1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.persistence.jpa.outer;
20
21 import static org.junit.jupiter.api.Assertions.assertEquals;
22 import static org.junit.jupiter.api.Assertions.assertNotNull;
23 import static org.junit.jupiter.api.Assertions.assertNull;
24 import static org.junit.jupiter.api.Assertions.assertTrue;
25
26 import java.time.OffsetDateTime;
27 import java.util.ArrayList;
28 import java.util.Collection;
29 import java.util.HashSet;
30 import java.util.List;
31 import java.util.Set;
32 import javax.persistence.Query;
33 import org.apache.syncope.common.lib.types.AnyTypeKind;
34 import org.apache.syncope.common.lib.types.IdRepoEntitlement;
35 import org.apache.syncope.core.persistence.api.attrvalue.validation.PlainAttrValidationManager;
36 import org.apache.syncope.core.persistence.api.dao.AnyTypeClassDAO;
37 import org.apache.syncope.core.persistence.api.dao.DelegationDAO;
38 import org.apache.syncope.core.persistence.api.dao.PlainSchemaDAO;
39 import org.apache.syncope.core.persistence.api.dao.RealmDAO;
40 import org.apache.syncope.core.persistence.api.dao.RoleDAO;
41 import org.apache.syncope.core.persistence.api.dao.UserDAO;
42 import org.apache.syncope.core.persistence.api.entity.Delegation;
43 import org.apache.syncope.core.persistence.api.entity.Role;
44 import org.apache.syncope.core.persistence.api.entity.user.DynRoleMembership;
45 import org.apache.syncope.core.persistence.api.entity.user.UPlainAttr;
46 import org.apache.syncope.core.persistence.api.entity.user.User;
47 import org.apache.syncope.core.persistence.jpa.AbstractTest;
48 import org.apache.syncope.core.persistence.jpa.dao.JPARoleDAO;
49 import org.apache.syncope.core.persistence.jpa.entity.user.JPADynRoleMembership;
50 import org.junit.jupiter.api.Test;
51 import org.springframework.beans.factory.annotation.Autowired;
52 import org.springframework.transaction.annotation.Transactional;
53
54 @Transactional("Master")
55 public class RoleTest extends AbstractTest {
56
57 @Autowired
58 private RoleDAO roleDAO;
59
60 @Autowired
61 private RealmDAO realmDAO;
62
63 @Autowired
64 private PlainSchemaDAO plainSchemaDAO;
65
66 @Autowired
67 private UserDAO userDAO;
68
69 @Autowired
70 private AnyTypeClassDAO anyTypeClassDAO;
71
72 @Autowired
73 private DelegationDAO delegationDAO;
74
75 @Autowired
76 private PlainAttrValidationManager validator;
77
78
79
80
81
82
83 private List<Role> findDynRoles(final User user) {
84 Query query = entityManager().createNativeQuery(
85 "SELECT role_id FROM " + JPARoleDAO.DYNMEMB_TABLE + " WHERE any_id=?");
86 query.setParameter(1, user.getKey());
87
88 List<Role> result = new ArrayList<>();
89 for (Object key : query.getResultList()) {
90 String actualKey = key instanceof Object[]
91 ? (String) ((Object[]) key)[0]
92 : ((String) key);
93
94 Role role = roleDAO.find(actualKey);
95 if (role != null && !result.contains(role)) {
96 result.add(role);
97 }
98 }
99 return result;
100 }
101
102 @Test
103 public void dynMembership() {
104
105 User user = entityFactory.newEntity(User.class);
106 user.setUsername("username");
107 user.setRealm(realmDAO.findByFullPath("/even/two"));
108 user.add(anyTypeClassDAO.find("other"));
109
110 UPlainAttr attr = entityFactory.newEntity(UPlainAttr.class);
111 attr.setOwner(user);
112 attr.setSchema(plainSchemaDAO.find("cool"));
113 attr.add(validator, "true", anyUtilsFactory.getInstance(AnyTypeKind.USER));
114 user.add(attr);
115
116 user = userDAO.save(user);
117 String newUserKey = user.getKey();
118 assertNotNull(newUserKey);
119
120
121 Role role = entityFactory.newEntity(Role.class);
