@Override public List<PropagationTaskInfo> getCreateTasks( final AnyTypeKind kind, final String key, final Boolean enable, final PropagationByResource propByRes, final Collection<AttrTO> vAttrs, final Collection<String> noPropResourceKeys) { return getCreateTasks(dao(kind).authFind(key), null, enable, propByRes, vAttrs, noPropResourceKeys); }
@Override public List<String> getValues(final Any<?> any, final VirSchema schema) { if (!anyUtilsFactory.getInstance(any).dao(). findAllowedSchemas(any, VirSchema.class).forSelfContains(schema)) { LOG.debug("{} not allowed for {}", schema, any); return Collections.emptyList(); } List<String> result = getValues(any, Collections.singleton(schema)).get(schema); return result == null ? Collections.emptyList() : result; }
protected boolean securityChecks(final Set<String> effectiveRealms, final String realm, final String key) { boolean authorized = effectiveRealms.stream().anyMatch(ownedRealm -> realm.startsWith(ownedRealm)); if (!authorized) { AnyDAO<?> anyDAO = this instanceof UserLogic ? userDAO : this instanceof GroupLogic ? groupDAO : anyObjectDAO; authorized = anyDAO.findDynRealms(key).stream(). anyMatch(dynRealm -> effectiveRealms.contains(dynRealm)); } if (!authorized) { throw new DelegatedAdministrationException( realm, (this instanceof UserLogic ? AnyTypeKind.USER : this instanceof GroupLogic ? AnyTypeKind.GROUP : AnyTypeKind.ANY_OBJECT).name(), key); } return effectiveRealms.stream().anyMatch(new RealmUtils.DynRealmsPredicate()); }
switch (intAttrName.getField()) { case "key": Any<?> any = anyUtils.dao().find(connObjectKey); if (any != null) { result.add(any.getKey()); result.addAll(anyUtils.dao().findByPlainAttrValue( intAttrName.getSchemaName(), value, provision.isIgnoreCaseMatch()). stream().map(Entity::getKey).collect(Collectors.toList())); result.addAll(anyUtils.dao().findByDerAttrValue( intAttrName.getSchemaName(), connObjectKey, provision.isIgnoreCaseMatch()). stream().map(Entity::getKey).collect(Collectors.toList()));
@Override public List<PropagationTaskInfo> getDeleteTasks( final AnyTypeKind kind, final String key, final PropagationByResource propByRes, final Collection<String> noPropResourceKeys) { Any<?> any = dao(kind).authFind(key); PropagationByResource localPropByRes = new PropagationByResource(); if (propByRes == null || propByRes.isEmpty()) { localPropByRes.addAll(ResourceOperation.DELETE, dao(kind).findAllResourceKeys(key)); } else { localPropByRes.merge(propByRes); } if (noPropResourceKeys != null) { localPropByRes.removeAll(noPropResourceKeys); } return getDeleteTasks(any, localPropByRes, noPropResourceKeys); }
virtualResources.addAll(propByRes.get(ResourceOperation.CREATE)); virtualResources.addAll(propByRes.get(ResourceOperation.UPDATE)); virtualResources.addAll(dao(any.getType().getKind()).findAllResourceKeys(any.getKey())); LOG.warn("Ignoring read-only {} {}", VirSchema.class.getSimpleName(), vAttr.getSchema()); } else if (anyUtilsFactory.getInstance(any).dao(). findAllowedSchemas(any, VirSchema.class).contains(schema) && virtualResources.contains(schema.getProvision().getResource().getKey())) {
protected Date findLastChange(final String key) { Date lastChange = getAnyDAO().findLastChange(key); if (lastChange == null) { throw new NotFoundException("User, Group or Any Object for " + key); } return lastChange; }
protected String getActualKey(final AnyDAO<?> dao, final String pretendingKey) { String actualKey = pretendingKey; if (!SyncopeConstants.UUID_PATTERN.matcher(pretendingKey).matches()) { actualKey = dao.findKey(pretendingKey); if (actualKey == null) { throw new NotFoundException("User, Group or Any Object for " + pretendingKey); } } return actualKey; }
: null; SearchCond cond = StringUtils.isBlank(filter) ? anyDAO.getAllMatchingCond() : SearchCondConverter.convert(filter); int count = searchDAO.count(
