@Override protected UserPatch newPatch(final String key) { UserPatch patch = new UserPatch(); patch.setKey(key); return patch; }
@Override public void internalSuspend(final String key) { Pair<WorkflowResult<String>, Boolean> updated = uwfAdapter.internalSuspend(key); // propagate suspension if and only if it is required by policy if (updated != null && updated.getRight()) { UserPatch userPatch = new UserPatch(); userPatch.setKey(updated.getLeft().getResult()); List<PropagationTaskInfo> taskInfos = propagationManager.getUserUpdateTasks(new WorkflowResult<>( Pair.of(userPatch, Boolean.FALSE), updated.getLeft().getPropByRes(), updated.getLeft().getPerformedTasks())); taskExecutor.execute(taskInfos, false); } }
@SuppressWarnings("unchecked") @Override public void process(final Exchange exchange) throws Exception { if (getAnyTypeKind() == AnyTypeKind.USER) { Pair<WorkflowResult<String>, Boolean> updated = (Pair<WorkflowResult<String>, Boolean>) exchange.getIn().getBody(); // propagate suspension if and only if it is required by policy if (updated != null && updated.getValue()) { UserPatch userPatch = new UserPatch(); userPatch.setKey(updated.getKey().getResult()); List<PropagationTaskInfo> taskInfos = getPropagationManager().getUserUpdateTasks( new WorkflowResult<>( Pair.of(userPatch, Boolean.FALSE), updated.getKey().getPropByRes(), updated.getKey().getPerformedTasks())); getPropagationTaskExecutor().execute(taskInfos, false); } } } }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> unassign( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return update(patch, nullPriorityAsync); }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public UserTO unlink(final String key, final Collection<String> resources) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return binder.returnUserTO(binder.getUserTO(provisioningManager.unlink(patch))); }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public UserTO link(final String key, final Collection<String> resources) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); return binder.returnUserTO(binder.getUserTO(provisioningManager.link(patch))); }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") public UserTO executeNextTask(final WorkflowTaskExecInput workflowTaskExecInput) { WorkflowResult<String> updated = wfTaskManager.executeNextTask(workflowTaskExecInput); UserPatch userPatch = new UserPatch(); userPatch.setKey(updated.getResult()); List<PropagationTaskInfo> taskInfos = propagationManager.getUserUpdateTasks( new WorkflowResult<>( Pair.<UserPatch, Boolean>of(userPatch, null), updated.getPropByRes(), updated.getPerformedTasks())); taskExecutor.execute(taskInfos, false); return binder.getUserTO(updated.getResult()); }
@Override public List<PropagationStatus> provision( final String key, final boolean changePwd, final String password, final Collection<String> resources, final boolean nullPriorityAsync) { UserPatch userPatch = new UserPatch(); userPatch.setKey(key); userPatch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toSet())); if (changePwd) { PasswordPatch passwordPatch = new PasswordPatch(); passwordPatch.setOnSyncope(false); passwordPatch.getResources().addAll(resources); passwordPatch.setValue(password); userPatch.setPassword(passwordPatch); } PropagationByResource propByRes = new PropagationByResource(); propByRes.addAll(ResourceOperation.UPDATE, resources); WorkflowResult<Pair<UserPatch, Boolean>> wfResult = new WorkflowResult<>( ImmutablePair.of(userPatch, (Boolean) null), propByRes, "update"); List<PropagationTaskInfo> taskInfos = propagationManager.getUserUpdateTasks(wfResult, changePwd, null); PropagationReporter propagationReporter = taskExecutor.execute(taskInfos, nullPriorityAsync); return propagationReporter.getStatuses(); }
@PreAuthorize("isAuthenticated() " + "and not(hasRole('" + StandardEntitlement.ANONYMOUS + "')) " + "and not(hasRole('" + StandardEntitlement.MUST_CHANGE_PASSWORD + "'))") public ProvisioningResult<UserTO> selfUpdate(final UserPatch userPatch, final boolean nullPriorityAsync) { UserTO userTO = binder.getAuthenticatedUserTO(); userPatch.setKey(userTO.getKey()); ProvisioningResult<UserTO> updated = doUpdate(userPatch, true, nullPriorityAsync); // Ensures that, if the self update above moves the user into a status from which no authentication // is possible, the existing Access Token is clean up to avoid issues with future authentications if (!confDAO.getValuesAsStrings("authentication.statuses").contains(updated.getEntity().getStatus())) { String accessToken = accessTokenDAO.findByOwner(updated.getEntity().getUsername()).getKey(); if (accessToken != null) { accessTokenDAO.delete(accessToken); } } return updated; }
@PreAuthorize("hasRole('" + StandardEntitlement.USER_UPDATE + "')") @Override public ProvisioningResult<UserTO> assign( final String key, final Collection<String> resources, final boolean changepwd, final String password, final boolean nullPriorityAsync) { // security checks UserTO user = binder.getUserTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(StandardEntitlement.USER_UPDATE), user.getRealm()); securityChecks(effectiveRealms, user.getRealm(), user.getKey()); UserPatch patch = new UserPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); if (changepwd) { patch.setPassword(new PasswordPatch.Builder(). value(password).onSyncope(false).resources(resources).build()); } return update(patch, nullPriorityAsync); }
userPatch.setKey(key); userPatch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()).