svn commit: r1418382 - in /syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main: java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java java/org/apache/syncope/buildtools/LdifURLLoad
Author: ilgrosso Date: Fri Dec 7 16:27:23 2012 New Revision: 1418382 URL: http://svn.apache.org/viewvc?rev=1418382&view=rev Log: Supporting loading from external LDIF file Added: syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java (with props) syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/resources/content.ldif Modified: syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java Modified: syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java?rev=1418382&r1=1418381&r2=1418382&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java Fri Dec 7 16:27:23 2012 @@ -172,24 +172,11 @@ public class ApacheDSStartStopListener i // And start the service service.startup(); -// Finally, build base DN entries -final DN dnIsp = new DN("o=isp"); -final ServerEntry rootEntry = service.newEntry(dnIsp); -rootEntry.add("objectClass", "top", "organization"); -rootEntry.add("o", "isp"); -service.getAdminSession().add(rootEntry); - -final DN dnPeople = new DN("ou=People,o=isp"); -final ServerEntry peopleEntry = service.newEntry(dnPeople); -peopleEntry.add("objectClass", "top", "organizationalUnit"); -peopleEntry.add("ou", "People"); -service.getAdminSession().add(peopleEntry); - -final DN dnGroups = new DN("ou=Groups,o=isp"); -final ServerEntry groupsEntry = service.newEntry(dnGroups); -groupsEntry.add("objectClass", "top", "organizationalUnit"); -groupsEntry.add("ou", "Groups"); -service.getAdminSession().add(groupsEntry); +// Finally, load content LDIF +final LdifURLLoader contentLoader = new LdifURLLoader(service.getAdminSession(), +servletContext.getResource("/WEB-INF/classes/content.ldif")); +final int numEntries = contentLoader.execute(); +servletContext.log("Successfully created " + numEntries + " entries"); } /** Added: syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java?rev=1418382&view=auto == --- syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java (added) +++ syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java Fri Dec 7 16:27:23 2012 @@ -0,0 +1,127 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + *http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + * + */ +package org.apache.syncope.buildtools; + +import java.io.FileNotFoundException; +import java.io.InputStream; +import java.net.URL; +import java.util.List; +import javax.naming.NamingException; +import org.apache.directory.server.core.CoreSession; +import org.apache.directory.server.i18n.I18n; +import org.apache.directory.shared.ldap.entry.DefaultServerEntry; +import org.apache.directory.shared.ldap.entry.Entry; +import org.apache.directory.shared.ldap.entry.Modification; +import org.apache.directory.shared.ldap.ldif.LdifEntry; +import org.apache.directory.shared.ldap.ldif.LdifReader; +import org.apache.directory.shared.ldap.name.DN; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +/** + * Support for commands to load an LDIF from an URL into a DirContext. + * + * @see org.apache.directory.server.protocol.shared.store
svn commit: r1418342 - in /syncope/branches/DEV_ROLE_PROVISIONING: client/src/main/java/org/apache/syncope/client/to/ core/src/main/java/org/apache/syncope/core/persistence/beans/ core/src/main/java/o
Author: ilgrosso Date: Fri Dec 7 14:55:56 2012 New Revision: 1418342 URL: http://svn.apache.org/viewvc?rev=1418342&view=rev Log: Completing (and verifying) role template features for SyncTask Modified: syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java Modified: syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java?rev=1418342&r1=1418341&r2=1418342&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java Fri Dec 7 14:55:56 2012 @@ -26,6 +26,8 @@ public class SyncTaskTO extends SchedTas private UserTO userTemplate; +private RoleTO roleTemplate; + private boolean performCreate; private boolean performUpdate; @@ -46,6 +48,14 @@ public class SyncTaskTO extends SchedTas this.userTemplate = userTemplate; } +public RoleTO getRoleTemplate() { +return roleTemplate; +} + +public void setRoleTemplate(RoleTO roleTemplate) { +this.roleTemplate = roleTemplate; +} + public String getResource() { return resource; } Modified: syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java?rev=1418342&r1=1418341&r2=1418342&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java