http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/installation.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/installation.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/installation.adoc new file mode 100644 index 0000000..fb7e693 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/installation.adoc @@ -0,0 +1,181 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Installation command +The installation process creates a file, called _cli.properties_, used by the script to call the Apache Syncope +REST API services with the right credentials. + +The properties file will contain content similar to: + +* *syncope.rest.services*=http://localhost:9080/syncope/rest +* *syncope.admin.user*=admin +* *syncope.admin.password*=QePSFVTnzwQowM4ohhaUYcE6aW47MVZ/ + +where the properties are: + +syncope.rest.services:: + the URL where the Apache Syncope REST API services are listening; +syncope.admin.user:: + the user with the permission to call the Syncope APIs; +syncope.admin.password:: + the user password; + +as can be seen, the user password is encrypted. This is only to avoid that another user could +read an admin password. + +===== Help message +[source,bash] +---- +Usage: install [options] + Options: + --help + --setup + --setup-debug +---- + +===== Run the installation +After the zip file is unzipped you can start with CLI client using the syncopeadm file. +If you tried to run a CLI command before the installation process, the script returns +[source] +-- + - Error: It seems you need to first setup the CLI client. Run install --setup. +-- + +So, as suggested, you have to run the install command to use the CLI: +[source] +-- +$ ./syncopeadm.sh install --setup +-- + +A successful result will be: +[source,bash,subs="verbatim,attributes"] +---- + +You are running: install --setup + +############################################### +# # +# Welcome to Syncope CLI installation process # +# # +############################################### + +Path to config files of Syncope CLI client will be: ./ +- File system permission checked + +Syncope server schema [http/https]: http +Syncope server hostname [e.g. localhost]: localhost +Syncope server port [e.g. 8080]: 9080 +Syncope server rest context [e.g. /syncope/rest/]: /syncope/rest +Syncope admin user: admin +Syncope admin password: password +Installation parameters checked on Syncope core version: {docVersion} + +############################################### +# # +# Installation successful # +# now you can use Syncope CLI client # +# # +############################################### + +---- + +During the installation you have to provide: + +Syncope server schema:: + the http protocol used by the Apache Syncope core, it will be http or https; +Syncope server hostname:: + the hostname where the core is deployed; +Syncope server port:: + the port where the services are listening; +Syncope server rest context:: + the context where the rest services are deployed (/syncope/rest is the default); +Syncope admin user:: + the user with the permission to call the Syncope APIs; +Syncope admin password:: + the user password. + +===== Installation error +Various error messages are possible on installation. Here are some sample error messages: + +* Syncope unreachable (or wrong address): + +[source] +-- + +Provided address :http://localhost:9080/syncope/rest + +############################################### +# # +# Provided address is unreachable! # +# Check it and if it is wrong # +# START the installation AGAIN! # +# # +############################################### + +-- + +* Authentication failed: + +[source] +-- + +############################################### +# # +# Username or password provided are wrong # +# START the installation AGAIN! # +# # +############################################### + +-- + +As the message suggests you have to start the installation again when this error occurrs. + + +===== Debug installation +To work with the debug environment provided by Syncope we added a particular installation option for it. +It enough to run the script with the --setup-debug option +[source] +-- +$ ./syncopeadm.sh install --setup-debug +-- +[source,bash,subs="verbatim,attributes"] +---- + +You are running: install --setup-debug + +############################################### +# # +# Welcome to Syncope CLI installation process # +# # +############################################### + +Path to config files of Syncope CLI client will be: ./ +- File system permission checked + +Installation parameters checked on Syncope core version: {docVersion} + +############################################### +# # +# Installation successful # +# now you can use Syncope CLI client # +# # +############################################### + +---- +
http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/introduction.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/introduction.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/introduction.adoc new file mode 100644 index 0000000..76960bf --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/introduction.adoc @@ -0,0 +1,33 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Introduction +A brief introduction about this document and the examples you will find reading it. + +Once you have downloaded and unzipped the zip file containing the scripts, you will find a lib directory and +two script files, a .bat and a .sh one, called _syncopeadm_. You will use one of these files, depending on your operating system. + +[NOTE] +Every example described in this document is executed on a linux machine with a _debug environment_. + +[NOTE] +Wikipedia suggests that a https://en.wikipedia.org/wiki/Command-line_interface[command line interface] (CLI) +is a means of interacting with a computer program, where the user (or client) issues commands to the program +in the form of successive lines of text (command lines). In our case the CLI tool is the way to call, more or less, +every Syncope core command through a shell. http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/logger.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/logger.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/logger.adoc new file mode 100644 index 0000000..f03064f --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/logger.adoc @@ -0,0 +1,250 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Logger command +The logger command retrieves information about the logger configuration in Apache Syncope. + +===== Help message +[source,bash] +---- +Usage: logger [options] + Options: + --help + --details + --list + --read + Syntax: --read {LOG-NAME} {LOG-NAME} [...] + --update + Syntax: --update {LOG-NAME}={LOG-LEVEL} {LOG-NAME}={LOG-LEVEL} [...] + --update-all + Syntax: --update-all {LOG-LEVEL} + --create + Syntax: --create {LOG-NAME}={LOG-LEVEL} {LOG-NAME}={LOG-LEVEL} [...] + --delete + Syntax: --delete {LOG-NAME} {LOG-NAME} [...] +---- + +===== Details option +This option shows a table with some details about logger configuration. + +[source] +-- +$ ./syncopeadm.sh logger --details +-- + +[source] +-- + +You are running: logger --details + +############################ +# # +# LOGGERS DETAILS # +# # +############################ +# # # +# DETAIL # VALUE # +# # # +############################ +# # # +# Total number # 16 # +# Set to DEBUG # 2 # +# Set to ERROR # 3 # +# Set to FATAL # 0 # +# Set to INFO # 11 # +# Set to OFF # 0 # +# Set to TRACE # 0 # +# Set to WARN # 0 # +# # # +############################ + +-- + +===== List