http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/RoleDataBinderImpl.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/RoleDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/RoleDataBinderImpl.java deleted file mode 100644 index 2e12820..0000000 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/RoleDataBinderImpl.java +++ /dev/null @@ -1,411 +0,0 @@ -/* - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * "License"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - */ -package org.apache.syncope.core.provisioning.java.data; - -import java.util.ArrayList; -import java.util.List; -import java.util.Map; -import org.apache.syncope.common.lib.SyncopeClientCompositeException; -import org.apache.syncope.common.lib.SyncopeClientException; -import org.apache.syncope.common.lib.mod.RoleMod; -import org.apache.syncope.common.lib.to.RoleTO; -import org.apache.syncope.common.lib.types.AttributableType; -import org.apache.syncope.common.lib.types.ClientExceptionType; -import org.apache.syncope.common.lib.types.ResourceOperation; -import org.apache.syncope.core.persistence.api.dao.EntitlementDAO; -import org.apache.syncope.core.persistence.api.entity.AccountPolicy; -import org.apache.syncope.core.persistence.api.entity.AttrTemplate; -import org.apache.syncope.core.persistence.api.entity.Entitlement; -import org.apache.syncope.core.persistence.api.entity.PasswordPolicy; -import org.apache.syncope.core.persistence.api.entity.Schema; -import org.apache.syncope.core.persistence.api.entity.membership.MDerAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.membership.MDerSchema; -import org.apache.syncope.core.persistence.api.entity.membership.MPlainAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.membership.MPlainSchema; -import org.apache.syncope.core.persistence.api.entity.membership.MVirAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.membership.MVirSchema; -import org.apache.syncope.core.persistence.api.entity.role.RDerAttr; -import org.apache.syncope.core.persistence.api.entity.role.RDerAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.role.RDerSchema; -import org.apache.syncope.core.persistence.api.entity.role.RPlainAttr; -import org.apache.syncope.core.persistence.api.entity.role.RPlainAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.role.RPlainSchema; -import org.apache.syncope.core.persistence.api.entity.role.RVirAttr; -import org.apache.syncope.core.persistence.api.entity.role.RVirAttrTemplate; -import org.apache.syncope.core.persistence.api.entity.role.RVirSchema; -import org.apache.syncope.core.persistence.api.entity.role.Role; -import org.apache.syncope.core.persistence.api.entity.user.User; -import org.apache.syncope.common.lib.types.PropagationByResource; -import org.apache.syncope.core.provisioning.api.data.RoleDataBinder; -import org.apache.syncope.core.misc.ConnObjectUtil; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Component; -import org.springframework.transaction.annotation.Transactional; - -@Component -@Transactional(rollbackFor = { Throwable.class }) -public class RoleDataBinderImpl extends AbstractAttributableDataBinder implements RoleDataBinder { - - @Autowired - private ConnObjectUtil connObjectUtil; - - @Autowired - private EntitlementDAO entitlementDAO; - - private <T extends AttrTemplate<S>, S extends Schema> void setAttrTemplates( - final Role role, final List<String> schemaNames, - final Class<T> templateClass, final Class<S> schemaClass) { - - List<T> toRemove = new ArrayList<>(); - for (T template : role.getAttrTemplates(templateClass)) { - if (!schemaNames.contains(template.getSchema().getKey())) { - toRemove.add(template); - } - } - role.getAttrTemplates(templateClass).removeAll(toRemove); - - for (String schemaName : schemaNames) { - if (role.getAttrTemplate(templateClass, schemaName) == null) { - S schema = getSchema(schemaName, schemaClass); - if (schema != null) { - try { - T template = entityFactory.newEntity(templateClass); - template.setSchema(schema); - template.setOwner(role); - role.getAttrTemplates(templateClass).add(template); - } catch (Exception e) { - LOG.error("Could not create template for {}", templateClass, e); - } - } - } - } - } - - @Override - public Role create(final Role role, final RoleTO roleTO) { - role.setInheritOwner(roleTO.isInheritOwner()); - - role.setInheritPlainAttrs(roleTO.isInheritPlainAttrs()); - role.setInheritDerAttrs(roleTO.isInheritDerAttrs()); - role.setInheritVirAttrs(roleTO.isInheritVirAttrs()); - - role.setInheritTemplates(roleTO.isInheritTemplates()); - - role.setInheritPasswordPolicy(roleTO.isInheritPasswordPolicy()); - role.setInheritAccountPolicy(roleTO.isInheritAccountPolicy()); - - SyncopeClientCompositeException scce = SyncopeClientException.buildComposite(); - - // name and parent - SyncopeClientException invalidRoles = SyncopeClientException.build(ClientExceptionType.InvalidRoles); - if (roleTO.getName() == null) { - LOG.error("No name specified for this role"); - - invalidRoles.getElements().add("No name specified for this role"); - } else { - role.setName(roleTO.getName()); - } - Long parentRoleKey = null; - if (roleTO.getParent() != 0) { - Role parentRole = roleDAO.find(roleTO.getParent()); - if (parentRole == null) { - LOG.error("Could not find role with id " + roleTO.getParent()); - - invalidRoles.getElements().add(String.valueOf(roleTO.getParent())); - scce.addException(invalidRoles); - } else { - role.setParent(parentRole); - parentRoleKey = role.getParent().getKey(); - } - } - - Role otherRole = roleDAO.find(roleTO.getName(), parentRoleKey); - if (otherRole != null) { - LOG.error("Another role exists with the same name " + "and the same parent role: " + otherRole); - - invalidRoles.getElements().add(roleTO.getName()); - } - - // attribute templates - setAttrTemplates(role, roleTO.getRPlainAttrTemplates(), RPlainAttrTemplate.class, RPlainSchema.class); - setAttrTemplates(role, roleTO.getRDerAttrTemplates(), RDerAttrTemplate.class, RDerSchema.class); - setAttrTemplates(role, roleTO.getRVirAttrTemplates(), RVirAttrTemplate.class, RVirSchema.class); - setAttrTemplates(role, roleTO.getMPlainAttrTemplates(), MPlainAttrTemplate.class, MPlainSchema.class); - setAttrTemplates(role, roleTO.getMDerAttrTemplates(), MDerAttrTemplate.class, MDerSchema.class); - setAttrTemplates(role, roleTO.getMVirAttrTemplates(), MVirAttrTemplate.class, MVirSchema.class); - - // attributes, derived attributes, virtual attributes and resources - fill(role, roleTO, attrUtilFactory.getInstance(AttributableType.ROLE), scce); - - // entitlements - for (String entitlementName : roleTO.getEntitlements()) { - Entitlement entitlement = entitlementDAO.find(entitlementName); - if (entitlement == null) { - LOG.warn("Ignoring invalid entitlement {}", entitlementName); - } else { - role.addEntitlement(entitlement); - } - } - - // owner - if (roleTO.getUserOwner() != null) { - User owner = userDAO.find(roleTO.getUserOwner()); - if (owner == null) { - LOG.warn("Ignoring invalid user specified as owner: {}", roleTO.getUserOwner()); - } else { - role.setUserOwner(owner); - } - } - if (roleTO.getRoleOwner() != null) { - Role owner = roleDAO.find(roleTO.getRoleOwner()); - if (owner == null) { - LOG.warn("Ignoring invalid role specified as owner: {}", roleTO.getRoleOwner()); - } else { - role.setRoleOwner(owner); - } - } - - // policies - if (roleTO.getPasswordPolicy() != null) { - role.setPasswordPolicy((PasswordPolicy) policyDAO.find(roleTO.getPasswordPolicy())); - } - if (roleTO.getAccountPolicy() != null) { - role.setAccountPolicy((AccountPolicy) policyDAO.find(roleTO.getAccountPolicy())); - } - - return role; - } - - @Override - public PropagationByResource update(final Role role, final RoleMod roleMod) { - PropagationByResource propByRes = new PropagationByResource(); - - SyncopeClientCompositeException scce = SyncopeClientException.buildComposite(); - - // fetch account ids before update - Map<String, String> oldAccountIds = getAccountIds(role, AttributableType.ROLE); - - // name - SyncopeClientException invalidRoles = SyncopeClientException.build(ClientExceptionType.InvalidRoles); - if (roleMod.getName() != null) { - Role otherRole = roleDAO.find(roleMod.getName(), - role.getParent() == null ? null : role.getParent().getKey()); - if (otherRole == null || role.equals(otherRole)) { - if (!roleMod.getName().equals(role.getName())) { - propByRes.addAll(ResourceOperation.UPDATE, role.getResourceNames()); - - role.setName(roleMod.getName()); - } - } else { - LOG.error("Another role exists with the same name and the same parent role: " + otherRole); - - invalidRoles.getElements().add(roleMod.getName()); - scce.addException(invalidRoles); - } - } - - if (roleMod.getInheritOwner() != null) { - role.setInheritOwner(roleMod.getInheritOwner()); - } - - if (roleMod.getInheritTemplates() != null) { - role.setInheritTemplates(roleMod.getInheritTemplates()); - } - - if (roleMod.getInheritPlainAttrs() != null) { - role.setInheritPlainAttrs(roleMod.getInheritPlainAttrs()); - } - if (roleMod.getInheritDerAttrs() != null) { - role.setInheritDerAttrs(roleMod.getInheritDerAttrs()); - } - if (roleMod.getInheritVirAttrs() != null) { - role.setInheritVirAttrs(roleMod.getInheritVirAttrs()); - } - - if (roleMod.getInheritPasswordPolicy() != null) { - role.setInheritPasswordPolicy(roleMod.getInheritPasswordPolicy()); - } - if (roleMod.getInheritAccountPolicy() != null) { - role.setInheritAccountPolicy(roleMod.getInheritAccountPolicy()); - } - - // entitlements - if (roleMod.isModEntitlements()) { - role.getEntitlements().clear(); - for (String entitlementName : roleMod.getEntitlements()) { - Entitlement entitlement = entitlementDAO.find(entitlementName); - if (entitlement == null) { - LOG.warn("Ignoring invalid entitlement {}", entitlementName); - } else { - role.addEntitlement(entitlement); - } - } - } - - // attribute templates - if (roleMod.isModRAttrTemplates()) { - setAttrTemplates(role, roleMod.getRPlainAttrTemplates(), RPlainAttrTemplate.class, RPlainSchema.class); - } - if (roleMod.isModRDerAttrTemplates()) { - setAttrTemplates(role, roleMod.getRDerAttrTemplates(), RDerAttrTemplate.class, RDerSchema.class); - } - if (roleMod.isModRVirAttrTemplates()) { - setAttrTemplates(role, roleMod.getRVirAttrTemplates(), RVirAttrTemplate.class, RVirSchema.class); - } - if (roleMod.isModMAttrTemplates()) { - setAttrTemplates(role, roleMod.getMPlainAttrTemplates(), MPlainAttrTemplate.class, MPlainSchema.class); - } - if (roleMod.isModMDerAttrTemplates()) { - setAttrTemplates(role, roleMod.getMDerAttrTemplates(), MDerAttrTemplate.class, MDerSchema.class); - } - if (roleMod.isModMVirAttrTemplates()) { - setAttrTemplates(role, roleMod.getMVirAttrTemplates(), MVirAttrTemplate.class, MVirSchema.class); - } - - // policies - if (roleMod.getPasswordPolicy() != null) { - role.setPasswordPolicy(roleMod.getPasswordPolicy().getKey() == null - ? null - : (PasswordPolicy) policyDAO.find(roleMod.getPasswordPolicy().getKey())); - } - if (roleMod.getAccountPolicy() != null) { - role.setAccountPolicy(roleMod.getAccountPolicy().getKey() == null - ? null - : (AccountPolicy) policyDAO.find(roleMod.getAccountPolicy().getKey())); - } - - // owner - if (roleMod.getUserOwner() != null) { - role.setUserOwner(roleMod.getUserOwner().getKey() == null - ? null - : userDAO.find(roleMod.getUserOwner().getKey())); - } - if (roleMod.getRoleOwner() != null) { - role.setRoleOwner(roleMod.getRoleOwner().getKey() == null - ? null - : roleDAO.find(roleMod.getRoleOwner().getKey())); - } - - // attributes, derived attributes, virtual attributes and resources - propByRes.merge(fill(role, roleMod, attrUtilFactory.getInstance(AttributableType.ROLE), scce)); - - // check if some account id was changed by the update above - Map<String, String> newAccountIds = getAccountIds(role, AttributableType.ROLE); - for (Map.Entry<String, String> entry : oldAccountIds.entrySet()) { - if (newAccountIds.containsKey(entry.getKey()) - && !entry.getValue().equals(newAccountIds.get(entry.getKey()))) { - - propByRes.addOldAccountId(entry.getKey(), entry.getValue()); - propByRes.add(ResourceOperation.UPDATE, entry.getKey()); - } - } - - return propByRes; - } - - @SuppressWarnings("unchecked") - @Transactional(readOnly = true) - @Override - public RoleTO getRoleTO(final Role role) { - connObjectUtil.retrieveVirAttrValues(role, attrUtilFactory.getInstance(AttributableType.ROLE)); - - RoleTO roleTO = new RoleTO(); - - // set sys info - roleTO.setCreator(role.getCreator()); - roleTO.setCreationDate(role.getCreationDate()); - roleTO.setLastModifier(role.getLastModifier()); - roleTO.setLastChangeDate(role.getLastChangeDate()); - - roleTO.setKey(role.getKey()); - roleTO.setName(role.getName()); - - roleTO.setInheritOwner(role.isInheritOwner()); - - roleTO.setInheritTemplates(role.isInheritTemplates()); - - roleTO.setInheritPlainAttrs(role.isInheritPlainAttrs()); - roleTO.setInheritDerAttrs(role.isInheritDerAttrs()); - roleTO.setInheritVirAttrs(role.isInheritVirAttrs()); - - roleTO.setInheritPasswordPolicy(role.isInheritPasswordPolicy()); - roleTO.setInheritAccountPolicy(role.isInheritAccountPolicy()); - - if (role.getParent() != null) { - roleTO.setParent(role.getParent().getKey()); - } - - if (role.getUserOwner() != null) { - roleTO.setUserOwner(role.getUserOwner().getKey()); - } - if (role.getRoleOwner() != null) { - roleTO.setRoleOwner(role.getRoleOwner().getKey()); - } - - // ------------------------- - // Retrieve all [derived/virtual] attributes (inherited and not) - // ------------------------- - final List<? extends RPlainAttr> allAttributes = role.findLastInheritedAncestorPlainAttrs(); - - final List<? extends RDerAttr> allDerAttributes = role.findLastInheritedAncestorDerAttrs(); - - final List<? extends RVirAttr> allVirAttributes = role.findLastInheritedAncestorVirAttrs(); - // ------------------------- - - fillTO(roleTO, allAttributes, allDerAttributes, allVirAttributes, role.getResources()); - - for (Entitlement entitlement : role.getEntitlements()) { - roleTO.getEntitlements().add(entitlement.getKey()); - } - - for (RPlainAttrTemplate template : role.findInheritedTemplates(RPlainAttrTemplate.class)) { - roleTO.getRPlainAttrTemplates().add(template.getSchema().getKey()); - } - for (RDerAttrTemplate template : role.findInheritedTemplates(RDerAttrTemplate.class)) { - roleTO.getRDerAttrTemplates().add(template.getSchema().getKey()); - } - for (RVirAttrTemplate template : role.findInheritedTemplates(RVirAttrTemplate.class)) { - roleTO.getRVirAttrTemplates().add(template.getSchema().getKey()); - } - for (MPlainAttrTemplate template : role.findInheritedTemplates(MPlainAttrTemplate.class)) { - roleTO.getMPlainAttrTemplates().add(template.getSchema().getKey()); - } - for (MDerAttrTemplate template : role.findInheritedTemplates(MDerAttrTemplate.class)) { - roleTO.getMDerAttrTemplates().add(template.getSchema().getKey()); - } - for (MVirAttrTemplate template : role.findInheritedTemplates(MVirAttrTemplate.class)) { - roleTO.getMVirAttrTemplates().add(template.getSchema().getKey()); - } - - roleTO.setPasswordPolicy(role.getPasswordPolicy() == null - ? null - : role.getPasswordPolicy().getKey()); - roleTO.setAccountPolicy(role.getAccountPolicy() == null - ? null - : role.getAccountPolicy().getKey()); - - return roleTO; - } - - @Transactional(readOnly = true) - @Override - public RoleTO getRoleTO(final Long key) { - return getRoleTO(roleDAO.authFetch(key)); - } -}