Fri Dec 7 14:55:56 2012 @@ -112,7 +112,7 @@ public class SyncTask extends SchedTask : XMLSerializer.deserialize(roleTemplate); } -public void setUserTemplate(final RoleTO roleTemplate) { +public void setRoleTemplate(final RoleTO roleTemplate) { this.roleTemplate = XMLSerializer.serialize(roleTemplate); } Modified: syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java?rev=1418342&r1=1418341&r2=1418342&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java Fri Dec 7 14:55:56 2012 @@ -22,6 +22,7 @@ import org.apache.commons.lang.StringUti import org.apache.syncope.client.to.AbstractAttributableTO; import org.apache.syncope.client.to.AttributeTO; import org.apache.syncope.client.to.MembershipTO; +import org.apache.syncope.client.to.RoleTO; import org.apache.syncope.client.to.SchedTaskTO; import org.apache.syncope.client.to.SyncTaskTO; import org.apache.syncope.client.to.TaskExecTO; @@ -80,34 +81,29 @@ public class TaskDataBinder { private JexlUtil jexlUtil; private void checkJexl(final AbstractAttributableTO attributableTO, final SyncopeClientException sce) { - for (AttributeTO attrTO : attributableTO.getAttributes()) { if (!attrTO.getValues().isEmpty() && !jexlUtil.isExpressionValid(attrTO.getValues().get(0))) { - sce.addElement("Invalid JEXL: " + attrTO.getValues().get(0)); } } for (AttributeTO attrTO : attributableTO.getVirtualAttributes()) { if (!attrTO.getValues().isEmpty() && !jexlUtil.isExpressionValid(attrTO.getValues().get(0))) { - sce.addElement("Invalid JEXL: " + attrTO.getValues().get(0)); } } } private void fill(final SyncTask task, final SyncTaskTO taskTO) { +SyncopeClientException sce = new SyncopeClientException(SyncopeClientExceptionType.InvalidSyncTask); + +// 1. validate JEXL expressions in user and role templates
svn commit: r1418327 - in /syncope/branches/DEV_ROLE_PROVISIONING/core/src: main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java test/resources/content.xml
Author: ilgrosso Date: Fri Dec 7 14:29:41 2012 New Revision: 1418327 URL: http://svn.apache.org/viewvc?rev=1418327&view=rev Log: Adding a utility PropagationActions class allowing transparent LDAP role membership propagation Modified: syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml Modified: syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java?rev=1418327&r1=1418326&r2=1418327&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java Fri Dec 7 14:29:41 2012 @@ -19,28 +19,42 @@ package org.apache.syncope.core.propagation; import java.util.ArrayList; +import java.util.HashSet; import java.util.List; +import java.util.Set; import org.apache.commons.jexl2.JexlContext; import org.apache.commons.jexl2.MapContext; import org.apache.commons.lang.StringUtils; import org.apache.syncope.core.persistence.beans.PropagationTask; import org.apache.syncope.core.persistence.beans.role.SyncopeRole; -import org.apache.syncope.core.persistence.dao.RoleDAO; +import org.apache.syncope.core.persistence.beans.user.SyncopeUser; +import org.apache.syncope.core.persistence.dao.UserDAO; import org.apache.syncope.core.util.JexlUtil; +import org.apache.syncope.types.AttributableType; +import org.apache.syncope.types.ResourceOperation; +import org.identityconnectors.framework.common.objects.Attribute; import org.identityconnectors.framework.common.objects.AttributeBuilder; import org.identityconnectors.framework.common.objects.ConnectorObject; -import org.identityconnectors.framework.common.objects.ObjectClass; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.transaction.annotation.Transactional; +/** + * Simple action for propagating role memberships to LDAP groups, when the same resource is configured for both users + * and roles. + */ public class LDAPMembershipPropagationActions extends DefaultPropagationActions { private static final Logger LOG = LoggerFactory.getLogger(LDAPMembershipPropagationActions.class); +/** + * Allows easy subclassing for the ConnId AD connector bundle. + */ +protected static final String GROUP_MEMBERSHIP_ATTR = "ldapGroups"; + @Autowired -private RoleDAO roleDAO; +private UserDAO userDAO; @Autowired private JexlUtil jexlUtil; @@ -50,10 +64,17 @@ public class LDAPMembershipPropagationAc public void before(final PropagationTask task, final ConnectorObject beforeObj) { super.before(task, beforeObj); -if (beforeObj.getObjectClass() == ObjectClass.ACCOUNT && task.getResource().getRmapping() != null) { +if (ResourceOperation.DELETE != task.getPropagationOperation() +&& AttributableType.USER == task.getSubjectType() && task.getResource().getRmapping() != null) { + +SyncopeUser user = userDAO.find(task.getSubjectId()); +if (user == null) { +throw new IllegalArgumentException("User " + task.getSubjectId() + " not found"); +} + List roleAccountLinks = new ArrayList(); -for (SyncopeRole role : roleDAO.findAll()) { -if (role.getResources().contains(task.getResource()) +for (SyncopeRole role : user.getRoles()) { +if (role.getResourceNames().contains(task.getResource().getName()) && StringUtils.isNotBlank(task.getResource().getRmapping().getAccountLink())) { LOG.debug("Evaluating accountLink for {}", role); @@ -73,10 +94,12 @@ public class LDAPMembershipPropagationAc LOG.debug("Role accountLinks to propagate for membership: {}", roleAccountLinks); if (!roleAccountLinks.isEmpty()) { -task.getAttributes().add(AttributeBuilder.build("ldapGroups", roleAccountLinks)); +Set attributes = new HashSet(task.getAttributes()); +attributes.add(AttributeBuilder.build(GROUP_MEMBERSHIP_ATTR, roleAccountLinks)); +task.setAttributes(attributes); } } else { -LOG.debug("It's {}, not doing anything", beforeObj.getObjectClass()); +LOG.debug("Not about user, or role mapping missing for resou
svn commit: r1418259 - in /syncope/branches/DEV_ROLE_PROVISIONING: ./ pom.xml
Author: ilgrosso Date: Fri Dec 7 10:29:15 2012 New Revision: 1418259 URL: http://svn.apache.org/viewvc?rev=1418259&view=rev Log: Merge from trunk Modified: syncope/branches/DEV_ROLE_PROVISIONING/ (props changed) syncope/branches/DEV_ROLE_PROVISIONING/pom.xml Propchange: syncope/branches/DEV_ROLE_PROVISIONING/ -- Merged /syncope/trunk:r1416948-1418258 Merged /syncope/branches/1_0_X:r1416937-1418254 Modified: syncope/branches/DEV_ROLE_PROVISIONING/pom.xml URL: http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/pom.xml?rev=1418259&r1=1418258&r2=1418259&view=diff == --- syncope/branches/DEV_ROLE_PROVISIONING/pom.xml (original) +++ syncope/branches/DEV_ROLE_PROVISIONING/pom.xml Fri Dec 7 10:29:15 2012 @@ -1013,12 +1013,13 @@ under the License. **/*.js **/*.csv **/archetype-resources/** +**/maven-eclipse.xml +**/*.iml +**/*.log .externalToolBuilders/** -maven-eclipse.xml -.gitignore .git/** .idea/** -**/*.iml +**/.*
svn commit: r1418258 - in /syncope/trunk: ./ pom.xml
Author: ilgrosso Date: Fri Dec 7 10:27:58 2012 New Revision: 1418258 URL: http://svn.apache.org/viewvc?rev=1418258&view=rev Log: Merge from 1_0_X Modified: syncope/trunk/ (props changed) syncope/trunk/pom.xml Propchange: syncope/trunk/ -- Merged /syncope/branches/1_0_X:r1416937-1418254 Modified: syncope/trunk/pom.xml URL: http://svn.apache.org/viewvc/syncope/trunk/pom.xml?rev=1418258&r1=1418257&r2=1418258&view=diff == --- syncope/trunk/pom.xml (original) +++ syncope/trunk/pom.xml Fri Dec 7 10:27:58 2012 @@ -1013,12 +1013,13 @@ under the License. **/*.js **/*.csv **/archetype-resources/** +**/maven-eclipse.xml +**/*.iml +**/*.log .externalToolBuilders/** -maven-eclipse.xml -.gitignore .git/** .idea/** -**/*.iml +**/.*
svn commit: r1418240 - in /syncope/branches/1_0_X: parent/pom.xml pom.xml
Author: ilgrosso Date: Fri Dec 7 09:57:50 2012 New Revision: 1418240 URL: http://svn.apache.org/viewvc?rev=1418240&view=rev Log: [SYNCOPE-243] Reworked a bit the provided patch in order to cover either pom.xml and parent/pom.xml Modified: syncope/branches/1_0_X/parent/pom.xml syncope/branches/1_0_X/pom.xml Modified: syncope/branches/1_0_X/parent/pom.xml URL: http://svn.apache.org/viewvc/syncope/branches/1_0_X/parent/pom.xml?rev=1418240&r1=1418239&r2=1418240&view=diff == --- syncope/branches/1_0_X/parent/pom.xml (original) +++ syncope/branches/1_0_X/parent/pom.xml Fri Dec 7 09:57:50 2012 @@ -966,11 +966,13 @@ under the License. **/*.js **/*.csv **/archetype-resources/** +**/maven-eclipse.xml +**/*.iml +**/*.log .externalToolBuilders/** -maven-eclipse.xml .git/** .idea/** -**/*.iml +**/.* Modified: syncope/branches/1_0_X/pom.xml URL: http://svn.apache.org/viewvc/syncope/branches/1_0_X/pom.xml?rev=1418240&r1=1418239&r2=1418240&view=diff == --- syncope/branches/1_0_X/pom.xml (original) +++ syncope/branches/1_0_X/pom.xml Fri Dec 7 09:57:50 2012 @@ -70,11 +70,14 @@ under the License. **/*.css **/*.js **/*.csv +**/archetype-resources/** +**/maven-eclipse.xml +**/*.iml +**/*.log .externalToolBuilders/** -maven-eclipse.xml .git/** .idea/** -**/*.iml +**/.* archetype/**