protected String executeWithSecurityContext(final boolean dryRun) throws JobExecutionException {
if (!(task instanceof SyncTask)) {
throw new JobExecutionException("Task " + taskId + " isn't a SyncTask");
}
final SyncTask syncTask = (SyncTask) this.task;
Connector connector;
try {
connector = connFactory.getConnector(syncTask.getResource());
} catch (Exception e) {
final String msg = String.format("Connector instance bean for resource %s and connInstance %s not found",
syncTask.getResource(), syncTask.getResource().getConnector());
throw new JobExecutionException(msg, e);
}
UMapping uMapping = syncTask.getResource().getUmapping();
if (uMapping != null && uMapping.getAccountIdItem() == null) {
throw new JobExecutionException("Invalid user account id mapping for resource " + syncTask.getResource());
}
RMapping rMapping = syncTask.getResource().getRmapping();
if (rMapping != null && rMapping.getAccountIdItem() == null) {
throw new JobExecutionException("Invalid role account id mapping for resource " + syncTask.getResource());
}
if (uMapping == null && rMapping == null) {
return "No mapping configured for both users and roles: aborting...";
}
LOG.debug("Execute synchronization with token {}", syncTask.getResource().getUsyncToken());
final List<SyncResult> results = new ArrayList<SyncResult>();
final SyncPolicy syncPolicy = syncTask.getResource().getSyncPolicy();
final ConflictResolutionAction resAct = syncPolicy == null || syncPolicy.getSpecification() == null
? ConflictResolutionAction.IGNORE
: ((SyncPolicySpec) syncPolicy.getSpecification()).getConflictResolutionAction();
// Prepare handler for SyncDelta objects
final SyncopeSyncResultHandler handler =
(SyncopeSyncResultHandler) ((DefaultListableBeanFactory) ApplicationContextProvider.
getApplicationContext().getBeanFactory()).createBean(
SyncopeSyncResultHandler.class, AbstractBeanDefinition.AUTOWIRE_BY_NAME, false);
handler.setConnector(connector);
handler.setActions(actions);
handler.setDryRun(dryRun);
handler.setResAct(resAct);
handler.setResults(results);
handler.setSyncTask(syncTask);
actions.beforeAll(handler);
try {
SyncToken latestUSyncToken = null;
if (uMapping != null && !syncTask.isFullReconciliation()) {
latestUSyncToken = connector.getLatestSyncToken(ObjectClass.ACCOUNT);
}
SyncToken latestRSyncToken = null;
if (rMapping != null && !syncTask.isFullReconciliation()) {
latestRSyncToken = connector.getLatestSyncToken(ObjectClass.GROUP);
}
if (syncTask.isFullReconciliation()) {
if (uMapping != null) {
connector.getAllObjects(ObjectClass.ACCOUNT, handler,
connector.getOperationOptions(uMapping.getItems()));
}
if (rMapping != null) {
connector.getAllObjects(ObjectClass.GROUP, handler,
connector.getOperationOptions(rMapping.getItems()));
}
} else {
if (uMapping != null) {
connector.sync(ObjectClass.ACCOUNT, syncTask.getResource().getUsyncToken(), handler,
connector.getOperationOptions(uMapping.getItems()));
}
if (rMapping != null) {
connector.sync(ObjectClass.GROUP, syncTask.getResource().getRsyncToken(), handler,
connector.getOperationOptions(rMapping.getItems()));
}
}
if (!dryRun && !syncTask.isFullReconciliation()) {
try {
ExternalResource resource = resourceDAO.find(syncTask.getResource().getName());
if (uMapping != null) {
resource.setUsyncToken(latestUSyncToken);
}
if (rMapping != null) {
resource.setRsyncToken(latestRSyncToken);
}
resourceDAO.save(resource);
} catch (Exception e) {
throw new JobExecutionException("While updating SyncToken", e);
}
}
} catch (Exception e) {
throw new JobExecutionException("While syncing on connector", e);
}
try {
setRoleOwners(handler);
} catch (Exception e) {
LOG.error("While setting role owners", e);
}
actions.afterAll(handler, results);
final String result = createReport(results, syncTask.getResource().getSyncTraceLevel(), dryRun);
LOG.debug("Sync result: {}", result);
return result;
}