http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/TaskDataBinderImpl.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/TaskDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/TaskDataBinderImpl.java index 091c108..8a1076b 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/TaskDataBinderImpl.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/TaskDataBinderImpl.java @@ -28,7 +28,7 @@ import org.apache.syncope.common.lib.to.AttrTO; import org.apache.syncope.common.lib.to.MembershipTO; import org.apache.syncope.common.lib.to.PropagationTaskTO; import org.apache.syncope.common.lib.to.PushTaskTO; -import org.apache.syncope.common.lib.to.RoleTO; +import org.apache.syncope.common.lib.to.GroupTO; import org.apache.syncope.common.lib.to.SchedTaskTO; import org.apache.syncope.common.lib.to.SyncTaskTO; import org.apache.syncope.common.lib.to.TaskExecTO; @@ -107,7 +107,7 @@ public class TaskDataBinderImpl implements TaskDataBinder { final PushTaskTO pushTaskTO = (PushTaskTO) taskTO; pushTask.setUserFilter(pushTaskTO.getUserFilter()); - pushTask.setRoleFilter(pushTaskTO.getRoleFilter()); + pushTask.setGroupFilter(pushTaskTO.getGroupFilter()); pushTask.setMatchingRule(pushTaskTO.getMatchingRule() == null ? MatchingRule.LINK : pushTaskTO.getMatchingRule()); @@ -125,7 +125,7 @@ public class TaskDataBinderImpl implements TaskDataBinder { syncTask.setUnmatchingRule(syncTaskTO.getUnmatchingRule() == null ? UnmatchingRule.PROVISION : syncTaskTO.getUnmatchingRule()); - // 1. validate JEXL expressions in user and role templates + // 1. validate JEXL expressions in user and group templates if (syncTaskTO.getUserTemplate() != null) { UserTO template = syncTaskTO.getUserTemplate(); @@ -146,8 +146,8 @@ public class TaskDataBinderImpl implements TaskDataBinder { checkJexl(memb, sce); } } - if (syncTaskTO.getRoleTemplate() != null) { - RoleTO template = syncTaskTO.getRoleTemplate(); + if (syncTaskTO.getGroupTemplate() != null) { + GroupTO template = syncTaskTO.getGroupTemplate(); if (StringUtils.isNotBlank(template.getName()) && !JexlUtil.isExpressionValid(template.getName())) { sce.getElements().add("Invalid JEXL: " + template.getName()); @@ -159,9 +159,9 @@ public class TaskDataBinderImpl implements TaskDataBinder { throw sce; } - // 2. all JEXL expressions are valid: accept user and role templates + // 2. all JEXL expressions are valid: accept user and group templates syncTask.setUserTemplate(syncTaskTO.getUserTemplate()); - syncTask.setRoleTemplate(syncTaskTO.getRoleTemplate()); + syncTask.setGroupTemplate(syncTaskTO.getGroupTemplate()); syncTask.setFullReconciliation(syncTaskTO.isFullReconciliation()); } http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java index af6dbb6..029bb27 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/UserDataBinderImpl.java @@ -45,7 +45,7 @@ import org.apache.syncope.core.persistence.api.entity.membership.MDerAttr; import org.apache.syncope.core.persistence.api.entity.membership.MPlainAttr; import org.apache.syncope.core.persistence.api.entity.membership.MVirAttr; import org.apache.syncope.core.persistence.api.entity.membership.Membership; -import org.apache.syncope.core.persistence.api.entity.role.Role; +import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.user.SecurityQuestion; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.common.lib.types.PropagationByResource; @@ -140,24 +140,24 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement SyncopeClientCompositeException scce = SyncopeClientException.buildComposite(); // memberships - Role role; + Group group; for (MembershipTO membershipTO : userTO.getMemberships()) { - role = roleDAO.find(membershipTO.getRoleId()); + group = groupDAO.find(membershipTO.getGroupId()); - if (role == null) { + if (group == null) { if (LOG.isDebugEnabled()) { - LOG.debug("Ignoring invalid role " + membershipTO.getRoleName()); + LOG.debug("Ignoring invalid group " + membershipTO.getGroupName()); } } else { Membership membership = null; if (user.getKey() != null) { - membership = user.getMembership(role.getKey()) == null - ? membershipDAO.find(user, role) - : user.getMembership(role.getKey()); + membership = user.getMembership(group.getKey()) == null + ? membershipDAO.find(user, group) + : user.getMembership(group.getKey()); } if (membership == null) { membership = entityFactory.newEntity(Membership.class); - membership.setRole(role); + membership.setGroup(group); membership.setUser(user); user.addMembership(membership); @@ -244,10 +244,10 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement // attributes, derived attributes, virtual attributes and resources propByRes.merge(fill(user, userMod, attrUtilFactory.getInstance(AttributableType.USER), scce)); - // store the role ids of membership required to be added - Set<Long> membershipToBeAddedRoleIds = new HashSet<>(); + // store the group ids of membership required to be added + Set<Long> membershipToBeAddedGroupKeys = new HashSet<>(); for (MembershipMod membToBeAdded : userMod.getMembershipsToAdd()) { - membershipToBeAddedRoleIds.add(membToBeAdded.getRole()); + membershipToBeAddedGroupKeys.add(membToBeAdded.getGroup()); } final Set<String> toBeDeprovisioned = new HashSet<>(); @@ -261,16 +261,16 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement if (membership == null) { LOG.debug("Invalid membership id specified to be removed: {}", membershipId); } else { - if (!membershipToBeAddedRoleIds.contains(membership.getRole().getKey())) { - toBeDeprovisioned.addAll(membership.getRole().getResourceNames()); + if (!membershipToBeAddedGroupKeys.contains(membership.getGroup().getKey())) { + toBeDeprovisioned.addAll(membership.getGroup().getResourceNames()); } // In order to make the removeMembership() below to work, // we need to be sure to take exactly the same membership // of the user object currently in memory (which has potentially // some modifications compared to the one stored in the DB - membership = user.getMembership(membership.getRole().getKey()); - if (membershipToBeAddedRoleIds.contains(membership.getRole().getKey())) { + membership = user.getMembership(membership.getGroup().getKey()); + if (membershipToBeAddedGroupKeys.contains(membership.getGroup().getKey())) { Set<Long> attributeIds = new HashSet<>(membership.getPlainAttrs().size()); for (PlainAttr attribute : membership.getPlainAttrs()) { attributeIds.add(attribute.getKey()); @@ -307,21 +307,21 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement // memberships to be added for (MembershipMod membershipMod : userMod.getMembershipsToAdd()) { - LOG.debug("Membership to be added: role({})", membershipMod.getRole()); + LOG.debug("Membership to be added: group({})", membershipMod.getGroup()); - Role role = roleDAO.find(membershipMod.getRole()); - if (role == null) { - LOG.debug("Ignoring invalid role {}", membershipMod.getRole()); + Group group = groupDAO.find(membershipMod.getGroup()); + if (group == null) { + LOG.debug("Ignoring invalid group {}", membershipMod.getGroup()); } else { - Membership membership = user.getMembership(role.getKey()); + Membership membership = user.getMembership(group.getKey()); if (membership == null) { membership = entityFactory.newEntity(Membership.class); - membership.setRole(role); + membership.setGroup(group); membership.setUser(user); user.addMembership(membership); - toBeProvisioned.addAll(role.getResourceNames()); + toBeProvisioned.addAll(group.getResourceNames()); } propByRes.merge(fill(membership, membershipMod, @@ -333,7 +333,7 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement propByRes.addAll(ResourceOperation.UPDATE, toBeProvisioned); /** - * In case of new memberships all the current resources have to be updated in order to propagate new role and + * In case of new memberships all the current resources have to be updated in order to propagate new group and * membership attribute values. */ if (!toBeDeprovisioned.isEmpty() || !toBeProvisioned.isEmpty()) { @@ -380,8 +380,8 @@ public class UserDataBinderImpl extends AbstractAttributableDataBinder implement membershipTO.setLastChangeDate(membership.getLastChangeDate()); membershipTO.setKey(membership.getKey()); - membershipTO.setRoleId(membership.getRole().getKey()); - membershipTO.setRoleName(membership.getRole().getName()); + membershipTO.setGroupId(membership.getGroup().getKey()); + membershipTO.setGroupName(membership.getGroup().getName()); // SYNCOPE-458 retrieve also membership virtual attributes connObjectUtil.retrieveVirAttrValues(membership, attrUtilFactory.getInstance(AttributableType.MEMBERSHIP)); http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/notification/NotificationManagerImpl.