDAO;
+ @Autowired
+ private AnySearchDAO searchDAO;
+
+ @Autowired
+ private GroupDataBinder groupDataBinder;
+
@Resource(name = "version")
private String version;
@@ -208,6 +241,37 @@ public class SyncopeLogic extends AbstractLogic<AbstractBaseBean> {
PLATFORM_INFO.getEntitlements().clear();
PLATFORM_INFO.getEntitlements().addAll(EntitlementsHolder.getInstance().getValues());
+
+ PLATFORM_INFO.getAnyTypes().clear();
+ PLATFORM_INFO.getUserClasses().clear();
+ PLATFORM_INFO.getAnyTypeClasses().clear();
+ PLATFORM_INFO.getResources().clear();
+ AuthContextUtils.execWithAuthContext(AuthContextUtils.getDomain(), new AuthContextUtils.Executable<Void>() {
+
+ @Override
+ public Void exec() {
+ CollectionUtils.collect(
+ anyTypeDAO.findAll(),
+ EntityUtils.keyTransformer(),
+ PLATFORM_INFO.getAnyTypes());
+
+ CollectionUtils.collect(
+ anyTypeDAO.findUser().getClasses(),
+ EntityUtils.keyTransformer(),
+ PLATFORM_INFO.getUserClasses());
+
+ CollectionUtils.collect(
+ anyTypeClassDAO.findAll(),
+ EntityUtils.keyTransformer(),
+ PLATFORM_INFO.getAnyTypeClasses());
+
+ CollectionUtils.collect(
+ resourceDAO.findAll(),
+ EntityUtils.keyTransformer(),
+ PLATFORM_INFO.getResources());
+ return null;
+ }
+ });
}
return PLATFORM_INFO;
@@ -308,10 +372,55 @@ public class SyncopeLogic extends AbstractLogic<AbstractBaseBean> {
return numbersInfo;
}
+ @PreAuthorize("isAuthenticated()")
+ public Pair<Integer, List<GroupTO>> searchAssignableGroups(
+ final String realm, final int page, final int size) {
+
+ AssignableCond assignableCond = new AssignableCond();
+ assignableCond.setRealmFullPath(realm);
+ SearchCond searchCond = SearchCond.getLeafCond(assignableCond);
+
+ int count = searchDAO.count(SyncopeConstants.FULL_ADMIN_REALMS, searchCond, AnyTypeKind.GROUP);
+
+ OrderByClause orderByClause = new OrderByClause();
+ orderByClause.setField("name");
+ orderByClause.setDirection(OrderByClause.Direction.ASC);
+ List<Group> matching = searchDAO.search(
+ SyncopeConstants.FULL_ADMIN_REALMS,
+ searchCond,
+ page, size,
+ Collections.singletonList(orderByClause), AnyTypeKind.GROUP);
+ List<GroupTO> result = CollectionUtils.collect(matching, new Transformer<Group, GroupTO>() {
+
+ @Transactional(readOnly = true)
+ @Override
+ public GroupTO transform(final Group input) {
+ return groupDataBinder.getGroupTO(input, false);
+ }
+ }, new ArrayList<GroupTO>());
+
+ return Pair.of(count, result);
+ }
+
+ @PreAuthorize("isAuthenticated()")
+ public TypeExtensionTO readTypeExtension(final String groupName) {
+ Group group = groupDAO.findByName(groupName);
+ if (group == null) {
+ throw new NotFoundException("Group " + groupName);
+ }
+ TypeExtension typeExt = group.getTypeExtension(anyTypeDAO.findUser());
+ if (typeExt == null) {
+ throw new NotFoundException("TypeExtension in " + groupName + " for users");
+ }
+
+ return groupDataBinder.getTypeExtensionTO(typeExt);
+ }
+
@Override
protected AbstractBaseBean resolveReference(final Method method, final Object... args)
throws UnresolvedReferenceException {
throw new UnresolvedReferenceException();
}
+
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAExternalResourceDAO.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAExternalResourceDAO.java b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAExternalResourceDAO.java
index 8989fc5..43b36d5 100644
--- a/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAExternalResourceDAO.java
+++ b/core/persistence-jpa/src/main/java/org/apache/syncope/core/persistence/jpa/dao/JPAExternalResourceDAO.java
@@ -18,11 +18,14 @@
*/
package org.apache.syncope.core.persistence.jpa.dao;
+import java.util.ArrayList;
+import java.util.Collections;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.persistence.Query;
import javax.persistence.TypedQuery;
+import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
import org.apache.syncope.common.lib.types.StandardEntitlement;
@@ -232,9 +235,28 @@ public class JPAExternalResourceDAO extends AbstractDAO<ExternalResource> implem
@Override
public List<ExternalResource> findAll() {
+ final Set<String> authRealms = AuthContextUtils.getAuthorizations().get(StandardEntitlement.RESOURCE_LIST);
+ if (authRealms == null || authRealms.isEmpty()) {
+ return Collections.emptyList();
+ }
+
TypedQuery<ExternalResource> query = entityManager().createQuery(
