You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2020/02/26 16:14:28 UTC
[syncope] branch 2_1_X updated (bbb8a8f -> c56592e)
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a change to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git.
from bbb8a8f [SYNCOPE-1531] More robust handling in case value for key column is missing
new 50e0ec7 [SYNCOPE-1537] Password and username of LinkedAccounts now saved properly from Admin Console
new 146ee48 [SYNCOPE-1537] Ensure proper password management for Linked Accounts
new 53c3261 [SYNCOPE-1544] Also removed readonly attributes from showing in the list of plain attributes for linkedaccounts
new c56592e [SYNCOPE-1537] Linked account update using put
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.../wizards/any/LinkedAccountCredentialsPanel.java | 63 +++++++++-----
.../wizards/any/LinkedAccountPlainAttrsPanel.java | 43 ++++++----
.../wizards/any/LinkedAccountWizardBuilder.java | 10 +--
.../apache/syncope/common/lib/AnyOperations.java | 1 -
.../provisioning/java/data/UserDataBinderImpl.java | 29 ++++---
.../org/apache/syncope/fit/AbstractITCase.java | 6 ++
.../syncope/fit/core/LinkedAccountITCase.java | 96 ++++++++++++++++++++++
7 files changed, 194 insertions(+), 54 deletions(-)
[syncope] 03/04: [SYNCOPE-1544] Also removed readonly attributes
from showing in the list of plain attributes for linkedaccounts
Posted by il...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
commit 53c326153685d0672f0d3d362a8a23c42e582750
Author: skylark17 <sk...@apache.org>
AuthorDate: Wed Feb 26 12:33:26 2020 +0100
[SYNCOPE-1544] Also removed readonly attributes from showing in the list of plain attributes for linkedaccounts
---
.../wizards/any/LinkedAccountCredentialsPanel.java | 15 +++++++-
.../wizards/any/LinkedAccountPlainAttrsPanel.java | 43 ++++++++++++++--------
2 files changed, 41 insertions(+), 17 deletions(-)
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
index 089968b..b8d0d89 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
@@ -42,6 +42,10 @@ public class LinkedAccountCredentialsPanel extends WizardStep {
private static final long serialVersionUID = 5116461957402341603L;
+ private String usernameValue;
+
+ private String passwordValue;
+
private final LinkedAccountTO linkedAccountTO;
public LinkedAccountCredentialsPanel(final EntityWrapper<LinkedAccountTO> modelObject) {
@@ -68,7 +72,6 @@ public class LinkedAccountCredentialsPanel extends WizardStep {
new PropertyModel<>(linkedAccountTO, "password"),
false);
passwordField.setMarkupId("password");
- passwordField.setPlaceholder("password");
passwordField.setRequired(true);
FieldPanel.class.cast(passwordField).setReadOnly(StringUtils.isBlank(linkedAccountTO.getPassword()));
LinkedAccountPlainAttrProperty passwordProperty = new LinkedAccountPlainAttrProperty();
@@ -102,10 +105,18 @@ public class LinkedAccountCredentialsPanel extends WizardStep {
@Override
protected void onUpdate(final AjaxRequestTarget target) {
FieldPanel.class.cast(panel).setReadOnly(!model.getObject());
- if (!model.getObject()) {
+ if (model.getObject()) {
+ if (property.getSchema().equals("password")) {
+ linkedAccountTO.setPassword(passwordValue);
+ } else if (property.getSchema().equals("username")) {
+ linkedAccountTO.setUsername(usernameValue);
+ }
+ } else {
if (property.getSchema().equals("password")) {
+ passwordValue = linkedAccountTO.getPassword();
linkedAccountTO.setPassword(null);
} else if (property.getSchema().equals("username")) {
+ usernameValue = linkedAccountTO.getUsername();
linkedAccountTO.setUsername(null);
}
}
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountPlainAttrsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountPlainAttrsPanel.java
index fec7bfa..61c45e6 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountPlainAttrsPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountPlainAttrsPanel.java
@@ -81,9 +81,12 @@ public class LinkedAccountPlainAttrsPanel extends AbstractAttrsWizardStep<PlainS
new AnyTypeRestClient().read(userTO.getType()).getClasses(),
AnyLayoutUtils.fetch(Arrays.asList(userTO.getType())).getUser().getWhichPlainAttrs(),
modelObject);
+ System.out.println("CCCCCCCCCCC");
this.linkedAccountTO = modelObject.getInnerObject();
- this.fixedAttrs.addAll(this.linkedAccountTO.getPlainAttrs());
+ this.fixedAttrs.addAll(this.linkedAccountTO.getPlainAttrs().stream().
