1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.persistence.jpa.inner;
20
21 import static org.junit.jupiter.api.Assertions.assertEquals;
22 import static org.junit.jupiter.api.Assertions.assertFalse;
23 import static org.junit.jupiter.api.Assertions.assertNotNull;
24 import static org.junit.jupiter.api.Assertions.assertNull;
25 import static org.junit.jupiter.api.Assertions.assertTrue;
26
27 import java.util.List;
28 import java.util.UUID;
29 import org.apache.syncope.common.lib.policy.DefaultAccessPolicyConf;
30 import org.apache.syncope.common.lib.policy.DefaultAttrReleasePolicyConf;
31 import org.apache.syncope.common.lib.policy.DefaultAuthPolicyConf;
32 import org.apache.syncope.common.lib.policy.DefaultPasswordRuleConf;
33 import org.apache.syncope.common.lib.policy.DefaultPullCorrelationRuleConf;
34 import org.apache.syncope.common.lib.policy.DefaultPushCorrelationRuleConf;
35 import org.apache.syncope.common.lib.policy.DefaultTicketExpirationPolicyConf;
36 import org.apache.syncope.common.lib.types.AnyTypeKind;
37 import org.apache.syncope.common.lib.types.BackOffStrategy;
38 import org.apache.syncope.common.lib.types.ConflictResolutionAction;
39 import org.apache.syncope.common.lib.types.IdMImplementationType;
40 import org.apache.syncope.common.lib.types.IdRepoImplementationType;
41 import org.apache.syncope.common.lib.types.ImplementationEngine;
42 import org.apache.syncope.core.persistence.api.dao.AnyTypeDAO;
43 import org.apache.syncope.core.persistence.api.dao.ImplementationDAO;
44 import org.apache.syncope.core.persistence.api.dao.PolicyDAO;
45 import org.apache.syncope.core.persistence.api.entity.Implementation;
46 import org.apache.syncope.core.persistence.api.entity.policy.AccessPolicy;
47 import org.apache.syncope.core.persistence.api.entity.policy.AttrReleasePolicy;
48 import org.apache.syncope.core.persistence.api.entity.policy.AuthPolicy;
49 import org.apache.syncope.core.persistence.api.entity.policy.PasswordPolicy;
50 import org.apache.syncope.core.persistence.api.entity.policy.Policy;
51 import org.apache.syncope.core.persistence.api.entity.policy.PropagationPolicy;
52 import org.apache.syncope.core.persistence.api.entity.policy.PullCorrelationRuleEntity;
53 import org.apache.syncope.core.persistence.api.entity.policy.PullPolicy;
54 import org.apache.syncope.core.persistence.api.entity.policy.PushCorrelationRuleEntity;
55 import org.apache.syncope.core.persistence.api.entity.policy.PushPolicy;
56 import org.apache.syncope.core.persistence.api.entity.policy.TicketExpirationPolicy;
57 import org.apache.syncope.core.persistence.jpa.AbstractTest;
58 import org.apache.syncope.core.provisioning.api.rules.PullCorrelationRule;
59 import org.apache.syncope.core.provisioning.api.rules.PushCorrelationRule;
60 import org.apache.syncope.core.provisioning.api.serialization.POJOHelper;
61 import org.junit.jupiter.api.Test;
62 import org.springframework.beans.factory.annotation.Autowired;
63 import org.springframework.transaction.annotation.Transactional;
64
65 @Transactional("Master")
66 public class PolicyTest extends AbstractTest {
67
68 @Autowired
69 private AnyTypeDAO anyTypeDAO;
70
71 @Autowired
72 private PolicyDAO policyDAO;
73
74 @Autowired
75 private ImplementationDAO implementationDAO;
76
77 @Test
78 public void findAll() {
79 List<Policy> policies = policyDAO.findAll();
80 assertNotNull(policies);
81 assertFalse(policies.isEmpty());
82 }
83
84 @Test
85 public void findByKey() {