"SELECT e FROM " + JPAExternalResource.class.getSimpleName() + " e", ExternalResource.class);
- return query.getResultList();
+
+ return CollectionUtils.select(query.getResultList(), new Predicate<ExternalResource>() {
+
+ @Override
+ public boolean evaluate(final ExternalResource resource) {
+ return IterableUtils.matchesAny(authRealms, new Predicate<String>() {
+
+ @Override
+ public boolean evaluate(final String realm) {
+ return resource.getConnector() != null
+ && resource.getConnector().getAdminRealm().getFullPath().startsWith(realm);
+ }
+ });
+ }
+ }, new ArrayList<ExternalResource>());
}
@Override
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/ResourceTest.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/ResourceTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/ResourceTest.java
index 03b516d..9439827 100644
--- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/ResourceTest.java
+++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/inner/ResourceTest.java
@@ -25,11 +25,16 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+import java.util.ArrayList;
import java.util.List;
+import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
+import org.apache.commons.collections4.Transformer;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.types.EntityViolationType;
import org.apache.syncope.common.lib.types.MappingPurpose;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.attrvalue.validation.InvalidEntityException;
import org.apache.syncope.core.persistence.api.dao.AnyTypeDAO;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
@@ -40,9 +45,14 @@ import org.apache.syncope.core.persistence.api.entity.resource.MappingItem;
import org.apache.syncope.core.persistence.api.entity.resource.Provision;
import org.apache.syncope.core.persistence.jpa.AbstractTest;
import org.apache.syncope.core.spring.security.DelegatedAdministrationException;
+import org.apache.syncope.core.spring.security.SyncopeAuthenticationDetails;
+import org.apache.syncope.core.spring.security.SyncopeGrantedAuthority;
import org.identityconnectors.framework.common.objects.ObjectClass;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.transaction.annotation.Transactional;
@Transactional("Master")
@@ -93,9 +103,28 @@ public class ResourceTest extends AbstractTest {
@Test
public void findAll() {
- List<ExternalResource> resources = resourceDAO.findAll();
- assertNotNull(resources);
- assertEquals(21, resources.size());
+ List<GrantedAuthority> authorities = CollectionUtils.collect(StandardEntitlement.values(),
+ new Transformer<String, GrantedAuthority>() {
+
+ @Override
+ public GrantedAuthority transform(final String entitlement) {
+ return new SyncopeGrantedAuthority(entitlement, SyncopeConstants.ROOT_REALM);
+ }
+ }, new ArrayList<GrantedAuthority>());
+
+ UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(
+ new org.springframework.security.core.userdetails.User(
+ "admin", "FAKE_PASSWORD", authorities), "FAKE_PASSWORD", authorities);
+ auth.setDetails(new SyncopeAuthenticationDetails("Master"));
+ SecurityContextHolder.getContext().setAuthentication(auth);
+
+ try {
+ List<ExternalResource> resources = resourceDAO.findAll();
+ assertNotNull(resources);
+ assertFalse(resources.isEmpty());
+ } finally {
+ SecurityContextHolder.getContext().setAuthentication(null);
+ }
}
@Test
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/outer/PlainSchemaTest.java
----------------------------------------------------------------------
diff --git a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/outer/PlainSchemaTest.java b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/outer/PlainSchemaTest.java
index b93acbb..5d8f021 100644
--- a/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/outer/PlainSchemaTest.java
+++ b/core/persistence-jpa/src/test/java/org/apache/syncope/core/persistence/jpa/outer/PlainSchemaTest.java
@@ -25,11 +25,17 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+import java.util.ArrayList;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
import java.util.UUID;
import javax.persistence.EntityExistsException;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.collections4.Transformer;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.types.AttrSchemaType;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.AnyTypeDAO;
import org.apache.syncope.core.persistence.api.dao.DerSchemaDAO;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