option +Running the command with this option you will see the table of the loggers configuration. + +[source] +-- +$ ./syncopeadm.sh logger --list +-- + +[source] +-- + +You are running: logger --list + +############################################################################ +# # +# LIST LOGGERS # +# # +############################################################################ +# # # +# LOGGER # LEVEL # +# # # +############################################################################ +# # # +# org.springframework.web # INFO # +# org.apache.syncope.core.logic # INFO # +# net.tirasa.connid # DEBUG # +# org.quartz # INFO # +# org.apache.syncope.core.persistence # INFO # +# org.activiti # ERROR # +# org.apache.http # INFO # +# org.springframework.orm # INFO # +# org.apache.camel # ERROR # +# org.apache.cxf # ERROR # +# org.apache.syncope # INFO # +# org.identityconnectors # DEBUG # +# org.springframework # INFO # +# org.apache.syncope.core.provisioning # INFO # +# org.apache.syncope.core.rest # INFO # +# org.apache.syncope.core.provisioning.api.ConnIdBundleManager # INFO # +# # # +############################################################################ + +-- + +===== Read option +The option to read all the information of specified loggers. + +[source] +-- +$ ./syncopeadm.sh logger --read {LOG-NAME} {LOG-NAME} [...] +-- + +Unlike the list option, the read option shows a table with only the loggers passed as input. + +===== Update option +The option to change the value of the logger passed as input. + +[source] +-- +$ ./syncopeadm.sh logger --update {LOG-NAME}={LOG-LEVEL} {LOG-NAME}={LOG-LEVEL} [...] +-- + +[source] +-- + +You are running: logger --update org.apache.camel=DEBUG + +#################################### +# # +# UPDATED LOGGERS # +# # +#################################### +# # # +# LOGGER # NEW LEVEL # +# # # +#################################### +# # # +# org.apache.camel # DEBUG # +# # # +#################################### + +-- + +===== Update all option +This option is especially helpful in production environment when every log is disabled and you need to change them for a +while in DEBUG mode. + +[source] +-- +$ ./syncopeadm.sh logger --update-all DEBUG +-- + +[source] +-- + +You are running: logger --update-all DEBUG + +################################################################################ +# # +# UPDATED LOGGERS # +# # +################################################################################ +# # # +# LOGGER # NEW LEVEL # +# # # +################################################################################ +# # # +# org.springframework.web # DEBUG # +# org.apache.syncope.core.logic # DEBUG # +# net.tirasa.connid # DEBUG # +# org.quartz # DEBUG # +# org.apache.syncope.core.persistence # DEBUG # +# org.activiti # DEBUG # +# org.apache.http # DEBUG # +# org.springframework.orm # DEBUG # +# org.apache.cxf # DEBUG # +# org.apache.syncope # DEBUG # +# org.identityconnectors # DEBUG # +# org.springframework # DEBUG # +# org.apache.syncope.core.provisioning # DEBUG # +# org.apache.syncope.core.rest # DEBUG # +# org.apache.syncope.core.provisioning.api.ConnIdBundleManager # DEBUG # +# # # +################################################################################ + +-- + +===== Create option +For the moment the logger command is one of the few command with a create option to add a new logger configuration. + +[source] +-- +$ ./syncopeadm.sh logger --create net.tirasa=ERROR +-- + +[source] +-- + +You are running: logger --create net.tirasa=ERROR + +############################## +# # +# UPDATED LOGGERS # +# # +############################## +# # # +# LOGGER # NEW LEVEL # +# # # +############################## +# # # +# net.tirasa # ERROR # +# # # +############################## + +-- + +===== Delete option +The option to delete a specified logger. + +[source] +-- +$ ./syncopeadm.sh logger --delete {LOG-NAME} {LOG-NAME} [...] +-- + +[source] +-- + +You are running: logger --delete org.apache.camel + + - Logger org.apache.camel successfully deleted + +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/notification.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/notification.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/notification.adoc new file mode 100644 index 0000000..98ebe7d --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/notification.adoc @@ -0,0 +1,116 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Notification command +The notification command retrieves information about the configured notifications. + +===== Help message +[source,bash] +---- +Usage: notification [options] + Options: + --help + --list + --read + Syntax: --read {NOTIFICATION-ID} + --delete + Syntax: --delete {NOTIFICATION-ID} +---- + +===== List option +Running the command with this option you will see the list of notificaitons with their configuration. + +[source] +-- +$ ./syncopeadm.sh notification --list +-- + +[source] +-- + +You are running: notification --list + + > NOTIFICATION ID: 1 + events: [[CUSTOM]:[]:[]:[requestPasswordReset]:[SUCCESS]] + sender: ad...@syncope.apache.org + subject: Password Reset request + recipients: null + recipient attribute name: email + template: requestPasswordReset + abouts: {USER=token!=$null} + recipient attribute types: UserPlainSchema + static recipient: [] + trace level: FAILURES + active: true + self as recipient: true + + > NOTIFICATION ID: 2 + events: [[CUSTOM]:[]:[]:[confirmPasswordReset]:[SUCCESS]] + sender: ad...@syncope.apache.org + subject: Password Reset successful + recipients: null + recipient attribute name: email + template: confirmPasswordReset + abouts: {} + recipient attribute types: UserPlainSchema + static recipient: [] + trace level: FAILURES + active: true + self as recipient: true + + > NOTIFICATION ID: 10 + events: [[CUSTOM]:[]:[]:[unexisting1]:[FAILURE], [CUSTOM]:[]:[]:[unexisting2]:[SUCCESS]] + sender: t...@syncope.apache.org + subject: Test subject + recipients: $groups==7 + recipient attribute name: email + template: test + abouts: {USER=fullname==*o*;fullname==*i*} + recipient attribute types: UserPlainSchema + static recipient: [] + trace level: FAILURES + active: true + self as recipient: false + +-- + +===== Read option +The option to read all the information of the specified notifications. + +[source] +-- +$ ./syncopeadm.sh notification --read {NOTIFICATION-ID} {NOTIFICATION-ID} [...] +-- + +Unlike the list option, the read one shows only the notifications passed as input. + +===== Delete option +The option to delete a specified notification. + +[source] +-- +$ ./syncopeadm.sh notification --delete {NOTIFICATION-ID} {NOTIFICATION-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified notification. +The output will be something like: +[source] +-- + - security notification {NOTIFICATION-ID} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/policy.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/policy.