[
https://issues.apache.org/jira/browse/SYNCOPE-249?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13558852#comment-13558852
]
Hudson commented on SYNCOPE-249:
--------------------------------
Integrated in Syncope-trunk #464 (See
[https://builds.apache.org/job/Syncope-trunk/464/])
[SYNCOPE-249] core: extension for propagation implemented (Revision 1436375)
Result = SUCCESS
ilgrosso :
Files :
*
/syncope/trunk/common/src/main/java/org/apache/syncope/common/types/IntMappingType.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/connid/ConnObjectUtil.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/AbstractDerAttr.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/AbstractMappingItem.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/role/RMapping.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/persistence/beans/role/RMappingItem.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/propagation/impl/PropagationManager.java
*
/syncope/trunk/core/src/main/java/org/apache/syncope/core/util/MappingUtil.java
*
/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/AbstractTest.java
*
/syncope/trunk/core/src/test/java/org/apache/syncope/core/rest/RoleTestITCase.java
* /syncope/trunk/core/src/test/resources/content.xml
> Implement RoleOwnerSchema for role propagation and synchronization
> ------------------------------------------------------------------
>
> Key: SYNCOPE-249
> URL: https://issues.apache.org/jira/browse/SYNCOPE-249
> Project: Syncope
> Issue Type: Improvement
> Affects Versions: 1.1.0
> Reporter: Francesco Chicchiriccò
> Assignee: Francesco Chicchiriccò
> Fix For: 1.1.0
>
>
> SYNCOPE-225 introduced the concept of role owner, than could be either a user
> or another role (not both at the same time).
> Test content provides an example of how role owner can be propagated by
> empowering a derived attribute (ownerDN): this approach is working only for
> propagation and makes the AccountLink expression duplicated.
> A more complete approach is to define a new type of internal mapping,
> RoleOwnerSchema.
> During role propagation (in MappingUtil.getIntValues()):
> * if userOwner != null and the propagating resource has UMapping defined
> * if roleOwner != null (the propagating resource has RMapping because of the
> ongoing propagation)
> the AccountLink (or AccountId if no AccountLink is defined) is generated and
> given as value for the external attribute mapped to RoleOwnerSchema
> During role synchronization (in
> ConnObjectUtil.getAttributableTOFromConnObject()), if a value is present in
> the ConnectorObject for the role being synchronized, this value must be used
> for searching the same connector for either ObjectClass.ACCOUNT and
> ObjectClass.GROUP; if a unique match is found, the matching ConnectorObject
> can be used to find the corresponding Syncope entity (user or role); now
> userOwner or roleOwner of the role being synchronized can be set.
> Especially in case of roleOwner, precedence issues must be taken into
> account: it might happen, in fact, that the owned role is being synchronized
> before the owner role synchronization takes place.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