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/notification/NotificationManagerImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/notification/NotificationManagerImpl.java index 67d5a24..169ac88 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/notification/NotificationManagerImpl.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/notification/NotificationManagerImpl.java @@ -28,7 +28,7 @@ import java.util.List; import java.util.Map; import java.util.Set; import org.apache.syncope.common.lib.SyncopeConstants; -import org.apache.syncope.common.lib.to.RoleTO; +import org.apache.syncope.common.lib.to.GroupTO; import org.apache.syncope.common.lib.to.UserTO; import org.apache.syncope.common.lib.types.AttributableType; import org.apache.syncope.common.lib.types.AuditElements; @@ -36,11 +36,11 @@ import org.apache.syncope.common.lib.types.AuditElements.Result; import org.apache.syncope.common.lib.types.AuditLoggerName; import org.apache.syncope.common.lib.types.IntMappingType; import org.apache.syncope.common.lib.types.SubjectType; -import org.apache.syncope.core.persistence.api.RoleEntitlementUtil; +import org.apache.syncope.core.persistence.api.GroupEntitlementUtil; import org.apache.syncope.core.persistence.api.dao.ConfDAO; import org.apache.syncope.core.persistence.api.dao.EntitlementDAO; import org.apache.syncope.core.persistence.api.dao.NotificationDAO; -import org.apache.syncope.core.persistence.api.dao.RoleDAO; +import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.SubjectSearchDAO; import org.apache.syncope.core.persistence.api.dao.TaskDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; @@ -51,14 +51,14 @@ import org.apache.syncope.core.persistence.api.entity.EntityFactory; import org.apache.syncope.core.persistence.api.entity.Notification; import org.apache.syncope.core.persistence.api.entity.PlainAttr; import org.apache.syncope.core.persistence.api.entity.Subject; -import org.apache.syncope.core.persistence.api.entity.role.Role; +import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.task.NotificationTask; import org.apache.syncope.core.persistence.api.entity.task.TaskExec; import org.apache.syncope.core.persistence.api.entity.user.UDerAttr; import org.apache.syncope.core.persistence.api.entity.user.UPlainAttr; import org.apache.syncope.core.persistence.api.entity.user.UVirAttr; import org.apache.syncope.core.persistence.api.entity.user.User; -import org.apache.syncope.core.provisioning.api.data.RoleDataBinder; +import org.apache.syncope.core.provisioning.api.data.GroupDataBinder; import org.apache.syncope.core.provisioning.api.data.UserDataBinder; import org.apache.syncope.core.misc.ConnObjectUtil; import org.apache.syncope.core.misc.search.SearchCondConverter; @@ -107,10 +107,10 @@ public class NotificationManagerImpl implements NotificationManager { private UserDAO userDAO; /** - * Role DAO. + * Group DAO. */ @Autowired - private RoleDAO roleDAO; + private GroupDAO groupDAO; /** * User Search DAO. @@ -146,7 +146,7 @@ public class NotificationManagerImpl implements NotificationManager { private UserDataBinder userDataBinder; @Autowired - private RoleDataBinder roleDataBinder; + private GroupDataBinder groupDataBinder; @Autowired private EntityFactory entityFactory; @@ -176,13 +176,13 @@ public class NotificationManagerImpl implements NotificationManager { if (attributable != null) { connObjectUtil.retrieveVirAttrValues(attributable, attrUtilFactory.getInstance( - attributable instanceof User ? AttributableType.USER : AttributableType.ROLE)); + attributable instanceof User ? AttributableType.USER : AttributableType.GROUP)); } final List<User> recipients = new ArrayList<>(); if (notification.getRecipients() != null) { - recipients.addAll(searchDAO.<User>search(RoleEntitlementUtil.getRoleKeys(entitlementDAO.findAll()), + recipients.addAll(searchDAO.<User>search(GroupEntitlementUtil.getGroupKeys(entitlementDAO.findAll()), SearchCondConverter.convert(notification.getRecipients()), Collections.<OrderByClause>emptyList(), SubjectType.USER)); } @@ -279,19 +279,19 @@ public class NotificationManagerImpl implements NotificationManager { } else if (output instanceof UserTO) { subjectType = SubjectType.USER; subject = userDAO.find(((UserTO) output).getKey()); - } else if (before instanceof RoleTO) { - subjectType = SubjectType.ROLE; - subject = roleDAO.find(((RoleTO) before).getKey()); - } else if (output instanceof RoleTO) { - subjectType = SubjectType.ROLE; - subject = roleDAO.find(((RoleTO) output).getKey()); + } else if (before instanceof GroupTO) { + subjectType = SubjectType.GROUP; + subject = groupDAO.find(((GroupTO) before).getKey()); + } else if (output instanceof GroupTO) { + subjectType = SubjectType.GROUP; + subject = groupDAO.find(((GroupTO) output).getKey()); } LOG.debug("Search notification for [{}]{}", subjectType, subject); for (Notification notification : notificationDAO.findAll()) { LOG.debug("Notification available user about {}", notification.getUserAbout()); - LOG.debug("Notification available role about {}", notification.getRoleAbout()); + LOG.debug("Notification available group about {}", notification.getGroupAbout()); if (notification.isActive()) { final Set<String> events = new HashSet<>(notification.getEvents()); @@ -301,11 +301,11 @@ public class NotificationManagerImpl implements NotificationManager { if (events.isEmpty()) { LOG.debug("No events found about {}", subject); } else if (subjectType == null || subject == null - || notification.getUserAbout() == null || notification.getRoleAbout() == null + || notification.getUserAbout() == null || notification.getGroupAbout() == null || searchDAO.matches(subject, SearchCondConverter.convert(notification.getUserAbout()), subjectType) || searchDAO.matches(subject, - SearchCondConverter.convert(notification.getRoleAbout()), subjectType)) { + SearchCondConverter.convert(notification.getGroupAbout()), subjectType)) { LOG.debug("Creating notification task for events {} about {}", events, subject); @@ -321,16 +321,16 @@ public class NotificationManagerImpl implements NotificationManager { if (subject instanceof User) { model.put("user", userDataBinder.getUserTO((User) subject)); - } else if (subject instanceof Role) { - model.put("role", roleDataBinder.getRoleTO((Role) subject)); + } else if (subject instanceof Group) { + model.put("group", groupDataBinder.getGroupTO((Group) subject)); } taskDAO.save(getNotificationTask(notification, subject, model)); } } else { - LOG.debug("Notification {}, userAbout {}, roleAbout {} is deactivated, " + LOG.debug("Notification {}, userAbout {}, groupAbout {} is deactivated, " + "notification task will not be created", notification.getKey(), - notification.getUserAbout(), notification.getRoleAbout()); + notification.getUserAbout(), notification.getGroupAbout()); } } } http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java index 7114f44..4ff9f3e 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/AbstractPropagationTaskExecutor.java @@ -31,7 +31,7 @@ import org.apache.syncope.common.lib.types.MappingPurpose; import org.apache.syncope.common.lib.types.PropagationMode; import org.apache.syncope.common.lib.types.PropagationTaskExecStatus; import org.apache.syncope.common.lib.types.TraceLevel; -import org.apache.syncope.core.persistence.api.dao.RoleDAO; +import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.TaskDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; import org.apache.syncope.core.persistence.api.entity.AttributableUtilFactory; @@ -94,7 +94,7 @@ public abstract class AbstractPropagationTaskExecutor implements PropagationTask * User DAO. */ @Autowired - protected RoleDAO roleDAO; + protected GroupDAO groupDAO; /** * Task DAO. @@ -242,11 +242,11 @@ public abstract class AbstractPropagationTaskExecutor implements PropagationTask } break; - case ROLE: + case GROUP: try { - subject = roleDAO.authFetch(task.getSubjectKey()); + subject = groupDAO.authFetch(task.getSubjectKey()); } catch (Exception e) { - LOG.error("Could not read role {}", task.getSubjectKey(), e); + LOG.error("Could not read group {}", task.getSubjectKey(), e); } break; @@ -266,17 +266,17 @@ public abstract class