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/policy.adoc new file mode 100644 index 0000000..554c195 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/policy.adoc @@ -0,0 +1,166 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Policy command +The policy command retrieves information about the policies for each type. + +===== Help message +[source,bash] +---- +Usage: policy [options] + Options: + --help + --details + --list + Syntax: --list-policy {POLICY-TYPE} + Policy type: ACCOUNT / PASSWORD / SYNC / PUSH + --read + Syntax: --read {POLICY-ID} {POLICY-ID} [...] + --delete + Syntax: --delete {POLICY-ID} {POLICY-ID} [...] +---- + +===== Details option +This option shows a table with the amount of policies for each type. + +[source] +-- +$ ./syncopeadm.sh policy --details +-- + +[source] +-- + +You are running: policy --details + +################################# +# # +# POLICIES DETAILS # +# # +################################# +# # # +# DETAIL # VALUE # +# # # +################################# +# # # +# total number # 9 # +# account policies # 2 # +# password policies # 3 # +# sync policies # 4 # +# push policies # 0 # +# # # +################################# + +-- + +===== List option +Running the command with this option you will see the list of the policies. + +[source] +-- +$ ./syncopeadm.sh Usage: policy --list {POLICY-TYPE} + Policy type: ACCOUNT / PASSWORD / SYNC / PUSH +-- + +[source] +-- + +You are running: policy --list SYNC + + > KEY: 1 + type: SYNC + description: a sync policy + resources : [] + realms : [] + + > KEY: 3 + type: SYNC + description: sync policy 2 + resources : [resource-csv] + realms : [] + conflict resolution action: ALL + correlation rule : {USER=["username","firstname"]} + + > KEY: 7 + type: SYNC + description: sync policy 1 + resources : [] + realms : [] + conflict resolution action: IGNORE + correlation rule : {} + + > KEY: 9 + type: SYNC + description: sync policy for java rule + resources : [ws-target-resource-2] + realms : [] + conflict resolution action: IGNORE + correlation rule : {} + +-- + +===== Read option +The option to read all the information of a specified policy. + +[source] +-- +$ ./syncopeadm.sh policy --read {POLICY-ID} {POLICY-ID} [...] +-- + +Unlike the list option, the read option shows only the policy passed as input. +[source] +-- +You are running: policy --read 6 + + > KEY: 6 + type: ACCOUNT + description: sample account policy + resources : [] + realms : [/odd] + max authentication attempts : 3 + propagation suspension : false + RULES : + > class : [org.apache.syncope.common.lib.policy.DefaultAccountRuleConf@708a538f[ + maxLength=0 + minLength=4 + pattern=<null> + allUpperCase=false + allLowerCase=false + wordsNotPermitted=[] + schemasNotPermitted=[] + prefixesNotPermitted=[notpermitted1, notpermitted2] + suffixesNotPermitted=[] + name=org.apache.syncope.common.lib.policy.DefaultAccountRuleConf +]] +-- + +===== Delete option +The option to delete a specified policy. + +[source] +-- +$ ./syncopeadm.sh policy --delete {POLICY-ID} {POLICY-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified policy. +The output will be something like: +[source] +-- + - Policy {POLICY-ID} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/question.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/question.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/question.adoc new file mode 100644 index 0000000..ff04845 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/question.adoc @@ -0,0 +1,77 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Question command +The question command gets information about the user question to retrieve their password. + +===== Help message +[source,bash] +---- +Usage: question [options] + Options: + --help + --list + --read + Syntax: --read {QUESTION-ID} {QUESTION-ID} [...] + --delete + Syntax: --delete {QUESTION-ID} {QUESTION-ID} [...] +---- + +===== List option +Running the command with this option you will see the list of questions with their content. + +[source] +-- +$ ./syncopeadm.sh question --list +-- + +[source] +-- + +You are running: question --list + + > SECURITY QUESTION ID: 1 + content: What's your mother's maiden name? + +-- + +===== Read option +The option to read all the information of specified questions. + +[source] +-- +$ ./syncopeadm.sh question --read {QUESTION-ID} {QUESTION-ID} [...] +-- + +Unlike the list option, the read option shows only the questions passed as input. + +===== Delete option +The option to delete a specified question. + +[source] +-- +$ ./syncopeadm.sh question --delete {QUESTION-ID} {QUESTION-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified question. +The output will be something like: +[source] +-- + - security question {QUESTION-ID} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/realm.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/realm.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/realm.adoc new file mode 100644 index 0000000..82ad44b --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/realm.adoc @@ -0,0 +1,111 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Realm command +The realm command retrieves information about the configured realm. + +===== Help message +[source,bash] +---- +Usage: realm [options] + Options: + --help + --details + --list +---- + +===== Details option +This option shows a table with the amount of the available realms. + +[source] +-- +$ ./syncopeadm.sh realm --details +-- + +[source] +-- + +You are running: realm --details + +############################ +# # +# REALMS DETAILS # +# # +############################ +# # # +# DETAIL # VALUE # +# # # +############################ +# # # +# Total number # 4 # +# # # +############################ + +-- + +===== List option +Running the command with this option you will see the list of the realms. + +[source] +-- +$ ./syncopeadm.sh realm --list +-- + +[source] +-- + +You are running: realm --list + + > REALM ID: 1 + name: / + full path: / + actions: [] + templates: {} + parent id: 0 + account policy id: null + password policy id: 4 + + > REALM ID: 2 + name: odd + full path: /odd + actions: [] + templates: {} + parent id: 1 + account policy id: 6 + password policy id: 4 + + > REALM ID: 3 + name: even + full path: /even + actions: [] + templates: {} + parent id: 1 + account policy id: null + password policy id: 4 + + > REALM ID: 4 + name: two + full path: /even/two + actions: [] + templates: {} + parent id: 3 + account policy id: 5 + password policy id: 2 + +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/report.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/report.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/report.adoc new file mode 100644 index 0000000..694ddc2 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/report.adoc @@ -0,0 +1,252 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Report command +The report command retrieves information about the configured reports. + +===== Help message +[source,bash] +---- +Usage: report [options] + Options: + --help + --details + --list + --list-jobs + --read + Syntax: --read {REPORT-ID} {REPORT-ID} [...] + --delete + Syntax: --delete {REPORT-ID} {REPORT-ID} [...] + --execute + Syntax: --execute {REPORT-ID} + --read-execution + Syntax: --read-execution {EXECUTION-ID} {EXECUTION-ID} [...] + --delete-execution + Syntax: --delete-execution {EXECUTION-ID} {EXECUTION-ID} [...] + --export-execution-result + Syntax: --export-execution-result {EXECUTION-ID} {EXECUTION-ID} [...] {FORMAT} + Format: CSV / HTML / PDF / XML / RTF +---- + +===== Details option +This option shows a table with some details about the reports and their executions. + +[source] +-- +$ ./syncopeadm.sh report --details +-- + +[source] +-- + +You are running: report --details + +############################## +# # +# REPORTS DETAILS # +# # +############################## +# # # +# DETAIL # VALUE # +# # # +############################## +# # # +# Total numbers # 1 # +# Never executed # 0 # +# # # +############################## + +-- + +===== List all option +Running the command