svn commit: r1418382 - in /syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main: java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java java/org/apache/syncope/buildtools/LdifURLLoad

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 16:27:23 2012
New Revision: 1418382

URL: http://svn.apache.org/viewvc?rev=1418382&view=rev
Log:
Supporting loading from external LDIF file

Added:

syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java
   (with props)

syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/resources/content.ldif
Modified:

syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java

Modified: 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java?rev=1418382&r1=1418381&r2=1418382&view=diff
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java
 (original)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/ApacheDSStartStopListener.java
 Fri Dec  7 16:27:23 2012
@@ -172,24 +172,11 @@ public class ApacheDSStartStopListener i
 // And start the service
 service.startup();
 
-// Finally, build base DN entries
-final DN dnIsp = new DN("o=isp");
-final ServerEntry rootEntry = service.newEntry(dnIsp);
-rootEntry.add("objectClass", "top", "organization");
-rootEntry.add("o", "isp");
-service.getAdminSession().add(rootEntry);
-
-final DN dnPeople = new DN("ou=People,o=isp");
-final ServerEntry peopleEntry = service.newEntry(dnPeople);
-peopleEntry.add("objectClass", "top", "organizationalUnit");
-peopleEntry.add("ou", "People");
-service.getAdminSession().add(peopleEntry);
-
-final DN dnGroups = new DN("ou=Groups,o=isp");
-final ServerEntry groupsEntry = service.newEntry(dnGroups);
-groupsEntry.add("objectClass", "top", "organizationalUnit");
-groupsEntry.add("ou", "Groups");
-service.getAdminSession().add(groupsEntry);
+// Finally, load content LDIF
+final LdifURLLoader contentLoader = new 
LdifURLLoader(service.getAdminSession(),
+servletContext.getResource("/WEB-INF/classes/content.ldif"));
+final int numEntries = contentLoader.execute();
+servletContext.log("Successfully created " + numEntries + " entries");
 }
 
 /**

Added: 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java?rev=1418382&view=auto
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java
 (added)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/build-tools/src/main/java/org/apache/syncope/buildtools/LdifURLLoader.java
 Fri Dec  7 16:27:23 2012
@@ -0,0 +1,127 @@
+/*
+ *  Licensed to the Apache Software Foundation (ASF) under one
+ *  or more contributor license agreements.  See the NOTICE file
+ *  distributed with this work for additional information
+ *  regarding copyright ownership.  The ASF licenses this file
+ *  to you under the Apache License, Version 2.0 (the
+ *  "License"); you may not use this file except in compliance
+ *  with the License.  You may obtain a copy of the License at
+ *  
+ *http://www.apache.org/licenses/LICENSE-2.0
+ *  
+ *  Unless required by applicable law or agreed to in writing,
+ *  software distributed under the License is distributed on an
+ *  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ *  KIND, either express or implied.  See the License for the
+ *  specific language governing permissions and limitations
+ *  under the License. 
+ *  
+ */
+package org.apache.syncope.buildtools;
+
+import java.io.FileNotFoundException;
+import java.io.InputStream;
+import java.net.URL;
+import java.util.List;
+import javax.naming.NamingException;
+import org.apache.directory.server.core.CoreSession;
+import org.apache.directory.server.i18n.I18n;
+import org.apache.directory.shared.ldap.entry.DefaultServerEntry;
+import org.apache.directory.shared.ldap.entry.Entry;
+import org.apache.directory.shared.ldap.entry.Modification;
+import org.apache.directory.shared.ldap.ldif.LdifEntry;
+import org.apache.directory.shared.ldap.ldif.LdifReader;
+import org.apache.directory.shared.ldap.name.DN;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Support for commands to load an LDIF from an URL into a DirContext.
+ *
+ * @see org.apache.directory.server.protocol.shared.store

svn commit: r1418342 - in /syncope/branches/DEV_ROLE_PROVISIONING: client/src/main/java/org/apache/syncope/client/to/ core/src/main/java/org/apache/syncope/core/persistence/beans/ core/src/main/java/o

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 14:55:56 2012
New Revision: 1418342

URL: http://svn.apache.org/viewvc?rev=1418342&view=rev
Log:
Completing (and verifying) role template features for SyncTask

