svn commit: r1603100 - in /syncope/trunk/core/src: main/java/org/apache/syncope/core/rest/controller/ main/java/org/apache/syncope/core/rest/data/ test/java/org/apache/syncope/core/rest/
Author: andreapatricelli Date: Tue Jun 17 09:22:49 2014 New Revision: 1603100 URL: http://svn.apache.org/r1603100 Log: [SYNCOPE-501] improved membership virtual attributes management, added propagation of only membership virtual attributes Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/UserDataBinder.java syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/VirAttrTestITCase.java Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java?rev=1603100&r1=1603099&r2=1603100&view=diff == --- syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java (original) +++ syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/controller/UserController.java Tue Jun 17 09:22:49 2014 @@ -39,6 +39,8 @@ import org.apache.syncope.common.to.User import org.apache.syncope.common.types.AttributableType; import org.apache.syncope.common.types.ClientExceptionType; import org.apache.syncope.common.SyncopeClientException; +import org.apache.syncope.common.mod.AttributeMod; +import org.apache.syncope.common.mod.MembershipMod; import org.apache.syncope.core.persistence.beans.PropagationTask; import org.apache.syncope.core.persistence.beans.role.SyncopeRole; import org.apache.syncope.core.persistence.beans.user.SyncopeUser; @@ -249,6 +251,20 @@ public class UserController extends Abst UserMod actual = attrTransformer.transform(userMod); LOG.debug("Transformed: {}", actual); +// SYNCOPE-501: check if there are memberships to be removed with virtual attributes assigned +Boolean removeMemberships = Boolean.FALSE; + +for (Long membershipId : actual.getMembershipsToRemove()) { +if (!binder.fillMembershipVirtual( +null, +null, +membershipId, +Collections.emptySet(), +Collections.emptySet(), +Boolean.TRUE).isEmpty()) { +removeMemberships = Boolean.TRUE; +} +} //Actual operations: workflow, propagation, notification WorkflowResult> updated = uwfAdapter.update(actual); @@ -259,11 +275,23 @@ public class UserController extends Abst updated.getResult().getKey().getId(), actual.getVirAttrsToRemove(), actual.getVirAttrsToUpdate()); -// SYNCOPE-501: update only virtual attributes (if any of them changed), password propagation is -// not required -tasks.addAll(propByResVirAttr.isEmpty() -? Collections.emptyList() -: propagationManager.getUserUpdateTaskIds(updated, false, null)); +// SYNCOPE-501: update only virtual attributes (if any of them changed), password propagation is +// not required, take care also of membership virtual attributes +Boolean addOrUpdateMemberships = Boolean.FALSE; +for (MembershipMod membershipMod : actual.getMembershipsToAdd()) { +if (!binder.fillMembershipVirtual( +updated.getResult().getKey().getId(), +membershipMod.getRole(), +null, +membershipMod.getVirAttrsToRemove(), +membershipMod.getVirAttrsToUpdate(), +Boolean.FALSE).isEmpty()) { +addOrUpdateMemberships = Boolean.TRUE; +} +} +tasks.addAll(!propByResVirAttr.isEmpty() || addOrUpdateMemberships || removeMemberships +? propagationManager.getUserUpdateTaskIds(updated, false, null) +: Collections.emptyList()); } PropagationReporter propagationReporter = ApplicationContextProvider.getApplicationContext(). Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java?rev=1603100&r1=1603099&r2=1603100&view=diff == --- syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java (original) +++ syncope/trunk/core/src/main/java/org/apache/syncope/core/rest/data/AbstractAttributableDataBinder.java Tue Jun 17 09:22:49 2014 @@ -42
svn commit: r1603171 - /syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java
Author: coheigea Date: Tue Jun 17 13:58:09 2014 New Revision: 1603171 URL: http://svn.apache.org/r1603171 Log: [SYNCOPE-505] - Adding an initial PropagationActions implementation for DBs Added: syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java Added: syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java?rev=1603171&view=auto == --- syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java (added) +++ syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java Tue Jun 17 13:58:09 2014 @@ -0,0 +1,78 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ +package org.apache.syncope.core.propagation.impl; + +import java.util.ArrayList; +import java.util.HashSet; +import java.util.List; +import java.util.Set; + +import org.apache.syncope.common.types.AttributableType; +import org.apache.syncope.core.persistence.beans.PropagationTask; +import org.apache.syncope.core.persistence.beans.user.SyncopeUser; +import org.apache.syncope.core.persistence.dao.UserDAO; +import org.apache.syncope.core.propagation.DefaultPropagationActions; +import org.identityconnectors.common.security.GuardedString; +import org.identityconnectors.framework.common.objects.Attribute; +import