public static void assertAttributeDefinition(ResourceAttribute<?> attr, QName expectedType, int minOccurs, int maxOccurs, boolean canRead, boolean canCreate, boolean canUpdate, Class<?> expectedAttributeDefinitionClass) { ResourceAttributeDefinition definition = attr.getDefinition(); QName attrName = attr.getElementName(); assertNotNull("No definition for attribute "+attrName, definition); //assertEquals("Wrong class of definition for attribute"+attrName, expetcedAttributeDefinitionClass, definition.getClass()); assertTrue("Wrong class of definition for attribute"+attrName+" (expected: " + expectedAttributeDefinitionClass + ", real: " + definition.getClass() + ")", expectedAttributeDefinitionClass.isAssignableFrom(definition.getClass())); assertEquals("Wrong type in definition for attribute"+attrName, expectedType, definition.getTypeName()); assertEquals("Wrong minOccurs in definition for attribute"+attrName, minOccurs, definition.getMinOccurs()); assertEquals("Wrong maxOccurs in definition for attribute"+attrName, maxOccurs, definition.getMaxOccurs()); assertEquals("Wrong canRead in definition for attribute"+attrName, canRead, definition.canRead()); assertEquals("Wrong canCreate in definition for attribute"+attrName, canCreate, definition.canAdd()); assertEquals("Wrong canUpdate in definition for attribute"+attrName, canUpdate, definition.canModify()); }
@Override protected void assertAccountDefinition(ObjectClassComplexTypeDefinition accountDef) { assertEquals("Unexpected number of definitions", 4, accountDef.getDefinitions().size()); ResourceAttributeDefinition<String> usernameDef = accountDef.findAttributeDefinition(ATTR_USERNAME); assertNotNull("No definition for username", usernameDef); assertEquals(1, usernameDef.getMaxOccurs()); assertEquals(1, usernameDef.getMinOccurs()); assertTrue("No username create", usernameDef.canAdd()); assertTrue("No username update", usernameDef.canModify()); assertTrue("No username read", usernameDef.canRead()); }
assertFalse("UID has create", uidDef.canAdd()); assertFalse("UID has update",uidDef.canModify()); assertTrue("No UID read",uidDef.canRead()); assertTrue("UID definition not in identifiers", accountDef.getPrimaryIdentifiers().contains(uidDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_UID, "ConnId UID", uidDef.getDisplayName()); assertTrue("No NAME create", nameDef.canAdd()); assertTrue("No NAME update",nameDef.canModify()); assertTrue("No NAME read",nameDef.canRead()); assertTrue("NAME definition not in identifiers", accountDef.getSecondaryIdentifiers().contains(nameDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_NAME, "ConnId Name", nameDef.getDisplayName());
@Test public void testAccessList() throws Exception { String filename = "src/test/resources/processor/resource-schema-complex.xsd"; Document schemaDom = DOMUtil.parseFile(filename); ResourceSchema schema = ResourceSchemaImpl.parse(DOMUtil.getFirstChildElement(schemaDom), filename, PrismTestUtil.getPrismContext()); final String defaultNS = "http://midpoint.evolveum.com/xml/ns/public/resource/instances/ef2bc95b-76e0-48e2-86d6-3d4f02d3e1a2"; final String icfNS = "http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"; ObjectClassComplexTypeDefinition objectDef = schema.findObjectClassDefinition(new ItemName(defaultNS, "AccountObjectClass")); assertNotNull("AccountObjectClass definition not found", objectDef); ResourceAttributeDefinition attrDef = objectDef.findAttributeDefinition(new ItemName(icfNS, "uid")); AssertJUnit.assertTrue("uid readability", attrDef.canRead()); AssertJUnit.assertFalse("uid updateability", attrDef.canModify()); AssertJUnit.assertFalse("uid createability", attrDef.canAdd()); attrDef = objectDef.findAttributeDefinition(new ItemName(defaultNS, "title")); AssertJUnit.assertTrue(attrDef.canRead()); AssertJUnit.assertTrue(attrDef.canModify()); AssertJUnit.assertTrue(attrDef.canAdd()); attrDef = objectDef.findAttributeDefinition(new ItemName(defaultNS, "photo")); AssertJUnit.assertFalse(attrDef.canRead()); AssertJUnit.assertTrue(attrDef.canModify()); AssertJUnit.assertTrue(attrDef.canAdd()); }
assertTrue("No fullname create", fullnameDef.canAdd()); assertTrue("No fullname update", fullnameDef.canModify()); assertTrue("No fullname read", fullnameDef.canRead()); if (checkDisplayOrder) { assertTrue("No members create", membersDef.canAdd()); assertTrue("No members update", membersDef.canModify()); assertTrue("No members read", membersDef.canRead());
@Override protected void assertAccountDefinition(ObjectClassComplexTypeDefinition accountDef) { assertEquals("Unexpected number of definitions", 5, accountDef.getDefinitions().size()); ResourceAttributeDefinition<String> guidDef = accountDef.findAttributeDefinition(ATTR_GUID); assertNotNull("No definition for guid", guidDef); assertEquals(1, guidDef.getMaxOccurs()); assertEquals(1, guidDef.getMinOccurs()); assertTrue("No guid create", guidDef.canAdd()); assertTrue("No guid update", guidDef.canModify()); assertTrue("No guid read", guidDef.canRead()); ResourceAttributeDefinition<String> unameDef = accountDef.findAttributeDefinition(ATTR_UNAME); assertNotNull("No definition for uname", unameDef); assertEquals(1, unameDef.getMaxOccurs()); assertEquals(0, unameDef.getMinOccurs()); // TODO: should be 1 assertTrue("No uname create", unameDef.canAdd()); assertTrue("No uname update", unameDef.canModify()); assertTrue("No uname read", unameDef.canRead()); assertNotNull("Null secondary identifiers in account", accountDef.getSecondaryIdentifiers()); assertFalse("Empty secondary identifiers in account", accountDef.getSecondaryIdentifiers().isEmpty()); }
