Search in sources :

Example 6 with SystemEntityType

use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemMappingServiceTest method operationTypeFilterTest.

@Test
public void operationTypeFilterTest() {
    IdmBasePermission permission = IdmBasePermission.ADMIN;
    SystemEntityType entityType = SystemEntityType.IDENTITY;
    SysSystemDto system = createSystem();
    SysSchemaObjectClassDto objectClass = createObjectClass(system);
    SysSystemMappingDto mappingSystem1 = testHelper.createMappingSystem(entityType, objectClass);
    createProvisioningMappingSystem(SystemEntityType.TREE, objectClass);
    SysSystemMappingDto mappingSystem3 = createProvisioningMappingSystem(entityType, objectClass);
    SysSystemMappingFilter filter = new SysSystemMappingFilter();
    filter.setOperationType(SystemOperationType.PROVISIONING);
    filter.setSystemId(system.getId());
    Page<SysSystemMappingDto> result = mappingService.find(filter, null, permission);
    assertEquals(2, result.getTotalElements());
    assertTrue(result.getContent().contains(mappingSystem3));
    assertFalse(result.getContent().contains(mappingSystem1));
}
Also used : SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter) IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 7 with SystemEntityType

use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemMappingServiceTest method objectClassFilterTest.

@Test
public void objectClassFilterTest() {
    IdmBasePermission permission = IdmBasePermission.ADMIN;
    SystemEntityType entityType = SystemEntityType.IDENTITY;
    SysSystemDto system = createSystem();
    SysSystemDto system2 = createSystem();
    SysSchemaObjectClassDto objectClass = createObjectClass(system);
    SysSchemaObjectClassDto objectClass2 = createObjectClass(system2);
    SysSystemMappingDto mappingSystem1 = testHelper.createMappingSystem(entityType, objectClass);
    SysSystemMappingDto mappingSystem2 = testHelper.createMappingSystem(entityType, objectClass2);
    SysSystemMappingFilter filter = new SysSystemMappingFilter();
    filter.setObjectClassId(mappingSystem1.getObjectClass());
    Page<SysSystemMappingDto> result = mappingService.find(filter, null, permission);
    assertEquals(1, result.getTotalElements());
    assertTrue(result.getContent().contains(mappingSystem1));
    assertFalse(result.getContent().contains(mappingSystem2));
}
Also used : SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter) IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 8 with SystemEntityType

use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method createAccountsForAllSystems.

@Override
public void createAccountsForAllSystems(DTO dto) {
    SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
    List<SysSystemMappingDto> systemMappings = findSystemMappingsForEntityType(dto, entityType);
    systemMappings.forEach(mapping -> {
        SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
        UUID systemId = schemaObjectClassDto.getSystem();
        UUID accountId = this.getAccountByEntity(dto.getId(), systemId);
        if (accountId != null) {
            // We already have account for this system -> next
            return;
        }
        SysSystemDto system = DtoUtils.getEmbedded(schemaObjectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
        List<SysSystemAttributeMappingDto> mappedAttributes = attributeMappingService.findBySystemMapping(mapping);
        SysSystemAttributeMappingDto uidAttribute = attributeMappingService.getUidAttribute(mappedAttributes, system);
        String uid = attributeMappingService.generateUid(dto, uidAttribute);
        // Account management - can be the account created? - execute the script on the system mapping
        if (!this.canBeAccountCreated(uid, dto, mapping, system)) {
            String entityStr = dto.toString();
            if (dto instanceof Codeable) {
                entityStr = ((Codeable) dto).getCode();
            }
            LOG.info(MessageFormat.format("For entity [{0}] and entity type [{1}] cannot be created the account (on system [{2}])," + " because script \"Can be account created\" on the mapping returned \"false\"!", entityStr, entityType, system.getName()));
            return;
        }
        // Create AccAccount and relation between account and entity
        createEntityAccount(uid, dto.getId(), systemId);
    });
}
Also used : Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) UUID(java.util.UUID) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)

Example 9 with SystemEntityType

use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.

the class IdentityProvisioningExecutor method findOverloadingAttributes.

/**
 * Return list of all overloading attributes for given identity, system and
 * uid
 *
 * @param identityAccount
 * @param idenityAccoutnList
 * @param operationType
 * @param entityType
 * @return
 */
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
    List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
    idenityAccoutnList.stream().filter(ia -> {
        AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
        return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
    }).forEach((identityAccountInner) -> {
        AbstractDto identityAccount = (AbstractDto) identityAccountInner;
        // All identity account with same system and with filled
        // identityRole
        AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
        IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(identityRole.getRole());
        roleSystemFilter.setSystemId(account.getSystem());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        if (roleSystems.size() > 1) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
        }
        if (!roleSystems.isEmpty()) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
            roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
            List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
            if (!CollectionUtils.isEmpty(roleAttributes)) {
                roleSystemAttributesAll.addAll(roleAttributes);
            }
        }
    });
    return roleSystemAttributesAll;
}
Also used : ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor) IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade) DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService) Autowired(org.springframework.beans.factory.annotation.Autowired) AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_) EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) ArrayList(java.util.ArrayList) AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) Service(org.springframework.stereotype.Service) Qualifier(org.springframework.beans.factory.annotation.Qualifier) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) ImmutableMap(com.google.common.collect.ImmutableMap) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) CollectionUtils(org.springframework.util.CollectionUtils) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) Assert(org.springframework.util.Assert) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ArrayList(java.util.ArrayList) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)

Example 10 with SystemEntityType

use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method process.