+ filter(attrTO -> checkIsReadonlyAttr(attrTO.getSchema())).
+ collect(Collectors.toList()));
this.userTO = userTO;
add(new Accordion("plainSchemas", Collections.<ITab>singletonList(new AbstractTab(
@@ -166,11 +169,12 @@ public class LinkedAccountPlainAttrsPanel extends AbstractAttrsWizardStep<PlainS
}
private void updateAccountPlainSchemas(final LinkedAccountPlainAttrProperty property, final Boolean modelObject) {
- Set<AttrTO> withoutCurrentSChema = new HashSet<>(linkedAccountTO.getPlainAttrs().stream().
- filter(attr -> !attr.getSchema().equals(property.getSchema())).
+ Set<AttrTO> withoutCurrentSchema = new HashSet<>(linkedAccountTO.getPlainAttrs().stream().
+ filter(attrTO -> !attrTO.getSchema().equals(property.getSchema())
+ && checkIsReadonlyAttr(attrTO.getSchema())).
collect(Collectors.toSet()));
linkedAccountTO.getPlainAttrs().clear();
- linkedAccountTO.getPlainAttrs().addAll(withoutCurrentSChema);
+ linkedAccountTO.getPlainAttrs().addAll(withoutCurrentSchema);
if (modelObject) {
linkedAccountTO.getPlainAttrs().add(
fixedAttrs.stream().filter(attrTO -> attrTO.getSchema().equals(property.getSchema())).findFirst().
@@ -187,19 +191,24 @@ public class LinkedAccountPlainAttrsPanel extends AbstractAttrsWizardStep<PlainS
@Override
protected void setAttrs() {
List<AttrTO> attrs = new ArrayList<>();
- setFixedAttr(schemas.values());
+ List<PlainSchemaTO> notReadonlyValues = schemas.values().stream().
+ filter(schema -> checkIsReadonlyAttr(schema.getKey())).
+ collect(Collectors.toList());
+ setFixedAttr(notReadonlyValues);
Map<String, AttrTO> attrMap = EntityTOUtils.buildAttrMap(fixedAttrs);
- attrs.addAll(schemas.values().stream().map(schema -> {
- AttrTO attrTO = new AttrTO();
- attrTO.setSchema(schema.getKey());
- if (attrMap.get(schema.getKey()) == null || attrMap.get(schema.getKey()).getValues().isEmpty()) {
- attrTO.getValues().add("");
- } else {
- attrTO = attrMap.get(schema.getKey());
- }
- return attrTO;
- }).collect(Collectors.toList()));
+ attrs.addAll(notReadonlyValues.stream().
+ map(schema -> {
+ AttrTO attrTO = new AttrTO();
+ attrTO.setSchema(schema.getKey());
+ if (attrMap.get(schema.getKey()) == null || attrMap.get(schema.getKey()).getValues().isEmpty()) {
+ attrTO.getValues().add("");
+ } else {
+ attrTO = attrMap.get(schema.getKey());
+ }
+ return attrTO;
+ }).
