Ejemplo n.º 1
0
 @Test
 public void test_cannot_delete_uaa_provider_users_in_other_zone() throws Exception {
   String id = generator.generate();
   IdentityZone zone = MultitenancyFixture.identityZone(id, id);
   IdentityZoneHolder.set(zone);
   ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
   user.addEmail("*****@*****.**");
   user.setOrigin(UAA);
   ScimUser created = db.createUser(user, "j7hyqpassX");
   assertEquals("*****@*****.**", created.getUserName());
   assertNotNull(created.getId());
   assertEquals(UAA, created.getOrigin());
   assertEquals(zone.getId(), created.getZoneId());
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, zone.getId()},
           Integer.class),
       is(1));
   IdentityProvider loginServer =
       new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(zone.getId());
   db.onApplicationEvent(new EntityDeletedEvent<>(loginServer));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from users where origin=? and identity_zone_id=?",
           new Object[] {UAA, zone.getId()},
           Integer.class),
       is(1));
 }
Ejemplo n.º 2
0
  @Test
  public void test_can_delete_zone_users() throws Exception {
    String id = generator.generate();
    IdentityZone zone = MultitenancyFixture.identityZone(id, id);
    IdentityZoneHolder.set(zone);
    ScimUser user = new ScimUser(null, "*****@*****.**", "Jo", "User");
    user.addEmail("*****@*****.**");
    user.setOrigin(UAA);
    ScimUser created = db.createUser(user, "j7hyqpassX");
    assertEquals("*****@*****.**", created.getUserName());
    assertNotNull(created.getId());
    assertEquals(UAA, created.getOrigin());
    assertEquals(zone.getId(), created.getZoneId());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {UAA, zone.getId()},
            Integer.class),
        is(1));
    addApprovalAndMembership(created.getId(), created.getOrigin());
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(1));

    db.onApplicationEvent(new EntityDeletedEvent<>(zone));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from users where origin=? and identity_zone_id=?",
            new Object[] {UAA, zone.getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from authz_approvals where user_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where member_id=?",
            new Object[] {created.getId()},
            Integer.class),
        is(0));
  }
 @Test
 public void test_cannot_delete_uaa_provider() {
   IdentityZoneHolder.set(zone);
   addMembers(LOGIN_SERVER);
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=?)",
           new Object[] {IdentityZoneHolder.get().getId()},
           Integer.class),
       is(4));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from groups where identity_zone_id=?",
           new Object[] {IdentityZoneHolder.get().getId()},
           Integer.class),
       is(3));
   IdentityProvider loginServer =
       new IdentityProvider().setOriginKey(UAA).setIdentityZoneId(zone.getId());
   gdao.onApplicationEvent(new EntityDeletedEvent<>(loginServer, null));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=?)",
           new Object[] {IdentityZoneHolder.get().getId()},
           Integer.class),
       is(4));
   assertThat(
       jdbcTemplate.queryForObject(
           "select count(*) from groups where identity_zone_id=?",
           new Object[] {IdentityZoneHolder.get().getId()},
           Integer.class),
       is(3));
 }
  @Before
  public void initJdbcScimGroupMembershipManagerTests() {

    JdbcTemplate template = new JdbcTemplate(dataSource);

    JdbcPagingListFactory pagingListFactory = new JdbcPagingListFactory(template, limitSqlAdapter);
    udao = new JdbcScimUserProvisioning(template, pagingListFactory);
    gdao = new JdbcScimGroupProvisioning(template, pagingListFactory);

    dao = new JdbcScimGroupMembershipManager(template, pagingListFactory);
    dao.setScimGroupProvisioning(gdao);
    dao.setScimUserProvisioning(udao);
    dao.setDefaultUserGroups(Collections.singleton("uaa.user"));

