public ProvisioningResult<AnyObjectTO> create(final AnyObjectTO anyObjectTO, final boolean nullPriorityAsync) { Pair<AnyObjectTO, List<LogicActions>> before = beforeCreate(anyObjectTO); if (before.getLeft().getRealm() == null) { throw SyncopeClientException.build(ClientExceptionType.InvalidRealm); } if (before.getLeft().getType() == null) { throw SyncopeClientException.build(ClientExceptionType.InvalidAnyType); } Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.CREATE.getFor(before.getLeft().getType())), before.getLeft().getRealm()); securityChecks(effectiveRealms, before.getLeft().getRealm(), null); Pair<String, List<PropagationStatus>> created = provisioningManager.create(before.getLeft(), nullPriorityAsync); return afterCreate(binder.getAnyObjectTO(created.getKey()), created.getRight(), before.getRight()); }
@Override public ProvisioningResult<AnyObjectTO> delete(final String key, final boolean nullPriorityAsync) { AnyObjectTO anyObject = binder.getAnyObjectTO(key); Pair<AnyObjectTO, List<LogicActions>> before = beforeDelete(anyObject); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.DELETE.getFor(before.getLeft().getType())), before.getLeft().getRealm()); securityChecks(effectiveRealms, before.getLeft().getRealm(), before.getLeft().getKey()); List<PropagationStatus> statuses = provisioningManager.delete(before.getLeft().getKey(), nullPriorityAsync); AnyObjectTO anyObjectTO = new AnyObjectTO(); anyObjectTO.setKey(before.getLeft().getKey()); return afterDelete(anyObjectTO, statuses, before.getRight()); }
@Override public ProvisioningResult<AnyObjectTO> unassign( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); AnyObjectPatch patch = new AnyObjectPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return update(patch, nullPriorityAsync); }
@Override public AnyObjectTO link(final String key, final Collection<String> resources) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); AnyObjectPatch patch = new AnyObjectPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); return binder.getAnyObjectTO(provisioningManager.link(patch)); }
@Override public AnyObjectTO unlink(final String key, final Collection<String> resources) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); AnyObjectPatch patch = new AnyObjectPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.DELETE).value(resource).build()). collect(Collectors.toList())); return binder.getAnyObjectTO(provisioningManager.unlink(patch)); }
@Override public ProvisioningResult<AnyObjectTO> assign( final String key, final Collection<String> resources, final boolean changepwd, final String password, final boolean nullPriorityAsync) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); AnyObjectPatch patch = new AnyObjectPatch(); patch.setKey(key); patch.getResources().addAll(resources.stream().map(resource -> new StringPatchItem.Builder().operation(PatchOperation.ADD_REPLACE).value(resource).build()). collect(Collectors.toList())); return update(patch, nullPriorityAsync); }
@Override public ProvisioningResult<AnyObjectTO> update( final AnyObjectPatch anyObjectPatch, final boolean nullPriorityAsync) { AnyObjectTO anyObjectTO = binder.getAnyObjectTO(anyObjectPatch.getKey()); Set<String> dynRealmsBefore = new HashSet<>(anyObjectTO.getDynRealms()); Pair<AnyObjectPatch, List<LogicActions>> before = beforeUpdate(anyObjectPatch, anyObjectTO.getRealm()); String realm = before.getLeft().getRealm() != null && StringUtils.isNotBlank(before.getLeft().getRealm().getValue()) ? before.getLeft().getRealm().getValue() : anyObjectTO.getRealm(); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), realm); boolean authDynRealms = securityChecks(effectiveRealms, realm, before.getLeft().getKey()); Pair<AnyObjectPatch, List<PropagationStatus>> updated = provisioningManager.update(anyObjectPatch, nullPriorityAsync); return afterUpdate( binder.getAnyObjectTO(updated.getLeft().getKey()), updated.getRight(), before.getRight(), authDynRealms, dynRealmsBefore); }
@Override public ProvisioningResult<AnyObjectTO> deprovision( final String key, final Collection<String> resources, final boolean nullPriorityAsync) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); List<PropagationStatus> statuses = provisioningManager.deprovision(key, resources, nullPriorityAsync); ProvisioningResult<AnyObjectTO> result = new ProvisioningResult<>(); result.setEntity(binder.getAnyObjectTO(key)); result.getPropagationStatuses().addAll(statuses); return result; }
@Override public ProvisioningResult<AnyObjectTO> provision( final String key, final Collection<String> resources, final boolean changePwd, final String password, final boolean nullPriorityAsync) { // security checks AnyObjectTO anyObjectTO = binder.getAnyObjectTO(key); Set<String> effectiveRealms = RealmUtils.getEffective( AuthContextUtils.getAuthorizations().get(AnyEntitlement.UPDATE.getFor(anyObjectTO.getType())), anyObjectTO.getRealm()); securityChecks(effectiveRealms, anyObjectTO.getRealm(), anyObjectTO.getKey()); List<PropagationStatus> statuses = provisioningManager.provision(key, resources, nullPriorityAsync); ProvisioningResult<AnyObjectTO> result = new ProvisioningResult<>(); result.setEntity(binder.getAnyObjectTO(key)); result.getPropagationStatuses().addAll(statuses); return result; }