@@ -41,8 +47,15 @@ import org.apache.syncope.core.persistence.api.entity.resource.ExternalResource;
import org.apache.syncope.core.persistence.api.entity.resource.MappingItem;
import org.apache.syncope.core.persistence.api.entity.user.UPlainAttr;
import org.apache.syncope.core.persistence.jpa.AbstractTest;
+import org.apache.syncope.core.spring.security.SyncopeAuthenticationDetails;
+import org.apache.syncope.core.spring.security.SyncopeGrantedAuthority;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.transaction.annotation.Transactional;
@Transactional("Master")
@@ -66,6 +79,29 @@ public class PlainSchemaTest extends AbstractTest {
@Autowired
private ExternalResourceDAO resourceDAO;
+ @BeforeClass
+ public static void setAuthContext() {
+ List<GrantedAuthority> authorities = CollectionUtils.collect(StandardEntitlement.values(),
+ new Transformer<String, GrantedAuthority>() {
+
+ @Override
+ public GrantedAuthority transform(final String entitlement) {
+ return new SyncopeGrantedAuthority(entitlement, SyncopeConstants.ROOT_REALM);
+ }
+ }, new ArrayList<GrantedAuthority>());
+
+ UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(
+ new org.springframework.security.core.userdetails.User(
+ "admin", "FAKE_PASSWORD", authorities), "FAKE_PASSWORD", authorities);
+ auth.setDetails(new SyncopeAuthenticationDetails("Master"));
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ }
+
+ @AfterClass
+ public static void unsetAuthContext() {
+ SecurityContextHolder.getContext().setAuthentication(null);
+ }
+
@Test
public void checkIdUniqueness() {
assertNotNull(derSchemaDAO.find("cn"));
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/GroupDataBinder.java
----------------------------------------------------------------------
diff --git a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/GroupDataBinder.java b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/GroupDataBinder.java
index 087a271..1ada7d2 100644
--- a/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/GroupDataBinder.java
+++ b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/GroupDataBinder.java
@@ -21,13 +21,17 @@ package org.apache.syncope.core.provisioning.api.data;
import java.util.Map;
import org.apache.syncope.common.lib.patch.GroupPatch;
import org.apache.syncope.common.lib.to.GroupTO;
+import org.apache.syncope.common.lib.to.TypeExtensionTO;
import org.apache.syncope.core.provisioning.api.PropagationByResource;
import org.apache.syncope.core.persistence.api.entity.group.Group;
+import org.apache.syncope.core.persistence.api.entity.group.TypeExtension;
public interface GroupDataBinder {
GroupTO getGroupTO(String key);
+ TypeExtensionTO getTypeExtensionTO(TypeExtension typeExt);
+
GroupTO getGroupTO(Group group, boolean details);
void create(Group group, GroupTO groupTO);
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/GroupDataBinderImpl.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/GroupDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/GroupDataBinderImpl.java
index c4f8c50..1d25c08 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/GroupDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/GroupDataBinderImpl.java
@@ -311,6 +311,22 @@ public class GroupDataBinderImpl extends AbstractAnyDataBinder implements GroupD
return propByRes;
}
+ @Override
+ public TypeExtensionTO getTypeExtensionTO(final TypeExtension typeExt) {
+ TypeExtensionTO typeExtTO = new TypeExtensionTO();
+ typeExtTO.setAnyType(typeExt.getAnyType().getKey());
+ typeExtTO.getAuxClasses().addAll(CollectionUtils.collect(typeExt.getAuxClasses(),
+ new Transformer<AnyTypeClass, String>() {
+
+ @Override
+ public String transform(final AnyTypeClass clazz) {
+ return clazz.getKey();
+ }
+ }));
+
+ return typeExtTO;
+ }
+
@Transactional(readOnly = true)
@Override
public GroupTO getGroupTO(final Group group, final boolean details) {
@@ -358,17 +374,7 @@ public class GroupDataBinderImpl extends AbstractAnyDataBinder implements GroupD
}
for (TypeExtension typeExt : group.getTypeExtensions()) {
- TypeExtensionTO typeExtTO = new TypeExtensionTO();
- typeExtTO.setAnyType(typeExt.getAnyType().getKey());
- typeExtTO.getAuxClasses().addAll(CollectionUtils.collect(typeExt.getAuxClasses(),
- new Transformer<AnyTypeClass, String>() {
-
- @Override
- public String transform(final AnyTypeClass clazz) {
