@Override public Collection<String> getManagersOidsExceptUser(UserType user, boolean preAuthorized) throws SchemaException, SecurityViolationException { Set<String> retval = new HashSet<>(); for (UserType u : getManagers(user, preAuthorized)) { if (!u.getOid().equals(user.getOid())) { retval.add(u.getOid()); } } return retval; }
@Override public String createAccountActivationLink(UserType userType) { return createBaseConfirmationLink(SchemaConstants.ACCOUNT_ACTIVATION_PREFIX, userType.getOid()); }
public String getOid() { return getUser().getOid(); }
/** * Returns a list of user's managers. Formally, for each Org O which this user has (any) relation to, * all managers of O are added to the result. * * Some customizations are probably necessary here, e.g. filter out project managers (keep only line managers), * or defining who is a manager of a user who is itself a manager in its org.unit. (A parent org unit manager, * perhaps.) * * @return list of oids of the respective managers */ @Override public Collection<String> getManagersOids(UserType user, boolean preAuthorized) throws SchemaException, SecurityViolationException { Set<String> retval = new HashSet<>(); for (UserType u : getManagers(user, preAuthorized)) { retval.add(u.getOid()); } return retval; }
protected void assertPrincipalUserOid(MidPointPrincipal principal, String userOid) { UserType user = principal.getUser(); if (user == null) { if (userOid == null) { return; } else { AssertJUnit.fail("Expected user "+userOid+" in principal "+principal+" but there was none"); } } assertEquals("Wrong user OID in principal", userOid, user.getOid()); }
protected void assertPrincipalAttorneyOid(MidPointPrincipal principal, String attotrneyOid) { UserType attorney = principal.getAttorney(); if (attorney == null) { if (attotrneyOid == null) { return; } else { AssertJUnit.fail("Expected attorney "+attotrneyOid+" in principal "+principal+" but there was none"); } } assertEquals("Wrong attroney OID in principal", attotrneyOid, attorney.getOid()); }
@GET @Path("/self") @Produces({MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON, RestServiceUtil.APPLICATION_YAML}) public Response getSelf(@Context MessageContext mc){ LOGGER.debug("model rest service for get operation start"); Task task = RestServiceUtil.initRequest(mc); OperationResult parentResult = task.getResult().createSubresult(OPERATION_SELF); Response response; try { UserType loggedInUser = SecurityUtil.getPrincipal().getUser(); PrismObject<UserType> user = model.getObject(UserType.class, loggedInUser.getOid(), null, task, parentResult); response = RestServiceUtil.createResponse(Response.Status.OK, user, parentResult, true); // ResponseBuilder builder = Response.ok(); // builder.entity(user); // response = builder.build(); parentResult.recordSuccessIfUnknown(); } catch (SecurityViolationException | ObjectNotFoundException | SchemaException | CommunicationException | ConfigurationException | ExpressionEvaluationException e) { response = RestServiceUtil.handleException(parentResult, e); } finishRequest(task); return response; }
protected void addUserParent(UserType user, ObjectReferenceType parentOrgRef, OperationResult opResult) throws Exception { List<ItemDelta> modifications = new ArrayList<>(); PrismReferenceValue existingValue = parentOrgRef.asReferenceValue(); ItemDelta readdParent = prismContext.deltaFactory().reference().createModificationAdd(UserType.class, UserType.F_PARENT_ORG_REF, existingValue.clone()); modifications.add(readdParent); repositoryService.modifyObject(UserType.class, user.getOid(), modifications, opResult); }
private void assertManager(String userOid, String managerOid, String orgType, boolean allowSelf, OperationResult result) throws ObjectNotFoundException, SchemaException, SecurityViolationException, CommunicationException, ConfigurationException, ExpressionEvaluationException { PrismObject<UserType> user = getUser(userOid); ModelExpressionThreadLocalHolder.pushExpressionEnvironment(new ExpressionEnvironment<>(null, result)); Collection<UserType> managers = libraryMidpointFunctions.getManagers(user.asObjectable(), orgType, allowSelf); ModelExpressionThreadLocalHolder.popExpressionEnvironment(); if (managerOid == null) { if (managers == null || managers.isEmpty()) { return; } else { AssertJUnit.fail("Expected no manager for "+user+", but got "+managers); } } else { if (managers == null) { AssertJUnit.fail("Expected manager for "+user+", but got no manager"); } if (managers.size() != 1) { AssertJUnit.fail("Expected one manager for "+user+", but got: "+managers); } else { UserType manager = managers.iterator().next(); if (manager.getOid().equals(managerOid)) { return; } else { AssertJUnit.fail("Expected manager with OID "+managerOid+" for "+user+", but got "+manager); } } } }