86 PropagationPolicy propagationPolicy = policyDAO.find("89d322db-9878-420c-b49c-67be13df9a12");
87 assertNotNull(propagationPolicy);
88 assertEquals(BackOffStrategy.FIXED, propagationPolicy.getBackOffStrategy());
89 assertEquals("10000", propagationPolicy.getBackOffParams());
90 assertEquals(5, propagationPolicy.getMaxAttempts());
91
92 PullPolicy pullPolicy = policyDAO.find("880f8553-069b-4aed-9930-2cd53873f544");
93 assertNotNull(pullPolicy);
94
95 PullCorrelationRuleEntity pullCR = pullPolicy.getCorrelationRule(AnyTypeKind.USER.name()).orElse(null);
96 assertNotNull(pullCR);
97 DefaultPullCorrelationRuleConf pullCRConf =
98 POJOHelper.deserialize(pullCR.getImplementation().getBody(), DefaultPullCorrelationRuleConf.class);
99 assertNotNull(pullCRConf);
100 assertEquals(2, pullCRConf.getSchemas().size());
101 assertTrue(pullCRConf.getSchemas().contains("username"));
102 assertTrue(pullCRConf.getSchemas().contains("firstname"));
103
104 PushPolicy pushPolicy = policyDAO.find("fb6530e5-892d-4f47-a46b-180c5b6c5c83");
105 assertNotNull(pushPolicy);
106
107 PushCorrelationRuleEntity pushCR = pushPolicy.getCorrelationRule(AnyTypeKind.USER.name()).orElse(null);
108 assertNotNull(pushCR);
109 DefaultPushCorrelationRuleConf pushCRConf =
110 POJOHelper.deserialize(pushCR.getImplementation().getBody(), DefaultPushCorrelationRuleConf.class);
111 assertNotNull(pushCRConf);
112 assertEquals(1, pushCRConf.getSchemas().size());
113 assertTrue(pushCRConf.getSchemas().contains("surname"));
114
115 AccessPolicy accessPolicy = policyDAO.find("617735c7-deb3-40b3-8a9a-683037e523a2");
116 assertNull(accessPolicy);
117 accessPolicy = policyDAO.find("419935c7-deb3-40b3-8a9a-683037e523a2");
118 assertNotNull(accessPolicy);
119 accessPolicy = policyDAO.find(UUID.randomUUID().toString());
120 assertNull(accessPolicy);
121
122 AuthPolicy authPolicy = policyDAO.find("b912a0d4-a890-416f-9ab8-84ab077eb028");
123 assertNotNull(authPolicy);
124 authPolicy = policyDAO.find("659b9906-4b6e-4bc0-aca0-6809dff346d4");
125 assertNotNull(authPolicy);
126 authPolicy = policyDAO.find(UUID.randomUUID().toString());
127 assertNull(authPolicy);
128
129 AttrReleasePolicy attrReleasePolicy = policyDAO.find("019935c7-deb3-40b3-8a9a-683037e523a2");
130 assertNull(attrReleasePolicy);
131 attrReleasePolicy = policyDAO.find("319935c7-deb3-40b3-8a9a-683037e523a2");
132 assertNotNull(attrReleasePolicy);
133 attrReleasePolicy = policyDAO.find(UUID.randomUUID().toString());
134 assertNull(attrReleasePolicy);
135 }
136
137 @Test
138 public void findByType() {
139 List<PropagationPolicy> propagationPolicies = policyDAO.find(PropagationPolicy.class);
140 assertNotNull(propagationPolicies);
141 assertFalse(propagationPolicies.isEmpty());
142
143 List<PullPolicy> pullPolicies = policyDAO.find(PullPolicy.class);
144 assertNotNull(pullPolicies);
145 assertFalse(pullPolicies.isEmpty());
146
147 List<AccessPolicy> accessPolicies = policyDAO.find(AccessPolicy.class);
148 assertNotNull(accessPolicies);
149 assertEquals(1, accessPolicies.size());
150
151 List<AuthPolicy> authPolicies = policyDAO.find(AuthPolicy.class);
152 assertNotNull(authPolicies);
153 assertEquals(2, authPolicies.size());
154
155 List<AttrReleasePolicy> attrReleasePolicies = policyDAO.find(AttrReleasePolicy.class);
156 assertNotNull(attrReleasePolicies);
157 assertEquals(2, attrReleasePolicies.size());
158
159 List<TicketExpirationPolicy> ticketExpirationPolicies = policyDAO.find(TicketExpirationPolicy.class);
160 assertNotNull(ticketExpirationPolicies);