+ collect(Collectors.toList()));
fixedAttrs.clear();
fixedAttrs.addAll(attrs);
@@ -220,6 +229,10 @@ public class LinkedAccountPlainAttrsPanel extends AbstractAttrsWizardStep<PlainS
});
}
+ private boolean checkIsReadonlyAttr(final String schema) {
+ return schemas.isEmpty() ? true : !schemas.get(schema).isReadonly();
+ }
+
private class PlainSchemasOwn extends PlainSchemas<List<AttrTO>> {
private static final long serialVersionUID = -4730563859116024676L;
[syncope] 04/04: [SYNCOPE-1537] Linked account update using put
Posted by il...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
commit c56592e4c0d9787942475917fd3f544a8fe3a63d
Author: dima.ayash <di...@tirasa.net>
AuthorDate: Wed Feb 26 16:27:59 2020 +0100
[SYNCOPE-1537] Linked account update using put
---
.../apache/syncope/common/lib/AnyOperations.java | 1 -
.../org/apache/syncope/fit/AbstractITCase.java | 6 ++
.../syncope/fit/core/LinkedAccountITCase.java | 96 ++++++++++++++++++++++
3 files changed, 102 insertions(+), 1 deletion(-)
diff --git a/common/lib/src/main/java/org/apache/syncope/common/lib/AnyOperations.java b/common/lib/src/main/java/org/apache/syncope/common/lib/AnyOperations.java
index 870027c..72e984c 100644
--- a/common/lib/src/main/java/org/apache/syncope/common/lib/AnyOperations.java
+++ b/common/lib/src/main/java/org/apache/syncope/common/lib/AnyOperations.java
@@ -359,7 +359,6 @@ public final class AnyOperations {
EntityTOUtils.buildLinkedAccountMap(original.getLinkedAccounts());
updatedAccounts.entrySet().stream().
- filter(entry -> (!originalAccounts.containsKey(entry.getKey()))).
forEachOrdered(entry -> {
result.getLinkedAccounts().add(new LinkedAccountPatch.Builder().
operation(PatchOperation.ADD_REPLACE).
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java
index 35bfb76..1709427 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/AbstractITCase.java
@@ -469,6 +469,12 @@ public abstract class AbstractITCase {
});
}
+ protected ProvisioningResult<UserTO> updateUser(final UserTO userTO) {
+ return userService.update(userTO).
+ readEntity(new GenericType<ProvisioningResult<UserTO>>() {
+ });
+ }
+
protected ProvisioningResult<UserTO> deleteUser(final String key) {
return userService.delete(key).
readEntity(new GenericType<ProvisioningResult<UserTO>>() {
diff --git a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/LinkedAccountITCase.java b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/LinkedAccountITCase.java
index 829570f..42066e5 100644
--- a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/LinkedAccountITCase.java
+++ b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/LinkedAccountITCase.java
@@ -152,6 +152,46 @@ public class LinkedAccountITCase extends AbstractITCase {
}
@Test
+ public void createWithLinkedAccountThenUpdateUsingPutThenRemove() throws NamingException {
+ // 1. create user with linked account
+ UserTO user = UserITCase.getSampleTO(
+ "linkedAccount" + RandomStringUtils.randomNumeric(5) + "@syncope.apache.org");
+ String connObjectKeyValue = "uid=" + user.getUsername() + ",ou=People,o=isp";
+ String privilege = applicationService.read("mightyApp").getPrivileges().get(0).getKey();
+
+ LinkedAccountTO account = new LinkedAccountTO.Builder(RESOURCE_NAME_LDAP, connObjectKeyValue).build();
+ account.setUsername("LinkedUsername");
+ account.getPlainAttrs().add(attrTO("surname", "LINKED_SURNAME"));
+ account.getPrivileges().add(privilege);
+ user.getLinkedAccounts().add(account);
+
+ user = createUser(user).getEntity();
+ assertNotNull(user.getKey());
+ assertEquals(1, user.getLinkedAccounts().size());
+ assertEquals(privilege, user.getLinkedAccounts().get(0).getPrivileges().iterator().next());
+ assertEquals("LinkedUsername", user.getLinkedAccounts().get(0).getUsername());
+ assertEquals("LINKED_SURNAME", account.getPlainAttr("surname").get().getValues().get(0));
+
+ // 2. update linked account
+ account.getPlainAttrs().clear();
+ account.setUsername("LinkedUsernameUpdated");
+ account.getPlainAttrs().add(attrTO("email", "UPDATED_EMAIL@syncope.apache.org"));
