@Override public void update(final AnyType anyType, final AnyTypeTO anyTypeTO) { if (anyType.getKey() == null) { anyType.setKey(anyTypeTO.getKey()); } if (anyType.getKind() == null) { anyType.setKind(anyTypeTO.getKind()); } if (anyType.getKind() != anyTypeTO.getKind()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidAnyType); sce.getElements().add(AnyTypeKind.class.getSimpleName() + " cannot be changed"); throw sce; } anyType.getClasses().clear(); anyTypeTO.getClasses().forEach(anyTypeClassName -> { AnyTypeClass anyTypeClass = anyTypeClassDAO.find(anyTypeClassName); if (anyTypeClass == null) { LOG.debug("Invalid " + AnyTypeClass.class.getSimpleName() + " {}, ignoring...", anyTypeClassName); } else { anyType.add(anyTypeClass); } }); }
@Override public AnyTypeTO getAnyTypeTO(final AnyType anyType) { AnyTypeTO anyTypeTO = new AnyTypeTO(); anyTypeTO.setKey(anyType.getKey()); anyTypeTO.setKind(anyType.getKind()); anyType.getClasses().forEach(anyTypeClass -> { anyTypeTO.getClasses().add(anyTypeClass.getKey()); }); return anyTypeTO; }
if (isHtml(anyType.getKey())) { context.buildConstraintViolationWithTemplate( getTemplate(EntityViolationType.InvalidKey, "Invalid key")). switch (anyType.getKind()) { case USER: nameKindMatch = AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey()); break; nameKindMatch = AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey()); break; nameKindMatch = !AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey()) && !AnyTypeKind.GROUP.name().equalsIgnoreCase(anyType.getKey()) && !SyncopeConstants.REALM_ANYTYPE.equalsIgnoreCase(anyType.getKey());
@Override public Optional<? extends Provision> getProvision(final String anyType) { return getProvisions().stream(). filter(provision -> provision.getAnyType().getKey().equals(anyType)).findFirst(); }
@Transactional(readOnly = true) @Override public Optional<String> getConnObjectKeyValue(final Any<?> any, final Provision provision) { MappingItem mapItem = provision.getMapping().getConnObjectKeyItem().get(); List<PlainAttrValue> values; try { values = getIntValues( provision, mapItem, intAttrNameParser.parse(mapItem.getIntAttrName(), provision.getAnyType().getKind()), any); } catch (ParseException e) { LOG.error("Invalid intAttrName '{}' specified, ignoring", mapItem.getIntAttrName(), e); values = Collections.emptyList(); } return Optional.ofNullable(values.isEmpty() ? null : values.get(0).getValueAsString()); }
typeOwnClasses.addAll(any.getType().getClasses()); typeOwnClasses.addAll(any.getAuxClasses());
provision.getAnyType().getClasses().iterator(), provision.getAuxClasses().iterator()); itor.hasNext();) { if (resourceTO.getProvision(provision.getAnyType().getKey()) == null) { virSchemaDAO.findByProvision(provision).forEach(schema -> { virSchemaDAO.delete(schema.getKey());
@Override @SuppressWarnings("unchecked") public List<String> findADynMembers(final Group group) { List<String> result = new ArrayList<>(); group.getADynMemberships().forEach(memb -> { Query query = entityManager().createNativeQuery( "SELECT any_id FROM " + ADYNMEMB_TABLE + " WHERE group_id=? AND anyType_id=?"); query.setParameter(1, group.getKey()); query.setParameter(2, memb.getAnyType().getKey()); query.getResultList().stream().map(key -> key instanceof Object[] ? (String) ((Object[]) key)[0] : ((String) key)). filter(anyObject -> !result.contains((String) anyObject)). forEach(anyObject -> { result.add((String) anyObject); }); }); return result; }
