/** * Checks if the given authorizable needs syncing based on the {@link #REP_LAST_SYNCED} property. * * @param authorizable the authorizable to check * @return {@code true} if the authorizable needs sync */ private boolean isExpired(@NotNull Authorizable authorizable) throws RepositoryException { long expTime = (authorizable.isGroup()) ? config.group().getExpirationTime() : config.user().getExpirationTime(); return isExpired(authorizable, expTime, "Properties"); }
@NotNull protected DefaultSyncResultImpl syncGroup(@NotNull ExternalGroup external, @NotNull Group group) throws RepositoryException { // make also sure the local user to be synced belongs to the same IDP. Note: 'external' has been verified before. if (!isSameIDP(group)) { return new DefaultSyncResultImpl(new DefaultSyncedIdentity(external.getId(), external.getExternalId(), false, -1), SyncResult.Status.FOREIGN); } SyncResult.Status status; // first check if group is expired if (!forceGroupSync && !isExpired(group)) { status = SyncResult.Status.NOP; } else { syncExternalIdentity(external, group, config.group()); // finally "touch" the sync property group.setProperty(REP_LAST_SYNCED, nowValue); status = SyncResult.Status.UPDATE; } return new DefaultSyncResultImpl(createSyncedIdentity(group), status); }
@Test public void testIsExpiredSyncedUser() throws Exception { ExternalIdentity externalUser = idp.listUsers().next(); sync(externalUser); Authorizable a = userManager.getAuthorizable(externalUser.getId()); assertFalse(syncCtx.isExpired(a, syncConfig.user().getExpirationTime(), "any")); assertTrue(syncCtx.isExpired(a, -1, "any")); // create a ctx with a newer 'now' DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory); long expTime = ctx.now - syncCtx.now - 1; assertTrue(ctx.isExpired(a, expTime, "any")); // remove last-sync property a.removeProperty(DefaultSyncContext.REP_LAST_SYNCED); assertTrue(syncCtx.isExpired(a, syncConfig.user().getExpirationTime(), "any")); }
@Test public void testIsExpiredSyncedGroup() throws Exception { ExternalIdentity externalGroup = idp.listGroups().next(); sync(externalGroup); Authorizable a = userManager.getAuthorizable(externalGroup.getId()); assertFalse(syncCtx.isExpired(a, syncConfig.group().getExpirationTime(), "any")); assertTrue(syncCtx.isExpired(a, -1, "any")); // create a ctx with a newer 'now' DefaultSyncContext ctx = new DefaultSyncContext(syncConfig, idp, userManager, valueFactory); long expTime = ctx.now - syncCtx.now - 1; assertTrue(ctx.isExpired(a, expTime, "any")); // remove last-sync property a.removeProperty(DefaultSyncContext.REP_LAST_SYNCED); assertTrue(syncCtx.isExpired(a, syncConfig.group().getExpirationTime(), "any")); }
@NotNull protected DefaultSyncResultImpl syncUser(@NotNull ExternalUser external, @NotNull User user) throws RepositoryException { // make also sure the local user to be synced belongs to the same IDP. Note: 'external' has been verified before. if (!isSameIDP(user)) { return new DefaultSyncResultImpl(new DefaultSyncedIdentity(external.getId(), external.getExternalId(), false, -1), SyncResult.Status.FOREIGN); } SyncResult.Status status; // check if user is expired if (!forceUserSync && !isExpired(user)) { status = SyncResult.Status.NOP; } else { syncExternalIdentity(external, user, config.user()); if (isExpired(user, config.user().getMembershipExpirationTime(), "Membership")) { // synchronize external memberships syncMembership(external, user, config.user().getMembershipNestingDepth()); } if (this.config.user().getDisableMissing() && user.isDisabled()) { status = SyncResult.Status.ENABLE; user.disable(null); } else { status = SyncResult.Status.UPDATE; } // finally "touch" the sync property user.setProperty(REP_LAST_SYNCED, nowValue); } return new DefaultSyncResultImpl(createSyncedIdentity(user), status); }
@Test public void testIsExpiredLocalGroup() throws Exception { Group gr = createTestGroup(); assertTrue(syncCtx.isExpired(gr, syncConfig.group().getExpirationTime(), "any")); }
@Test public void testIsExpiredEmptyLastSyncedProperty() throws Exception { Group gr = createTestGroup(); gr.setProperty(DefaultSyncContext.REP_LAST_SYNCED, new Value[0]); assertTrue(syncCtx.isExpired(gr, syncConfig.group().getExpirationTime(), "any")); }