private Map<String, String> getExpectedUserResult(String expectedOp, boolean includeGroups) throws ExternalIdentityException { Map<String, String> expected = new HashMap<>(); Iterator<ExternalUser> it = idp.listUsers(); while (it.hasNext()) { ExternalUser eu = it.next(); expected.put(eu.getId(), expectedOp); if (includeGroups) { for (ExternalIdentityRef ref : eu.getDeclaredGroups()) { expected.put(ref.getId(), expectedOp); } } } return expected; }
@Test(expected = SyncException.class) public void testGetAuthorizableUserWrongType() throws Exception { ExternalIdentity extUser = idp.listUsers().next(); sync(extUser); syncCtx.getAuthorizable(extUser, Group.class); }
@Test public void testGetAuthorizableUser() throws Exception { ExternalIdentity extUser = idp.listUsers().next(); User user = syncCtx.getAuthorizable(extUser, User.class); assertNull(user); sync(extUser); user = syncCtx.getAuthorizable(extUser, User.class); assertNotNull(user); }
@Test public void testSyncAutoMembershipListsNonExistingGroup() throws Exception { syncConfig.user().setAutoMembership("nonExistingGroup"); SyncResult result = syncCtx.sync(idp.listUsers().next()); assertEquals(SyncResult.Status.ADD, result.getStatus()); }
@Test public void testSyncAutoMembershipListsUser() throws Exception { // set auto-membership config to point to a user instead a group syncConfig.user().setAutoMembership(getTestUser().getID()); syncCtx.sync(idp.listUsers().next()); }
@Test public void testIsSameIDPSyncedUser() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); assertTrue(syncCtx.isSameIDP(userManager.getAuthorizable(externalUser.getId()))); }
@Test public void testIsSameIDPMissingExternalId() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); Authorizable a = userManager.getAuthorizable(externalUser.getId()); a.removeProperty(DefaultSyncContext.REP_EXTERNAL_ID); assertFalse(syncCtx.isSameIDP(a)); }
@Test public void testSyncMembershipDepthNoSync() throws Exception { ExternalUser externalUser = idp.listUsers().next(); Authorizable a = syncCtx.createUser(externalUser); root.commit(); assertTrue(externalUser.getDeclaredGroups().iterator().hasNext()); syncCtx.syncMembership(externalUser, a, 0); assertFalse(root.hasPendingChanges()); syncCtx.syncMembership(externalUser, a, -1); assertFalse(root.hasPendingChanges()); }
@Test public void testApplyMembershipNonGroup() throws Exception { ExternalUser externalUser = idp.listUsers().next(); sync(externalUser); User u = getTestUser(); syncCtx.applyMembership(userManager.getAuthorizable(externalUser.getId()), ImmutableSet.of(u.getID())); assertFalse(root.hasPendingChanges()); }
@Test public void testGetIdentityRefSyncUser() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); ExternalIdentityRef ref = DefaultSyncContext.getIdentityRef(userManager.getAuthorizable(externalUser.getId())); assertNotNull(ref); assertEquals(externalUser.getExternalId(), ref); }
@Test public void testSyncMembershipDepth1() throws Exception { ExternalUser externalUser = idp.listUsers().next(); Authorizable a = syncCtx.createUser(externalUser); syncCtx.syncMembership(externalUser, a, 1); assertTrue(root.hasPendingChanges()); for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) { Group g = userManager.getAuthorizable(ref.getId(), Group.class); assertNotNull(g); assertTrue(g.isDeclaredMember(a)); } }
@Test public void testSyncUserById() throws Exception { ExternalIdentity externalId = idp.listUsers().next(); // no initial sync -> sync-by-id doesn't succeed SyncResult result = syncCtx.sync(externalId.getId()); assertEquals(SyncResult.Status.NO_SUCH_AUTHORIZABLE, result.getStatus()); // force sync syncCtx.sync(externalId); // try again syncCtx.setForceUserSync(true); result = syncCtx.sync(externalId.getId()); assertEquals(SyncResult.Status.UPDATE, result.getStatus()); }