virtualResources.addAll(propByRes.get(ResourceOperation.CREATE)); virtualResources.addAll(propByRes.get(ResourceOperation.UPDATE)); virtualResources.addAll(dao(any.getType().getKind()).findAllResourceKeys(any.getKey())); task.setResource(resource.getKey()); task.setObjectClassName(provision.getObjectClass().getObjectClassValue()); task.setAnyTypeKind(any.getType().getKind()); task.setAnyType(any.getType().getKey()); if (!deleteOnResource) { task.setEntityKey(any.getKey());
@Override public DynRealm saveAndRefreshDynMemberships(final DynRealm dynRealm) { DynRealm merged = save(dynRealm); // refresh dynamic memberships clearDynMembers(merged); merged.getDynMemberships().stream().map(memb -> jpaAnySearchDAO().search( SearchCondConverter.convert(memb.getFIQLCond()), memb.getAnyType().getKind())). forEachOrdered(matching -> { matching.forEach(any -> { Query insert = entityManager().createNativeQuery( "INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)"); insert.setParameter(1, any.getKey()); insert.setParameter(2, merged.getKey()); insert.executeUpdate(); publisher.publishEvent(new AnyCreatedUpdatedEvent<>(this, any, AuthContextUtils.getDomain())); }); }); return merged; }
typeOwnClasses.addAll(any.getType().getClasses()); typeOwnClasses.addAll(any.getAuxClasses()); if (!typeOwnClasses.stream().anyMatch(clazz -> clazz.getPlainSchemas().contains(schema))) {
@Override public TypeExtensionTO getTypeExtensionTO(final TypeExtension typeExt) { TypeExtensionTO typeExtTO = new TypeExtensionTO(); typeExtTO.setAnyType(typeExt.getAnyType().getKey()); typeExtTO.getAuxClasses().addAll( typeExt.getAuxClasses().stream().map(Entity::getKey).collect(Collectors.toList())); return typeExtTO; }
status.set("Pushing " + provision.getAnyType().getKey()); AnyDAO<?> anyDAO = anyUtilsFactory.getInstance(provision.getAnyType().getKind()).dao(); switch (provision.getAnyType().getKind()) { case USER: handler = buildUserHandler(); Collections.singleton(profile.getTask().getSourceRealm().getFullPath()), cond, provision.getAnyType().getKind()); for (int page = 1; page <= (count / AnyDAO.DEFAULT_PAGE_SIZE) + 1 && !interrupt; page++) { List<? extends Any<?>> anys = searchDAO.search( AnyDAO.DEFAULT_PAGE_SIZE, Collections.<OrderByClause>emptyList(), provision.getAnyType().getKind()); doHandle(anys, handler, pushTask.getResource());
AnyUtils anyUtils = anyUtilsFactory.getInstance(anyType.getKind());
@Override public void delete(final String key) { AnyTypeClass anyTypeClass = find(key); if (anyTypeClass == null) { return; } for (PlainSchema schema : plainSchemaDAO.findByAnyTypeClasses(Collections.singletonList(anyTypeClass))) { schema.setAnyTypeClass(null); } for (DerSchema schema : derSchemaDAO.findByAnyTypeClasses(Collections.singletonList(anyTypeClass))) { schema.setAnyTypeClass(null); } for (VirSchema schema : virSchemaDAO.findByAnyTypeClasses(Collections.singletonList(anyTypeClass))) { schema.setAnyTypeClass(null); } for (AnyType type : anyTypeDAO.findByTypeClass(anyTypeClass)) { type.getClasses().remove(anyTypeClass); } for (TypeExtension typeExt : groupDAO.findTypeExtensions(anyTypeClass)) { typeExt.getAuxClasses().remove(anyTypeClass); if (typeExt.getAuxClasses().isEmpty()) { typeExt.getGroup().getTypeExtensions().remove(typeExt); typeExt.setGroup(null); } } for (Provision provision : resourceDAO.findProvisionsByAuxClass(anyTypeClass)) { provision.getAuxClasses().remove(anyTypeClass); } entityManager().remove(anyTypeClass); }
