Examples with EntityAccountDto eu.bcvsolutions.idm.acc.dto.EntityAccountDto used on opensource projects

Example 1 with EntityAccountDto

use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityProvisioningExecutor method findOverloadingAttributes.

/**
 * Return list of all overloading attributes for given identity, system and
 * uid
 *
 * @param identityAccount
 * @param idenityAccoutnList
 * @param operationType
 * @param entityType
 * @return
 */
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
    List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
    idenityAccoutnList.stream().filter(ia -> {
        AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
        return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
    }).forEach((identityAccountInner) -> {
        AbstractDto identityAccount = (AbstractDto) identityAccountInner;
        // All identity account with same system and with filled
        // identityRole
        AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
        IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(identityRole.getRole());
        roleSystemFilter.setSystemId(account.getSystem());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        if (roleSystems.size() > 1) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
        }
        if (!roleSystems.isEmpty()) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
            roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
            List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
            if (!CollectionUtils.isEmpty(roleAttributes)) {
                roleSystemAttributesAll.addAll(roleAttributes);
            }
        }
    });
    return roleSystemAttributesAll;
}

Example 2 with EntityAccountDto

use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method doCreateLink.

/**
 * Create account and relation on him
 *
 * @param callProvisioning
 * @param dto
 * @param context
 */
protected void doCreateLink(DTO dto, boolean callProvisioning, SynchronizationContext context) {
    String uid = context.getUid();
    SystemEntityType entityType = context.getEntityType();
    SysSystemDto system = context.getSystem();
    SysSyncItemLogDto logItem = context.getLogItem();
    SysSystemEntityDto systemEntity = context.getSystemEntity();
    String entityIdentification = dto.getId().toString();
    if (dto instanceof Codeable) {
        entityIdentification = ((Codeable) dto).getCode();
    }
    logItem.setDisplayName(entityIdentification);
    // Generate UID value from mapped attribute marked as UID (Unique ID).
    // UID mapped attribute must exist and returned value must be not null
    // and must be String
    String attributeUid = this.generateUID(context);
    AccAccountDto account = doCreateIdmAccount(attributeUid, system);
    if (systemEntity != null) {
        // If SystemEntity for this account already exist, then we linked
        // him to new account
        account.setSystemEntity(systemEntity.getId());
    }
    account = this.applySpecificSettingsBeforeLink(account, dto, context);
    if (account == null) {
        // Identity account won't be created
        addToItemLog(logItem, MessageFormat.format("Link between uid [{0}] and entity [{1}] will not be created due to specific settings of synchronization. " + "Processing of this item is finished.", uid, entityIdentification));
        return;
    }
    account = accountService.save(account);
    addToItemLog(logItem, MessageFormat.format("Account with uid [{0}] and id [{1}] was created", uid, account.getId()));
    // Create new entity account relation
    EntityAccountDto entityAccount = this.createEntityAccount(account, dto, context);
    entityAccount = (EntityAccountDto) getEntityAccountService().save(entityAccount);
    context.addAccount(account);
    // Identity account Created
    addToItemLog(logItem, MessageFormat.format("Entity account relation  with id [{0}], between account [{1}] and entity [{2}] was created", entityAccount.getId(), uid, entityIdentification));
    logItem.setType(entityAccount.getClass().getSimpleName());
    logItem.setIdentification(entityAccount.getId().toString());
    if (callProvisioning) {
        if (this.isProvisioningImplemented(entityType, logItem)) {
            // Call provisioning for this entity
            callProvisioningForEntity(dto, entityType, logItem);
        }
    }
}

Example 3 with EntityAccountDto

use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method doProvisioning.

@Override
public void doProvisioning(AccAccountDto account) {
    Assert.notNull(account, "Account is required.");
    EntityAccountFilter filter = createEntityAccountFilter();
    filter.setAccountId(account.getId());
    filter.setOwnership(Boolean.TRUE);
    // Find first entity-account relation (we need Id of entity)
    List<? extends EntityAccountDto> entityAccoutnList = getEntityAccountService().find(filter, PageRequest.of(0, 1)).getContent();
    if (entityAccoutnList.isEmpty()) {
        return;
    }
    EntityAccountDto entityAccountDto = entityAccoutnList.get(0);
    // Start provisioning
    doProvisioning(account, getService().get(entityAccountDto.getEntity()));
}

Example 4 with EntityAccountDto

use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySynchronizationExecutor method createEntityAccount.