with this option you will see the list of configured reports. + +[source] +-- +$ ./syncopeadm.sh report --list +-- +[source] +-- +You are running: report --list + + > REPORT ID: 1 + name: test + cron expression: null + latest execution status: SUCCESS + start date: Sun Feb 26 15:40:04 CET 2012 + end date: Sun Feb 26 15:41:04 CET 2012 + CONF: + name: testUserReportlet + features: [key, username, workflowId, status, creationDate, lastLoginDate, changePwdDate, passwordHistorySize, failedLoginCount, memberships, resources] + plain attributes: [fullname, gender] + derived attributes: [cn] + virtual attributes: [virtualdata] + matching condition: null + EXECUTION: + REPORT EXEC ID: 1 + status: SUCCESS + message: null + start date: Sun Feb 26 15:40:04 CET 2012 + end date: Sun Feb 26 15:41:04 CET 2012 + report id: 1 +-- + +===== List reports execution option +Running the command with this option you will see the list of the report executions. + +[source] +-- +$ ./syncopeadm.sh report --list-jobs +-- + +[source] +-- + +You are running: report --list-jobs + + REPORT EXEC ID: 0 + status: Not Scheduled + message: null + start date: null + end date: null + report id: 1 + +-- + +===== Read option +The option to read all the information of a specified report. + +[source] +-- +$ ./syncopeadm.sh report --read {REPORT-ID} {REPORT-ID} [...] +-- + +[source] +-- +You are running: report --read 1 + + > REPORT ID: 1 + name: test + cron expression: null + latest execution status: SUCCESS + start date: Sun Feb 26 15:40:04 CET 2012 + end date: Sun Feb 26 15:41:04 CET 2012 + CONF: + name: testUserReportlet + features: [key, username, workflowId, status, creationDate, lastLoginDate, changePwdDate, passwordHistorySize, failedLoginCount, memberships, resources] + plain attributes: [fullname, gender] + derived attributes: [cn] + virtual attributes: [virtualdata] + matching condition: null + EXECUTION: + REPORT EXEC ID: 1 + status: SUCCESS + message: null + start date: Sun Feb 26 15:40:04 CET 2012 + end date: Sun Feb 26 15:41:04 CET 2012 + report id: 1 +-- + +===== Read report executions option +The option to read all the information of a specified report execution. + +[source] +-- +$ ./syncopeadm.sh rreport --read-execution {EXECUTION-ID} {EXECUTION-ID} [...] +-- + +[source] +-- +You are running: report --read-execution 1 + + REPORT EXEC ID: 1 + status: SUCCESS + message: null + start date: Sun Feb 26 15:40:04 CET 2012 + end date: Sun Feb 26 15:41:04 CET 2012 + report id: 1 +-- + +===== Delete option +The option to delete a specified report. + +[source] +-- +$ ./syncopeadm.sh report --delete {REPORT-ID} {REPORT-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified report. +[source] +-- + - Report {REPORT-ID} successfully deleted +-- + +===== Delete report executions option +The option to delete a specified report execution. + +[source] +-- +$ ./syncopeadm.sh report --delete-execution {EXECUTION-ID} {EXECUTION-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified report execution. +[source] +-- + - Report execution {EXECUTION-ID} successfully deleted +-- + +===== Execute option +The option to run a report. + +[source] +-- +$ ./syncopeadm.sh report --execute {REPORT-ID} +-- + +[source] +-- +You are running: report --execute 1 + + - Report 1executed. + + + - Run --read 1 to see the results. +-- + +After the execution, if the result is positive, you have to read the report to know the execution +results. + +===== Export execution option +The option to export an execution in a certain format to see the results. + +[NOTE] +At the moment only the XML format is supported. + +[source] +-- +$ ./syncopeadm.sh report --export-execution-result {EXECUTION-ID} {EXECUTION-ID} [...] {FORMAT} + Format: CSV / HTML / PDF / XML / RTF +-- + +[source] +-- +You are running: report --export-execution-result 101 XML + + - export_101.xml created. +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/resource.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/resource.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/resource.adoc new file mode 100644 index 0000000..e0c111c --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/resource.adoc @@ -0,0 +1,208 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Resource command +The resource command retrieves information about the resources. + +===== Help message +[source,bash] +---- +Usage: resource [options] + Options: + --help + --details + --list + --read + Syntax: --read {RESOURCE-NAME} {RESOURCE-NAME} [...] + --delete + Syntax: --delete {RESOURCE-NAME} {RESOURCE-NAME} [...] +---- + +===== Details option +This option shows a table with amount of available resources. + +[source] +-- +$ ./syncopeadm.sh resource --details +-- + +[source] +-- + +You are running: resource --details + +############################# +# # +# RESOURCES DETAILS # +# # +############################# +# # # +# DETAIL # VALUE # +# # # +############################# +# # # +# Total numbers # 19 # +# # # +############################# + +-- + +Total number:: + number of resources; + +===== List option +Running the command with this option you will see the list of resources. + +[source] +-- +$ ./syncopeadm.sh resource --list +-- + +[source] +-- + +You are running: resource --list + + > RESOURCE ID: ws-target-resource-1 + connector dispaly name: ConnInstance100 + etag value: 1287565200000 + connector id: 100 + account policy id: null + password policy id: null + sync policy id: null + creator: admin + creation date: Wed Oct 20 11:00:00 CEST 2010 + last modifier: admin + last change date: Wed Oct 20 11:00:00 CEST 2010 + propagation actions class: [] + propagation priority: 1 + PROVISIONS: + provision id: 15 + any type: USER + object class: __ACCOUNT__ + sync token: null + virtual schema: [] + MAPPING: + ConnObjectLink: null + MAPPING ITEM: + mapping key: 99 + mapping item type: UserKey + internal attribute name: id + external attribute name: userId + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: true + password: false + + mapping key: 100 + mapping item type: UserPlainSchema + internal attribute name: email + external attribute name: email + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: false + password: false + + mapping key: 101 + mapping item type: UserPlainSchema + internal attribute name: surname + external attribute name: surname + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: false + password: false + + mapping key: 102 + mapping item type: Password + internal attribute name: password + external attribute name: __PASSWORD__ + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: false + password: true + + mapping key: 335 + mapping item type: UserPlainSchema + internal attribute name: surname + external attribute name: fullname + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: false + password: false + + mapping key: 336 + mapping item type: UserPlainSchema + internal attribute name: type + external attribute name: type + mandatory condition: true + transformers class: [] + purpose: PROPAGATION + connector object key: false + password: false + + mapping key: 337 + mapping item type: UserPlainSchema + internal attribute name: firstname + external attribute name: name + mandatory condition: false + transformers class: [] + purpose: NONE + connector object key: false + password: false + + create trace level: ALL + delete trace level: ALL + update trace level: ALL + sync trace level: ALL + enforce mandatory condition: false + override capabilities: false + random password if not provided: false + [...] + +-- + +===== Read option +The option to read all the information of a specified resource. + +[source] +-- +$ ./syncopeadm.sh resource --read {RESOURCE-NAME} {RESOURCE-NAME} [...] +-- + +Unlike the list option, the read option shows only the resources passed as input. + +===== Delete option +The option to delete a specified resource. + +[source] +-- +$ ./syncopeadm.sh resource --delete {RESOURCE-NAME} {RESOURCE-NAME} [...] +-- + +The delete option, as can be imagined, tries to remove the specified resources. +The output will be something like: +[source] +-- + - Resource {RESOURCE-NAME} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/role.