AbstractPropagationTaskExecutor implements PropagationTask } else { /* * We must choose here whether to - * a. actually delete the provided user / role from the external resource - * b. just update the provided user / role data onto the external resource + * a. actually delete the provided user / group from the external resource + * b. just update the provided user / group data onto the external resource * - * (a) happens when either there is no user / role associated with the PropagationTask (this takes place - * when the task is generated via UserController.delete() / RoleController.delete()) or the provided updated - * user / role hasn't the current resource assigned (when the task is generated via - * UserController.update() / RoleController.update()). + * (a) happens when either there is no user / group associated with the PropagationTask (this takes place + * when the task is generated via UserLogic.delete() / GroupLogic.delete()) or the provided updated + * user / group hasn't the current resource assigned (when the task is generated via + * UserController.update() / GroupLogic.update()). * - * (b) happens when the provided updated user / role does have the current resource assigned (when the task - * is generated via UserController.update() / RoleController.updae()): this basically means that before such - * update, this user / role used to have the current resource assigned by more than one mean (for example, + * (b) happens when the provided updated user / group does have the current resource assigned (when the task + * is generated via UserLogic.update() / GroupLogic.updae()): this basically means that before such + * update, this user / group used to have the current resource assigned by more than one mean (for example, * two different memberships with the same resource). */ Subject<?, ?, ?> subject = getSubject(task); http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java index b3dfc69..0bd204f 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java @@ -27,7 +27,7 @@ import org.apache.commons.jexl2.MapContext; import org.apache.commons.lang3.StringUtils; import org.apache.syncope.common.lib.types.AttributableType; import org.apache.syncope.core.persistence.api.dao.UserDAO; -import org.apache.syncope.core.persistence.api.entity.role.Role; +import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.misc.jexl.JexlUtil; @@ -41,8 +41,8 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; /** - * Simple action for propagating role memberships to LDAP groups, when the same resource is configured for both users - * and roles. + * Simple action for propagating group memberships to LDAP groups, when the same resource is configured for both users + * and groups. * * @see org.apache.syncope.core.sync.impl.LDAPMembershipSyncActions */ @@ -67,34 +67,34 @@ public class LDAPMembershipPropagationActions extends DefaultPropagationActions public void before(final PropagationTask task, final ConnectorObject beforeObj) { super.before(task, beforeObj); - if (AttributableType.USER == task.getSubjectType() && task.getResource().getRmapping() != null) { + if (AttributableType.USER == task.getSubjectType() && task.getResource().getGmapping() != null) { User user = userDAO.find(task.getSubjectKey()); if (user != null) { - List<String> roleAccountLinks = new ArrayList<>(); - for (Role role : user.getRoles()) { - if (role.getResourceNames().contains(task.getResource().getKey()) - && StringUtils.isNotBlank(task.getResource().getRmapping().getAccountLink())) { + List<String> groupAccountLinks = new ArrayList<>(); + for (Group group : user.getGroups()) { + if (group.getResourceNames().contains(task.getResource().getKey()) + && StringUtils.isNotBlank(task.getResource().getGmapping().getAccountLink())) { - LOG.debug("Evaluating accountLink for {}", role); + LOG.debug("Evaluating accountLink for {}", group); final JexlContext jexlContext = new MapContext(); - JexlUtil.addFieldsToContext(role, jexlContext); - JexlUtil.addAttrsToContext(role.getPlainAttrs(), jexlContext); - JexlUtil.addDerAttrsToContext(role.getDerAttrs(), role.getPlainAttrs(), jexlContext); + JexlUtil.addFieldsToContext(group, jexlContext); + JexlUtil.addAttrsToContext(group.getPlainAttrs(), jexlContext); + JexlUtil.addDerAttrsToContext(group.getDerAttrs(), group.getPlainAttrs(), jexlContext); - final String roleAccountLink = - JexlUtil.evaluate(task.getResource().getRmapping().getAccountLink(), jexlContext); - LOG.debug("AccountLink for {} is '{}'", role, roleAccountLink); - if (StringUtils.isNotBlank(roleAccountLink)) { - roleAccountLinks.add(roleAccountLink); + final String groupAccountLink = + JexlUtil.evaluate(task.getResource().getGmapping().getAccountLink(), jexlContext); + LOG.debug("AccountLink for {} is '{}'", group, groupAccountLink); + if (StringUtils.isNotBlank(groupAccountLink)) { + groupAccountLinks.add(groupAccountLink); } } } - LOG.debug("Role accountLinks to propagate for membership: {}", roleAccountLinks); + LOG.debug("Group accountLinks to propagate for membership: {}", groupAccountLinks); Set<Attribute> attributes = new HashSet<Attribute>(task.getAttributes()); - Set<String> groups = new HashSet<String>(roleAccountLinks); + Set<String> groups = new HashSet<String>(groupAccountLinks); Attribute ldapGroups = AttributeUtil.find(getGroupMembershipAttrName(), attributes); if (ldapGroups != null) { @@ -107,7 +107,7 @@ public class LDAPMembershipPropagationActions extends DefaultPropagationActions task.setAttributes(attributes); } } else { - LOG.debug("Not about user, or role mapping missing for resource: not doing anything"); + LOG.debug("Not about user, or group mapping missing for resource: not doing anything"); } } } http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/PropagationManagerImpl.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/PropagationManagerImpl.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/PropagationManagerImpl.java index ec4cc0e..3108368 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/PropagationManagerImpl.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/PropagationManagerImpl.java @@ -37,7 +37,7 @@ import org.apache.syncope.common.lib.types.PropagationByResource; import org.apache.syncope.common.lib.types.ResourceOperation; import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO; import org.apache.syncope.core.persistence.api.dao.NotFoundException; -import org.apache.syncope.core.persistence.api.dao.RoleDAO; +import org.apache.syncope.core.persistence.api.dao.GroupDAO; import org.apache.syncope.core.persistence.api.dao.UserDAO; import org.apache.syncope.core.persistence.api.entity.AttributableUtil; import org.apache.syncope.core.persistence.api.entity.AttributableUtilFactory; @@ -47,14 +47,14 @@ import org.apache.syncope.core.persistence.api.entity.MappingItem; import org.apache.syncope.core.persistence.api.entity.Subject; import org.apache.syncope.core.persistence.api.entity.VirAttr; import org.apache.syncope.core.persistence.api.entity.membership.Membership; -import org.apache.syncope.core.persistence.api.entity.role.Role; +import org.apache.syncope.core.persistence.api.entity.group.Group; import org.apache.syncope.core.persistence.api.entity.task.PropagationTask; import org.apache.syncope.core.persistence.api.entity.user.User; import org.apache.syncope.core.provisioning.api.WorkflowResult; import org.apache.syncope.core.provisioning.api.propagation.PropagationManager; import org.apache.syncope.core.provisioning.api.propagation.PropagationTaskExecutor; import org.apache.syncope.core.provisioning.java.VirAttrHandler; -import org.apache.syncope.core.misc.security.UnauthorizedRoleException; +import org.apache.syncope.core.misc.security.UnauthorizedGroupException; import org.apache.syncope.core.misc.ConnObjectUtil; import org.apache.syncope.core.misc.MappingUtil; import org.apache.syncope.core.misc.jexl.JexlUtil; @@ -84,10 +84,10 @@ public class PropagationManagerImpl implements PropagationManager { protected UserDAO userDAO; /** - * Role DAO. + * Group DAO. */ @Autowired - protected RoleDAO