161 assertEquals(0, ticketExpirationPolicies.size());
162 }
163
164 @Test
165 public void createPropagation() {
166 int beforeCount = policyDAO.findAll().size();
167
168 PropagationPolicy propagationPolicy = entityFactory.newEntity(PropagationPolicy.class);
169 propagationPolicy.setName("Propagation policy");
170 propagationPolicy.setMaxAttempts(5);
171 propagationPolicy.setBackOffStrategy(BackOffStrategy.EXPONENTIAL);
172 propagationPolicy.setBackOffParams(propagationPolicy.getBackOffStrategy().getDefaultBackOffParams());
173
174 propagationPolicy = policyDAO.save(propagationPolicy);
175 assertNotNull(propagationPolicy);
176 assertEquals(5, propagationPolicy.getMaxAttempts());
177 assertEquals(BackOffStrategy.EXPONENTIAL, propagationPolicy.getBackOffStrategy());
178 assertEquals(BackOffStrategy.EXPONENTIAL.getDefaultBackOffParams(), propagationPolicy.getBackOffParams());
179
180 int afterCount = policyDAO.findAll().size();
181 assertEquals(afterCount, beforeCount + 1);
182 }
183
184 @Test
185 public void createPull() {
186 PullPolicy pullPolicy = entityFactory.newEntity(PullPolicy.class);
187 pullPolicy.setConflictResolutionAction(ConflictResolutionAction.IGNORE);
188 pullPolicy.setName("Pull policy");
189
190 final String pullURuleName = "net.tirasa.pull.correlation.TirasaURule";
191 final String pullGRuleName = "net.tirasa.pull.correlation.TirasaGRule";
192
193 Implementation impl1 = entityFactory.newEntity(Implementation.class);
194 impl1.setKey(pullURuleName);
195 impl1.setEngine(ImplementationEngine.JAVA);
196 impl1.setType(IdMImplementationType.PULL_CORRELATION_RULE);
197 impl1.setBody(PullCorrelationRule.class.getName());
198 impl1 = implementationDAO.save(impl1);
199
200 PullCorrelationRuleEntity rule1 = entityFactory.newEntity(PullCorrelationRuleEntity.class);
201 rule1.setAnyType(anyTypeDAO.findUser());
202 rule1.setPullPolicy(pullPolicy);
203 rule1.setImplementation(impl1);
204 pullPolicy.add(rule1);
205
206 Implementation impl2 = entityFactory.newEntity(Implementation.class);
207 impl2.setKey(pullGRuleName);
208 impl2.setEngine(ImplementationEngine.JAVA);
209 impl2.setType(IdMImplementationType.PULL_CORRELATION_RULE);
210 impl2.setBody(PullCorrelationRule.class.getName());
211 impl2 = implementationDAO.save(impl2);
212
213 PullCorrelationRuleEntity rule2 = entityFactory.newEntity(PullCorrelationRuleEntity.class);
214 rule2.setAnyType(anyTypeDAO.findGroup());
215 rule2.setPullPolicy(pullPolicy);
216 rule2.setImplementation(impl2);
217 pullPolicy.add(rule2);
218
219 pullPolicy = policyDAO.save(pullPolicy);
220
221 assertNotNull(pullPolicy);
222 assertEquals(pullURuleName,
223 pullPolicy.getCorrelationRule(AnyTypeKind.USER.name()).get().getImplementation().getKey());
224 assertEquals(pullGRuleName,
225 pullPolicy.getCorrelationRule(AnyTypeKind.GROUP.name()).get().getImplementation().getKey());
226 }
227
228 @Test
229 public void createPush() {
230 PushPolicy pushPolicy = entityFactory.newEntity(PushPolicy.class);
231 pushPolicy.setName("Push policy");
232 pushPolicy.setConflictResolutionAction(ConflictResolutionAction.IGNORE);
233
234 final String pushURuleName = "net.tirasa.push.correlation.TirasaURule";
235 final String pushGRuleName = "net.tirasa.push.correlation.TirasaGRule";
236
237 Implementation impl1 = entityFactory.newEntity(Implementation.class);
238 impl1.setKey(pushURuleName);
239 impl1.setEngine(ImplementationEngine.JAVA);
240 impl1.setType(IdMImplementationType.PUSH_CORRELATION_RULE);
241 impl1.setBody(PushCorrelationRule.class.getName());
