This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 2_0_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/2_0_X by this push:
new 8258b46 [SYNCOPE-1567] Do not check for allowed attributes for
relationships mapping items
8258b46 is described below
commit 8258b46048e626e1489949fda4ab3241a341413a
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Wed May 20 10:22:21 2020 +0200
[SYNCOPE-1567] Do not check for allowed attributes for relationships
mapping items
---
.../java/data/ResourceDataBinderImpl.java | 4 +-
.../syncope/fit/core/PropagationTaskITCase.java | 78 +++++++++++++++++++---
2 files changed, 73 insertions(+), 9 deletions(-)
diff --git
a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
index 0e5d78b..62dc001 100644
---
a/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
+++
b/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/data/ResourceDataBinderImpl.java
@@ -401,7 +401,9 @@ public class ResourceDataBinderImpl implements
ResourceDataBinder {
boolean allowed = true;
if (intAttrName.getSchemaType() != null
&& intAttrName.getEnclosingGroup() == null
- && intAttrName.getRelatedAnyObject() == null) {
+ && intAttrName.getRelatedAnyObject() == null
+ && intAttrName.getRelationshipType() == null) {
+
switch (intAttrName.getSchemaType()) {
case PLAIN:
allowed =
allowedSchemas.getPlainSchemas().contains(intAttrName.getSchema().getKey());
diff --git
a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
index b15af41..1b89cbf 100644
---
a/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
+++
b/fit/core-reference/src/test/java/org/apache/syncope/fit/core/PropagationTaskITCase.java
@@ -22,7 +22,6 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertTrue;
-import static org.junit.Assert.fail;
import java.text.ParseException;
import java.text.SimpleDateFormat;
@@ -39,7 +38,7 @@ import org.apache.commons.collections4.IterableUtils;
import org.apache.commons.collections4.Predicate;
import org.apache.commons.lang3.SerializationUtils;
import org.apache.commons.lang3.StringUtils;
-import org.apache.syncope.common.lib.SyncopeClientException;
+import org.apache.syncope.common.lib.SyncopeConstants;
import org.apache.syncope.common.lib.patch.AttrPatch;
import org.apache.syncope.common.lib.patch.DeassociationPatch;
import org.apache.syncope.common.lib.patch.MembershipPatch;
@@ -57,11 +56,11 @@ import org.apache.syncope.common.lib.to.ItemTO;
import org.apache.syncope.common.lib.to.MembershipTO;
import org.apache.syncope.common.lib.to.PlainSchemaTO;
import org.apache.syncope.common.lib.to.ProvisionTO;
+import org.apache.syncope.common.lib.to.RelationshipTO;
import org.apache.syncope.common.lib.to.ResourceTO;
import org.apache.syncope.common.lib.to.UserTO;
import org.apache.syncope.common.lib.types.AnyTypeKind;
import org.apache.syncope.common.lib.types.AttrSchemaType;
-import org.apache.syncope.common.lib.types.ClientExceptionType;
import org.apache.syncope.common.lib.types.MappingPurpose;
import org.apache.syncope.common.lib.types.PatchOperation;
import org.apache.syncope.common.lib.types.ResourceDeassociationAction;
@@ -431,7 +430,7 @@ public class PropagationTaskITCase extends
AbstractTaskITCase {
ProvisionTO provisionGroup =
SerializationUtils.clone(ldap.getProvision(AnyTypeKind.GROUP.name()));
assertNotNull(provisionGroup);
provisionGroup.getVirSchemas().clear();
-
+
ProvisionTO provisionUser =
SerializationUtils.clone(ldap.getProvision(AnyTypeKind.USER.name()));
assertNotNull(provisionUser);
CollectionUtils.filterInverse(provisionUser.getMapping().getItems(), new
Predicate<ItemTO>() {
@@ -485,7 +484,7 @@ public class PropagationTaskITCase extends