roleDAO; + protected GroupDAO groupDAO; /** * Resource DAO. @@ -119,12 +119,12 @@ public class PropagationManagerImpl implements PropagationManager { * @param membershipTOs user memberships * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserCreateTaskIds(final WorkflowResult<Map.Entry<Long, Boolean>> wfResult, final String password, final List<AttrTO> vAttrs, final List<MembershipTO> membershipTOs) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { return getUserCreateTaskIds(wfResult, password, vAttrs, null, membershipTOs); } @@ -139,13 +139,13 @@ public class PropagationManagerImpl implements PropagationManager { * @param membershipTOs user memberships * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserCreateTaskIds(final WorkflowResult<Map.Entry<Long, Boolean>> wfResult, final String password, final Collection<AttrTO> vAttrs, final Set<String> noPropResourceNames, final List<MembershipTO> membershipTOs) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { return getUserCreateTaskIds( wfResult.getResult().getKey(), @@ -166,7 +166,7 @@ public class PropagationManagerImpl implements PropagationManager { final Collection<AttrTO> vAttrs, final Collection<MembershipTO> membershipTOs, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { User user = userDAO.authFetch(key); if (vAttrs != null && !vAttrs.isEmpty()) { @@ -187,66 +187,66 @@ public class PropagationManagerImpl implements PropagationManager { } /** - * Create the role on every associated resource. + * Create the group on every associated resource. * * @param wfResult user to be propagated (and info associated), as per result from workflow * @param vAttrs virtual attributes to be set * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleCreateTaskIds(final WorkflowResult<Long> wfResult, final List<AttrTO> vAttrs) - throws NotFoundException, UnauthorizedRoleException { + public List<PropagationTask> getGroupCreateTaskIds(final WorkflowResult<Long> wfResult, final List<AttrTO> vAttrs) + throws NotFoundException, UnauthorizedGroupException { - return getRoleCreateTaskIds(wfResult, vAttrs, null); + return getGroupCreateTaskIds(wfResult, vAttrs, null); } /** - * Create the role on every associated resource. + * Create the group on every associated resource. * - * @param wfResult role to be propagated (and info associated), as per result from workflow + * @param wfResult group to be propagated (and info associated), as per result from workflow * @param vAttrs virtual attributes to be set * @param noPropResourceNames external resources performing not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleCreateTaskIds( + public List<PropagationTask> getGroupCreateTaskIds( final WorkflowResult<Long> wfResult, final Collection<AttrTO> vAttrs, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { - return getRoleCreateTaskIds(wfResult.getResult(), vAttrs, wfResult.getPropByRes(), noPropResourceNames); + return getGroupCreateTaskIds(wfResult.getResult(), vAttrs, wfResult.getPropByRes(), noPropResourceNames); } /** - * Create the role on every associated resource. + * Create the group on every associated resource. * - * @param key role key + * @param key group key * @param vAttrs virtual attributes to be set * @param propByRes operation to be performed per resource * @param noPropResourceNames external resources performing not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleCreateTaskIds( + public List<PropagationTask> getGroupCreateTaskIds( final Long key, final Collection<AttrTO> vAttrs, final PropagationByResource propByRes, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { - Role role = roleDAO.authFetch(key); + Group group = groupDAO.authFetch(key); if (vAttrs != null && !vAttrs.isEmpty()) { - virAttrHandler.fillVirtual(role, vAttrs, attrUtilFactory.getInstance(AttributableType.ROLE)); + virAttrHandler.fillVirtual(group, vAttrs, attrUtilFactory.getInstance(AttributableType.GROUP)); } - return getCreateTaskIds(role, null, null, propByRes, noPropResourceNames); + return getCreateTaskIds(group, null, null, propByRes, noPropResourceNames); } protected List<PropagationTask> getCreateTaskIds(final Subject<?, ?, ?> subject, @@ -298,12 +298,12 @@ public class PropagationManagerImpl implements PropagationManager { * @param noPropResourceNames external resources not to be considered for propagation * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserUpdateTaskIds(final WorkflowResult<Map.Entry<UserMod, Boolean>> wfResult, final boolean changePwd, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { User user = userDAO.authFetch(wfResult.getResult().getKey().getKey()); return getUpdateTaskIds(user, @@ -357,41 +357,41 @@ public class PropagationManagerImpl implements PropagationManager { } /** - * Performs update on each resource associated to the role. + * Performs update on each resource associated to the group. * - * @param wfResult role to be propagated (and info associated), as per result from workflow + * @param wfResult group to be propagated (and info associated), as per result from workflow * @param vAttrsToBeRemoved virtual attributes to be removed * @param vAttrsToBeUpdated virtual attributes to be added * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleUpdateTaskIds(final WorkflowResult<Long> wfResult, + public List<PropagationTask> getGroupUpdateTaskIds(final WorkflowResult<Long> wfResult, final Set<String> vAttrsToBeRemoved, final Set<AttrMod> vAttrsToBeUpdated) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { - return getRoleUpdateTaskIds(wfResult, vAttrsToBeRemoved, vAttrsToBeUpdated, null); + return getGroupUpdateTaskIds(wfResult, vAttrsToBeRemoved, vAttrsToBeUpdated, null); } /** - * Performs update on each resource associated to the role. + * Performs update on each resource associated to the group. * - * @param wfResult role to be propagated (and info associated), as per result from workflow + * @param wfResult group to be propagated (and info associated), as per result from workflow * @param vAttrsToBeRemoved virtual attributes to be removed * @param vAttrsToBeUpdated virtual attributes to be added * @param noPropResourceNames external resource names not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ - public List<PropagationTask> getRoleUpdateTaskIds(final WorkflowResult<Long> wfResult, + public List<PropagationTask> getGroupUpdateTaskIds(final WorkflowResult<Long> wfResult, final Set<String> vAttrsToBeRemoved, final Set<AttrMod> vAttrsToBeUpdated, final Set<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { - Role role = roleDAO.authFetch(wfResult.getResult()); - return getUpdateTaskIds(role, null, false, null, + Group group = groupDAO.authFetch(wfResult.getResult()); + return getUpdateTaskIds(group, null, false, null, vAttrsToBeRemoved, vAttrsToBeUpdated, wfResult.getPropByRes(), noPropResourceNames, Collections.<MembershipMod>emptySet()); } @@ -473,11 +473,11 @@ public class PropagationManagerImpl implements PropagationManager { * @param userKey to be deleted * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserDeleteTaskIds(final Long userKey) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { return getUserDeleteTaskIds(userKey, Collections.<String>emptySet()); } @@ -491,11 +491,11 @@ public class PropagationManagerImpl implements PropagationManager { * @param noPropResourceName name of external resource not to be considered for propagation * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserDeleteTaskIds(final Long userKey, final String noPropResourceName) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { return getUserDeleteTaskIds(userKey, Collections.