242 impl1 = implementationDAO.save(impl1);
243
244 PushCorrelationRuleEntity rule1 = entityFactory.newEntity(PushCorrelationRuleEntity.class);
245 rule1.setAnyType(anyTypeDAO.findUser());
246 rule1.setPushPolicy(pushPolicy);
247 rule1.setImplementation(impl1);
248 pushPolicy.add(rule1);
249
250 Implementation impl2 = entityFactory.newEntity(Implementation.class);
251 impl2.setKey(pushGRuleName);
252 impl2.setEngine(ImplementationEngine.JAVA);
253 impl2.setType(IdMImplementationType.PUSH_CORRELATION_RULE);
254 impl2.setBody(PushCorrelationRule.class.getName());
255 impl2 = implementationDAO.save(impl2);
256
257 PushCorrelationRuleEntity rule2 = entityFactory.newEntity(PushCorrelationRuleEntity.class);
258 rule2.setAnyType(anyTypeDAO.findGroup());
259 rule2.setPushPolicy(pushPolicy);
260 rule2.setImplementation(impl2);
261 pushPolicy.add(rule2);
262
263 pushPolicy = policyDAO.save(pushPolicy);
264
265 assertNotNull(pushPolicy);
266 assertEquals(pushURuleName,
267 pushPolicy.getCorrelationRule(AnyTypeKind.USER.name()).get().getImplementation().getKey());
268 assertEquals(pushGRuleName,
269 pushPolicy.getCorrelationRule(AnyTypeKind.GROUP.name()).get().getImplementation().getKey());
270 }
271
272 @Test
273 public void createAccess() {
274 int beforeCount = policyDAO.findAll().size();
275
276 AccessPolicy accessPolicy = entityFactory.newEntity(AccessPolicy.class);
277 accessPolicy.setName("AttrReleasePolicyAllowEverything");
278
279 DefaultAccessPolicyConf conf = new DefaultAccessPolicyConf();
280 conf.getRequiredAttrs().put("cn", "syncope");
281 accessPolicy.setConf(conf);
282
283 accessPolicy = policyDAO.save(accessPolicy);
284
285 assertNotNull(accessPolicy);
286 assertNotNull(accessPolicy.getKey());
287
288 int afterCount = policyDAO.findAll().size();
289 assertEquals(afterCount, beforeCount + 1);
290 }
291
292 @Test
293 public void createAuth() {
294 int beforeCount = policyDAO.findAll().size();
295
296 AuthPolicy authPolicy = entityFactory.newEntity(AuthPolicy.class);
297 authPolicy.setName("AuthPolicyTest");
298
299 DefaultAuthPolicyConf authPolicyConf = new DefaultAuthPolicyConf();
300 authPolicyConf.getAuthModules().addAll(List.of("LdapAuthentication1", "DatabaseAuthentication2"));
301 authPolicyConf.setTryAll(true);
302 authPolicy.setConf(authPolicyConf);
303
304 authPolicy = policyDAO.save(authPolicy);
305
306 assertNotNull(authPolicy);
307 assertNotNull(authPolicy.getKey());
308
309 int afterCount = policyDAO.findAll().size();
310 assertEquals(afterCount, beforeCount + 1);
311 }
312
313 @Test
314 public void createAttrRelease() {
315 int beforeCount = policyDAO.findAll().size();
316
317 AttrReleasePolicy attrReleasePolicy = entityFactory.newEntity(AttrReleasePolicy.class);
318 attrReleasePolicy.setName("AttrReleasePolicyAllowEverything");
319 attrReleasePolicy.setStatus(Boolean.TRUE);
320
321 DefaultAttrReleasePolicyConf attrReleasePolicyConf = new DefaultAttrReleasePolicyConf();
322 attrReleasePolicyConf.getAllowedAttrs().add("*");
323 attrReleasePolicyConf.getIncludeOnlyAttrs().add("cn");
324 attrReleasePolicy.setConf(attrReleasePolicyConf);
325
326 attrReleasePolicy = policyDAO.save(attrReleasePolicy);
327
328 assertNotNull(attrReleasePolicy);
329 assertNotNull(attrReleasePolicy.getKey());
330 assertNotNull(attrReleasePolicy.getStatus());
331 assertNotNull(((DefaultAttrReleasePolicyConf) attrReleasePolicy.getConf()).getAllowedAttrs());
332
333 int afterCount = policyDAO.findAll().size();
334 assertEquals(afterCount, beforeCount + 1);