AbstractTaskITCase {
GroupTO newGroupTO = new GroupTO();
newGroupTO.setName("NEWSYNCOPEGROUP1473-" + getUUIDString());
- newGroupTO.setRealm("/");
+ newGroupTO.setRealm(SyncopeConstants.ROOT_REALM);
newGroupTO.getResources().add(ldap.getKey());
newGroupTO = createGroup(newGroupTO).getEntity();
@@ -498,18 +497,81 @@ public class PropagationTaskITCase extends
AbstractTaskITCase {
newGroupTO.getKey()).operation(PatchOperation.ADD_REPLACE).build());
userService.update(userPatch);
+ // 4. check propagated value
+ ConnObjectTO connObject =
+ resourceService.readConnObject(ldap.getKey(),
AnyTypeKind.USER.name(), userTO.getKey());
+ assertNotNull(connObject);
+ assertNotNull(connObject.getAttr("ldapGroups"));
+ assertEquals(2,
connObject.getAttr("ldapGroups").getValues().size());
+ } finally {
+ try {
+ resourceService.delete(ldap.getKey());
+ } catch (Exception ignore) {
+ // ignore
+ }
+ }
+ }
+
+ @Test
+ public void issueSYNCOPE1567() {
+ ResourceTO ldap = resourceService.read(RESOURCE_NAME_LDAP);
+ try {
+ // 1. clone the LDAP resource and add the relationships mapping
+ ProvisionTO provisionUser =
SerializationUtils.clone(ldap.getProvision(AnyTypeKind.USER.name()));
+ assertNotNull(provisionUser);
+
CollectionUtils.filterInverse(provisionUser.getMapping().getItems(), new
Predicate<ItemTO>() {
+
+ @Override
+ public boolean evaluate(final ItemTO item) {
+ return "mail".equals(item.getExtAttrName());
+ }
+ });
+ provisionUser.getVirSchemas().clear();
+
+ ItemTO relationships = new ItemTO();
+ relationships.setPurpose(MappingPurpose.PROPAGATION);
+
relationships.setIntAttrName("relationships[neighborhood][PRINTER].model");
+ relationships.setExtAttrName("l");
+ provisionUser.getMapping().add(relationships);
+
+ ldap.getProvisions().clear();
+ ldap.getProvisions().add(provisionUser);
+ ldap.setKey(RESOURCE_NAME_LDAP + "1567" + getUUIDString());
+ resourceService.create(ldap);
+
+ // 1. create user with relationship and the new resource assigned
+ UserTO userTO =
UserITCase.getUniqueSampleTO("[email protected]");
+ userTO.getRelationships().add(new RelationshipTO.Builder().
+ type("neighborhood").otherEnd("PRINTER",
"fc6dbc3a-6c07-4965-8781-921e7401a4a5").build());
+ userTO.getResources().clear();
+ userTO.getResources().add(ldap.getKey());
+
+ userTO = createUser(userTO).getEntity();
+ assertNotNull(userTO);
+ assertFalse(userTO.getRelationships().isEmpty());
+
+ // 2. check attributes prepared for propagation
+ PagedResult<PropagationTaskTO> tasks = taskService.search(new
TaskQuery.Builder(TaskType.PROPAGATION).
+ resource(userTO.getResources().iterator().next()).
+
anyTypeKind(AnyTypeKind.USER).entityKey(userTO.getKey()).build());
+ assertEquals(1, tasks.getSize());
+
Set<Attribute> propagationAttrs = new HashSet<>();
if
(StringUtils.isNotBlank(tasks.getResult().get(0).getAttributes())) {
propagationAttrs.addAll(Arrays.asList(
POJOHelper.deserialize(tasks.getResult().get(0).getAttributes(),
Attribute[].class)));
}
+ Attribute attr = AttributeUtil.find("l", propagationAttrs);
+ assertNotNull(attr);
+ assertNotNull(attr.getValue());
+ assertEquals("Canon MFC8030", attr.getValue().get(0).toString());
+ // 3. check propagated value
ConnObjectTO connObject =
resourceService.readConnObject(ldap.getKey(),
AnyTypeKind.USER.name(), userTO.getKey());
assertNotNull(connObject);
- assertNotNull(connObject.getAttr("ldapGroups"));
- assertTrue(connObject.getAttr("ldapGroups").getValues().size() ==
2);
-
+ assertNotNull(connObject.getAttr("l"));
+ assertEquals("Canon MFC8030",
connObject.getAttr("l").getValues().get(0));
} finally {
try {
resourceService.delete(ldap.getKey());