- return clazz.getKey();
- }
- }));
- groupTO.getTypeExtensions().add(typeExtTO);
+ groupTO.getTypeExtensions().add(getTypeExtensionTO(typeExt));
}
return groupTO;
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/ResourceDataBinderTest.java
----------------------------------------------------------------------
diff --git a/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/ResourceDataBinderTest.java b/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/ResourceDataBinderTest.java
index cb1612a..714dcff 100644
--- a/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/ResourceDataBinderTest.java
+++ b/core/provisioning-java/src/test/java/org/apache/syncope/core/provisioning/java/ResourceDataBinderTest.java
@@ -21,14 +21,20 @@ package org.apache.syncope.core.provisioning.java;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
+import java.util.ArrayList;
import java.util.HashSet;
+import java.util.List;
import java.util.Set;
+import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.collections4.Transformer;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.to.MappingItemTO;
import org.apache.syncope.common.lib.to.MappingTO;
import org.apache.syncope.common.lib.to.ProvisionTO;
import org.apache.syncope.common.lib.to.ResourceTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.MappingPurpose;
+import org.apache.syncope.common.lib.types.StandardEntitlement;
import org.apache.syncope.core.persistence.api.dao.AnyTypeDAO;
import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO;
import org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO;
@@ -36,9 +42,16 @@ import org.apache.syncope.core.persistence.api.entity.PlainSchema;
import org.apache.syncope.core.persistence.api.entity.resource.ExternalResource;
import org.apache.syncope.core.persistence.api.entity.resource.MappingItem;
import org.apache.syncope.core.provisioning.api.data.ResourceDataBinder;
+import org.apache.syncope.core.spring.security.SyncopeAuthenticationDetails;
+import org.apache.syncope.core.spring.security.SyncopeGrantedAuthority;
import org.identityconnectors.framework.common.objects.ObjectClass;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
import org.junit.Test;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.transaction.annotation.Transactional;
@Transactional("Master")
@@ -56,6 +69,29 @@ public class ResourceDataBinderTest extends AbstractTest {
@Autowired
private PlainSchemaDAO plainSchemaDAO;
+ @BeforeClass
+ public static void setAuthContext() {
+ List<GrantedAuthority> authorities = CollectionUtils.collect(StandardEntitlement.values(),
+ new Transformer<String, GrantedAuthority>() {
+
+ @Override
+ public GrantedAuthority transform(final String entitlement) {
+ return new SyncopeGrantedAuthority(entitlement, SyncopeConstants.ROOT_REALM);
+ }
+ }, new ArrayList<GrantedAuthority>());
+
+ UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(
+ new org.springframework.security.core.userdetails.User(
+ "admin", "FAKE_PASSWORD", authorities), "FAKE_PASSWORD", authorities);
+ auth.setDetails(new SyncopeAuthenticationDetails("Master"));
+ SecurityContextHolder.getContext().setAuthentication(auth);
+ }
+
+ @AfterClass
+ public static void unsetAuthContext() {
+ SecurityContextHolder.getContext().setAuthentication(null);
+ }
+
@Test
public void issue42() {
PlainSchema userId = plainSchemaDAO.find("userId");
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/GroupServiceImpl.java
----------------------------------------------------------------------
diff --git a/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/GroupServiceImpl.java b/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/GroupServiceImpl.java
index 69b21a1..50ef081 100644
--- a/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/GroupServiceImpl.java
+++ b/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/GroupServiceImpl.java
@@ -22,7 +22,6 @@ import java.util.List;
import org.apache.syncope.common.lib.patch.GroupPatch;
import org.apache.syncope.common.lib.to.ExecTO;
import org.apache.syncope.common.lib.to.GroupTO;
-import org.apache.syncope.common.lib.to.TypeExtensionTO;
import org.apache.syncope.common.lib.types.BulkMembersActionType;
import org.apache.syncope.common.rest.api.service.GroupService;
import org.apache.syncope.core.logic.AbstractAnyLogic;
