Package org.apache.syncope.core.propagation

Examples of org.apache.syncope.core.propagation.PropagationByResource


    public PropagationByResource fillVirtual(final AbstractAttributable attributable,
            final Set<String> vAttrsToBeRemoved, final Set<AttributeMod> vAttrsToBeUpdated,
            final AttributableUtil attrUtil) {

        PropagationByResource propByRes = new PropagationByResource();

        // 1. virtual attributes to be removed
        for (String vAttrToBeRemoved : vAttrsToBeRemoved) {
            AbstractVirSchema virSchema = getVirtualSchema(vAttrToBeRemoved, attrUtil.virSchemaClass());
            if (virSchema != null) {
                AbstractVirAttr virAttr = attributable.getVirtualAttribute(virSchema.getName());
                if (virAttr == null) {
                    LOG.debug("No virtual attribute found for schema {}", virSchema.getName());
                } else {
                    attributable.removeVirtualAttribute(virAttr);
                    virAttrDAO.delete(virAttr);
                }

                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (virSchema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.virIntMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());

                            // Using virtual attribute as AccountId must be avoided
                            if (mapItem.isAccountid() && virAttr != null && !virAttr.getValues().isEmpty()) {
                                propByRes.addOldAccountId(resource.getName(), virAttr.getValues().get(0));
                            }
                        }
                    }
                }
            }
        }

        LOG.debug("Virtual attributes to be removed:\n{}", propByRes);

        // 2. virtual attributes to be updated
        for (AttributeMod vAttrToBeUpdated : vAttrsToBeUpdated) {
            AbstractVirSchema virSchema = getVirtualSchema(vAttrToBeUpdated.getSchema(), attrUtil.virSchemaClass());
            if (virSchema != null) {
                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (virSchema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.virIntMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());
                        }
                    }
                }

                AbstractVirAttr virAttr = attributable.getVirtualAttribute(virSchema.getName());
View Full Code Here


    protected PropagationByResource fill(final AbstractAttributable attributable,
            final AbstractAttributableMod attributableMod, final AttributableUtil attrUtil,
            final SyncopeClientCompositeErrorException scce) {

        PropagationByResource propByRes = new PropagationByResource();

        SyncopeClientException invalidValues = new SyncopeClientException(SyncopeClientExceptionType.InvalidValues);

        // 1. resources to be removed
        for (String resourceToBeRemoved : attributableMod.getResourcesToBeRemoved()) {
            ExternalResource resource = getResource(resourceToBeRemoved);
            if (resource != null) {
                propByRes.add(ResourceOperation.DELETE, resource.getName());
                attributable.removeResource(resource);
            }
        }

        LOG.debug("Resources to be removed:\n{}", propByRes);

        // 2. resources to be added
        for (String resourceToBeAdded : attributableMod.getResourcesToBeAdded()) {
            ExternalResource resource = getResource(resourceToBeAdded);
            if (resource != null) {
                propByRes.add(ResourceOperation.CREATE, resource.getName());
                attributable.addResource(resource);
            }
        }

        LOG.debug("Resources to be added:\n{}", propByRes);

        // 3. attributes to be removed
        for (String attributeToBeRemoved : attributableMod.getAttributesToBeRemoved()) {
            AbstractSchema schema = getSchema(attributeToBeRemoved, attrUtil.schemaClass());
            if (schema != null) {
                AbstractAttr attribute = attributable.getAttribute(schema.getName());
                if (attribute == null) {
                    LOG.debug("No attribute found for schema {}", schema);
                } else {
                    String newValue = null;
                    for (AttributeMod mod : attributableMod.getAttributesToBeUpdated()) {
                        if (schema.getName().equals(mod.getSchema())) {
                            newValue = mod.getValuesToBeAdded().get(0);
                        }
                    }

                    if (!schema.isUniqueConstraint()
                            || (!attribute.getUniqueValue().getStringValue().equals(newValue))) {

                        attributable.removeAttribute(attribute);
                        attrDAO.delete(attribute.getId(), attrUtil.attrClass());
                    }
                }

                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (schema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.intMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());

                            if (mapItem.isAccountid() && attribute != null
                                    && !attribute.getValuesAsStrings().isEmpty()) {

                                propByRes.addOldAccountId(resource.getName(),
                                        attribute.getValuesAsStrings().iterator().next());
                            }
                        }
                    }
                }
            }
        }

        LOG.debug("Attributes to be removed:\n{}", propByRes);

        // 4. attributes to be updated
        for (AttributeMod attributeMod : attributableMod.getAttributesToBeUpdated()) {
            AbstractSchema schema = getSchema(attributeMod.getSchema(), attrUtil.schemaClass());
            if (schema != null) {
                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (schema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.intMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());
                        }
                    }
                }