335 }
336
337 @Test
338 public void createTicketExpiration() {
339 int beforeCount = policyDAO.findAll().size();
340
341 TicketExpirationPolicy ticketExpirationPolicy = entityFactory.newEntity(TicketExpirationPolicy.class);
342 ticketExpirationPolicy.setName("TicketExpirationPolicyTest");
343
344 DefaultTicketExpirationPolicyConf ticketExpirationPolicyConf = new DefaultTicketExpirationPolicyConf();
345 DefaultTicketExpirationPolicyConf.TGTConf tgtConf = new DefaultTicketExpirationPolicyConf.TGTConf();
346 tgtConf.setMaxTimeToLiveInSeconds(110);
347 ticketExpirationPolicyConf.setTgtConf(tgtConf);
348 DefaultTicketExpirationPolicyConf.STConf stConf = new DefaultTicketExpirationPolicyConf.STConf();
349 stConf.setMaxTimeToLiveInSeconds(0);
350 stConf.setNumberOfUses(1);
351 ticketExpirationPolicyConf.setStConf(stConf);
352 ticketExpirationPolicy.setConf(ticketExpirationPolicyConf);
353
354 ticketExpirationPolicy = policyDAO.save(ticketExpirationPolicy);
355
356 assertNotNull(ticketExpirationPolicy);
357 assertNotNull(ticketExpirationPolicy.getKey());
358 assertNotNull(((DefaultTicketExpirationPolicyConf) ticketExpirationPolicy.getConf()).getTgtConf());
359 assertNotNull(((DefaultTicketExpirationPolicyConf) ticketExpirationPolicy.getConf()).getStConf());
360
361 int afterCount = policyDAO.findAll().size();
362 assertEquals(afterCount, beforeCount + 1);
363 }
364
365 @Test
366 public void update() {
367 PasswordPolicy policy = policyDAO.find("ce93fcda-dc3a-4369-a7b0-a6108c261c85");
368 assertNotNull(policy);
369 assertEquals(1, policy.getRules().size());
370
371 DefaultPasswordRuleConf ruleConf = new DefaultPasswordRuleConf();
372 ruleConf.setMaxLength(8);
373 ruleConf.setMinLength(6);
374
375 Implementation rule = entityFactory.newEntity(Implementation.class);
376 rule.setKey("PasswordRule" + UUID.randomUUID().toString());
377 rule.setEngine(ImplementationEngine.JAVA);
378 rule.setType(IdRepoImplementationType.PASSWORD_RULE);
379 rule.setBody(POJOHelper.serialize(ruleConf));
380 rule = implementationDAO.save(rule);
381
382 policy.add(rule);
383
384 policy = policyDAO.save(policy);
385
386 assertNotNull(policy);
387
388 rule = policy.getRules().get(1);
389
390 DefaultPasswordRuleConf actual = POJOHelper.deserialize(rule.getBody(), DefaultPasswordRuleConf.class);
391 assertEquals(actual.getMaxLength(), 8);
392 assertEquals(actual.getMinLength(), 6);
393 }
394
395 @Test
396 public void delete() {
397 Policy policy = policyDAO.find("66691e96-285f-4464-bc19-e68384ea4c85");
398 assertNotNull(policy);
399
400 policyDAO.delete(policy);
401
402 Policy actual = policyDAO.find("66691e96-285f-4464-bc19-e68384ea4c85");
403 assertNull(actual);
404
405 AccessPolicy accessPolicy = policyDAO.find("419935c7-deb3-40b3-8a9a-683037e523a2");
406 assertNotNull(accessPolicy);
407 policyDAO.delete(accessPolicy);
408 accessPolicy = policyDAO.find("419935c7-deb3-40b3-8a9a-683037e523a2");
409 assertNull(accessPolicy);
410
411 AuthPolicy authPolicy = policyDAO.find("b912a0d4-a890-416f-9ab8-84ab077eb028");
412 assertNotNull(authPolicy);
413 policyDAO.delete(authPolicy);
414 authPolicy = policyDAO.find("b912a0d4-a890-416f-9ab8-84ab077eb028");
415 assertNull(authPolicy);
416
417 AttrReleasePolicy attrReleasepolicy = policyDAO.find("319935c7-deb3-40b3-8a9a-683037e523a2");
418 assertNotNull(attrReleasepolicy);
419 policyDAO.delete(attrReleasepolicy);
420 attrReleasepolicy = policyDAO.find("319935c7-deb3-40b3-8a9a-683037e523a2");
421 assertNull(attrReleasepolicy);
422 }
423 }