+ account.getPlainAttrs().add(attrTO("surname", "UPDATED_SURNAME"));
+ user.getLinkedAccounts().clear();
+ user.getLinkedAccounts().add(account);
+
+ user = updateUser(user).getEntity();
+ assertEquals(1, user.getLinkedAccounts().size());
+ assertEquals("LinkedUsernameUpdated", user.getLinkedAccounts().get(0).getUsername());
+ assertEquals("UPDATED_SURNAME", account.getPlainAttr("surname").get().getValues().get(0));
+
+ // 3. remove linked account from user
+ user.getLinkedAccounts().clear();
+ user = updateUser(user).getEntity();
+ assertTrue(user.getLinkedAccounts().isEmpty());
+ }
+
+ @Test
public void createWithoutLinkedAccountThenAdd() throws NamingException {
// 1. create user without linked account
UserTO user = UserITCase.getSampleTO(
@@ -198,6 +238,62 @@ public class LinkedAccountITCase extends AbstractITCase {
}
@Test
+ public void createWithoutLinkedAccountThenAddAndUpdatePassword() throws NamingException {
+ // 1. set the return value parameter to true
+ configurationService.set(new AttrTO.Builder().schema("return.password.value").value("true").build());
+
+ // 2. create user without linked account
+ UserTO user = UserITCase.getSampleTO(
+ "linkedAccount" + RandomStringUtils.randomNumeric(5) + "@syncope.apache.org");
+ String connObjectKeyValue = "uid=" + user.getUsername() + ",ou=People,o=isp";
+
+ user = createUser(user).getEntity();
+ assertNotNull(user.getKey());
+ assertTrue(user.getLinkedAccounts().isEmpty());
+
+ // 3. add linked account to user without password
+ UserPatch userPatch = new UserPatch();
+ userPatch.setKey(user.getKey());
+
+ LinkedAccountTO account = new LinkedAccountTO.Builder(RESOURCE_NAME_LDAP, connObjectKeyValue).build();
+ userPatch.getLinkedAccounts().add(new LinkedAccountPatch.Builder().linkedAccountTO(account).build());
+
+ user = updateUser(userPatch).getEntity();
+ assertEquals(1, user.getLinkedAccounts().size());
+ assertNull(user.getLinkedAccounts().get(0).getPassword());
+
+ // 4. update linked account with adding a password
+ account.setPassword("Password123");
+ userPatch = new UserPatch();
+ userPatch.setKey(user.getKey());
+ userPatch.getLinkedAccounts().add(new LinkedAccountPatch.Builder().linkedAccountTO(account).build());
+ user = updateUser(userPatch).getEntity();
+ assertNotNull(user.getLinkedAccounts().get(0).getPassword());
+
+ // 5. update linked account password
+ String beforeUpdatePassword = user.getLinkedAccounts().get(0).getPassword();
+ account.setPassword("Password123Updated");
+ userPatch = new UserPatch();
+ userPatch.setKey(user.getKey());
+
+ userPatch.getLinkedAccounts().add(new LinkedAccountPatch.Builder().linkedAccountTO(account).build());
+ user = updateUser(userPatch).getEntity();
+ assertNotNull(user.getLinkedAccounts().get(0).getPassword());
+ assertNotEquals(beforeUpdatePassword, user.getLinkedAccounts().get(0).getPassword());
+
+ // 6. set linked account password to null
+ account.setPassword(null);
+ userPatch = new UserPatch();
+ userPatch.setKey(user.getKey());
+
+ userPatch.getLinkedAccounts().add(new LinkedAccountPatch.Builder().linkedAccountTO(account).build());
+ user = updateUser(userPatch).getEntity();
+ assertNull(user.getLinkedAccounts().get(0).getPassword());
+
+ configurationService.set(new AttrTO.Builder().schema("return.password.value").value("false").build());
+ }
+
+ @Test
public void push() {
// 0a. read configured cipher algorithm in order to be able to restore it at the end of test
AttrTO pwdCipherAlgo = configurationService.get("password.cipher.algorithm");
[syncope] 01/04: [SYNCOPE-1537] Password and username of
LinkedAccounts now saved properly from Admin Console
Posted by il...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
commit 50e0ec710f18d6c3add2651199c028b965164a75
Author: skylark17 <sk...@apache.org>
AuthorDate: Tue Feb 25 12:50:36 2020 +0100
[SYNCOPE-1537] Password and username of LinkedAccounts now saved properly from Admin Console
---
.../wizards/any/LinkedAccountCredentialsPanel.java | 52 +++++++++++++---------
.../wizards/any/LinkedAccountWizardBuilder.java | 10 ++---