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/role.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/role.adoc new file mode 100644 index 0000000..c36ea4e --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/role.adoc @@ -0,0 +1,148 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Role command +The role command retrieves information about the roles. + +===== Help message +[source,bash] +---- +Usage: role [options] + Options: + --help + --details + --list + --read + Syntax: --read {ROLE-NAME} {ROLE-NAME} [...] + --delete + Syntax: --delete {ROLE-NAME} {ROLE-NAME} [...] +---- + +===== Details option +This option shows a table with some details about the roles. + +[source] +-- +$ ./syncopeadm.sh role --details +-- + +[source] +-- + +You are running: role --details + +#################################### +# # +# ROLES DETAILS # +# # +#################################### +# # # +# DETAIL # VALUE # +# # # +#################################### +# # # +# Total number # 4 # +# Without entitlements # 0 # +# # # +#################################### + +-- + +Total number:: + number of created roles; +Without entitlements:: + number of roles without linked entitlements. + +===== List option +Running the command with this option you will see the list of roles with the realm where they are configured and their entitlments. + +[source] +-- +$ ./syncopeadm.sh role --list +-- + +[source] +-- + +You are running: role --list + + > ROLE ID: User reviewer + REALMS: + - /odd + - /even + ENTITLEMENTS: + - USER_READ + - USER_LIST + - USER_SEARCH + dynamic membership condition: null + + > ROLE ID: User manager + REALMS: + - / + ENTITLEMENTS: + - WORKFLOW_FORM_SUBMIT + - USER_READ + - USER_LIST + - USER_SEARCH + - WORKFLOW_FORM_CLAIM + dynamic membership condition: null + + > ROLE ID: Other + REALMS: + - /odd + ENTITLEMENTS: + - SCHEMA_READ + - GROUP_READ + - WORKFLOW_FORM_CLAIM + dynamic membership condition: null + + > ROLE ID: Search for realm evenTwo + REALMS: + - /even/two + ENTITLEMENTS: + - USER_READ + - USER_SEARCH + dynamic membership condition: null + +-- + +===== Read option +The option to read all the information of specified roles. + +[source] +-- +$ ./syncopeadm.sh role --read {ROLE-NAME} {ROLE-NAME} [...] +-- + +Unlike the list option, the read option shows only the roles passed as input. + +===== Delete option +The option to delete specified roles. + +[source] +-- +$ ./syncopeadm.sh role --delete {ROLE-NAME} {ROLE-NAME} [...] +-- + +The delete option, as can be imagined, tries to remove specified roles. +The output will be something like: +[source] +-- + - role {ROLE-NAME} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/schema.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/schema.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/schema.adoc new file mode 100644 index 0000000..41f7a45 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/schema.adoc @@ -0,0 +1,303 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Schema command +The schema command serves retrieves information about the schema categories. + +===== Help message +[source,bash] +---- +Usage: schema [options] + Options: + --help + --details + --list-all + --list-plain + --list-derived + --list-virtual + --read {SCHEMA-TYPE} {SCHEMA-KEY} + Schema type: PLAIN / DERIVED / VIRTUAL + --delete {SCHEMA-TYPE} {SCHEMA-KEY} + Schema type: PLAIN / DERIVED / VIRTUAL +---- + +===== Details option +This option shows a table with some details about the schemas and their categories. + +[source] +-- +$ ./syncopeadm.sh schema --details +-- + +[source] +-- + +You are running: schema --details + +############################## +# # +# SCHEMAS DETAILS # +# # +############################## +# # # +# DETAIL # VALUE # +# # # +############################## +# # # +# total number # 57 # +# plain schema # 44 # +# derived schema # 10 # +# virtual schema # 3 # +# # # +############################## + +-- + +===== List all option +Running the command with this option you will see the list of all (PLAIN, DERIVED, VIRTUAL) schemas configured. + +[source] +-- +$ ./syncopeadm.sh schema --list-all +-- + +===== List plain option +Running the command with this option you will see the list of the plain schemas available in Syncope. + +[source] +-- +$ ./syncopeadm.sh schema --list-plain +-- + +[source] +-- + +You are running: schema --list-plain + +################################################################ +# # +# PLAIN SCHEMAS # +# # +################################################################ +# # # # +# SCHEMA KEY # TYPE # MANDATORY # +# # # # +################################################################ +# # # # +# password.cipher.algorithm # String # true # +# notificationjob.cronExpression # String # false # +# notification.maxRetries # Long # true # +# token.length # Long # true # +# token.expireTime # Long # true # +# selfRegistration.allowed # Boolean # true # +# passwordReset.allowed # Boolean # true # +# passwordReset.securityQuestion # Boolean # true # +# authentication.statuses # String # true # +# log.lastlogindate # Boolean # true # +# tasks.interruptMaxRetries # Long # true # +# return.password.value # Boolean # false # +# admin.user.layout # String # false # +# self.user.layout # String # false # +# admin.group.layout # String # false # +# self.group.layout # String # false # +# admin.membership.layout # String # false # +# self.membership.layout # String # false # +# fullname # String # true # +# userId # String # true # +# loginDate # Date # false # +# firstname # String # false # +# surname # String # true # +# type # String # false # +# email # String # false # +# activationDate # Date # false # +# uselessReadonly # String # false # +# cool # Boolean # false # +# gender # Enum # false # +# aLong # Long # false # +# makeItDouble # Long # false # +# obscure # Encrypted # false # +# photo # Binary # false # +# icon # String # false # +# show # Boolean # false # +# rderived_sx # String # false # +# rderived_dx # String # false # +# title # String # false # +# subscriptionDate # Date # false # +# mderived_sx # String # false # +# mderived_dx # String # false # +# postalAddress # String # false # +# model # String # false # +# location # String # false # +# # # # +################################################################ + +-- + +===== List derived option +Running the command with this option you will see the list of the derived schemas available in Syncope with +their expressions. + +[source] +-- +$ ./syncopeadm.sh schema --list-derived +-- + +[source] +-- + +You are running: schema --list-derived + +####################################################################################### +# # +# DERIVED SCHEMAS # +# # +####################################################################################### +# # # +# SCHEMA KEY # EXPRESSION # +# # # +####################################################################################### +# # # +# csvuserid # firstname + ',' + surname # +# cn # surname + ', ' + firstname # +# noschema # surname + ', ' + notfound # +# info # username + ' - ' + creationDate + '[' + failedLogins + ']' # +# rderiveddata # rderived_sx + '-' + rderived_dx # +# displayProperty # icon + ': ' + show # +# rderToBePropagated # rderived_sx + '-' + rderived_dx # +# rderivedschema # rderived_sx + '-' + rderived_dx # +# mderiveddata # mderived_sx + '-' + mderived_dx # +# mderToBePropagated # mderived_sx + '-' + mderived_dx # +# # # +####################################################################################### + +-- + +===== List virtual option +Running the command with this option you will see the list of the virtual schemas available in Syncope. + +[source] +-- +$ ./syncopeadm.sh schema --list-virtual +-- + +[source] +-- + +You are running: schema --list-virtual + +################################## +# # +# VIRTUAL SCHEMAS # +# # +################################## +# # # +# SCHEMA KEY # READONLY # +# # # +################################## +# # # +# virtualReadOnly # true # +# rvirtualdata # false # +# virtualdata # false # +# # # +################################## + +-- + +===== Read option +The option to read all the information of a specified schema. + +[source] +-- +$ ./syncopeadm.sh schema --read {SCHEMA-TYPE} {SCHEMA-KEY} + Schema type: PLAIN / DERIVED / VIRTUAL +-- + +Unlike the list option, the read option shows the schema passed as input and, in case of PLAIN category, the full +attributes of the schema. + +[source] +-- + +You are running: schema --read PLAIN email + + > SCHEMA ID: email + type: String + any type class: minimal user + conversion pattern: null + mandatory condition: false + mime type: null + validator class: org.apache.syncope.core.persistence.jpa.attrvalue.validation.EmailAddressValidator + cipher algorithm: + +-- +[source] +-- + +You are running: schema --read DERIVED info + +############################################################################### +# # +# DERIVED SCHEMAS # +# # +############################################################################### +# # # +# SCHEMA KEY # EXPRESSION # +# # # +############################################################################### +# # # +# info # username + ' - ' + creationDate + '[' + failedLogins + ']' # +# # # +############################################################################### + +-- +[source] +-- + +You are running: schema --read VIRTUAL virtualReadOnly + +################################## +# # +# VIRTUAL SCHEMAS # +# # +################################## +# # # +# SCHEMA KEY # READONLY # +# # # +################################## +# # # +# virtualReadOnly # true # +# # # +################################## + +-- + +===== Delete option +The option to delete a specified schema. + +[source] +-- +$ ./syncopeadm.sh schema --delete {SCHEMA-TYPE} {SCHEMA-KEY} + Schema type: PLAIN / DERIVED / VIRTUAL +-- + +The delete option, as can be imagined, tries to remove a specified schema. +[source] +-- + - Schema {SCHEMA-KEY} successfully deleted +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/task.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/task.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/task.adoc new file mode 100644 index 0000000..fb1f573 --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/task.adoc @@ -0,0 +1,315 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Task command +The Task command retrieves information about the Task configuration in Apache Syncope. + +===== Help message +[source,bash] +---- +Usage: task [options] + Options: + --help + --details + --list + Syntax: --list {TASK-TYPE} + Task type: NOTIFICATION / PROPAGATION / PUSH / SCHEDULED / SYNCHRONIZATION + --list-running-jobs + --list-scheduled-jobs + --read + Syntax: --read {TASK-ID} {TASK-ID} [...] + --read-execution + Syntax: --read-execution {TASK-EXEC-ID} {TASK-EXEC-ID} [...] + --delete + Syntax: --delete {TASK-ID} {TASK-ID} [...] + --delete-execution + Syntax: --delete-execution {TASK-EXEC-ID} {TASK-EXEC-ID} [...] + --execute + Syntax: --execute {TASK-ID} {DRY-RUN} + Dry run: true / false +---- + +===== Details option +This option shows a table with some details about tasks and jobs. + +[source] +-- +$ ./syncopeadm.sh task --details +-- + +[source] +-- + +You are running: task --details + +############################################################## +# # +# TASKS DETAILS # +# # +############################################################## +# # # +# DETAIL # VALUE # +# # # +############################################################## +# # # +# total number # 28 # +# notification tasks # 1 # +# notification tasks not executed # 1 # +# propagation tasks # 5 # +# propagation tasks not executed # 3 # +# push tasks # 11 # +# push tasks not executed # 11 # +# scheduled tasks # 1 # +# scheduled tasks not executed # 1 # +# synchronization tasks # 10 # +# synchronization tasks not executed # 10 # +# synchronization tasks with full reconciliation # 5 # +# running jobs # 0 # +# scheduled jobs # 1 # +# # # +############################################################## + +-- + +===== List option +Running the command with this option you will see the list of selected tasks type with their information. + +[source] +-- +$ ./syncopeadm.sh - task --list {TASK-TYPE} + Task type: NOTIFICATION / PROPAGATION / PUSH / SCHEDULED / SYNCHRONIZATION +-- + +[source] +-- + +You are running: task --list SCHEDULED + + - Scheduled task key: 5 + name: SampleJob Task + cron expression: 0 0 0 1 * ? + description: null + start date: null + end date: null + last execution: null + next execution: Tue Dec 01 00:00:00 CET 2015 + latest execution status: + job delegate class: org.apache.syncope.fit.core.reference.TestSampleJobDelegate + +-- + +The last snippet code shows the information of the scheduled tasks. + +===== List running jobs +Running the command with this option you will see the list of the actual running jobs. + +[source] +-- +$ ./syncopeadm.sh task --list-running-jobs +-- + +[source] +-- + - There are NO running jobs available +-- + +===== List scheduled jobs +Running the command with this option you will see the list of the actual scheduled jobs. + +[source] +-- +$ ./syncopeadm.sh task --list-scheduled-jobs +-- + +[source] +-- + EXECUTIONS: + - task execution key: 0 + task: 5 + message: + ############### <BEGIN MESSAGE> ############### + message: null + ############### <END MESSAGE> ############### + status: NORMAL + start date: Fri Nov 27 15:11:23 CET 2015 + end date: null +-- + +===== Read option +The option to read all the information of specified tasks. + +[source] +-- +$ ./syncopeadm.sh task --read {TASK-ID} {TASK-ID} [...] +-- + +Unlike the list option, the read option shows only the tasks passed as input. Below the commad to read the task with +id 13 +[source] +-- +You are running: task --read 13 + + - Push task key: 13 + name: Export on resource-testdb2 + resource: resource-testdb2 + cron expression: null + description: null + is perform create: true + is perform delete: true + is perform update: true + is sync status: true + start date: null + end date: null + last execution: null + next execution: null + latest execution status: + filters: {GROUP=name==_NO_ONE_, USER=surname==Vivaldi} + delegate class: null + action class: [] + matching rule: IGNORE + not matching rule: ASSIGN +-- + +===== Read execution option +The option to read