                AbstractAttr attribute = attributable.getAttribute(schema.getName());
                if (attribute == null) {
                    attribute = attrUtil.newAttr();
                    attribute.setSchema(schema);
                    attribute.setOwner(attributable);

                    attributable.addAttribute(attribute);
                }

                // 1.1 remove values
                Set<Long> valuesToBeRemoved = new HashSet<Long>();
                for (String valueToBeRemoved : attributeMod.getValuesToBeRemoved()) {
                    if (attribute.getSchema().isUniqueConstraint()) {
                        if (attribute.getUniqueValue() != null
                                && valueToBeRemoved.equals(attribute.getUniqueValue().getValueAsString())) {

                            valuesToBeRemoved.add(attribute.getUniqueValue().getId());
                        }
                    } else {
                        for (AbstractAttrValue mav : attribute.getValues()) {
                            if (valueToBeRemoved.equals(mav.getValueAsString())) {
                                valuesToBeRemoved.add(mav.getId());
                            }
                        }
                    }
                }
                for (Long attributeValueId : valuesToBeRemoved) {
                    attributeValueDAO.delete(attributeValueId, attrUtil.attrValueClass());
                }

                // 1.2 add values
                List<String> valuesToBeAdded = attributeMod.getValuesToBeAdded();
                if (valuesToBeAdded != null && !valuesToBeAdded.isEmpty()
                        && (!schema.isUniqueConstraint() || attribute.getUniqueValue() == null
                        || !valuesToBeAdded.iterator().next().equals(attribute.getUniqueValue().getValueAsString()))) {

                    fillAttribute(attributeMod.getValuesToBeAdded(), attrUtil, schema, attribute, invalidValues);
                }

                // if no values are in, the attribute can be safely removed
                if (attribute.getValuesAsStrings().isEmpty()) {
                    attrDAO.delete(attribute);
                }
            }
        }

        if (!invalidValues.isEmpty()) {
            scce.addException(invalidValues);
        }

        LOG.debug("Attributes to be updated:\n{}", propByRes);

        // 5. derived attributes to be removed
        for (String derAttrToBeRemoved : attributableMod.getDerivedAttributesToBeRemoved()) {
            AbstractDerSchema derSchema = getDerivedSchema(derAttrToBeRemoved, attrUtil.derSchemaClass());
            if (derSchema != null) {
                AbstractDerAttr derAttr = attributable.getDerivedAttribute(derSchema.getName());
                if (derAttr == null) {
                    LOG.debug("No derived attribute found for schema {}", derSchema.getName());
                } else {
                    derAttrDAO.delete(derAttr);
                }

                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (derSchema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.derIntMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());

                            if (mapItem.isAccountid() && derAttr != null
                                    && !derAttr.getValue(attributable.getAttributes()).isEmpty()) {

                                propByRes.addOldAccountId(resource.getName(),
                                        derAttr.getValue(attributable.getAttributes()));
                            }
                        }
                    }
                }
            }
        }

        LOG.debug("Derived attributes to be removed:\n{}", propByRes);

        // 6. derived attributes to be added
        for (String derAttrToBeAdded : attributableMod.getDerivedAttributesToBeAdded()) {
            AbstractDerSchema derSchema = getDerivedSchema(derAttrToBeAdded, attrUtil.derSchemaClass());
            if (derSchema != null) {
                for (ExternalResource resource : resourceDAO.findAll()) {
                    for (AbstractMappingItem mapItem : attrUtil.getMappingItems(resource, MappingPurpose.PROPAGATION)) {
                        if (derSchema.getName().equals(mapItem.getIntAttrName())
                                && mapItem.getIntMappingType() == attrUtil.derIntMappingType()
                                && attributable.getResources().contains(resource)) {

                            propByRes.add(ResourceOperation.UPDATE, resource.getName());
                        }
                    }
                }

                AbstractDerAttr derAttr = attrUtil.newDerAttr();
View Full Code Here

    protected void doExecute(final DelegateExecution execution) throws Exception {
        SyncopeUser user = (SyncopeUser) execution.getVariable(ActivitiUserWorkflowAdapter.SYNCOPE_USER);
        UserMod userMod = (UserMod) execution.getVariable(ActivitiUserWorkflowAdapter.USER_MOD);

        // update SyncopeUser
        PropagationByResource propByRes = dataBinder.update(user, userMod);

        // report updated user and propagation by resource as result
        execution.setVariable(ActivitiUserWorkflowAdapter.SYNCOPE_USER, user);
        execution.setVariable(ActivitiUserWorkflowAdapter.PROP_BY_RESOURCE, propByRes);
    }
View Full Code Here