2 files changed, 36 insertions(+), 26 deletions(-)
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
index bb04ada..089968b 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountCredentialsPanel.java
@@ -42,39 +42,42 @@ public class LinkedAccountCredentialsPanel extends WizardStep {
private static final long serialVersionUID = 5116461957402341603L;
- public LinkedAccountCredentialsPanel(final LinkedAccountTO linkedAccountTO) {
+ private final LinkedAccountTO linkedAccountTO;
+
+ public LinkedAccountCredentialsPanel(final EntityWrapper<LinkedAccountTO> modelObject) {
super();
setOutputMarkupId(true);
+ linkedAccountTO = modelObject.getInnerObject();
+
AjaxTextFieldPanel usernameField = new AjaxTextFieldPanel(
"username",
"username",
- new PropertyModel<>(linkedAccountTO, "username"),
- false);
- usernameField.setOutputMarkupId(true);
+ new PropertyModel<>(linkedAccountTO, "username"));
FieldPanel.class.cast(usernameField).setReadOnly(StringUtils.isBlank(linkedAccountTO.getUsername()));
- LinkedAccountPlainAttrProperty property = new LinkedAccountPlainAttrProperty();
- property.setOverridable(StringUtils.isNotBlank(linkedAccountTO.getUsername()));
- property.setSchema("username");
- property.getValues().add(linkedAccountTO.getUsername());
- usernameField.showExternAction(checkboxToggle(property, usernameField));
- add(usernameField);
+ LinkedAccountPlainAttrProperty usernameProperty = new LinkedAccountPlainAttrProperty();
+ usernameProperty.setOverridable(StringUtils.isNotBlank(linkedAccountTO.getUsername()));
+ usernameProperty.setSchema("username");
+ usernameProperty.getValues().add(linkedAccountTO.getUsername());
+ usernameField.showExternAction(checkboxToggle(usernameProperty, usernameField));
+ add(usernameField.setOutputMarkupId(true));
AjaxPasswordFieldPanel passwordField = new AjaxPasswordFieldPanel(
"password",
"password",
- new PropertyModel<>(linkedAccountTO, "password"));
- passwordField.setOutputMarkupId(true);
- passwordField.setRequired(true);
+ new PropertyModel<>(linkedAccountTO, "password"),
+ false);
passwordField.setMarkupId("password");
+ passwordField.setPlaceholder("password");
+ passwordField.setRequired(true);
FieldPanel.class.cast(passwordField).setReadOnly(StringUtils.isBlank(linkedAccountTO.getPassword()));
- property = new LinkedAccountPlainAttrProperty();
- property.setOverridable(StringUtils.isNotBlank(linkedAccountTO.getPassword()));
- property.setSchema("password");
- property.getValues().add(linkedAccountTO.getPassword());
- passwordField.showExternAction(checkboxToggle(property, passwordField));
- ((PasswordTextField) passwordField.getField()).setResetPassword(true);
- add(passwordField);
+ LinkedAccountPlainAttrProperty passwordProperty = new LinkedAccountPlainAttrProperty();
+ passwordProperty.setOverridable(StringUtils.isNotBlank(linkedAccountTO.getPassword()));
+ passwordProperty.setSchema("password");
+ passwordProperty.getValues().add(linkedAccountTO.getPassword());
+ passwordField.showExternAction(checkboxToggle(passwordProperty, passwordField));
+ ((PasswordTextField) passwordField.getField()).setResetPassword(false);
+ add(passwordField.setOutputMarkupId(true));
}
private FormComponent<?> checkboxToggle(
@@ -98,7 +101,14 @@ public class LinkedAccountCredentialsPanel extends WizardStep {
@Override
protected void onUpdate(final AjaxRequestTarget target) {
- panel.setReadOnly(!model.getObject());
+ FieldPanel.class.cast(panel).setReadOnly(!model.getObject());
+ if (!model.getObject()) {
+ if (property.getSchema().equals("password")) {
+ linkedAccountTO.setPassword(null);
+ } else if (property.getSchema().equals("username")) {
+ linkedAccountTO.setUsername(null);
+ }
+ }
target.add(panel);
}
});
diff --git a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountWizardBuilder.java b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountWizardBuilder.java
index 7446344..8c5076d 100644
--- a/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountWizardBuilder.java
+++ b/client/console/src/main/java/org/apache/syncope/client/console/wizards/any/LinkedAccountWizardBuilder.java
