@Transactional(readOnly = true) @Override public Optional<String> getConnObjectKeyValue(final Any<?> any, final Provision provision) { MappingItem mapItem = provision.getMapping().getConnObjectKeyItem().get(); List<PlainAttrValue> values; try { values = getIntValues( provision, mapItem, intAttrNameParser.parse(mapItem.getIntAttrName(), provision.getAnyType().getKind()), any); } catch (ParseException e) { LOG.error("Invalid intAttrName '{}' specified, ignoring", mapItem.getIntAttrName(), e); values = Collections.emptyList(); } return Optional.ofNullable(values.isEmpty() ? null : values.get(0).getValueAsString()); }
@Override public AnyTypeTO getAnyTypeTO(final AnyType anyType) { AnyTypeTO anyTypeTO = new AnyTypeTO(); anyTypeTO.setKey(anyType.getKey()); anyTypeTO.setKind(anyType.getKind()); anyType.getClasses().forEach(anyTypeClass -> { anyTypeTO.getClasses().add(anyTypeClass.getKey()); }); return anyTypeTO; }
@Override public void update(final AnyType anyType, final AnyTypeTO anyTypeTO) { if (anyType.getKey() == null) { anyType.setKey(anyTypeTO.getKey()); } if (anyType.getKind() == null) { anyType.setKind(anyTypeTO.getKind()); } if (anyType.getKind() != anyTypeTO.getKind()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidAnyType); sce.getElements().add(AnyTypeKind.class.getSimpleName() + " cannot be changed"); throw sce; } anyType.getClasses().clear(); anyTypeTO.getClasses().forEach(anyTypeClassName -> { AnyTypeClass anyTypeClass = anyTypeClassDAO.find(anyTypeClassName); if (anyTypeClass == null) { LOG.debug("Invalid " + AnyTypeClass.class.getSimpleName() + " {}, ignoring...", anyTypeClassName); } else { anyType.add(anyTypeClass); } }); }
@Override public DynRealm saveAndRefreshDynMemberships(final DynRealm dynRealm) { DynRealm merged = save(dynRealm); // refresh dynamic memberships clearDynMembers(merged); merged.getDynMemberships().stream().map(memb -> jpaAnySearchDAO().search( SearchCondConverter.convert(memb.getFIQLCond()), memb.getAnyType().getKind())). forEachOrdered(matching -> { matching.forEach(any -> { Query insert = entityManager().createNativeQuery( "INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)"); insert.setParameter(1, any.getKey()); insert.setParameter(2, merged.getKey()); insert.executeUpdate(); publisher.publishEvent(new AnyCreatedUpdatedEvent<>(this, any, AuthContextUtils.getDomain())); }); }); return merged; }
AnyUtils anyUtils = anyUtilsFactory.getInstance(anyType.getKind());
private void setDynMembership(final Group group, final AnyType anyType, final String dynMembershipFIQL) { SearchCond dynMembershipCond = SearchCondConverter.convert(dynMembershipFIQL); if (!dynMembershipCond.isValid()) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidSearchExpression); sce.getElements().add(dynMembershipFIQL); throw sce; } if (anyType.getKind() == AnyTypeKind.GROUP) { SyncopeClientException sce = SyncopeClientException.build(ClientExceptionType.InvalidAnyType); sce.getElements().add(anyType.getKind().name()); throw sce; } DynGroupMembership<?> dynMembership; if (anyType.getKind() == AnyTypeKind.ANY_OBJECT && !group.getADynMembership(anyType).isPresent()) { dynMembership = entityFactory.newEntity(ADynGroupMembership.class); dynMembership.setGroup(group); ((ADynGroupMembership) dynMembership).setAnyType(anyType); group.add((ADynGroupMembership) dynMembership); } else if (anyType.getKind() == AnyTypeKind.USER && group.getUDynMembership() == null) { dynMembership = entityFactory.newEntity(UDynGroupMembership.class); dynMembership.setGroup(group); group.setUDynMembership((UDynGroupMembership) dynMembership); } else { dynMembership = anyType.getKind() == AnyTypeKind.ANY_OBJECT ? group.getADynMembership(anyType).get() : group.getUDynMembership(); } dynMembership.setFIQLCond(dynMembershipFIQL); }