@Test public void testSyncExternalUser() throws Exception { ExternalUser user = idp.listUsers().next(); assertNotNull(user); SyncResult result = syncCtx.sync(user); assertEquals(SyncResult.Status.ADD, result.getStatus()); result = syncCtx.sync(user); assertEquals(SyncResult.Status.NOP, result.getStatus()); syncCtx.setForceUserSync(true); result = syncCtx.sync(user); assertEquals(SyncResult.Status.UPDATE, result.getStatus()); }
@Test public void testSyncAutoMembership() throws Exception { Group gr = createTestGroup(); syncConfig.user().setAutoMembership(gr.getID()); SyncResult result = syncCtx.sync(idp.listUsers().next()); assertEquals(SyncResult.Status.ADD, result.getStatus()); Authorizable a = userManager.getAuthorizable(result.getIdentity().getId()); assertTrue(gr.isDeclaredMember(a)); }
@Test public void testSyncExternalToExistingLocalUser() throws Exception { ExternalUser external = idp.listUsers().next(); syncCtx.sync(external); User u = userManager.getAuthorizable(external.getId(), User.class); u.removeProperty(ExternalIdentityConstants.REP_EXTERNAL_ID); SyncResult result = syncCtx.sync(external); assertEquals(SyncResult.Status.FOREIGN, result.getStatus()); SyncedIdentity si = result.getIdentity(); assertNotNull(si); assertEquals(external.getExternalId(), si.getExternalIdRef()); }
@Test public void testSyncExternalForeignLocalUser() throws Exception { ExternalUser external = idp.listUsers().next(); syncCtx.sync(external); User u = userManager.getAuthorizable(external.getId(), User.class); setExternalID(u, "differentIDP"); SyncResult result = syncCtx.sync(external); assertEquals(SyncResult.Status.FOREIGN, result.getStatus()); SyncedIdentity si = result.getIdentity(); assertNotNull(si); assertEquals(external.getExternalId(), si.getExternalIdRef()); }
@Test public void testCreateSyncedIdentitySyncedUser() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); Authorizable a = userManager.getAuthorizable(externalUser.getId()); SyncedIdentity si = DefaultSyncContext.createSyncedIdentity(a); assertNotNull(si); assertEquals(a.getID(), si.getId()); assertNotNull(si.getExternalIdRef()); assertFalse(si.isGroup()); assertEquals(syncCtx.now, si.lastSynced()); }
@Test public void testIsSameIDPExternalIdentityRef() throws Exception { assertFalse(syncCtx.isSameIDP(new TestIdentityProvider.ForeignExternalUser().getExternalId())); assertFalse(syncCtx.isSameIDP(new TestIdentityProvider.ForeignExternalGroup().getExternalId())); assertTrue(syncCtx.isSameIDP(new TestIdentityProvider.TestIdentity().getExternalId())); assertTrue(syncCtx.isSameIDP(idp.listGroups().next().getExternalId())); assertTrue(syncCtx.isSameIDP(idp.listUsers().next().getExternalId())); }
@Test public void testSyncUserByIdUpdate() throws Exception { ExternalIdentity externalId = idp.listUsers().next(); Authorizable a = userManager.createUser(externalId.getId(), null); a.setProperty(DefaultSyncContext.REP_EXTERNAL_ID, valueFactory.createValue(externalId.getExternalId().getString())); syncContext.setForceUserSync(true); SyncResult result = syncContext.sync(externalId.getId()); assertEquals(SyncResult.Status.UPDATE, result.getStatus()); Tree t = r.getTree(a.getPath()); assertTrue(t.hasProperty(ExternalIdentityConstants.REP_EXTERNAL_PRINCIPAL_NAMES)); }
@Test public void testIsExpiredSyncedUser() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); Authorizable a = userManager.getAuthorizable(externalUser.getId()); assertFalse(syncCtx.isExpired(a, syncConfig.user().getExpirationTime(), "any")); assertTrue(syncCtx.isExpired(a, -1, "any")); // create a ctx with a newer 'now' DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory); long expTime = ctx.now - syncCtx.now - 1; assertTrue(ctx.isExpired(a, expTime, "any")); // remove last-sync property a.removeProperty(DefaultSyncContext.REP_LAST_SYNCED); assertTrue(syncCtx.isExpired(a, syncConfig.user().getExpirationTime(), "any")); }