You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2019/03/27 16:37:46 UTC
[syncope] branch master updated: [SYNCOPE-1453] MappingItem with "mustChangePassword" field cannot be provisioned and updated during import

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new 37c6aac  [SYNCOPE-1453] MappingItem with "mustChangePassword" field cannot be provisioned and updated during import
37c6aac is described below

commit 37c6aacd0dbfccdea7e98c95c94aea882b563d1b
Author: Dmitriy Brashevets <dm...@gmail.com>
AuthorDate: Wed Mar 27 14:42:26 2019 +0300

    [SYNCOPE-1453] MappingItem with "mustChangePassword" field cannot be provisioned and updated during import
---
 .../core/provisioning/java/data/UserDataBinderImpl.java        | 10 ++++++++++
 .../syncope/core/provisioning/java/utils/ConnObjectUtils.java  |  5 ++++-
 .../syncope/core/provisioning/java/utils/MappingUtils.java     |  6 ++++++
 3 files changed, 20 insertions(+), 1 deletion(-)

diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
index 04aae9d..e211ddc 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java
@@ -71,6 +71,7 @@ import org.apache.syncope.core.persistence.api.entity.resource.Provision;
 import org.apache.syncope.core.persistence.api.entity.user.UMembership;
 import org.apache.syncope.core.persistence.api.entity.user.UPlainAttr;
 import org.apache.syncope.core.persistence.api.entity.user.URelationship;
+import org.apache.syncope.core.provisioning.java.utils.MappingUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 import org.springframework.transaction.annotation.Transactional;
@@ -330,6 +331,15 @@ public class UserDataBinderImpl extends AbstractAnyDataBinder implements UserDat
 
         if (userUR.getMustChangePassword() != null) {
             user.setMustChangePassword(userUR.getMustChangePassword().getValue());
+
+            propByRes.addAll(
+                    ResourceOperation.UPDATE,
+                    anyUtils.getAllResources(toBeUpdated).stream().
+                            filter(resource -> resource.getProvision(toBeUpdated.getType()).isPresent()).
+                            filter(resource -> MappingUtils.hasMustChangePassword(
+                            resource.getProvision(toBeUpdated.getType()).get())).
+                            map(Entity::getKey).
+                            collect(Collectors.toSet()));
         }
 
         // roles
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/ConnObjectUtils.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/ConnObjectUtils.java
index d999078..5b3f3f5 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/ConnObjectUtils.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/ConnObjectUtils.java
@@ -254,7 +254,10 @@ public class ConnObjectUtils {
                     }
 
                     updatedUser.setSecurityQuestion(originalUser.getSecurityQuestion());
-                    updatedUser.setMustChangePassword(originalUser.isMustChangePassword());
+
+                    if (!MappingUtils.hasMustChangePassword(provision)) {
+                        updatedUser.setMustChangePassword(originalUser.isMustChangePassword());
+                    }
 
                     anyUR = (U) AnyOperations.diff(updatedUser, originalUser, true);
                     break;
diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/MappingUtils.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/MappingUtils.java
index 5d0c9d2..d4d096e 100644
--- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/MappingUtils.java
+++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/utils/MappingUtils.java
@@ -214,6 +214,12 @@ public final class MappingUtils {
         return builder.build();
     }
 
+    public static boolean hasMustChangePassword(final Provision provision) {
+        return provision != null && provision.getMapping() != null
+                && provision.getMapping().getItems().stream().
+                        anyMatch(mappingItem -> "mustChangePassword".equals(mappingItem.getIntAttrName()));
+    }
+
     /**
      * Private default constructor, for static-only classes.
      */