@Override
public AbstractSysSyncConfigDto process(UUID synchronizationConfigId) {
    // Clear cache
    idmCacheManager.evictCache(CACHE_NAME);
    SysSyncLogDto log = new SysSyncLogDto();
    // Create basic synchronization log
    log.setSynchronizationConfig(synchronizationConfigId);
    log.setStarted(ZonedDateTime.now());
    try {
        // Validate and create basic context
        SynchronizationContext context = this.validate(synchronizationConfigId);
        AbstractSysSyncConfigDto config = context.getConfig();
        SystemEntityType entityType = context.getEntityType();
        SysSystemDto system = context.getSystem();
        IcConnectorConfiguration connectorConfig = context.getConnectorConfig();
        SysSystemMappingDto systemMapping = systemMappingService.get(config.getSystemMapping());
        SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(systemMapping.getObjectClass());
        IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
        // Load last token
        String lastToken = config.isReconciliation() ? null : config.getToken();
        IcSyncToken lastIcToken = Strings.isNullOrEmpty(lastToken) ? null : new IcSyncTokenImpl(lastToken);
        log.setToken(lastToken != null ? lastToken : null);
        log.setRunning(true);
        log = syncStarted(log, context);
        // List of all accounts keys (used in reconciliation)
        Set<String> systemAccountsList = new HashSet<>();
        longRunningTaskExecutor.setCounter(0L);
        log = synchronizationLogService.save(log);
        List<SysSyncActionLogDto> actionsLog = new ArrayList<>();
        // add logs to context
        context.addLog(log).addActionLogs(actionsLog);
        // Is differential sync enabled?
        if (config.isDifferentialSync()) {
            log.addToLog("Synchronization is running as differential (entities will be updated only if least one attribute was changed).");
        }
        if (config.isCustomFilter() || config.isReconciliation()) {
            // Custom filter Sync
            log.addToLog("Synchronization will use custom filter (not synchronization implemented in connector).");
            AttributeMapping tokenAttribute = null;
            if (config.getTokenAttribute() != null) {
                tokenAttribute = systemAttributeMappingService.get(config.getTokenAttribute());
            }
            if (tokenAttribute == null && !config.isReconciliation()) {
                throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TOKEN_ATTRIBUTE_NOT_FOUND);
            }
            context.addTokenAttribute(tokenAttribute);
            // Resolve filter for custom search
            IcFilter filter = resolveSynchronizationFilter(config);
            log.addToLog(MessageFormat.format("Start search with filter [{0}].", filter != null ? filter : "NONE"));
            connectorFacade.search(systemService.getConnectorInstance(system), connectorConfig, objectClass, filter, new DefaultResultHandler(context, systemAccountsList));
        } else {
            // Inner Sync
            log.addToLog("Synchronization will use inner connector synchronization implementation.");
            DefalutSyncResultHandler syncResultsHandler = new DefalutSyncResultHandler(context, systemAccountsList);
            connectorFacade.synchronization(systemService.getConnectorInstance(system), connectorConfig, objectClass, lastIcToken, syncResultsHandler);
        }
        // We do reconciliation (find missing account)
        if (config.isReconciliation() && log.isRunning()) {
            startReconciliation(entityType, systemAccountsList, config, system, log, actionsLog);
        }
        // Sync is correctly ends if wasn't cancelled
        if (log.isRunning()) {
            log = syncCorrectlyEnded(log, context);
        }
        return synchronizationConfigService.save(config);
    } catch (Exception e) {
        String message = "Error during synchronization";
        log.addToLog(message);
        log.setContainsError(true);
        log.addToLog(Throwables.getStackTraceAsString(e));
        throw e;
    } finally {
        syncEnd(log, syncContext);
        log.setRunning(false);
        log.setEnded(ZonedDateTime.now());
        synchronizationLogService.save(log);
        // 
        longRunningTaskExecutor.setCount(longRunningTaskExecutor.getCounter());
        longRunningTaskExecutor.updateState();
        // Clear cache
        idmCacheManager.evictCache(CACHE_NAME);
    }
}
Also used : IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) IcSyncToken(eu.bcvsolutions.idm.ic.api.IcSyncToken) ArrayList(java.util.ArrayList) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) IntrospectionException(java.beans.IntrospectionException) InvocationTargetException(java.lang.reflect.InvocationTargetException) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) SynchronizationContext(eu.bcvsolutions.idm.acc.domain.SynchronizationContext) IcSyncTokenImpl(eu.bcvsolutions.idm.ic.impl.IcSyncTokenImpl) IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass) AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) IcFilter(eu.bcvsolutions.idm.ic.filter.api.IcFilter) HashSet(java.util.HashSet)

Aggregations

SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)71 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)51 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)36 Test (org.junit.Test)36 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)28 IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)28 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)26 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)21 SysProvisioningOperationFilter (eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)17 UUID (java.util.UUID)17 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)15 SysSyncActionLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto)15 SysSyncLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)15 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)15 SysSyncItemLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)13 AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)11 SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)11 ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)11 AttributeMappingStrategyType (eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)10 SysProvisioningArchiveDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningArchiveDto)10