@Test public void test101AccountOwnerAfterRole() throws Exception { final String TEST_NAME = "test101AccountOwnerAfterRole"; displayTestTitle(TEST_NAME); // GIVEN assertNoRepoCache(); Holder<OperationResultType> resultHolder = new Holder<>(); Holder<UserType> userHolder = new Holder<>(); // WHEN modelWeb.findShadowOwner(accountShadowOidGuybrushOpendj, userHolder, resultHolder); // THEN TestUtil.assertSuccess("listAccountShadowOwner has failed (result)", resultHolder.value); UserType user = userHolder.value; assertNotNull("No owner", user); assertEquals(USER_GUYBRUSH_OID, user.getOid()); System.out.println("Account " + accountShadowOidGuybrushOpendj + " has owner " + ObjectTypeUtil.toShortString(user)); }
@Test public void test015AccountOwner() throws FaultMessage, ObjectNotFoundException, SchemaException, JAXBException { TestUtil.displayTestTitle("test015AccountOwner"); // GIVEN checkRepoOpenDjResource(); assertNoRepoCache(); Holder<OperationResultType> resultHolder = new Holder<>(); Holder<UserType> userHolder = new Holder<>(); // WHEN modelWeb.findShadowOwner(accountShadowOidOpendj, userHolder, resultHolder); // THEN display("listAccountShadowOwner result", resultHolder.value); TestUtil.assertSuccess("listAccountShadowOwner has failed (result)", resultHolder.value); UserType user = userHolder.value; assertNotNull("No owner", user); assertEquals(USER_JACK_OID, user.getOid()); System.out.println("Account " + accountShadowOidOpendj + " has owner " + ObjectTypeUtil.toShortString(user)); }
protected void assertUser(PrismObject<UserType> user, String oid, String name, String fullName, String givenName, String familyName, String location) { assertObject(user); UserType userType = user.asObjectable(); if (oid != null) { assertEquals("Wrong " + user + " OID (prism)", oid, user.getOid()); assertEquals("Wrong " + user + " OID (jaxb)", oid, userType.getOid()); } PrismAsserts.assertEqualsPolyString("Wrong "+user+" name", name, userType.getName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" fullName", fullName, userType.getFullName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" givenName", givenName, userType.getGivenName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" familyName", familyName, userType.getFamilyName()); if (location != null) { PrismAsserts.assertEqualsPolyString("Wrong " + user + " location", location, userType.getLocality()); } }
protected void assertUser(PrismObject<UserType> user, String oid, String name, String fullName, String givenName, String familyName, String location) { assertObjectSanity(user); UserType userType = user.asObjectable(); if (oid != null) { assertEquals("Wrong " + user + " OID (prism)", oid, user.getOid()); assertEquals("Wrong " + user + " OID (jaxb)", oid, userType.getOid()); } PrismAsserts.assertEqualsPolyString("Wrong "+user+" name", name, userType.getName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" fullName", fullName, userType.getFullName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" givenName", givenName, userType.getGivenName()); PrismAsserts.assertEqualsPolyString("Wrong "+user+" familyName", familyName, userType.getFamilyName()); if (location != null) { PrismAsserts.assertEqualsPolyString("Wrong " + user + " location", location, userType.getLocality()); } }
private <T extends ObjectType> ObjectFilter applyOwnerFilterOwnerRef(ItemPath ownerRefPath, ObjectFilter objSpecSecurityFilter, MidPointPrincipal principal, PrismObjectDefinition<T> objectDefinition) { PrismReferenceDefinition ownerRefDef = objectDefinition.findReferenceDefinition(ownerRefPath); S_AtomicFilterExit builder = prismContext.queryFor(AbstractRoleType.class) .item(ownerRefPath, ownerRefDef).ref(principal.getUser().getOid()); // TODO don't understand this code for (ObjectReferenceType subjectParentOrgRef: principal.getUser().getParentOrgRef()) { if (prismContext.isDefaultRelation(subjectParentOrgRef.getRelation())) { builder = builder.or().item(ownerRefPath, ownerRefDef).ref(subjectParentOrgRef.getOid()); } } ObjectFilter objSpecOwnerFilter = builder.buildFilter(); objSpecSecurityFilter = ObjectQueryUtil.filterAnd(objSpecSecurityFilter, objSpecOwnerFilter, prismContext); LOGGER.trace(" applying owner filter {}", objSpecOwnerFilter); return objSpecSecurityFilter; }