private void check(final String key, final String anyKey) { RemediationTO remediation = logic.read(key); AnyDAO<?> anyDAO; switch (remediation.getAnyType()) { case "USER": anyDAO = userDAO; break; case "GROUP": anyDAO = groupDAO; break; default: anyDAO = anyObjectDAO; } Date etagDate = anyDAO.findLastChange(anyKey); if (etagDate == null) { throw new NotFoundException(remediation.getAnyType() + " for " + key); } checkETag(String.valueOf(etagDate.getTime())); }
@Override public List<String> getValues(final Any<?> any, final Membership<?> membership, final VirSchema schema) { if (!anyUtilsFactory.getInstance(any).dao(). findAllowedSchemas(any, VirSchema.class).getForMembership(membership.getRightEnd()).contains(schema)) { LOG.debug("{} not allowed for {}", schema, any); return Collections.emptyList(); } List<String> result = getValues(any, Collections.singleton(schema)).get(schema); return result == null ? Collections.emptyList() : result; }
final Collection<String> noPropResourceKeys) { return getUpdateTasks(dao(kind).authFind(key), null, changePwd, enable, propByRes, vAttrs, noPropResourceKeys);
@Override public String getValue(final Any<?> any, final DerSchema schema) { if (!anyUtilsFactory.getInstance(any).dao(). findAllowedSchemas(any, DerSchema.class).forSelfContains(schema)) { LOG.debug("{} not allowed for {}", schema, any); return null; } return getValues(any, Collections.singleton(schema)).get(schema); }
Any<?> any = null; try { any = getAnyUtils().dao().authFind(anyKey);
@Override public String getValue(final Any<?> any, final Membership<?> membership, final DerSchema schema) { if (!anyUtilsFactory.getInstance(any).dao(). findAllowedSchemas(any, DerSchema.class).getForMembership(membership.getRightEnd()).contains(schema)) { LOG.debug("{} not allowed for {}", schema, any); return null; } return getValues(any, Collections.singleton(schema)).get(schema); }
@SuppressWarnings("unchecked") private Pair<Any<?>, Provision> init(final AnyTypeKind anyTypeKind, final String anyKey, final String resourceKey) { AnyUtils anyUtils = anyUtilsFactory.getInstance(anyTypeKind); Any<?> any = anyUtils.dao().authFind(anyKey); if (any == null) { throw new NotFoundException(anyTypeKind + " '" + anyKey + "'"); } ExternalResource resource = resourceDAO.find(resourceKey); if (resource == null) { throw new NotFoundException("Resource '" + resourceKey + "'"); } Provision provision = resource.getProvision(any.getType()).orElseThrow(() -> new NotFoundException("Provision for " + any.getType() + " on Resource '" + resourceKey + "'")); if (provision.getMapping() == null) { throw new NotFoundException("Mapping for " + any.getType() + " on Resource '" + resourceKey + "'"); } return (Pair<Any<?>, Provision>) Pair.of(any, provision); }
@Override public Map<DerSchema, String> getValues(final Any<?> any) { return getValues( any, anyUtilsFactory.getInstance(any).dao().findAllowedSchemas(any, DerSchema.class).getForSelf()); }
@Override public Map<VirSchema, List<String>> getValues(final Any<?> any) { return getValues( any, anyUtilsFactory.getInstance(any).dao().findAllowedSchemas(any, VirSchema.class).getForSelf()); }
private SyncopeClientException checkMandatory(final Any<?> any, final AnyUtils anyUtils) { SyncopeClientException reqValMissing = SyncopeClientException.build(ClientExceptionType.RequiredValuesMissing); // Check if there is some mandatory schema defined for which no value has been provided AllowedSchemas<PlainSchema> allowedPlainSchemas = anyUtils.dao().findAllowedSchemas(any, PlainSchema.class); allowedPlainSchemas.getForSelf().forEach(schema -> { checkMandatory(schema, any.getPlainAttr(schema.getKey()).orElse(null), any, reqValMissing); }); if (any instanceof GroupableRelatable) { allowedPlainSchemas.getForMemberships().forEach((group, schemas) -> { GroupableRelatable<?, ?, ?, ?, ?> groupable = GroupableRelatable.class.cast(any); Membership<?> membership = groupable.getMembership(group.getKey()).orElse(null); schemas.forEach(schema -> { checkMandatory(schema, groupable.getPlainAttr(schema.getKey(), membership).orElse(null), any, reqValMissing); }); }); } return reqValMissing; }