     * @param userMod bean containing update request
     * @return updated user + propagation by resource
     * @see PropagationByResource
     */
    public PropagationByResource update(final SyncopeUser user, final UserMod userMod) {
        PropagationByResource propByRes = new PropagationByResource();

        SyncopeClientCompositeErrorException scce = new SyncopeClientCompositeErrorException(HttpStatus.BAD_REQUEST);

        // when requesting to add user to new resources, either directly or
        // through role subscription, password is mandatory (issue 147)
        // first, let's take current resources into account
        Set<String> currentResources = user.getResourceNames();

        // password
        if (StringUtils.isNotBlank(userMod.getPassword())) {
            setPassword(user, userMod.getPassword(), scce);

            user.setChangePwdDate(new Date());

            propByRes.addAll(ResourceOperation.UPDATE, currentResources);
        }

        // username
        if (userMod.getUsername() != null && !userMod.getUsername().equals(user.getUsername())) {
            String oldUsername = user.getUsername();

            user.setUsername(userMod.getUsername());
            propByRes.addAll(ResourceOperation.UPDATE, currentResources);

            for (ExternalResource resource : user.getResources()) {
                for (AbstractMappingItem mapItem : resource.getUmapping().getItems()) {
                    if (mapItem.isAccountid() && mapItem.getIntMappingType() == IntMappingType.Username) {
                        propByRes.addOldAccountId(resource.getName(), oldUsername);
                    }
                }
            }
        }

        // attributes, derived attributes, virtual attributes and resources
        propByRes.merge(fill(user, userMod, AttributableUtil.getInstance(AttributableType.USER), scce));

        // store the role ids of membership required to be added
        Set<Long> membershipToBeAddedRoleIds = new HashSet<Long>();
        for (MembershipMod membToBeAdded : userMod.getMembershipsToBeAdded()) {
            membershipToBeAddedRoleIds.add(membToBeAdded.getRole());
        }

        final Set<String> toBeDeprovisioned = new HashSet<String>();
        final Set<String> toBeProvisioned = new HashSet<String>();

        // memberships to be removed
        for (Long membershipId : userMod.getMembershipsToBeRemoved()) {
            LOG.debug("Membership to be removed: {}", membershipId);

            Membership membership = membershipDAO.find(membershipId);
            if (membership == null) {
                LOG.debug("Invalid membership id specified to be removed: {}", membershipId);
            } else {

                if (!membershipToBeAddedRoleIds.contains(membership.getSyncopeRole().getId())) {
                    toBeDeprovisioned.addAll(membership.getSyncopeRole().getResourceNames());
                }

                // In order to make the removeMembership() below to work,
                // we need to be sure to take exactly the same membership
                // of the user object currently in memory (which has potentially
                // some modifications compared to the one stored in the DB
                membership = user.getMembership(membership.getSyncopeRole().getId());
                if (membershipToBeAddedRoleIds.contains(membership.getSyncopeRole().getId())) {

                    Set<Long> attributeIds = new HashSet<Long>(membership.getAttributes().size());
                    for (AbstractAttr attribute : membership.getAttributes()) {
                        attributeIds.add(attribute.getId());
                    }
                    for (Long attributeId : attributeIds) {
                        attrDAO.delete(attributeId, MAttr.class);
                    }
                    attributeIds.clear();

                    // remove derived attributes
                    for (AbstractDerAttr derAttr : membership.getDerivedAttributes()) {

                        attributeIds.add(derAttr.getId());
                    }
                    for (Long derAttrId : attributeIds) {
                        derAttrDAO.delete(derAttrId, MDerAttr.class);
                    }
                    attributeIds.clear();

                    // remove virtual attributes
                    for (AbstractVirAttr virAttr : membership.getVirtualAttributes()) {
                        attributeIds.add(virAttr.getId());
                    }
                    for (Long virAttrId : attributeIds) {
                        virAttrDAO.delete(virAttrId, MVirAttr.class);
                    }
                    attributeIds.clear();
                } else {
                    user.removeMembership(membership);

                    membershipDAO.delete(membershipId);
                }
            }
        }

        // memberships to be added
        for (MembershipMod membershipMod : userMod.getMembershipsToBeAdded()) {
            LOG.debug("Membership to be added: role({})", membershipMod.getRole());

            SyncopeRole role = roleDAO.find(membershipMod.getRole());
            if (role == null) {
                LOG.debug("Ignoring invalid role {}", membershipMod.getRole());
            } else {
                Membership membership = user.getMembership(role.getId());
                if (membership == null) {
                    membership = new Membership();
                    membership.setSyncopeRole(role);
                    membership.setSyncopeUser(user);

                    user.addMembership(membership);

                    toBeProvisioned.addAll(role.getResourceNames());
                }

                propByRes.merge(fill(membership, membershipMod,
                        AttributableUtil.getInstance(AttributableType.MEMBERSHIP), scce));
            }
        }