@@ -54,11 +53,6 @@ public class GroupServiceImpl extends AbstractAnyService<GroupTO, GroupPatch> im
}
@Override
- public TypeExtensionTO readTypeExtension(final String key, final String anyTypeKey) {
- return logic.readTypeExtension(key, anyTypeKey);
- }
-
- @Override
public ExecTO bulkMembersAction(final String key, final BulkMembersActionType actionType) {
return logic.bulkMembersAction(key, actionType);
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SyncopeServiceImpl.java
----------------------------------------------------------------------
diff --git a/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SyncopeServiceImpl.java b/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SyncopeServiceImpl.java
index 944d684..4a301a3 100644
--- a/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SyncopeServiceImpl.java
+++ b/core/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SyncopeServiceImpl.java
@@ -18,9 +18,16 @@
*/
package org.apache.syncope.core.rest.cxf.service;
+import java.util.List;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.commons.lang3.tuple.Pair;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.info.NumbersInfo;
import org.apache.syncope.common.lib.info.SystemInfo;
import org.apache.syncope.common.lib.info.PlatformInfo;
+import org.apache.syncope.common.lib.to.GroupTO;
+import org.apache.syncope.common.lib.to.PagedResult;
+import org.apache.syncope.common.lib.to.TypeExtensionTO;
import org.apache.syncope.common.rest.api.service.SyncopeService;
import org.apache.syncope.core.logic.SyncopeLogic;
import org.springframework.beans.factory.annotation.Autowired;
@@ -47,4 +54,18 @@ public class SyncopeServiceImpl extends AbstractServiceImpl implements SyncopeSe
return logic.numbers();
}
+ @Override
+ public PagedResult<GroupTO> searchAssignableGroups(
+ final String realm, final int page, final int size) {
+
+ Pair<Integer, List<GroupTO>> result = logic.searchAssignableGroups(
+ StringUtils.prependIfMissing(realm, SyncopeConstants.ROOT_REALM), page, size);
+ return buildPagedResult(result.getRight(), page, size, result.getLeft());
+ }
+
+ @Override
+ public TypeExtensionTO readUserTypeExtension(final String groupName) {
+ return logic.readTypeExtension(groupName);
+ }
+
}
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/fit/core-reference/src/test/java/org/apache/syncope/fit/console/UsersITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/console/UsersITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/console/UsersITCase.java
index a78d9f3..25f544d 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/console/UsersITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/console/UsersITCase.java
@@ -153,6 +153,13 @@ public class UsersITCase extends AbstractConsoleITCase {
TESTER.executeAjaxEvent(TAB_PANEL + "outerObjectsRepeater:0:outer:form:content:form:view:relationships:"
+ "specification:type:dropDownChoiceField", Constants.ON_CHANGE);
+ // The ON_CHANGE above should enable this component, but it doesn't; doing it by hand
+ Component rightType = findComponentById(
+ TAB_PANEL + "outerObjectsRepeater:0:outer:form:content:form:view:relationships:specification",
+ "rightType");
+ assertNotNull(rightType);
+ rightType.setEnabled(true);
+
formTester.setValue("view:relationships:specification:rightType:dropDownChoiceField", "PRINTER");
TESTER.executeAjaxEvent(TAB_PANEL + "outerObjectsRepeater:0:outer:form:content:form:view:relationships:"
+ "specification:rightType:dropDownChoiceField", Constants.ON_CHANGE);
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/fit/core-reference/src/test/java/org/apache/syncope/fit/core/AuthenticationITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/AuthenticationITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/AuthenticationITCase.java
index 01df4f5..6ee4484 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/AuthenticationITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/AuthenticationITCase.java
@@ -100,7 +100,7 @@ public class AuthenticationITCase extends AbstractITCase {
}
@Test
- public void testReadEntitlements() {
+ public void readEntitlements() {
// 1. as not authenticated (not allowed)
try {
clientFactory.create().self();
@@ -130,7 +130,7 @@ public class AuthenticationITCase extends AbstractITCase {
}
@Test
- public void testUserSchemaAuthorization() {
+ public void userSchemaAuthorization() {
String schemaName = "authTestSchema" + getUUIDString();