@@ -60,7 +60,7 @@ public class LinkedAccountWizardBuilder extends AjaxWizardBuilder<LinkedAccountT
@Override
protected WizardModel buildModelSteps(final LinkedAccountTO modelObject, final WizardModel wizardModel) {
wizardModel.add(new LinkedAccountDetailsPanel(modelObject));
- wizardModel.add(new LinkedAccountCredentialsPanel(modelObject));
+ wizardModel.add(new LinkedAccountCredentialsPanel(new EntityWrapper<>(modelObject)));
wizardModel.add(new LinkedAccountPlainAttrsPanel(new EntityWrapper<>(modelObject), model.getObject()));
wizardModel.add(new LinkedAccountPrivilegesPanel(modelObject));
return wizardModel;
@@ -72,10 +72,10 @@ public class LinkedAccountWizardBuilder extends AjaxWizardBuilder<LinkedAccountT
LinkedAccountPatch linkedAccountPatch = new LinkedAccountPatch.Builder().linkedAccountTO(modelObject).build();
linkedAccountPatch.setLinkedAccountTO(modelObject);
- UserPatch patch = new UserPatch();
- patch.setKey(model.getObject().getKey());
- patch.getLinkedAccounts().add(linkedAccountPatch);
- model.setObject(userRestClient.update(model.getObject().getETagValue(), patch).getEntity());
+ UserPatch userPatch = new UserPatch();
+ userPatch.setKey(model.getObject().getKey());
+ userPatch.getLinkedAccounts().add(linkedAccountPatch);
+ model.setObject(userRestClient.update(model.getObject().getETagValue(), userPatch).getEntity());
return modelObject;
}
[syncope] 02/04: [SYNCOPE-1537] Ensure proper password management
for Linked Accounts
Posted by il...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
commit 146ee484e4d04d84711c73617fb3f5786573389b
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Tue Feb 25 12:58:55 2020 +0100
[SYNCOPE-1537] Ensure proper password management for Linked Accounts
---
.../provisioning/java/data/UserDataBinderImpl.java | 29 +++++++++++++---------
1 file changed, 17 insertions(+), 12 deletions(-)
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
index c04495a..771c3df 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
@@ -181,7 +181,9 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
}.get();
account.setUsername(accountTO.getUsername());
- if (StringUtils.isNotBlank(accountTO.getPassword())) {
+ if (StringUtils.isBlank(accountTO.getPassword())) {
+ account.setEncodedPassword(null, null);
+ } else if (!accountTO.getPassword().equals(account.getPassword())) {
account.setPassword(accountTO.getPassword(), CipherAlgorithm.AES);
}
account.setSuspended(accountTO.isSuspended());
@@ -366,13 +368,18 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
setRealm(user, userPatch);
// password
- if (userPatch.getPassword() != null && StringUtils.isNotBlank(userPatch.getPassword().getValue())) {
- if (userPatch.getPassword().isOnSyncope()) {
- setPassword(user, userPatch.getPassword().getValue(), scce);
- user.setChangePwdDate(new Date());
- }
+ if (userPatch.getPassword() != null) {
+ if (userPatch.getPassword().getOperation() == PatchOperation.DELETE) {
+ user.setEncodedPassword(null, null);
+ propByRes.addAll(ResourceOperation.UPDATE, userPatch.getPassword().getResources());
+ } else if (StringUtils.isNotBlank(userPatch.getPassword().getValue())) {
+ if (userPatch.getPassword().isOnSyncope()) {
+ setPassword(user, userPatch.getPassword().getValue(), scce);
+ user.setChangePwdDate(new Date());
+ }
- propByRes.addAll(ResourceOperation.UPDATE, userPatch.getPassword().getResources());
+ propByRes.addAll(ResourceOperation.UPDATE, userPatch.getPassword().getResources());
+ }
}
// username
@@ -620,11 +627,9 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
invalidValues);
}
});
- user.getLinkedAccounts().forEach(account -> {
- propByLinkedAccount.add(
- ResourceOperation.CREATE,
- Pair.of(account.getResource().getKey(), account.getConnObjectKeyValue()));
- });
+ user.getLinkedAccounts().forEach(account -> propByLinkedAccount.add(
+ ResourceOperation.CREATE,
+ Pair.of(account.getResource().getKey(), account.getConnObjectKeyValue())));
// finalize resource management
reasons.entrySet().stream().