all the information of executions task. + +[source] +-- +$ ./syncopeadm.sh task --read-execution {TASK-EXEC-ID} {TASK-EXEC-ID} [...] +-- + +===== Delete option +The option to delete specified tasks. + +[source] +-- +$ ./syncopeadm.sh task --delete {TASK-ID} TASK-ID} [...] +-- + +The delete option, as can be imagined, tries to remove specified tasks. +[source] +-- + - task {TASK-ID} successfully deleted +-- + +===== Delete execution option +The option to delete specified execution tasks. +[source] +-- +$ ./syncopeadm.sh task --delete {TASK-EXEC-ID} {TASK-EXEC-ID} [...] +-- + +The delete option, as can be imagined, tries to remove specified execution tasks. +[source] +-- + - task {TASK-EXEC-ID} successfully deleted +-- + +===== Execute option +The option to execute specified execution tasks. +[source] +-- +$ ./syncopeadm.sh task --execute {TASK-ID} {DRY-RUN} + Dry run: true / false +-- + +For instance, executing the PUSH task with id 13 in dry run mode the result is +[source] +-- + You are running: task --execute 13 false + EXECUTIONS: + - task execution key: 0 + task: 13 + message: + ############### <BEGIN MESSAGE> ############### + message: Job fired; waiting for results... + ############### <END MESSAGE> ############### + status: JOB_FIRED + start date: Fri Nov 27 16:02:24 CET 2015 + end date: null +-- +then reading again the task id you will find the execution results among the other task information +[source] +-- +- Push task key: 13 + name: Export on resource-testdb2 + resource: resource-testdb2 + cron expression: null + description: null + is perform create: true + is perform delete: true + is perform update: true + is sync status: true + start date: Fri Nov 27 16:02:24 CET 2015 + end date: Fri Nov 27 16:02:26 CET 2015 + last execution: null + next execution: null + latest execution status: SUCCESS + filters: {GROUP=name==_NO_ONE_, USER=surname==Vivaldi} + delegate class: null + action class: [] + matching rule: IGNORE + not matching rule: ASSIGN + EXECUTIONS: + - task execution key: 15 + task: 13 + message: + ############### <BEGIN MESSAGE> ############### + message: Users [created/failures]: 1/0 [updated/failures]: 0/0 [deleted/failures]: 0/0 [no operation/ignored]: 0/0 +Groups [created/failures]: 0/0 [updated/failures]: 0/0 [deleted/failures]: 0/0 [no operation/ignored]: 0/0 +Any objects [created/failures]: 0/0 [updated/failures]: 0/0 [deleted/failures]: 0/0 [no operation/ignored]: 0/0 + +Users created: +CREATE SUCCESS (id/name): 3/vivaldi + +Users updated: + +Users deleted: + +Users no operation: + +Users ignored: + + +Groups created: + +Groups updated: + +Groups deleted: + +Groups no operation: + +Groups ignored: + + +Any objects created: + +Any objects updated: + +Any objects deleted: + +Any objects no operation: + +Any objects ignored: + + ############### <END MESSAGE> ############### + status: SUCCESS + start date: Fri Nov 27 16:02:24 CET 2015 + end date: Fri Nov 27 16:02:26 CET 2015 +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/cli/user.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/cli/user.adoc b/src/main/asciidoc/workingwithapachesyncope/cli/user.adoc new file mode 100644 index 0000000..ed2715c --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/cli/user.adoc @@ -0,0 +1,533 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== User command +The user command retrieves information about the users. + +===== Help message +[source,bash] +---- +Usage: user [options] + Options: + --help + --list + --details + --get-user-key + Syntax: --get-user-key {USERNAME} {USERNAME} [...] + --get-username + Syntax: --get-username {USER-ID} {USER-ID} [...] + --read + Syntax: --read {USER-ID} {USER-ID} [...] + --search-by-attribute + Syntax: --search-by-attribute {REALM} {ATTR-NAME}={ATTR-VALUE} + --search-by-role + Syntax: --search-by-role {REALM} {ROLE-ID} + --search-by-resource + Syntax: --search-by-resource {REALM} {RESOURCE-NAME} + --delete + Syntax: --delete {USER-ID} {USER-ID} [...] + --delete-all + Syntax: --delete-all {REALM} + --delete-by-attribute + Syntax: --delete-by-attribute {REALM} {ATTR-NAME}={ATTR-VALUE} +---- + +===== Details option +This option shows a table with some details about the users. + +[source] +-- +$ ./syncopeadm.sh user --details +-- + +[source] +-- + +You are running: user --details + +################################# +# # +# USERS DETAILS # +# # +################################# +# # # +# DETAIL # VALUE # +# # # +################################# +# # # +# Total number # 5 # +# Active # 5 # +# Suspended # 0 # +# Without resources # 0 # +# Without roles # 2 # +# # # +################################# + +-- + +===== List option +Running the command with this option you will see the list of all users in the environment. However, the system will ask you a confirmation before execution, because as you can imagine this operation might produce very large output. + +[source] +-- +$ ./syncopeadm.sh user --list +-- +[source] +-- +You are running: user --list + +This operation might produce very large output. Do you want to continue? [yes/no] +yes + + > USER ID: 2 + username: verdi + realm: / + status: active + RESOURCES: + - ws-target-resource-list-mappings-1 + - ws-target-resource-list-mappings-2 + ROLES: + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + fullname: [Giuseppe Verdi] + firstname: [Giuseppe] + surname: [Verdi] + userId: [ve...@apache.org] + email: [ve...@syncope.org] + DERIVED ATTRIBUTES: + info: [verdi - 2010-10-20T11:00:00+0200[0]] - is readonly. + noschema: [Verdi, ] - is readonly. + cn: [Verdi, Giuseppe] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + +-- + +===== Get user key option +The option to get the user key starting from a username. + +[source] +-- +$ ./syncopeadm.sh user --get-user-key {USERNAME} +-- + +[source] +-- +You are running: user --get-user-key rossini + + - rossini user ID is 1 +-- + +===== Get username option +The option to get the username starting from a user id. + +[source] +-- +$ ./syncopeadm.sh user --get-user-key {USER-ID} +-- + +[source] +-- +You are running: user --get-username 1 + + - 1 username is rossini +-- + +===== Read by user id option +The option to read user information by their user id. + +[source] +-- +$ ./syncopeadm.sh user --read {USER-ID} {USER-ID} [...] +-- + +[source] +-- + +You are running: user --read 1 + + > USER ID: 1 + username: rossini + realm: /even + status: active + RESOURCES: + - resource-testdb2 + - ws-target-resource-2 + ROLES: + - Other + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + type: [G] + fullname: [Gioacchino Rossini] + firstname: [Gioacchino] + surname: [Rossini] + userId: [ross...@apache.org] + loginDate: [2009-05-26, 2010-05-26] + DERIVED ATTRIBUTES: + info: [rossini - 2010-10-20[0]] - is readonly. + noschema: [Rossini, ] - is readonly. + cn: [Rossini, Gioacchino] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + +-- + +===== Read by username option +The option to read user information by their username. + +[source] +-- +$ ./syncopeadm.sh user --read {USERNAME} {USERNAME} [...] +-- + +[source] +-- + +You are running: user --read rossini + + > USER ID: 1 + username: rossini + realm: /even + status: active + RESOURCES: + - resource-testdb2 + - ws-target-resource-2 + ROLES: + - Other + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + type: [G] + fullname: [Gioacchino Rossini] + firstname: [Gioacchino] + surname: [Rossini] + userId: [ross...