use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemMappingServiceTest method operationTypeFilterTest.
@Test
public void operationTypeFilterTest() {
IdmBasePermission permission = IdmBasePermission.ADMIN;
SystemEntityType entityType = SystemEntityType.IDENTITY;
SysSystemDto system = createSystem();
SysSchemaObjectClassDto objectClass = createObjectClass(system);
SysSystemMappingDto mappingSystem1 = testHelper.createMappingSystem(entityType, objectClass);
createProvisioningMappingSystem(SystemEntityType.TREE, objectClass);
SysSystemMappingDto mappingSystem3 = createProvisioningMappingSystem(entityType, objectClass);
SysSystemMappingFilter filter = new SysSystemMappingFilter();
filter.setOperationType(SystemOperationType.PROVISIONING);
filter.setSystemId(system.getId());
Page<SysSystemMappingDto> result = mappingService.find(filter, null, permission);
assertEquals(2, result.getTotalElements());
assertTrue(result.getContent().contains(mappingSystem3));
assertFalse(result.getContent().contains(mappingSystem1));
}
use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemMappingServiceTest method objectClassFilterTest.
@Test
public void objectClassFilterTest() {
IdmBasePermission permission = IdmBasePermission.ADMIN;
SystemEntityType entityType = SystemEntityType.IDENTITY;
SysSystemDto system = createSystem();
SysSystemDto system2 = createSystem();
SysSchemaObjectClassDto objectClass = createObjectClass(system);
SysSchemaObjectClassDto objectClass2 = createObjectClass(system2);
SysSystemMappingDto mappingSystem1 = testHelper.createMappingSystem(entityType, objectClass);
SysSystemMappingDto mappingSystem2 = testHelper.createMappingSystem(entityType, objectClass2);
SysSystemMappingFilter filter = new SysSystemMappingFilter();
filter.setObjectClassId(mappingSystem1.getObjectClass());
Page<SysSystemMappingDto> result = mappingService.find(filter, null, permission);
assertEquals(1, result.getTotalElements());
assertTrue(result.getContent().contains(mappingSystem1));
assertFalse(result.getContent().contains(mappingSystem2));
}
use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method createAccountsForAllSystems.
@Override
public void createAccountsForAllSystems(DTO dto) {
SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
List<SysSystemMappingDto> systemMappings = findSystemMappingsForEntityType(dto, entityType);
systemMappings.forEach(mapping -> {
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
UUID systemId = schemaObjectClassDto.getSystem();
UUID accountId = this.getAccountByEntity(dto.getId(), systemId);
if (accountId != null) {
// We already have account for this system -> next
return;
}
SysSystemDto system = DtoUtils.getEmbedded(schemaObjectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
List<SysSystemAttributeMappingDto> mappedAttributes = attributeMappingService.findBySystemMapping(mapping);
SysSystemAttributeMappingDto uidAttribute = attributeMappingService.getUidAttribute(mappedAttributes, system);
String uid = attributeMappingService.generateUid(dto, uidAttribute);
// Account management - can be the account created? - execute the script on the system mapping
if (!this.canBeAccountCreated(uid, dto, mapping, system)) {
String entityStr = dto.toString();
if (dto instanceof Codeable) {
entityStr = ((Codeable) dto).getCode();
}
LOG.info(MessageFormat.format("For entity [{0}] and entity type [{1}] cannot be created the account (on system [{2}])," + " because script \"Can be account created\" on the mapping returned \"false\"!", entityStr, entityType, system.getName()));
return;
}
// Create AccAccount and relation between account and entity
createEntityAccount(uid, dto.getId(), systemId);
});
}
use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.
the class IdentityProvisioningExecutor method findOverloadingAttributes.
/**
* Return list of all overloading attributes for given identity, system and
* uid
*
* @param identityAccount
* @param idenityAccoutnList
* @param operationType
* @param entityType
* @return
*/
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
idenityAccoutnList.stream().filter(ia -> {
AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
}).forEach((identityAccountInner) -> {
AbstractDto identityAccount = (AbstractDto) identityAccountInner;
// All identity account with same system and with filled
// identityRole
AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(identityRole.getRole());
roleSystemFilter.setSystemId(account.getSystem());
List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
if (roleSystems.size() > 1) {
SysRoleSystemDto roleSystem = roleSystems.get(0);
IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
}
if (!roleSystems.isEmpty()) {
SysRoleSystemDto roleSystem = roleSystems.get(0);
SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
if (!CollectionUtils.isEmpty(roleAttributes)) {
roleSystemAttributesAll.addAll(roleAttributes);
}
}
});
return roleSystemAttributesAll;
}
use of eu.bcvsolutions.idm.acc.domain.SystemEntityType in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method process.