private List<String> evaluateMandatoryCondition(final Provision provision, final Any<?> any) { List<String> missingAttrNames = new ArrayList<>(); MappingUtils.getPropagationItems(provision.getMapping().getItems()).forEach(mapItem -> { IntAttrName intAttrName = null; try { intAttrName = intAttrNameParser.parse(mapItem.getIntAttrName(), provision.getAnyType().getKind()); } catch (ParseException e) { LOG.error("Invalid intAttrName '{}', ignoring", mapItem.getIntAttrName(), e); } if (intAttrName != null && intAttrName.getSchemaType() != null) { List<PlainAttrValue> values = mappingManager.getIntValues(provision, mapItem, intAttrName, any); if (values.isEmpty() && JexlUtils.evaluateMandatoryCondition(mapItem.getMandatoryCondition(), any)) { missingAttrNames.add(mapItem.getIntAttrName()); } } }); return missingAttrNames; }
@PreAuthorize("hasRole('" + StandardEntitlement.REMEDIATION_REMEDY + "')") public ProvisioningResult<?> remedy(final String key, final String anyKey, final boolean nullPriorityAsync) { Remediation remediation = remediationDAO.find(key); if (remediation == null) { LOG.error("Could not find remediation '" + key + "'"); throw new NotFoundException(key); } ProvisioningResult<?> result; switch (remediation.getAnyType().getKind()) { case USER: default: result = userLogic.delete(anyKey, nullPriorityAsync); break; case GROUP: result = groupLogic.delete(anyKey, nullPriorityAsync); break; case ANY_OBJECT: result = anyObjectLogic.delete(anyKey, nullPriorityAsync); } remediationDAO.delete(remediation); return result; }
@PreAuthorize("hasRole('" + StandardEntitlement.REMEDIATION_REMEDY + "')") public ProvisioningResult<?> remedy(final String key, final AnyPatch anyPatch, final boolean nullPriorityAsync) { Remediation remediation = remediationDAO.find(key); if (remediation == null) { LOG.error("Could not find remediation '" + key + "'"); throw new NotFoundException(key); } ProvisioningResult<?> result; switch (remediation.getAnyType().getKind()) { case USER: default: result = userLogic.update((UserPatch) anyPatch, nullPriorityAsync); break; case GROUP: result = groupLogic.update((GroupPatch) anyPatch, nullPriorityAsync); break; case ANY_OBJECT: result = anyObjectLogic.update((AnyObjectPatch) anyPatch, nullPriorityAsync); } remediationDAO.delete(remediation); return result; }
@PreAuthorize("hasRole('" + StandardEntitlement.REMEDIATION_REMEDY + "')") public ProvisioningResult<?> remedy(final String key, final AnyTO anyTO, final boolean nullPriorityAsync) { Remediation remediation = remediationDAO.find(key); if (remediation == null) { LOG.error("Could not find remediation '" + key + "'"); throw new NotFoundException(key); } ProvisioningResult<?> result; switch (remediation.getAnyType().getKind()) { case USER: default: result = userLogic.create((UserTO) anyTO, true, nullPriorityAsync); break; case GROUP: result = groupLogic.create((GroupTO) anyTO, nullPriorityAsync); break; case ANY_OBJECT: result = anyObjectLogic.create((AnyObjectTO) anyTO, nullPriorityAsync); } remediationDAO.delete(remediation); return result; }
@Override public <T extends Any<?>> boolean matches(final T any, final SearchCond cond) { AnyCond keycond = new AnyCond(AttributeCond.Type.EQ); keycond.setSchema("key"); keycond.setExpression(any.getKey()); return !search(SearchCond.getAndCond(SearchCond.getLeafCond(keycond), cond), any.getType().getKind()).isEmpty(); } }