@apache.org] + loginDate: [2009-05-26, 2010-05-26] + DERIVED ATTRIBUTES: + info: [rossini - 2010-10-20[0]] - is readonly. + noschema: [Rossini, ] - is readonly. + cn: [Rossini, Gioacchino] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + +-- + +===== Search by attribute option +The option to search a list of users with a common attribute. + +[source] +-- +$ ./syncopeadm.sh user --search-by-attribute {REALM} {ATTR-NAME}={ATTR-VALUE} +-- + +For instance if you want to search the active users under the root realm: + +[source] +-- + +You are running: user --search-by-attribute / status=active + + > USER ID: 2 + username: verdi + realm: / + status: active + RESOURCES: + - ws-target-resource-list-mappings-1 + - ws-target-resource-list-mappings-2 + ROLES: + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + fullname: [Giuseppe Verdi] + firstname: [Giuseppe] + surname: [Verdi] + userId: [ve...@apache.org] + email: [ve...@syncope.org] + DERIVED ATTRIBUTES: + info: [verdi - 2010-10-20T11:00:00+0200[0]] - is readonly. + noschema: [Verdi, ] - is readonly. + cn: [Verdi, Giuseppe] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + + > USER ID: 3 + username: vivaldi + realm: / + status: active + RESOURCES: + - ws-target-resource-delete + - ws-target-resource-1 + - ws-target-resource-2 +[...] +-- + +===== Search by role option +The option to search a list of users with a specified role. + +[source] +-- +$ ./syncopeadm.sh user --search-by-role {REALM} {ROLE-NAME} +-- + +[source] +-- + +You are running: user --search-by-role / Other + + > USER ID: 1 + username: rossini + realm: /even + status: active + RESOURCES: + - resource-testdb2 + - ws-target-resource-2 + ROLES: + - Other + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + type: [G] + fullname: [Gioacchino Rossini] + firstname: [Gioacchino] + surname: [Rossini] + userId: [ross...@apache.org] + loginDate: [2009-05-26, 2010-05-26] + DERIVED ATTRIBUTES: + info: [rossini - 2010-10-20[0]] - is readonly. + noschema: [Rossini, ] - is readonly. + cn: [Rossini, Gioacchino] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + +-- + +===== Search by resource option +The option to search a list of users with a specified resource. + +[source] +-- +$ ./syncopeadm.sh user --search-by-resource {REALM} {RESOURCE-NAME} +-- + +[source] +-- + +You are running: user --search-by-resource / ws-target-resource-2 + + > USER ID: 3 + username: vivaldi + realm: / + status: active + RESOURCES: + - ws-target-resource-delete + - ws-target-resource-1 + - ws-target-resource-2 + ROLES: + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + firstname: [Antonio] + surname: [Vivaldi] + fullname: [Antonio Vivaldi] + userId: [viva...@apache.org] + email: [viva...@syncope.org] + type: [F] + DERIVED ATTRIBUTES: + cn: [Vivaldi, Antonio] - is readonly. + noschema: [Vivaldi, ] - is readonly. + info: [vivaldi - 2010-10-20T11:00:00+0200[0]] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + + > USER ID: 1 + username: rossini + realm: /even + status: active + RESOURCES: + - resource-testdb2 + - ws-target-resource-2 + ROLES: + - Other + creation date: Wed Oct 20 11:00:00 CEST 2010 + change password date: null + PLAIN ATTRIBUTES: + type: [G] + fullname: [Gioacchino Rossini] + firstname: [Gioacchino] + surname: [Rossini] + userId: [ross...@apache.org] + loginDate: [2009-05-26, 2010-05-26] + DERIVED ATTRIBUTES: + info: [rossini - 2010-10-20[0]] - is readonly. + noschema: [Rossini, ] - is readonly. + cn: [Rossini, Gioacchino] - is readonly. + VIRTUAL ATTRIBUTES: + creator: admin + last modifier: admin + token: null + token expiration time: null + last change: Wed Oct 20 11:00:00 CEST 2010 + last login: null + failed logins: 0 +RELATIONSHIPS: + security question id: null + security question answer id: null + +-- + +===== Delete option +The option to delete a specified user. + +[source] +-- +$ ./syncopeadm.sh user --delete {{USER-ID} {USER-ID} [...] +-- + +The delete option, as can be imagined, tries to remove a specified user. +[source] +-- + - User {USER-ID} successfully deleted +-- + +===== Delete by attribute option +The option to delete the users with a common attribute. + +[source] +-- +$ ./syncopeadm.sh user --delete-by-attribute {REALM} {ATTR-NAME}={ATTR-VALUE} +-- + +[source] +-- + You are running: user --delete-by-attribute / surname=Rossini + + - Deleted users: 1 +-- + +===== Delete all option +The option to delete all users of the realm passed as input. + +[source] +-- +$ ./syncopeadm.sh user --delete-all {REALM} +-- + +The delete option, as can be imagined, tries to remove every user under the specified realm. + +[NOTE] +To run this operation the system asks you again for the admin credential. + +[source] +-- +You are running: user --delete-all / + +Running this operation you will delete all the realm users managed by Syncope, are you sure? [yes/no] +yes + +Username: +admin + +Password: +password +Deleting process started + + - Deleted users: 2 + +######################### +# # +# USERS NOT DELETED # +# # +######################### +# # # +# USER ID # CAUSE # +# # # +######################### +# # # +# 5 # FAILURE # +# # # +######################### + +-- + +The output is composed of two parts. The first one is the number of deleted users; the second one is a table with the users (user id) who aren't removed. + +To know the reason why the deletion failed you need to run the command with the standard delete option. + +[source] +-- +You are running: user --delete 5 + + - Error: GroupOwnership [6 director] +-- http://git-wip-us.apache.org/repos/asf/syncope/blob/75387d7a/src/main/asciidoc/workingwithapachesyncope/restfulservices/client-library.adoc ---------------------------------------------------------------------- diff --git a/src/main/asciidoc/workingwithapachesyncope/restfulservices/client-library.adoc b/src/main/asciidoc/workingwithapachesyncope/restfulservices/client-library.adoc new file mode 100644 index 0000000..018027e --- /dev/null +++ b/src/main/asciidoc/workingwithapachesyncope/restfulservices/client-library.adoc @@ -0,0 +1,60 @@ +// +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +// + +==== Client library +The Apache Syncope client library, as suggested, is a Java client to work with the Apache Syncope core. + +===== Maven dependency +[source,xml,subs="verbatim,attributes"] +---- +<dependency> + <groupId>org.apache.syncope.client</groupId> + <artifactId>syncope-client-lib</artifactId> + <version>{docVersion}</version> +</dependency> +---- + +===== Instantiation +Basically, all you need is to obtain a SyncopeClient instance via the following statement in order +to set the base REST URL and credentials: + +[source,java] +---- +SyncopeClient client = new SyncopeClientFactoryBean(). + setAddress("http://localhost:9080/syncope/rest/"). + create("admin", "password"); +---- + +and you get enabled for any kind of REST service interaction with Apache Syncope. +You can read the http://syncope.apache.org/apidocs/1.2/org/apache/syncope/common/services/package-summary.html[javadoc] +page for a documented list of available REST services in Apache Syncope. + +===== Usage example +Below a snippet that shows how to use the SyncopeClient to update the logger configuration. +[source,java] +---- +SyncopeClient client = new SyncopeClientFactoryBean(). + setAddress("http://localhost:9080/syncope/rest/"). + create("admin", "password"); +LoggerService loggerService = client.getService(LoggerService.class); + +LoggerTO loggerTO = loggerService.read(LoggerType.LOG, "org.apache.syncope.core.connid"); +loggerTO.setLevel(LoggerLevel.DEBUG); +loggerService.update(LoggerType.LOG, loggerTO); +----