// 1. create a schema (as admin)
@@ -169,7 +169,7 @@ public class AuthenticationITCase extends AbstractITCase {
}
@Test
- public void testUserRead() {
+ public void userRead() {
UserTO userTO = UserITCase.getUniqueSampleTO("testuserread@test.org");
userTO.getRoles().add("User manager");
@@ -194,7 +194,7 @@ public class AuthenticationITCase extends AbstractITCase {
}
@Test
- public void testUserSearch() {
+ public void userSearch() {
UserTO userTO = UserITCase.getUniqueSampleTO("testusersearch@test.org");
userTO.getRoles().add("User reviewer");
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/fit/core-reference/src/test/java/org/apache/syncope/fit/core/GroupITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/GroupITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/GroupITCase.java
index 082adf7..857e371 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/GroupITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/GroupITCase.java
@@ -89,6 +89,7 @@ import org.apache.syncope.common.lib.types.ResourceDeassociationAction;
import org.apache.syncope.common.lib.types.SchemaType;
import org.apache.syncope.common.rest.api.beans.AnyQuery;
import org.apache.syncope.common.rest.api.service.GroupService;
+import org.apache.syncope.common.rest.api.service.SyncopeService;
import org.apache.syncope.core.provisioning.java.job.TaskJob;
import org.apache.syncope.fit.AbstractITCase;
import org.junit.Test;
@@ -619,17 +620,24 @@ public class GroupITCase extends AbstractITCase {
public void anonymous() {
GroupService unauthenticated = clientFactory.create().getService(GroupService.class);
try {
- unauthenticated.search(new AnyQuery.Builder().realm(SyncopeConstants.ROOT_REALM).build());
+ unauthenticated.search(new AnyQuery.Builder().realm("/even").build());
fail();
} catch (AccessControlException e) {
assertNotNull(e);
}
- GroupService anonymous = clientFactory.create(
- new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY)).
- getService(GroupService.class);
- assertFalse(anonymous.search(new AnyQuery.Builder().realm(SyncopeConstants.ROOT_REALM).build()).
- getResult().isEmpty());
+ SyncopeClient anonymous = clientFactory.create(
+ new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY));
+ try {
+ anonymous.getService(GroupService.class).
+ search(new AnyQuery.Builder().realm("/even").build());
+ fail();
+ } catch (ForbiddenException e) {
+ assertNotNull(e);
+ }
+
+ assertFalse(anonymous.getService(SyncopeService.class).
+ searchAssignableGroups("/even", 1, 100).getResult().isEmpty());
}
@Test
http://git-wip-us.apache.org/repos/asf/syncope/blob/20596e2e/fit/core-reference/src/test/java/org/apache/syncope/fit/core/ResourceITCase.java
----------------------------------------------------------------------
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/ResourceITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/ResourceITCase.java
index 8f881de..95109f4 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/ResourceITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/ResourceITCase.java
@@ -26,7 +26,6 @@ import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
-import java.security.AccessControlException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
@@ -38,7 +37,6 @@ import org.apache.commons.collections4.CollectionUtils;
import org.apache.commons.collections4.Transformer;
import org.apache.commons.lang3.SerializationUtils;
import org.apache.syncope.client.console.commons.ConnIdSpecialName;
-import org.apache.syncope.client.lib.AnonymousAuthenticationHandler;
import org.apache.syncope.client.lib.SyncopeClient;
import org.apache.syncope.common.lib.SyncopeClientException;
import org.apache.syncope.common.lib.to.AnyObjectTO;
@@ -503,22 +501,6 @@ public class ResourceITCase extends AbstractITCase {
}
@Test
- public void anonymous() {
- ResourceService unauthenticated = clientFactory.create().getService(ResourceService.class);
- try {
- unauthenticated.list();
- fail();
- } catch (AccessControlException e) {
- assertNotNull(e);
- }
-
- ResourceService anonymous = clientFactory.create(
- new AnonymousAuthenticationHandler(ANONYMOUS_UNAME, ANONYMOUS_KEY)).
- getService(ResourceService.class);
- assertFalse(anonymous.list().isEmpty());
- }
-
- @Test
public void listConnObjects() {
List<String> groupKeys = new ArrayList<>();
for (int i = 0; i < 10; i++) {