        // now, let's see if there are new resource subscriptions without providing password
        if (StringUtils.isBlank(userMod.getPassword())) {
            Set<String> updatedResources = user.getResourceNames();
            updatedResources.removeAll(currentResources);

            for (String resourceName : updatedResources) {
                final ExternalResource resource = resourceDAO.find(resourceName);

                if (!user.canDecodePassword() && resource != null && !resource.isRandomPwdIfNotProvided()
                        && resource.getUmapping() != null && !MappingUtil.getMatchingMappingItems(
                        resource.getUmapping().getItems(), "password", IntMappingType.Password).isEmpty()) {

                    SyncopeClientException sce =
                            new SyncopeClientException(SyncopeClientExceptionType.RequiredValuesMissing);
                    sce.addElement("Password cannot be empty when subscribing to new resources");
                    scce.addException(sce);

                    throw scce;
                }
            }
        }

        propByRes.addAll(ResourceOperation.DELETE, toBeDeprovisioned);
        propByRes.addAll(ResourceOperation.UPDATE, toBeProvisioned);

        /**
         * In case of new memberships all the current resources have to be updated in order to propagate new role and
         * membership attribute values.
         */
        if (!toBeDeprovisioned.isEmpty() || !toBeProvisioned.isEmpty()) {
            currentResources.removeAll(toBeDeprovisioned);
            propByRes.addAll(ResourceOperation.UPDATE, currentResources);
        }

        return propByRes;
    }
View Full Code Here

        if (propagateEnable == null) {
            propagateEnable = enabled;
        }

        // save resources to be propagated and password for later - after form submission - propagation
        PropagationByResource propByRes = new PropagationByResource();
        propByRes.set(ResourceOperation.CREATE, user.getResourceNames());

        String formTaskId = getFormTask(user);
        if (formTaskId != null) {
            // SYNCOPE-238: This is needed to simplify the task query in this.getForms()
            taskService.setVariableLocal(formTaskId, TASK_IS_FORM, Boolean.TRUE);
View Full Code Here

        Set<String> task = doExecuteTask(user, "update", Collections.singletonMap(USER_MOD, (Object) userMod));

        updateStatus(user);
        SyncopeUser updated = userDAO.save(user);

        PropagationByResource propByRes = (PropagationByResource) runtimeService.getVariable(user.getWorkflowId(),
                PROP_BY_RESOURCE);

        // save resources to be propagated and password for later - after form submission - propagation
        String formTaskId = getFormTask(user);
        if (formTaskId != null) {
View Full Code Here

        updateStatus(user);
        SyncopeUser updated = userDAO.save(user);

        // see if there is any propagation to be done
        PropagationByResource propByRes = (PropagationByResource) runtimeService.getVariable(user.getWorkflowId(),
                PROP_BY_RESOURCE);

        // fetch - if available - the encrpted password
        String clearPassword = null;
        String encryptedPwd = (String) runtimeService.getVariable(user.getWorkflowId(), ENCRYPTED_PWD);
View Full Code Here

            propagateEnable = enabled;
        }

        // save resources to be propagated and password for later -
        // after form submission - propagation
        PropagationByResource propByRes = new PropagationByResource();
        propByRes.set(PropagationOperation.CREATE, user.getResourceNames());

        if (waitingForForm(user)) {
            runtimeService.setVariable(processInstance.getProcessInstanceId(), PROP_BY_RESOURCE, propByRes);
            propByRes = null;
View Full Code Here

        Set<String> task = doExecuteTask(user, "update", Collections.singletonMap(USER_MOD, (Object) userMod));

        updateStatus(user);
        SyncopeUser updated = userDAO.save(user);

        PropagationByResource propByRes = (PropagationByResource) runtimeService.getVariable(user.getWorkflowId(),
                PROP_BY_RESOURCE);

        // save resources to be propagated and password for later -
        // after form submission - propagation
        if (waitingForForm(user) && StringUtils.isNotBlank(userMod.getPassword())) {
View Full Code Here

        updateStatus(user);
        SyncopeUser updated = userDAO.save(user);

        // see if there is any propagation to be done
        PropagationByResource propByRes = (PropagationByResource) runtimeService.getVariable(user.getWorkflowId(),
                PROP_BY_RESOURCE);

        // fetch - if available - the encrpted password
        String clearPassword = null;
        String encryptedPwd = (String) runtimeService.getVariable(user.getWorkflowId(), ENCRYPTED_PWD);
View Full Code Here

TOP

Related Classes of org.apache.syncope.core.propagation.PropagationByResource

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.