    for (String id : Arrays.asList(zone.getId(), IdentityZone.getUaa().getId())) {
      String g1 = id.equals(zone.getId()) ? zone.getId() + "-" + "g1" : "g1";
      String g2 = id.equals(zone.getId()) ? zone.getId() + "-" + "g2" : "g2";
      String g3 = id.equals(zone.getId()) ? zone.getId() + "-" + "g3" : "g3";
      String m1 = id.equals(zone.getId()) ? zone.getId() + "-" + "m1" : "m1";
      String m2 = id.equals(zone.getId()) ? zone.getId() + "-" + "m2" : "m2";
      String m3 = id.equals(zone.getId()) ? zone.getId() + "-" + "m3" : "m3";
      addGroup(g1, "test1", id);
      addGroup(g2, "test2", id);
      addGroup(g3, "test3", id);
      addUser(m1, "test", id);
      addUser(m2, "test", id);
      addUser(m3, "test", id);
      mapExternalGroup(g1, g1 + "-external", UAA);
      mapExternalGroup(g2, g2 + "-external", LOGIN_SERVER);
      mapExternalGroup(g3, g3 + "-external", UAA);
    }
    validateCount(0);
  }
  @Test
  public void createUserInOtherZoneWithUaaAdminToken() throws Exception {
    IdentityZone otherIdentityZone = getIdentityZone();

    createUser(
        getScimUser(),
        uaaAdminToken,
        IdentityZone.getUaa().getSubdomain(),
        otherIdentityZone.getId());
  }
  @Test
  public void testDeleteUserInOtherZoneWithUaaAdminToken() throws Exception {
    IdentityZone identityZone = getIdentityZone();
    ScimUser user = setUpScimUser(identityZone);

    getMockMvc()
        .perform(
            (delete("/Users/" + user.getId()))
                .header("Authorization", "Bearer " + uaaAdminToken)
                .header(IdentityZoneSwitchingFilter.HEADER, identityZone.getId())
                .contentType(APPLICATION_JSON)
                .content(JsonUtils.writeValueAsBytes(user)))
        .andExpect(status().isOk())
        .andExpect(jsonPath("$.userName").value(user.getUserName()))
        .andExpect(jsonPath("$.emails[0].value").value(user.getPrimaryEmail()))
        .andExpect(jsonPath("$.name.givenName").value(user.getGivenName()))
        .andExpect(jsonPath("$.name.familyName").value(user.getFamilyName()));
  }
  @Test
  public void test_zone_deleted() {
    String zoneAdminId = generator.generate();
    addGroup(zoneAdminId, "zones." + zone.getId() + ".admin", IdentityZone.getUaa().getId());
    addMember(zoneAdminId, "m1", "USER", "MEMBER", OriginKeys.UAA);

    IdentityZoneHolder.set(zone);
    addMembers();
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=?)",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(4));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from groups where identity_zone_id=?",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(3));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from external_group_mapping where group_id in (select id from groups where identity_zone_id=?)",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(3));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=? and displayName like ?)",
            new Object[] {
              IdentityZone.getUaa().getId(), "zones." + IdentityZoneHolder.get().getId() + ".%"
            },
            Integer.class),
        is(1));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from groups where identity_zone_id=? and displayName like ?",
            new Object[] {
              IdentityZone.getUaa().getId(), "zones." + IdentityZoneHolder.get().getId() + ".%"
            },
            Integer.class),
        is(1));
    gdao.onApplicationEvent(new EntityDeletedEvent<>(zone, null));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=?)",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from groups where identity_zone_id=?",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from external_group_mapping where group_id in (select id from groups where identity_zone_id=?)",
            new Object[] {IdentityZoneHolder.get().getId()},
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from group_membership where group_id in (select id from groups where identity_zone_id=? and displayName like ?)",
            new Object[] {
              IdentityZone.getUaa().getId(), "zones." + IdentityZoneHolder.get().getId() + ".%"
            },
            Integer.class),
        is(0));
    assertThat(
        jdbcTemplate.queryForObject(
            "select count(*) from groups where identity_zone_id=? and displayName like ?",
            new Object[] {
              IdentityZone.getUaa().getId(), "zones." + IdentityZoneHolder.get().getId() + ".%"
            },
            Integer.class),
        is(0));
  }