protected void provision(final Any<?> any, final Boolean enable, final ProvisioningReport result) { AnyTO before = getAnyTO(any.getKey()); List<String> noPropResources = new ArrayList<>(before.getResources()); noPropResources.remove(profile.getTask().getResource().getKey()); PropagationByResource propByRes = new PropagationByResource(); propByRes.add(ResourceOperation.CREATE, profile.getTask().getResource().getKey()); List<PropagationTaskInfo> taskInfos = propagationManager.getCreateTasks( any.getType().getKind(), any.getKey(), enable, propByRes, before.getVirAttrs(), noPropResources); if (!taskInfos.isEmpty()) { taskInfos.get(0).setBeforeObj(Optional.ofNullable(null)); PropagationReporter reporter = new DefaultPropagationReporter(); taskExecutor.execute(taskInfos.get(0), reporter); reportPropagation(result, reporter); } }
protected void update( final Any<?> any, final Boolean enable, final ConnectorObject beforeObj, final ProvisioningReport result) { boolean changepwd = any instanceof User; List<String> ownedResources = getAnyUtils().getAllResources(any).stream(). map(Entity::getKey).collect(Collectors.toList()); List<String> noPropResources = new ArrayList<>(ownedResources); noPropResources.remove(profile.getTask().getResource().getKey()); PropagationByResource propByRes = new PropagationByResource(); propByRes.add(ResourceOperation.UPDATE, profile.getTask().getResource().getKey()); propByRes.addOldConnObjectKey(profile.getTask().getResource().getKey(), beforeObj.getUid().getUidValue()); List<PropagationTaskInfo> taskInfos = propagationManager.getUpdateTasks( any.getType().getKind(), any.getKey(), changepwd, enable, propByRes, null, noPropResources); if (!taskInfos.isEmpty()) { taskInfos.get(0).setBeforeObj(Optional.of(beforeObj)); PropagationReporter reporter = new DefaultPropagationReporter(); taskExecutor.execute(taskInfos.get(0), reporter); reportPropagation(result, reporter); } }
protected void deprovision(final Any<?> any, final ConnectorObject beforeObj, final ProvisioningReport result) { AnyTO before = getAnyTO(any.getKey()); List<String> noPropResources = new ArrayList<>(before.getResources()); noPropResources.remove(profile.getTask().getResource().getKey()); PropagationByResource propByRes = new PropagationByResource(); propByRes.add(ResourceOperation.DELETE, profile.getTask().getResource().getKey()); propByRes.addOldConnObjectKey(profile.getTask().getResource().getKey(), beforeObj.getUid().getUidValue()); List<PropagationTaskInfo> taskInfos = propagationManager.getDeleteTasks( any.getType().getKind(), any.getKey(), propByRes, noPropResources); if (!taskInfos.isEmpty()) { taskInfos.get(0).setBeforeObj(Optional.of(beforeObj)); PropagationReporter reporter = new DefaultPropagationReporter(); taskExecutor.execute(taskInfos.get(0), reporter); reportPropagation(result, reporter); } }
if (remediation.getPayloadAsTO(remediation.getAnyType().getKind().getTOClass()) == null) { context.disableDefaultConstraintViolation(); context.buildConstraintViolationWithTemplate( getTemplate(EntityViolationType.InvalidRemediation, "Expected " + remediation.getAnyType().getKind().getTOClass().getName())). addPropertyNode("payload").addConstraintViolation(); if (remediation.getPayloadAsPatch(remediation.getAnyType().getKind().getPatchClass()) == null) { context.disableDefaultConstraintViolation(); context.buildConstraintViolationWithTemplate( getTemplate(EntityViolationType.InvalidRemediation, "Expected " + remediation.getAnyType().getKind().getPatchClass().getName())). addPropertyNode("payload").addConstraintViolation();
switch (anyType.getKind()) { case USER: nameKindMatch = AnyTypeKind.USER.name().equalsIgnoreCase(anyType.getKey());
anyTypes.add(memb.getAnyType()); if (memb.getAnyType().getKind() != AnyTypeKind.ANY_OBJECT) { isValid = false;
AllowedSchemas<PlainSchema> allowedPlainSchemas = ApplicationContextProvider.getApplicationContext().getBean(AnyUtilsFactory.class). getInstance(any.getType().getKind()).dao().findAllowedSchemas(any, PlainSchema.class);