/** * MID-4593 */ @Test public void test928AddPasswordValue() throws Exception { final String TEST_NAME = "test928AddPasswordValue"; displayTestTitle(TEST_NAME); // GIVEN Task task = createTask(TEST_NAME); OperationResult result = task.getResult(); prepareTest(); setPasswordMinOccurs(0, task, result); UserType user = new UserType(prismContext).name("eve"); addObject(user.asPrismObject(), task, result); PrismObject<UserType> userReloaded = getUser(user.getOid()); assertNull("user has credentials", userReloaded.asObjectable().getCredentials()); // WHEN ProtectedStringType value = new ProtectedStringType(); value.setClearValue(PASSWORD_HELLO_WORLD); ObjectDelta<UserType> objectDelta = prismContext.deltaFor(UserType.class) .item(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE).add(value) .asObjectDeltaCast(user.getOid()); executeChanges(objectDelta, null, task, result); // THEN PrismObject<UserType> userAfter = getUser(user.getOid()); display("user after operation", userAfter); assertUserPassword(userAfter, PASSWORD_HELLO_WORLD); assertPasswordModifyMetadata(userAfter); }
/** * MID-4593 */ @Test public void test929ReplacePasswordValue() throws Exception { final String TEST_NAME = "test929ReplacePasswordValue"; displayTestTitle(TEST_NAME); // GIVEN Task task = createTask(TEST_NAME); OperationResult result = task.getResult(); prepareTest(); setPasswordMinOccurs(0, task, result); UserType user = new UserType(prismContext).name("frank"); addObject(user.asPrismObject(), task, result); PrismObject<UserType> userReloaded = getUser(user.getOid()); assertNull("user has credentials", userReloaded.asObjectable().getCredentials()); // WHEN ProtectedStringType value = new ProtectedStringType(); value.setClearValue(PASSWORD_HELLO_WORLD); ObjectDelta<UserType> objectDelta = prismContext.deltaFor(UserType.class) .item(UserType.F_CREDENTIALS, CredentialsType.F_PASSWORD, PasswordType.F_VALUE).replace(value) .asObjectDeltaCast(user.getOid()); executeChanges(objectDelta, null, task, result); // THEN PrismObject<UserType> userAfter = getUser(user.getOid()); display("user after operation", userAfter); assertUserPassword(userAfter, PASSWORD_HELLO_WORLD); assertPasswordModifyMetadata(userAfter); }
/** * MID-4862 */ @Test public void test500AssignmentsCombinationSingle() throws Exception { final String TEST_NAME = "test500AssignmentsCombinationSingle"; displayTestTitle(TEST_NAME); // GIVEN Task task = createTask(TEST_NAME); OperationResult result = task.getResult(); UserType jim = prismContext.createKnownObjectable(UserType.class) .name(USER_JIM_NAME) .subtype(USER_TYPE_CARTHESIAN) .beginAssignment() .targetRef(ROLE_SUPERUSER_OID, RoleType.COMPLEX_TYPE) .end(); // WHEN displayWhen(TEST_NAME); addObject(jim.asPrismObject()); // THEN displayThen(TEST_NAME); PrismObject<UserType> userAfter = getUser(jim.getOid()); display("User after", userAfter); assertAssignments(userAfter, 1); }
@Test public void test220AliceAssign2a2b() throws Exception { TestCtx t = createContext(this, "test220AliceAssign2a2b"); // GIVEN UserType alice = prismContext.createObjectable(UserType.class) .name("alice") .assignment(createAssignmentTo(roleATest2aOid, ObjectTypes.ROLE, prismContext)) .assignment(createAssignmentTo(roleATest2bOid, ObjectTypes.ROLE, prismContext)); // WHEN t.displayWhen(); addObject(alice.asPrismObject(), t.task, t.result); // THEN t.displayThen(); alice = getUser(alice.getOid()).asObjectable(); display("alice", alice); t.result.computeStatus(); TestUtil.assertSuccess(t.result); assertAssignedRole(alice.asPrismObject(), roleATest2aOid); assertAssignedRole(alice.asPrismObject(), roleATest2bOid); assertEquals("Wrong # of assignments", 2, alice.getAssignment().size()); display("Audit", dummyAuditService); dummyAuditService.assertExecutionRecords(2); // rules without IDs, with IDs ? for (AssignmentType assignment : alice.getAssignment()) { assertExclusionViolationState(assignment); } }
dan = getUser(dan.getOid()).asObjectable(); display("dan", dan); t.result.computeStatus();