protected void doHandle( final List<? extends Any<?>> anys, final SyncopePushResultHandler handler, final ExternalResource resource) throws JobExecutionException { for (int i = 0; i < anys.size() && !interrupt; i++) { try { handler.handle(anys.get(i).getKey()); reportHandled( anys.get(i).getType().getKey(), (anys.get(i) instanceof User ? ((User) anys.get(i)).getUsername() : anys.get(i) instanceof Group ? ((Group) anys.get(i)).getName() : ((AnyObject) anys.get(i)).getName())); } catch (Exception e) { LOG.warn("Failure pushing '{}' on '{}'", anys.get(i), resource, e); throw new JobExecutionException("While pushing " + anys.get(i) + " on " + resource, e); } } }
result.setAnyType(provision.getAnyType().getKey()); result.setStatus(ProvisioningReport.Status.SUCCESS); result.setKey(key); result.setMessage(String.format("Any '%s(%s)' not found", provision.getAnyType().getKey(), key)); propByRes.add(ResourceOperation.DELETE, profile.getTask().getResource().getKey()); taskExecutor.execute(propagationManager.getDeleteTasks( provision.getAnyType().getKind(), key, propByRes, LOG.debug("{} {} successfully updated", provision.getAnyType().getKey(), key); } catch (PropagationException e) { provision.getAnyType().getKey(), delta.getUid().getUidValue(), e); output = e; resultStatus = Result.FAILURE; result.setMessage(ExceptionUtils.getRootCauseMessage(e)); LOG.error("Could not update {} {}", provision.getAnyType().getKey(), delta.getUid().getUidValue(), e); output = e; resultStatus = Result.FAILURE;
private void setDynMembership(final Group group, final AnyType anyType, final String dynMembershipFIQL) { SearchCond dynMembershipCond = SearchCondConverter.convert(dynMembershipFIQL); if (!dynMembershipCond.isValid()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidSearchExpression); sce.getElements().add(dynMembershipFIQL); throw sce; } if (anyType.getKind() == AnyTypeKind.GROUP) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidAnyType); sce.getElements().add(anyType.getKind().name()); throw sce; } DynGroupMembership<?> dynMembership; if (anyType.getKind() == AnyTypeKind.ANY_OBJECT && !group.getADynMembership(anyType).isPresent()) { dynMembership = entityFactory.newEntity(ADynGroupMembership.class); dynMembership.setGroup(group); ((ADynGroupMembership) dynMembership).setAnyType(anyType); group.add((ADynGroupMembership) dynMembership); } else if (anyType.getKind() == AnyTypeKind.USER && group.getUDynMembership() == null) { dynMembership = entityFactory.newEntity(UDynGroupMembership.class); dynMembership.setGroup(group); group.setUDynMembership((UDynGroupMembership) dynMembership); } else { dynMembership = anyType.getKind() == AnyTypeKind.ANY_OBJECT ? group.getADynMembership(anyType).get() : group.getUDynMembership(); } dynMembership.setFIQLCond(dynMembershipFIQL); }
anyTypeDAO.findUser().getClasses().forEach(anyTypeClass -> { allowedSchemas.getPlainSchemas().addAll(anyTypeClass.getPlainSchemas().stream(). map(Entity::getKey).collect(Collectors.toList()));
@Override protected void securityChecks(final AnyObject anyObject) { Map<String, Set<String>> authorizations = AuthContextUtils.getAuthorizations(); Set<String> authRealms = authorizations.containsKey(AnyEntitlement.READ.getFor(anyObject.getType().getKey())) ? authorizations.get(AnyEntitlement.READ.getFor(anyObject.getType().getKey())) : Collections.emptySet(); boolean authorized = authRealms.stream(). anyMatch(realm -> anyObject.getRealm().getFullPath().startsWith(realm)); if (!authorized) { authorized = findDynRealms(anyObject.getKey()).stream(). filter(dynRealm -> authRealms.contains(dynRealm)). count() > 0; } if (authRealms.isEmpty() || !authorized) { throw new DelegatedAdministrationException( anyObject.getRealm().getFullPath(), AnyTypeKind.ANY_OBJECT.name(), anyObject.getKey()); } }