Modified:

syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java

syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java

syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java

syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/java/org/apache/syncope/core/rest/TaskTestITCase.java

Modified: 
syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java?rev=1418342&r1=1418341&r2=1418342&view=diff
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java
 (original)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/client/src/main/java/org/apache/syncope/client/to/SyncTaskTO.java
 Fri Dec  7 14:55:56 2012
@@ -26,6 +26,8 @@ public class SyncTaskTO extends SchedTas
 
 private UserTO userTemplate;
 
+private RoleTO roleTemplate;
+
 private boolean performCreate;
 
 private boolean performUpdate;
@@ -46,6 +48,14 @@ public class SyncTaskTO extends SchedTas
 this.userTemplate = userTemplate;
 }
 
+public RoleTO getRoleTemplate() {
+return roleTemplate;
+}
+
+public void setRoleTemplate(RoleTO roleTemplate) {
+this.roleTemplate = roleTemplate;
+}
+
 public String getResource() {
 return resource;
 }

Modified: 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java?rev=1418342&r1=1418341&r2=1418342&view=diff
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java
 (original)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/persistence/beans/SyncTask.java
 Fri Dec  7 14:55:56 2012
@@ -112,7 +112,7 @@ public class SyncTask extends SchedTask 
 : XMLSerializer.deserialize(roleTemplate);
 }
 
-public void setUserTemplate(final RoleTO roleTemplate) {
+public void setRoleTemplate(final RoleTO roleTemplate) {
 this.roleTemplate = XMLSerializer.serialize(roleTemplate);
 }
 

Modified: 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java?rev=1418342&r1=1418341&r2=1418342&view=diff
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java
 (original)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/rest/data/TaskDataBinder.java
 Fri Dec  7 14:55:56 2012
@@ -22,6 +22,7 @@ import org.apache.commons.lang.StringUti
 import org.apache.syncope.client.to.AbstractAttributableTO;
 import org.apache.syncope.client.to.AttributeTO;
 import org.apache.syncope.client.to.MembershipTO;
+import org.apache.syncope.client.to.RoleTO;
 import org.apache.syncope.client.to.SchedTaskTO;
 import org.apache.syncope.client.to.SyncTaskTO;
 import org.apache.syncope.client.to.TaskExecTO;
@@ -80,34 +81,29 @@ public class TaskDataBinder {
 private JexlUtil jexlUtil;
 
 private void checkJexl(final AbstractAttributableTO attributableTO, final 
SyncopeClientException sce) {
-
 for (AttributeTO attrTO : attributableTO.getAttributes()) {
 if (!attrTO.getValues().isEmpty() && 
!jexlUtil.isExpressionValid(attrTO.getValues().get(0))) {
-
 sce.addElement("Invalid JEXL: " + attrTO.getValues().get(0));
 }
 }
 for (AttributeTO attrTO : attributableTO.getVirtualAttributes()) {
 if (!attrTO.getValues().isEmpty() && 
!jexlUtil.isExpressionValid(attrTO.getValues().get(0))) {
-
 sce.addElement("Invalid JEXL: " + attrTO.getValues().get(0));
 }
 }
 }
 
 private void fill(final SyncTask task, final SyncTaskTO taskTO) {
+SyncopeClientException sce = new 
SyncopeClientException(SyncopeClientExceptionType.InvalidSyncTask);
+
+// 1. validate JEXL expressions in user and role templates
  

svn commit: r1418327 - in /syncope/branches/DEV_ROLE_PROVISIONING/core/src: main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java test/resources/content.xml

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 14:29:41 2012
New Revision: 1418327

URL: http://svn.apache.org/viewvc?rev=1418327&view=rev
Log:
Adding a utility PropagationActions class allowing transparent LDAP role 
membership propagation

Modified:

syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java
syncope/branches/DEV_ROLE_PROVISIONING/core/src/test/resources/content.xml