122 role.setKey("new");
123 role.add(realmDAO.getRoot());
124 role.add(realmDAO.findByFullPath("/even/two"));
125 role.getEntitlements().add(IdRepoEntitlement.AUDIT_LIST);
126 role.getEntitlements().add(IdRepoEntitlement.AUDIT_SET);
127
128 DynRoleMembership dynMembership = entityFactory.newEntity(DynRoleMembership.class);
129 dynMembership.setFIQLCond("cool==true");
130 dynMembership.setRole(role);
131
132 role.setDynMembership(dynMembership);
133
134 Role actual = roleDAO.saveAndRefreshDynMemberships(role);
135 assertNotNull(actual);
136
137 entityManager().flush();
138
139
140 actual = roleDAO.find(actual.getKey());
141 assertNotNull(actual);
142 assertNotNull(actual.getDynMembership());
143 assertNotNull(actual.getDynMembership().getKey());
144 assertEquals(actual, actual.getDynMembership().getRole());
145
146
147 List<String> members = roleDAO.findDynMembers(actual);
148 assertEquals(2, members.size());
149 assertEquals(Set.of("c9b2dec2-00a7-4855-97c0-d854842b4b24", newUserKey), new HashSet<>(members));
150
151 user = userDAO.find("c9b2dec2-00a7-4855-97c0-d854842b4b24");
152 assertNotNull(user);
153 Collection<Role> dynRoleMemberships = findDynRoles(user);
154 assertEquals(1, dynRoleMemberships.size());
155 assertTrue(dynRoleMemberships.contains(actual.getDynMembership().getRole()));
156
157
158 userDAO.delete(newUserKey);
159
160 entityManager().flush();
161
162 actual = roleDAO.find(actual.getKey());
163 members = roleDAO.findDynMembers(actual);
164 assertEquals(1, members.size());
165 assertEquals("c9b2dec2-00a7-4855-97c0-d854842b4b24", members.get(0));
166
167
168 String dynMembershipKey = actual.getDynMembership().getKey();
169
170 roleDAO.delete(actual);
171
172 entityManager().flush();
173
174 assertNull(entityManager().find(JPADynRoleMembership.class, dynMembershipKey));
175
176 dynRoleMemberships = findDynRoles(user);
177 assertTrue(dynRoleMemberships.isEmpty());
178 }
179
180 @Test
181 public void delete() {
182
183 Role role = entityFactory.newEntity(Role.class);
184 role.setKey("new");
185 role.add(realmDAO.getRoot());
186 role.add(realmDAO.findByFullPath("/even/two"));
187 role.getEntitlements().add(IdRepoEntitlement.AUDIT_LIST);
188 role.getEntitlements().add(IdRepoEntitlement.AUDIT_SET);
189
190 role = roleDAO.save(role);
191 assertNotNull(role);
192
193
194 User user = entityFactory.newEntity(User.class);
195 user.setUsername("username");
196 user.setRealm(realmDAO.findByFullPath("/even/two"));
197 user.add(role);
198
199 user = userDAO.save(user);
200 assertNotNull(user);
201
202
203 roleDAO.delete(role);
204
205 entityManager().flush();
206
207
208 user = userDAO.find(user.getKey());
209 assertNotNull(user);
210 assertTrue(user.getRoles().isEmpty());
211 }
212
213 @Test
214 public void deleteCascadeOnDelegations() {
215 User bellini = userDAO.findByUsername("bellini");
216 User rossini = userDAO.findByUsername("rossini");
217
218 Role reviewer = roleDAO.find("User reviewer");
219
220 Delegation delegation = entityFactory.newEntity(Delegation.class);
221 delegation.setDelegating(bellini);
222 delegation.setDelegated(rossini);
223 delegation.setStart(OffsetDateTime.now());
224 delegation.add(reviewer);
225 delegation = delegationDAO.save(delegation);
226
227 entityManager().flush();
228
229 delegation = delegationDAO.find(delegation.getKey());
230
231 assertEquals(List.of(delegation), delegationDAO.findByRole(reviewer));
232
233 roleDAO.delete(reviewer.getKey());
234
235 entityManager().flush();
236
237 assertTrue(delegationDAO.find(delegation.getKey()).getRoles().isEmpty());
238 }
239 }