@Test public void testSyncPropertiesEmptyMap() throws Exception { ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_SECOND_USER); Authorizable a = syncCtx.createUser(externalUser); syncCtx.syncProperties(externalUser, a, ImmutableMap.<String, String>of()); for (String propName : externalUser.getProperties().keySet()) { assertFalse(a.hasProperty(propName)); } }
@Test public void testSyncMembershipDepthNoSync() throws Exception { ExternalUser externalUser = idp.listUsers().next(); Authorizable a = syncCtx.createUser(externalUser); root.commit(); assertTrue(externalUser.getDeclaredGroups().iterator().hasNext()); syncCtx.syncMembership(externalUser, a, 0); assertFalse(root.hasPendingChanges()); syncCtx.syncMembership(externalUser, a, -1); assertFalse(root.hasPendingChanges()); }
@Test public void testSyncMembershipGroupIsSyncedAsUser() throws Exception { ExternalUser fromIDP = idp.listUsers().next(); ExternalIdentityRef groupRef = fromIDP.getDeclaredGroups().iterator().next(); // sync the the ext-user from the idp (but make it just declare a single group) ExternalUser extuser = new ExternalUserWithDeclaredGroup(groupRef, fromIDP); Authorizable a = syncCtx.createUser(extuser); // create an external-user based on info that the IDP knows as group and sync it ExternalUser externalIdentity = new ExternalUserFromGroup(idp.getIdentity(groupRef)); Authorizable a2 = syncCtx.createUser(externalIdentity); assertFalse(a2.isGroup()); root.commit(); // now sync-ing the membership should not have any effect as the external // group referenced from 'extuser' has already been created in the system // as user. syncCtx.syncMembership(extuser, a, 1); assertFalse(root.hasPendingChanges()); }
@Test public void testSyncPropertiesEmptyMapExistingProps() throws Exception { ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_SECOND_USER); Authorizable a = syncCtx.createUser(externalUser); Value anyValue = valueFactory.createValue("any"); Map<String, ?> extProps = externalUser.getProperties(); for (String propName : extProps.keySet()) { a.setProperty(propName, anyValue); } syncCtx.syncProperties(externalUser, a, ImmutableMap.<String, String>of()); for (String propName : extProps.keySet()) { assertTrue(a.hasProperty(propName)); assertEquals(anyValue, a.getProperty(propName)[0]); } }
timer.mark("find"); if (user == null) { user = createUser((ExternalUser) identity); timer.mark("create"); created = true;
@Test public void testSyncProperties() throws Exception { ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_SECOND_USER); Authorizable a = syncCtx.createUser(externalUser); // create exact mapping Map<String, String> mapping = new HashMap<>(); Map<String, ?> extProps = externalUser.getProperties(); for (String propName : extProps.keySet()) { mapping.put(propName, propName); } syncCtx.syncProperties(externalUser, a, mapping); for (String propName : extProps.keySet()) { assertTrue(a.hasProperty(propName)); Object obj = extProps.get(propName); Value[] vs = a.getProperty(propName); if (vs.length == 1) { assertEquals(syncCtx.createValue(obj), a.getProperty(propName)[0]); } else { Value[] expected = (obj instanceof Collection) ? syncCtx.createValues((Collection) obj) : syncCtx.createValues(Arrays.asList((Object[]) obj)); assertArrayEquals(expected, a.getProperty(propName)); } } }
@Test public void testSyncPropertiesRemapped() throws Exception { ExternalUser externalUser = idp.getUser(TestIdentityProvider.ID_SECOND_USER); Authorizable a = syncCtx.createUser(externalUser); // create exact mapping Map<String, String> mapping = new HashMap<>(); Map<String, ?> extProps = externalUser.getProperties(); for (String propName : extProps.keySet()) { mapping.put("a/"+propName, propName); } syncCtx.syncProperties(externalUser, a, mapping); for (String propName : extProps.keySet()) { String relPath = "a/" + propName; assertTrue(a.hasProperty(relPath)); Object obj = extProps.get(propName); Value[] vs = a.getProperty(relPath); if (vs.length == 1) { assertEquals(syncCtx.createValue(obj), a.getProperty(relPath)[0]); } else { Value[] expected = (obj instanceof Collection) ? syncCtx.createValues((Collection) obj) : syncCtx.createValues(Arrays.asList((Object[]) obj)); assertArrayEquals(expected, a.getProperty(relPath)); } } }
@Test public void testSyncMembershipDepth1() throws Exception { ExternalUser externalUser = idp.listUsers().next(); Authorizable a = syncCtx.createUser(externalUser); syncCtx.syncMembership(externalUser, a, 1); assertTrue(root.hasPendingChanges()); for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) { Group g = userManager.getAuthorizable(ref.getId(), Group.class); assertNotNull(g); assertTrue(g.isDeclaredMember(a)); } }
@Test public void testSyncMembershipGroupIsExternalUser() throws Exception { // sync the 'wrong' external group into the repository ExternalIdentity externalIdentity = idp.listUsers().next(); sync(externalIdentity); // create external user with an synced-ext-user as declared group ExternalUser withWrongDeclaredGroup = new ExternalUserWithDeclaredGroup(externalIdentity.getExternalId()); try { Authorizable a = syncCtx.createUser(withWrongDeclaredGroup); root.commit(); syncCtx.syncMembership(withWrongDeclaredGroup, a, 1); assertFalse(root.hasPendingChanges()); } finally { Authorizable a = userManager.getAuthorizable(withWrongDeclaredGroup.getId()); if (a != null) { a.remove(); root.commit(); } } }
@Test public void testSyncMembershipDepthInfinite() throws Exception { ExternalUser externalUser = idp.listUsers().next(); Authorizable a = syncCtx.createUser(externalUser); syncCtx.syncMembership(externalUser, a, Long.MAX_VALUE); assertTrue(root.hasPendingChanges()); root.commit(); for (ExternalIdentityRef ref : externalUser.getDeclaredGroups()) { ExternalIdentity extGr = idp.getIdentity(ref); assertNotNull(extGr); for (ExternalIdentityRef inheritedGrRef : extGr.getDeclaredGroups()) { Group g = userManager.getAuthorizable(inheritedGrRef.getId(), Group.class); assertNotNull(g); if (Iterables.contains(externalUser.getDeclaredGroups(), inheritedGrRef)) { assertTrue(g.isDeclaredMember(a)); } else { assertFalse(g.isDeclaredMember(a)); } assertTrue(g.isMember(a)); } } }