Modified: 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java?rev=1418327&r1=1418326&r2=1418327&view=diff
==
--- 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java
 (original)
+++ 
syncope/branches/DEV_ROLE_PROVISIONING/core/src/main/java/org/apache/syncope/core/propagation/LDAPMembershipPropagationActions.java
 Fri Dec  7 14:29:41 2012
@@ -19,28 +19,42 @@
 package org.apache.syncope.core.propagation;
 
 import java.util.ArrayList;
+import java.util.HashSet;
 import java.util.List;
+import java.util.Set;
 import org.apache.commons.jexl2.JexlContext;
 import org.apache.commons.jexl2.MapContext;
 import org.apache.commons.lang.StringUtils;
 import org.apache.syncope.core.persistence.beans.PropagationTask;
 import org.apache.syncope.core.persistence.beans.role.SyncopeRole;
-import org.apache.syncope.core.persistence.dao.RoleDAO;
+import org.apache.syncope.core.persistence.beans.user.SyncopeUser;
+import org.apache.syncope.core.persistence.dao.UserDAO;
 import org.apache.syncope.core.util.JexlUtil;
+import org.apache.syncope.types.AttributableType;
+import org.apache.syncope.types.ResourceOperation;
+import org.identityconnectors.framework.common.objects.Attribute;
 import org.identityconnectors.framework.common.objects.AttributeBuilder;
 import org.identityconnectors.framework.common.objects.ConnectorObject;
-import org.identityconnectors.framework.common.objects.ObjectClass;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.transaction.annotation.Transactional;
 
+/**
+ * Simple action for propagating role memberships to LDAP groups, when the 
same resource is configured for both users
+ * and roles.
+ */
 public class LDAPMembershipPropagationActions extends 
DefaultPropagationActions {
 
 private static final Logger LOG = 
LoggerFactory.getLogger(LDAPMembershipPropagationActions.class);
 
+/**
+ * Allows easy subclassing for the ConnId AD connector bundle.
+ */
+protected static final String GROUP_MEMBERSHIP_ATTR = "ldapGroups";
+
 @Autowired
-private RoleDAO roleDAO;
+private UserDAO userDAO;
 
 @Autowired
 private JexlUtil jexlUtil;
@@ -50,10 +64,17 @@ public class LDAPMembershipPropagationAc
 public void before(final PropagationTask task, final ConnectorObject 
beforeObj) {
 super.before(task, beforeObj);
 
-if (beforeObj.getObjectClass() == ObjectClass.ACCOUNT && 
task.getResource().getRmapping() != null) {
+if (ResourceOperation.DELETE != task.getPropagationOperation()
+&& AttributableType.USER == task.getSubjectType() && 
task.getResource().getRmapping() != null) {
+
+SyncopeUser user = userDAO.find(task.getSubjectId());
+if (user == null) {
+throw new IllegalArgumentException("User " + 
task.getSubjectId() + " not found");
+}
+
 List roleAccountLinks = new ArrayList();
-for (SyncopeRole role : roleDAO.findAll()) {
-if (role.getResources().contains(task.getResource())
+for (SyncopeRole role : user.getRoles()) {
+if 
(role.getResourceNames().contains(task.getResource().getName())
 && 
StringUtils.isNotBlank(task.getResource().getRmapping().getAccountLink())) {
 
 LOG.debug("Evaluating accountLink for {}", role);
@@ -73,10 +94,12 @@ public class LDAPMembershipPropagationAc
 LOG.debug("Role accountLinks to propagate for membership: {}", 
roleAccountLinks);
 
 if (!roleAccountLinks.isEmpty()) {
-task.getAttributes().add(AttributeBuilder.build("ldapGroups", 
roleAccountLinks));
+Set attributes = new 
HashSet(task.getAttributes());
+attributes.add(AttributeBuilder.build(GROUP_MEMBERSHIP_ATTR, 
roleAccountLinks));
+task.setAttributes(attributes);
 }
 } else {
-LOG.debug("It's {}, not doing anything", 
beforeObj.getObjectClass());
+LOG.debug("Not about user, or role mapping missing for resou

svn commit: r1418259 - in /syncope/branches/DEV_ROLE_PROVISIONING: ./ pom.xml

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 10:29:15 2012
New Revision: 1418259

URL: http://svn.apache.org/viewvc?rev=1418259&view=rev
Log:
Merge from trunk

Modified:
syncope/branches/DEV_ROLE_PROVISIONING/   (props changed)
syncope/branches/DEV_ROLE_PROVISIONING/pom.xml