<String>singleton(noPropResourceName)); } @@ -508,11 +508,11 @@ public class PropagationManagerImpl implements PropagationManager { * @param noPropResourceNames name of external resources not to be considered for propagation * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserDeleteTaskIds(final Long userKey, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { User user = userDAO.authFetch(userKey); return getDeleteTaskIds(user, user.getResourceNames(), noPropResourceNames); @@ -528,12 +528,12 @@ public class PropagationManagerImpl implements PropagationManager { * @param noPropResourceNames name of external resources not to be considered for propagation * @return list of propagation tasks * @throws NotFoundException if user is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given user + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given user */ @Override public List<PropagationTask> getUserDeleteTaskIds( final Long userKey, final Set<String> resourceNames, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + throws NotFoundException, UnauthorizedGroupException { User user = userDAO.authFetch(userKey); return getDeleteTaskIds(user, resourceNames, noPropResourceNames); @@ -554,38 +554,38 @@ public class PropagationManagerImpl implements PropagationManager { } /** - * Perform delete on each resource associated to the role. It is possible to ask for a mandatory provisioning for + * Perform delete on each resource associated to the group. It is possible to ask for a mandatory provisioning for * some resources specifying a set of resource names. Exceptions won't be ignored and the process will be stopped if * the creation fails onto a mandatory resource. * - * @param roleKey to be deleted + * @param groupKey to be deleted * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleDeleteTaskIds(final Long roleKey) - throws NotFoundException, UnauthorizedRoleException { + public List<PropagationTask> getGroupDeleteTaskIds(final Long groupKey) + throws NotFoundException, UnauthorizedGroupException { - return getRoleDeleteTaskIds(roleKey, Collections.<String>emptySet()); + return getGroupDeleteTaskIds(groupKey, Collections.<String>emptySet()); } /** - * Perform delete on each resource associated to the role. It is possible to ask for a mandatory provisioning for + * Perform delete on each resource associated to the group. It is possible to ask for a mandatory provisioning for * some resources specifying a set of resource names. Exceptions won't be ignored and the process will be stopped if * the creation fails onto a mandatory resource. * - * @param roleKey to be deleted + * @param groupKey to be deleted * @param noPropResourceName name of external resource not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleDeleteTaskIds(final Long roleKey, final String noPropResourceName) - throws NotFoundException, UnauthorizedRoleException { + public List<PropagationTask> getGroupDeleteTaskIds(final Long groupKey, final String noPropResourceName) + throws NotFoundException, UnauthorizedGroupException { - return getRoleDeleteTaskIds(roleKey, Collections.<String>singleton(noPropResourceName)); + return getGroupDeleteTaskIds(groupKey, Collections.<String>singleton(noPropResourceName)); } /** @@ -593,18 +593,19 @@ public class PropagationManagerImpl implements PropagationManager { * some resources specifying a set of resource names. Exceptions won't be ignored and the process will be stopped if * the creation fails onto a mandatory resource. * - * @param roleKey to be deleted + * @param groupKey to be deleted * @param noPropResourceNames name of external resources not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleDeleteTaskIds(final Long roleKey, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + public List<PropagationTask> getGroupDeleteTaskIds( + final Long groupKey, final Collection<String> noPropResourceNames) + throws NotFoundException, UnauthorizedGroupException { - Role role = roleDAO.authFetch(roleKey); - return getDeleteTaskIds(role, role.getResourceNames(), noPropResourceNames); + Group group = groupDAO.authFetch(groupKey); + return getDeleteTaskIds(group, group.getResourceNames(), noPropResourceNames); } /** @@ -612,20 +613,20 @@ public class PropagationManagerImpl implements PropagationManager { * some resources specifying a set of resource names. Exceptions won't be ignored and the process will be stopped if * the creation fails onto a mandatory resource. * - * @param roleKey to be deleted - * @param resourceNames resource from which role is to be deleted + * @param groupKey to be deleted + * @param resourceNames resource from which group is to be deleted * @param noPropResourceNames name of external resources not to be considered for propagation * @return list of propagation tasks - * @throws NotFoundException if role is not found - * @throws UnauthorizedRoleException if caller doesn't own enough entitlements to administer the given role + * @throws NotFoundException if group is not found + * @throws UnauthorizedGroupException if caller doesn't own enough entitlements to administer the given group */ @Override - public List<PropagationTask> getRoleDeleteTaskIds( - final Long roleKey, final Set<String> resourceNames, final Collection<String> noPropResourceNames) - throws NotFoundException, UnauthorizedRoleException { + public List<PropagationTask> getGroupDeleteTaskIds( + final Long groupKey, final Set<String> resourceNames, final Collection<String> noPropResourceNames) + throws NotFoundException, UnauthorizedGroupException { - Role role = roleDAO.authFetch(roleKey); - return getDeleteTaskIds(role, resourceNames, noPropResourceNames); + Group group = groupDAO.authFetch(groupKey); + return getDeleteTaskIds(group, resourceNames, noPropResourceNames); } protected List<PropagationTask> getDeleteTaskIds( @@ -644,7 +645,7 @@ public class PropagationManagerImpl implements PropagationManager { /** * Create propagation tasks. * - * @param subject user / role to be provisioned + * @param subject user / group to be provisioned * @param password cleartext password to be provisioned * @param changePwd whether password should be included for propagation attributes or not * @param vAttrsToBeRemoved virtual attributes to be removed @@ -652,7 +653,7 @@ public class PropagationManagerImpl implements PropagationManager { * @param membVAttrsToBeRemoved membership virtual attributes to be removed * @param membVAttrsToBeUpdatedMap membership virtual attributes to be added * @param enable whether user must be enabled or not - * @param deleteOnResource whether user / role must be deleted anyway from external resource or not + * @param deleteOnResource whether user / group must be deleted anyway from external resource or not * @param propByRes operation to be performed per resource * @return list of propagation tasks created */ @@ -752,7 +753,7 @@ public class PropagationManagerImpl implements PropagationManager { protected MembershipTO findMembershipTO(final Membership membership, final Collection<MembershipTO> memberships) { for (MembershipTO membershipTO : memberships) { - if (membershipTO.getRoleId() == membership.getRole().getKey()) { + if (membershipTO.getGroupId() == membership.getGroup().getKey()) { return membershipTO; } } @@ -762,7 +763,7 @@ public class PropagationManagerImpl implements PropagationManager { protected MembershipMod findMembershipMod(final Membership membership, final Set<MembershipMod> membershipMods) { for (MembershipMod membershipMod : membershipMods) { - if (membershipMod.getRole() == membership.getRole().getKey()) { + if (membershipMod.getGroup() == membership.getGroup().getKey()) { return membershipMod; } } http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractProvisioningJob.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractProvisioningJob.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractProvisioningJob.java index 59c665d..197d4d5 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractProvisioningJob.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractProvisioningJob.java @@ -27,7 +27,7 @@ import org.apache.syncope.core.persistence.api.dao.EntitlementDAO; import org.apache.syncope.core.persistence.api.dao.ExternalResourceDAO; import org.apache.syncope.core.persistence.api.dao.PolicyDAO; import org.apache.syncope.core.persistence.api.entity.Entitlement; -import org.apache.syncope.core.persistence.api.entity.role.RMapping; +import org.apache.syncope.core.persistence.api.entity.group.GMapping; import org.apache.syncope.core.persistence.api.entity.task.ProvisioningTask; import org.apache.syncope.core.persistence.api.entity.task.PushTask; import org.apache.syncope.core.persistence.api.entity.task.SyncTask; @@ -136,7 +136,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uSuccCreate.add(provResult); break; - case ROLE: + case GROUP: rSuccCreate.add(provResult); break; @@ -150,7 +150,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uSuccUpdate.add(provResult); break; - case ROLE: + case GROUP: rSuccUpdate.add(provResult); break; @@ -164,7 +164,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uSuccDelete.add(provResult); break; - case ROLE: + case GROUP: rSuccDelete.add(provResult); break; @@ -178,7 +178,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uSuccNone.add(provResult); break; - case ROLE: + case GROUP: rSuccNone.add(provResult); break; @@ -198,7 +198,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uFailCreate.add(provResult); break; - case ROLE: + case GROUP: rFailCreate.add(provResult); break; @@ -212,7 +212,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uFailUpdate.add(provResult); break; - case ROLE: + case GROUP: rFailUpdate.add(provResult); break; @@ -226,7 +226,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte uFailDelete.add(provResult); break; - case ROLE: + case GROUP: rFailDelete.add(provResult); break; @@ -251,7 +251,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte append("[deleted/failures]: ").append(uSuccDelete.size()).append('/').append(uFailDelete.size()). append(' '). append("[ignored]: ").append(uSuccNone.size()).append('\n'); - report.append("Roles "). + report.append("Groups "). append("[created/failures]: ").append(rSuccCreate.size()).append('/').append(rFailCreate.size()). append(' '). append("[updated/failures]: ").append(rSuccUpdate.size()).append('/').append(rFailUpdate.size()). @@ -276,15 +276,15 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte } if (!rFailCreate.isEmpty()) { - report.append("\n\nRoles failed to create: "); + report.append("\n\nGroups failed to create: "); report.append(ProvisioningResult.produceReport(rFailCreate, syncTraceLevel)); } if (!rFailUpdate.isEmpty()) { - report.append("\nRoles failed to update: "); + report.append("\nGroups failed to update: "); report.append(ProvisioningResult.produceReport(rFailUpdate, syncTraceLevel)); } if (!rFailDelete.isEmpty()) { - report.append("\nRoles failed to delete: "); + report.append("\nGroups failed to delete: "); report.append(ProvisioningResult.produceReport(rFailDelete, syncTraceLevel)); } } @@ -299,13 +299,13 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte .append(ProvisioningResult.produceReport(uSuccDelete, syncTraceLevel)) .append("\nUsers ignored:\n") .append(ProvisioningResult.produceReport(uSuccNone, syncTraceLevel)); - report.append("\n\nRoles created:\n") + report.append("\n\nGroups created:\n") .append(ProvisioningResult.produceReport(rSuccCreate, syncTraceLevel)) - .append("\nRoles updated:\n") + .append("\nGroups updated:\n") .append(ProvisioningResult.produceReport(rSuccUpdate, syncTraceLevel)) - .append("\nRoles deleted:\n") + .append("\nGroups deleted:\n") .append(ProvisioningResult.produceReport(rSuccDelete, syncTraceLevel)) - .append("\nRoles ignored:\n") + .append("\nGroups ignored:\n") .append(ProvisioningResult.produceReport(rSuccNone, syncTraceLevel)); } @@ -350,13 +350,13 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte throw new JobExecutionException( "Invalid user account id mapping for resource " + syncTask.getResource()); } - final RMapping rMapping = syncTask.getResource().getRmapping(); + final GMapping rMapping = syncTask.getResource().getGmapping(); if (rMapping != null && rMapping.getAccountIdItem() == null) { throw new JobExecutionException( - "Invalid role account id mapping for resource " + syncTask.getResource()); + "Invalid group account id mapping for resource " + syncTask.getResource()); } if (uMapping == null && rMapping == null) { - return "No mapping configured for both users and roles: aborting..."; + return "No mapping configured for both users and groups: aborting..."; } return executeWithSecurityContext( @@ -378,7 +378,7 @@ public abstract class AbstractProvisioningJob<T extends ProvisioningTask, A exte final T task, final Connector connector, final UMapping uMapping, - final RMapping rMapping, + final GMapping rMapping, final boolean dryRun) throws JobExecutionException; @Override http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractPushResultHandler.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractPushResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractPushResultHandler.java index 42dfedd..de222bd 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractPushResultHandler.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractPushResultHandler.java @@ -346,7 +346,7 @@ public abstract class AbstractPushResultHandler extends AbstractSyncopeResultHan for (Membership membership : User.class.cast(sbj).getMemberships()) { final MembershipMod membershipMod = new MembershipMod(); membershipMod.setKey(membership.getKey()); - membershipMod.setRole(membership.getRole().getKey()); + membershipMod.setGroup(membership.getGroup().getKey()); for (VirAttr vattr : membership.getVirAttrs()) { membVattrToBeRemoved.remove(vattr.getSchema().getKey()); http://git-wip-us.apache.org/repos/asf/syncope/blob/4095f1e8/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractSyncResultHandler.java ---------------------------------------------------------------------- diff --git a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractSyncResultHandler.java b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractSyncResultHandler.java index 02b9a1a..5b9b3a7 100644 --- a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractSyncResultHandler.java +++ b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/sync/AbstractSyncResultHandler.java @@ -35,7 +35,7 @@ import org.apache.syncope.core.persistence.api.entity.task.SyncTask; import org.apache.syncope.core.provisioning.api.AttributableTransformer; import org.apache.syncope.core.provisioning.api.propagation.PropagationException; import org.apache.syncope.core.provisioning.api.sync.SyncActions; -import org.apache.syncope.core.misc.security.UnauthorizedRoleException; +import org.apache.syncope.core.misc.security.UnauthorizedGroupException; import org.apache.syncope.core.provisioning.api.sync.ProvisioningResult; import org.apache.syncope.core.provisioning.api.sync.SyncopeSyncResultHandler; import org.identityconnectors.framework.common.objects.SyncDelta; @@ -60,7 +60,8 @@ public abstract class AbstractSyncResultHandler extends AbstractSyncopeResultHan protected abstract AbstractSubjectMod getSubjectMod(AbstractSubjectTO subjectTO, SyncDelta delta); - protected abstract AbstractSubjectTO create(AbstractSubjectTO subjectTO, SyncDelta _delta, ProvisioningResult result); + protected abstract AbstractSubjectTO create( + AbstractSubjectTO subjectTO, SyncDelta _delta, ProvisioningResult result); protected abstract AbstractSubjectTO link(AbstractSubjectTO before, ProvisioningResult result, boolean unlink); @@ -497,7 +498,7 @@ public abstract class AbstractSyncResultHandler extends AbstractSyncopeResultHan } catch (NotFoundException e) { LOG.error("Could not find {} {}", attrUtil.getType(), id, e); - } catch (UnauthorizedRoleException e) { + } catch (UnauthorizedGroupException e) { LOG.error("Not allowed to read {} {}", attrUtil.getType(), id, e); } catch (Exception e) { LOG.error("Could not delete {} {}", attrUtil.getType(), id, e); @@ -532,7 +533,7 @@ public abstract class AbstractSyncResultHandler extends AbstractSyncopeResultHan } /** - * Look into SyncDelta and take necessary profile.getActions() (create / update / delete) on user(s)/role(s). + * Look into SyncDelta and take necessary profile.getActions() (create / update / delete) on user(s)/group(s). * * @param delta returned by the underlying profile.getConnector() * @throws JobExecutionException in case of synchronization failure.