assertTrue("No username create", usernameDef.canAdd()); assertTrue("No username update", usernameDef.canModify()); assertTrue("No username read", usernameDef.canRead()); assertTrue("No fullname create", fullnameDef.canAdd()); assertTrue("No fullname update", fullnameDef.canModify()); assertTrue("No fullname read", fullnameDef.canRead());
assertTrue("No username create", usernameDef.canAdd()); assertTrue("No username update", usernameDef.canModify()); assertTrue("No username read", usernameDef.canRead()); assertTrue("No fullname create", fullnameDef.canAdd()); assertTrue("No fullname update", fullnameDef.canModify()); assertTrue("No fullname read", fullnameDef.canRead());
assertFalse("UID has create", idPrimaryDef.canAdd()); assertFalse("UID has update", idPrimaryDef.canModify()); assertTrue("No UID read", idPrimaryDef.canRead()); assertTrue("UID definition not in identifiers", accountDef.getPrimaryIdentifiers().contains(idPrimaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_PRIMARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_UID_NAME, idPrimaryDef.getFrameworkAttributeName()); assertTrue("No NAME create", idSecondaryDef.canAdd()); assertTrue("No NAME update", idSecondaryDef.canModify()); assertTrue("No NAME read", idSecondaryDef.canRead()); assertTrue("NAME definition not in secondary identifiers", accountDef.getSecondaryIdentifiers().contains(idSecondaryDef)); assertEquals("Wrong "+OpenDJController.RESOURCE_OPENDJ_SECONDARY_IDENTIFIER_LOCAL_NAME+" frameworkAttributeName", ProvisioningTestUtil.CONNID_NAME_NAME, idSecondaryDef.getFrameworkAttributeName()); assertTrue("No cn create", cnDef.canAdd()); assertTrue("No cn update", cnDef.canModify()); assertTrue("No cn read", cnDef.canRead()); assertEquals("Wrong cn matching rule", PrismConstants.STRING_IGNORE_CASE_MATCHING_RULE_NAME, cnDef.getMatchingRuleQName()); assertTrue("No jpegPhoto create", jpegPhoto.canAdd()); assertTrue("No jpegPhoto update", jpegPhoto.canModify()); assertTrue("No jpegPhoto read", jpegPhoto.canRead()); assertEquals("Wrong jpegPhoto matching rule", null, jpegPhoto.getMatchingRuleQName()); assertEquals(1, dsDef.getMaxOccurs()); assertEquals(0, dsDef.getMinOccurs()); assertTrue("No ds-pwp-account-disabled read", dsDef.canRead()); assertTrue("No ds-pwp-account-disabled create", dsDef.canAdd()); assertTrue("No ds-pwp-account-disabled update", dsDef.canModify()); assertFalse("isMemberOf create", memberOfDef.canAdd());
assertFalse("UID has create", uidDef.canAdd()); assertFalse("UID has update",uidDef.canModify()); assertTrue("No UID read",uidDef.canRead()); assertTrue("UID definition not in identifiers", accountDef1.getPrimaryIdentifiers().contains(uidDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_UID, "Modified ConnId UID", uidDef.getDisplayName()); assertTrue("No NAME create", nameDef.canAdd()); assertTrue("No NAME update",nameDef.canModify()); assertTrue("No NAME read",nameDef.canRead()); assertTrue("NAME definition not in identifiers", accountDef1.getSecondaryIdentifiers().contains(nameDef)); assertEquals("Wrong refined displayName for attribute "+SchemaTestConstants.ICFS_NAME, "Modified ConnId Name", nameDef.getDisplayName()); assertTrue("No fullname create", fullnameDef.canAdd()); assertTrue("No fullname update", fullnameDef.canModify()); assertTrue("No fullname read", fullnameDef.canRead()); assertTrue("Wrong displayOrder for attribute fullName: "+fullnameDef.getDisplayOrder(), fullnameDef.getDisplayOrder() == 200 || fullnameDef.getDisplayOrder() == 250 || fullnameDef.getDisplayOrder() == 260); assertTrue("No members create", membersDef.canAdd()); assertTrue("No members update", membersDef.canModify()); assertTrue("No members read", membersDef.canRead());
assertFalse("isMemberOf create", memberOfDef.canAdd()); assertFalse("isMemberOf update", memberOfDef.canModify()); assertTrue("No isMemberOf read", memberOfDef.canRead()); assertEquals("Wrong isMemberOf matching rule", PrismConstants.DISTINGUISHED_NAME_MATCHING_RULE_NAME, memberOfDef.getMatchingRuleQName()); assertTrue("No secretary create", secretaryDef.canAdd()); assertTrue("No secretary update", secretaryDef.canModify()); assertTrue("No secretary read", secretaryDef.canRead()); assertEquals("Wrong secretary matching rule", PrismConstants.XML_MATCHING_RULE_NAME, secretaryDef.getMatchingRuleQName());
schemaLimitations.getAccess().setAdd(schemaAttrDef.canAdd()); schemaLimitations.getAccess().setModify(schemaAttrDef.canModify()); schemaLimitations.getAccess().setRead(schemaAttrDef.canRead());