Propchange: syncope/branches/DEV_ROLE_PROVISIONING/
--
  Merged /syncope/trunk:r1416948-1418258
  Merged /syncope/branches/1_0_X:r1416937-1418254

Modified: syncope/branches/DEV_ROLE_PROVISIONING/pom.xml
URL: 
http://svn.apache.org/viewvc/syncope/branches/DEV_ROLE_PROVISIONING/pom.xml?rev=1418259&r1=1418258&r2=1418259&view=diff
==
--- syncope/branches/DEV_ROLE_PROVISIONING/pom.xml (original)
+++ syncope/branches/DEV_ROLE_PROVISIONING/pom.xml Fri Dec  7 10:29:15 2012
@@ -1013,12 +1013,13 @@ under the License.
 **/*.js
 **/*.csv
 **/archetype-resources/**
+**/maven-eclipse.xml
+**/*.iml
+**/*.log
 .externalToolBuilders/**
-maven-eclipse.xml
-.gitignore
 .git/**
 .idea/**
-**/*.iml
+**/.*
   
 
 

svn commit: r1418258 - in /syncope/trunk: ./ pom.xml

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 10:27:58 2012
New Revision: 1418258

URL: http://svn.apache.org/viewvc?rev=1418258&view=rev
Log:
Merge from 1_0_X

Modified:
syncope/trunk/   (props changed)
syncope/trunk/pom.xml

Propchange: syncope/trunk/
--
  Merged /syncope/branches/1_0_X:r1416937-1418254

Modified: syncope/trunk/pom.xml
URL: 
http://svn.apache.org/viewvc/syncope/trunk/pom.xml?rev=1418258&r1=1418257&r2=1418258&view=diff
==
--- syncope/trunk/pom.xml (original)
+++ syncope/trunk/pom.xml Fri Dec  7 10:27:58 2012
@@ -1013,12 +1013,13 @@ under the License.
 **/*.js
 **/*.csv
 **/archetype-resources/**
+**/maven-eclipse.xml
+**/*.iml
+**/*.log
 .externalToolBuilders/**
-maven-eclipse.xml
-.gitignore
 .git/**
 .idea/**
-**/*.iml
+**/.*
   
 
 

svn commit: r1418240 - in /syncope/branches/1_0_X: parent/pom.xml pom.xml

[ilgrosso]

Author: ilgrosso
Date: Fri Dec  7 09:57:50 2012
New Revision: 1418240

URL: http://svn.apache.org/viewvc?rev=1418240&view=rev
Log:
[SYNCOPE-243] Reworked a bit the provided patch in order to cover either 
pom.xml and parent/pom.xml

Modified:
syncope/branches/1_0_X/parent/pom.xml
syncope/branches/1_0_X/pom.xml

Modified: syncope/branches/1_0_X/parent/pom.xml
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_0_X/parent/pom.xml?rev=1418240&r1=1418239&r2=1418240&view=diff
==
--- syncope/branches/1_0_X/parent/pom.xml (original)
+++ syncope/branches/1_0_X/parent/pom.xml Fri Dec  7 09:57:50 2012
@@ -966,11 +966,13 @@ under the License.
 **/*.js
 **/*.csv
 **/archetype-resources/**
+**/maven-eclipse.xml
+**/*.iml
+**/*.log
 .externalToolBuilders/**
-maven-eclipse.xml
 .git/**
 .idea/**
-**/*.iml
+**/.*
   
 
 

Modified: syncope/branches/1_0_X/pom.xml
URL: 
http://svn.apache.org/viewvc/syncope/branches/1_0_X/pom.xml?rev=1418240&r1=1418239&r2=1418240&view=diff
==
--- syncope/branches/1_0_X/pom.xml (original)
+++ syncope/branches/1_0_X/pom.xml Fri Dec  7 09:57:50 2012
@@ -70,11 +70,14 @@ under the License.
 **/*.css
 **/*.js
 **/*.csv
+**/archetype-resources/**
+**/maven-eclipse.xml
+**/*.iml
+**/*.log
 .externalToolBuilders/**
-maven-eclipse.xml
 .git/**
 .idea/**
-**/*.iml
+**/.*
 
 archetype/**