@Override
protected EntityAccountDto createEntityAccount(AccAccountDto account, IdmIdentityDto entity, SynchronizationContext context) {
    Assert.notNull(account, "Account is required.");
    Assert.notNull(entity, "Entity is required.");
    EntityAccountDto entityAccount = super.createEntityAccount(account, entity, context);
    Assert.isInstanceOf(AccIdentityAccountDto.class, entityAccount, "For identity sync must be entity-account relation instance of AccIdentityAccountDto!");
    AccIdentityAccountDto identityAccount = (AccIdentityAccountDto) entityAccount;
    SysSyncIdentityConfigDto config = this.getConfig(context);
    SysSyncItemLogDto itemLog = context.getLogItem();
    UUID defaultRoleId = config.getDefaultRole();
    if (defaultRoleId == null) {
        return identityAccount;
    }
    // Default role is defined
    IdmRoleDto defaultRole = DtoUtils.getEmbedded(config, SysSyncIdentityConfig_.defaultRole);
    Assert.notNull(defaultRole, "Default role must be found for this sync configuration!");
    this.addToItemLog(itemLog, (MessageFormat.format("Default role [{1}] is defined and will be assigned to the identity [{0}].", entity.getCode(), defaultRole.getCode())));
    List<IdmIdentityContractDto> contracts = Lists.newArrayList();
    // Could be default role assigned to all valid or future valid contracts?
    if (config.isAssignDefaultRoleToAll()) {
        IdmIdentityContractFilter contractFilter = new IdmIdentityContractFilter();
        contractFilter.setValidNowOrInFuture(Boolean.TRUE);
        contractFilter.setIdentity(entity.getId());
        contracts = identityContractService.find(contractFilter, null).getContent();
        this.addToItemLog(itemLog, (MessageFormat.format("Default role will be assigned to all valid or future valid contracts, number of found contracts [{0}].", contracts.size())));
    } else {
        // Default role will be assigned only to prime contract
        IdmIdentityContractDto primeContract = identityContractService.getPrimeValidContract(entity.getId());
        if (primeContract != null) {
            contracts.add(primeContract);
        }
    }
    if (contracts.isEmpty()) {
        SynchronizationInactiveOwnerBehaviorType inactiveOwnerBehavior = config.getInactiveOwnerBehavior();
        if (SynchronizationInactiveOwnerBehaviorType.LINK_PROTECTED == inactiveOwnerBehavior) {
            this.addToItemLog(itemLog, (MessageFormat.format("Default role is set, but it will not be assigned - no contract was found for identity [{0}]," + " so the account will be in protection.", entity.getCode())));
        } else {
            this.addToItemLog(itemLog, ("Warning! - Default role is set, but could not be assigned to identity, because the identity has not any suitable contract!"));
            this.initSyncActionLog(context.getActionType(), OperationResultType.WARNING, context.getLogItem(), context.getLog(), context.getActionLogs());
        }
        return identityAccount;
    }
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(contracts.size());
    for (IdmIdentityContractDto contract : contracts) {
        IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
        concept.setIdentityContract(contract.getId());
        // filled automatically - prevent to provision future valid roles by default
        concept.setValidFrom(contract.getValidFrom());
        // #1887: its not filled automatically form contract (validity will be controlled by contract validity dynamically)
        concept.setValidTill(null);
        concept.setRole(defaultRole.getId());
        concept.setOperation(ConceptRoleRequestOperation.ADD);
        concepts.add(concept);
    }
    // Create role request for default role and primary contract
    // Add skip of provisioning property. We don't want execute provisioning now, but after update of entity (only once).
    Map<String, Serializable> properties = new LinkedHashMap<>();
    properties.put(ProvisioningService.SKIP_PROVISIONING, Boolean.TRUE);
    IdmRoleRequestDto roleRequest = roleRequestService.executeConceptsImmediate(entity.getId(), concepts, properties);
    // Load concepts  and try to find duplicate identity account
    AccIdentityAccountDto duplicate = null;
    IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
    conceptFilter.setRoleRequestId(roleRequest.getId());
    for (IdmConceptRoleRequestDto concept : conceptRoleRequestService.find(conceptFilter, null)) {
        UUID identityRoleId = concept.getIdentityRole();
        Assert.notNull(identityRoleId, "Identity role relation had to been created!");
        identityAccount.setIdentityRole(identityRoleId);
        duplicate = this.findDuplicate(identityAccount);
        if (duplicate != null) {
            break;
        }
    }
    if (duplicate != null) {
        // This IdentityAccount is new and duplicated, we do not want create duplicated
        // relation.
        // Same IdentityAccount had to be created by assigned default role!
        this.addToItemLog(itemLog, (MessageFormat.format("This identity-account (identity-role id: [{2}]) is new and duplicated, " + "we do not want create duplicated relation! " + "We will reuse already persisted identity-account [{3}]. " + "Probable reason: Same identity-account had to be created by assigned default role!", identityAccount.getAccount(), identityAccount.getIdentity(), identityAccount.getIdentityRole(), duplicate.getId())));
        // Reusing duplicate
        return duplicate;
    }
    return identityAccount;
}

Example 5 with EntityAccountDto

use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.

the class RoleCatalogueSynchronizationExecutor method doCreateEntity.

/**
 * Create and persist new entity by data from IC attributes
 *
 * @param entityType
 * @param mappedAttributes
 * @param logItem
 * @param uid
 * @param icAttributes
 * @param account
 */
@Override
protected void doCreateEntity(SystemEntityType entityType, List<SysSystemAttributeMappingDto> mappedAttributes, SysSyncItemLogDto logItem, String uid, List<IcAttribute> icAttributes, AccAccountDto account, SynchronizationContext context) {
    // We will create new Role catalogue
    addToItemLog(logItem, "Missing entity action is CREATE_ENTITY, we will create a new entity.");
    IdmRoleCatalogueDto roleCatalogue = new IdmRoleCatalogueDto();
    // Fill entity by mapped attribute
    roleCatalogue = fillEntity(mappedAttributes, uid, icAttributes, roleCatalogue, true, context);
    // Create new Entity
    roleCatalogue = this.save(roleCatalogue, true, context);
    // Create new Entity account relation
    EntityAccountDto entityAccount = this.createEntityAccountDto();
    entityAccount.setAccount(account.getId());
    entityAccount.setEntity(roleCatalogue.getId());
    entityAccount.setOwnership(true);
    this.getEntityAccountService().save(entityAccount);
    if (this.isProvisioningImplemented(entityType, logItem)) {
        // Call provisioning for this entity
        callProvisioningForEntity(roleCatalogue, entityType, logItem);
    }
    // Entity Created
    addToItemLog(logItem, MessageFormat.format("Role catalogue with id {0} was created", roleCatalogue.getId()));
    if (logItem != null) {
        logItem.setDisplayName(roleCatalogue.getName());
    }
}