@Override
public AbstractSysSyncConfigDto process(UUID synchronizationConfigId) {
// Clear cache
idmCacheManager.evictCache(CACHE_NAME);
SysSyncLogDto log = new SysSyncLogDto();
// Create basic synchronization log
log.setSynchronizationConfig(synchronizationConfigId);
log.setStarted(ZonedDateTime.now());
try {
// Validate and create basic context
SynchronizationContext context = this.validate(synchronizationConfigId);
AbstractSysSyncConfigDto config = context.getConfig();
SystemEntityType entityType = context.getEntityType();
SysSystemDto system = context.getSystem();
IcConnectorConfiguration connectorConfig = context.getConnectorConfig();
SysSystemMappingDto systemMapping = systemMappingService.get(config.getSystemMapping());
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(systemMapping.getObjectClass());
IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
// Load last token
String lastToken = config.isReconciliation() ? null : config.getToken();
IcSyncToken lastIcToken = Strings.isNullOrEmpty(lastToken) ? null : new IcSyncTokenImpl(lastToken);
log.setToken(lastToken != null ? lastToken : null);
log.setRunning(true);
log = syncStarted(log, context);
// List of all accounts keys (used in reconciliation)
Set<String> systemAccountsList = new HashSet<>();
longRunningTaskExecutor.setCounter(0L);
log = synchronizationLogService.save(log);
List<SysSyncActionLogDto> actionsLog = new ArrayList<>();
// add logs to context
context.addLog(log).addActionLogs(actionsLog);
// Is differential sync enabled?
if (config.isDifferentialSync()) {
log.addToLog("Synchronization is running as differential (entities will be updated only if least one attribute was changed).");
}
if (config.isCustomFilter() || config.isReconciliation()) {
// Custom filter Sync
log.addToLog("Synchronization will use custom filter (not synchronization implemented in connector).");
AttributeMapping tokenAttribute = null;
if (config.getTokenAttribute() != null) {
tokenAttribute = systemAttributeMappingService.get(config.getTokenAttribute());
}
if (tokenAttribute == null && !config.isReconciliation()) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TOKEN_ATTRIBUTE_NOT_FOUND);
}
context.addTokenAttribute(tokenAttribute);
// Resolve filter for custom search
IcFilter filter = resolveSynchronizationFilter(config);
log.addToLog(MessageFormat.format("Start search with filter [{0}].", filter != null ? filter : "NONE"));
connectorFacade.search(systemService.getConnectorInstance(system), connectorConfig, objectClass, filter, new DefaultResultHandler(context, systemAccountsList));
} else {
// Inner Sync
log.addToLog("Synchronization will use inner connector synchronization implementation.");
DefalutSyncResultHandler syncResultsHandler = new DefalutSyncResultHandler(context, systemAccountsList);
connectorFacade.synchronization(systemService.getConnectorInstance(system), connectorConfig, objectClass, lastIcToken, syncResultsHandler);
}
// We do reconciliation (find missing account)
if (config.isReconciliation() && log.isRunning()) {
startReconciliation(entityType, systemAccountsList, config, system, log, actionsLog);
}
// Sync is correctly ends if wasn't cancelled
if (log.isRunning()) {
log = syncCorrectlyEnded(log, context);
}
return synchronizationConfigService.save(config);
} catch (Exception e) {
String message = "Error during synchronization";
log.addToLog(message);
log.setContainsError(true);
log.addToLog(Throwables.getStackTraceAsString(e));
throw e;
} finally {
syncEnd(log, syncContext);
log.setRunning(false);
log.setEnded(ZonedDateTime.now());
synchronizationLogService.save(log);
//
longRunningTaskExecutor.setCount(longRunningTaskExecutor.getCounter());
longRunningTaskExecutor.updateState();
// Clear cache
idmCacheManager.evictCache(CACHE_NAME);
}
}
Aggregations