org.identityconnectors.framework.common.objects.AttributeBuilder; +import org.identityconnectors.framework.common.objects.AttributeUtil; +import org.identityconnectors.framework.common.objects.ConnectorObject; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.transaction.annotation.Transactional; + +/** + * Propagate a non-cleartext password out to a resource, if the PropagationManager has not already + * added a password. + */ +public class DBPasswordPropagationActions extends DefaultPropagationActions { + +protected static final Logger LOG = LoggerFactory.getLogger(DBPasswordPropagationActions.class); + +@Autowired +protected UserDAO userDAO; + +@Transactional(readOnly = true) +@Override +public void before(final PropagationTask task, final ConnectorObject beforeObj) { +super.before(task, beforeObj); + +if (AttributableType.USER == task.getSubjectType()) { +SyncopeUser user = userDAO.find(task.getSubjectId()); + +if (user != null && user.getPassword() != null) { +Attribute missing = AttributeUtil.find("__MANDATORY_MISSING__", task.getAttributes()); +if (missing != null && missing.getValue() != null && missing.getValue().size() == 1 +&& missing.getValue().get(0).equals("__PASSWORD__")) { +List values = new ArrayList(1); +values.add(new GuardedString(user.getPassword().toCharArray())); + +Attribute passwordAttribute = AttributeBuilder.build("__PASSWORD__", values); + +Set attributes = new HashSet(task.getAttributes()); +attributes.add(passwordAttribute); +attributes.remove(missing); +task.setAttributes(attributes); +} + +} +} +} +}
svn commit: r1603184 - /syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java
Author: ilgrosso Date: Tue Jun 17 14:20:20 2014 New Revision: 1603184 URL: http://svn.apache.org/r1603184 Log: [SYNCOPE-505] Using known constants Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java Modified: syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java URL: http://svn.apache.org/viewvc/syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java?rev=1603184&r1=1603183&r2=1603184&view=diff == --- syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java (original) +++ syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/DBPasswordPropagationActions.java Tue Jun 17 14:20:20 2014 @@ -18,9 +18,7 @@ */ package org.apache.syncope.core.propagation.impl; -import java.util.ArrayList; import java.util.HashSet; -import java.util.List; import java.util.Set; import org.apache.syncope.common.types.AttributableType; @@ -28,11 +26,13 @@ import org.apache.syncope.core.persisten import org.apache.syncope.core.persistence.beans.user.SyncopeUser; import org.apache.syncope.core.persistence.dao.UserDAO; import org.apache.syncope.core.propagation.DefaultPropagationActions; +import org.apache.syncope.core.propagation.PropagationTaskExecutor; import org.identityconnectors.common.security.GuardedString; import org.identityconnectors.framework.common.objects.Attribute; import org.identityconnectors.framework.common.objects.AttributeBuilder; import org.identityconnectors.framework.common.objects.AttributeUtil; import org.identityconnectors.framework.common.objects.ConnectorObject; +import org.identityconnectors.framework.common.objects.OperationalAttributes; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; @@ -44,34 +44,33 @@ import org.springframework.transaction.a */ public class DBPasswordPropagationActions extends DefaultPropagationActions { -protected static final Logger LOG = LoggerFactory.getLogger(DBPasswordPropagationActions.class); +private static final Logger LOG = LoggerFactory.getLogger(DBPasswordPropagationActions.class); @Autowired -protected UserDAO userDAO; +private UserDAO userDAO; -@Transactional(readOnly = true) +@Transactional @Override public void before(final PropagationTask task, final ConnectorObject beforeObj) { super.before(task, beforeObj); if (AttributableType.USER == task.getSubjectType()) { SyncopeUser user = userDAO.find(task.getSubjectId()); - if (user != null && user.getPassword() != null) { -Attribute missing = AttributeUtil.find("__MANDATORY_MISSING__", task.getAttributes()); +Attribute missing = AttributeUtil.find( + AttributeUtil.createSpecialName(PropagationTaskExecutor.MANDATORY_MISSING_ATTR_NAME), +task.getAttributes()); if (missing != null && missing.getValue() != null && missing.getValue().size() == 1 -&& missing.getValue().get(0).equals("__PASSWORD__")) { -List values = new ArrayList(1); -values.add(new GuardedString(user.getPassword().toCharArray())); - -Attribute passwordAttribute = AttributeBuilder.build("__PASSWORD__", values); - +&& missing.getValue().get(0).equals(OperationalAttributes.PASSWORD_NAME)) { + +Attribute passwordAttribute = AttributeBuilder.buildPassword( +new GuardedString(user.getPassword().toCharArray())); + Set attributes = new HashSet(task.getAttributes()); attributes.add(passwordAttribute); attributes.remove(missing); task.setAttributes(attributes); } - } } }