Examples with IdmAutomaticRoleAttributeRuleRequestDto eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto used on opensource projects

Search in sources :

Example 1 with IdmAutomaticRoleAttributeRuleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method notRightForExecuteImmediatelyExceptionTest.

@Test(expected = RoleRequestException.class)
public void notRightForExecuteImmediatelyExceptionTest() {
    this.logout();
    IdmIdentityDto identity = getHelper().createIdentity();
    // Log as user without right for immediately execute role request (without
    // approval)
    Collection<GrantedAuthority> authorities = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
        return !CoreGroupPermission.AUTOMATIC_ROLE_REQUEST_ADMIN.equals(authority.getAuthority()) && !IdmGroupPermission.APP_ADMIN.equals(authority.getAuthority());
    }).collect(Collectors.toList());
    SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(new IdmIdentityDto(identity.getUsername()), null, authorities, "test"));
    IdmRoleDto role = prepareRole();
    IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
    request.setState(RequestState.EXECUTED);
    request.setOperation(RequestOperationType.ADD);
    request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
    request.setExecuteImmediately(true);
    request.setName(role.getCode());
    request.setRole(role.getId());
    request = roleRequestService.save(request);
    Assert.assertEquals(RequestState.CONCEPT, request.getState());
    IdmAutomaticRoleAttributeRuleRequestDto rule = new IdmAutomaticRoleAttributeRuleRequestDto();
    rule.setRequest(request.getId());
    rule.setOperation(RequestOperationType.ADD);
    rule.setAttributeName(IdmIdentity_.username.getName());
    rule.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule.setValue("test");
    rule = ruleRequestService.save(rule);
    // We expect exception state (we don`t have right for execute without approval)
    roleRequestService.startRequestInternal(request.getId(), true);
}
Also used : RequestState(eu.bcvsolutions.idm.core.api.domain.RequestState) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException) Autowired(org.springframework.beans.factory.annotation.Autowired) IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) AutomaticRoleManager(eu.bcvsolutions.idm.core.api.service.AutomaticRoleManager) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) After(org.junit.After) WorkflowTaskInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowTaskInstanceService) Assert.fail(org.junit.Assert.fail) ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService) SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder) AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType) RecursionType(eu.bcvsolutions.idm.core.api.domain.RecursionType) IdmAutomaticRoleAttributeRuleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleRequestService) Collection(java.util.Collection) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) GrantedAuthority(org.springframework.security.core.GrantedAuthority) List(java.util.List) IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) RequestOperationType(eu.bcvsolutions.idm.core.api.domain.RequestOperationType) IdmTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmTreeNodeService) IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService) IdmConfigurationService(eu.bcvsolutions.idm.core.api.service.IdmConfigurationService) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService) IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) TestHelper(eu.bcvsolutions.idm.test.api.TestHelper) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) AutomaticRoleRequestType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleRequestType) Before(org.junit.Before) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) SchedulerConfiguration(eu.bcvsolutions.idm.core.scheduler.api.config.SchedulerConfiguration) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Test(org.junit.Test) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison) IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_) IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission) Assert(org.junit.Assert) IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) GrantedAuthority(org.springframework.security.core.GrantedAuthority) IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Example 2 with IdmAutomaticRoleAttributeRuleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultAutomaticRoleManager method createAutomaticRoleByAttribute.

@Override
public IdmAutomaticRoleAttributeDto createAutomaticRoleByAttribute(IdmAutomaticRoleAttributeDto automaticRole, boolean executeImmediately, IdmAutomaticRoleAttributeRuleDto... rules) {
    IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
    request.setOperation(RequestOperationType.ADD);
    request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
    request.setExecuteImmediately(executeImmediately);
    request.setName(automaticRole.getName());
    request.setRole(automaticRole.getRole());
    request = roleRequestService.save(request);
    if (rules != null) {
        for (IdmAutomaticRoleAttributeRuleDto rule : rules) {
            IdmAutomaticRoleAttributeRuleRequestDto ruleRequest = new IdmAutomaticRoleAttributeRuleRequestDto();
            ruleRequest.setRequest(request.getId());
            ruleRequest.setOperation(RequestOperationType.ADD);
            ruleRequest.setAttributeName(rule.getAttributeName());
            ruleRequest.setComparison(rule.getComparison());
            ruleRequest.setType(rule.getType());
            ruleRequest.setFormAttribute(rule.getFormAttribute());
            ruleRequest.setValue(rule.getValue());
            ruleRequest.setRule(rule.getId());
            ruleRequest = ruleRequestService.save(ruleRequest);
        }
    }
    request = roleRequestService.startRequestInternal(request.getId(), true);
    if (RequestState.EXECUTED == request.getState()) {
        UUID createdAutomaticRoleId = request.getAutomaticRole();
        Assert.notNull(createdAutomaticRoleId, "Automatic role identifier is required.");
        return automaticRoleAttributeService.get(request.getAutomaticRole());
    }
    if (RequestState.IN_PROGRESS == request.getState()) {
        throw new AcceptedException(request.getId().toString());
    }
    if (RequestState.EXCEPTION == request.getState()) {
        throw new CoreException(request.getResult().getCause());
    }
    return null;
}
Also used : IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) UUID(java.util.UUID)

Example 3 with IdmAutomaticRoleAttributeRuleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestService method deleteInternal.

@Override
@Transactional
public void deleteInternal(IdmAutomaticRoleRequestDto dto) {
    // Stop connected WF process
    cancelWF(dto);
    // First we have to delete all rule concepts for this request
    if (dto.getId() != null) {
        IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
        ruleFilter.setRoleRequestId(dto.getId());
        List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
        ruleConcepts.forEach(concept -> {
            automaticRoleRuleRequestService.delete(concept);
        });
    }
    super.deleteInternal(dto);
}
Also used : IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) Transactional(org.springframework.transaction.annotation.Transactional)

Example 4 with IdmAutomaticRoleAttributeRuleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmFormAttributeService method deleteInternal.

@Override
@Transactional
@SuppressWarnings({ "rawtypes", "unchecked" })
public void deleteInternal(IdmFormAttributeDto dto) {
    Assert.notNull(dto, "DTO is required.");
    // attribute with filled values cannot be deleted
    IdmFormValueFilter filter = new IdmFormValueFilter();
    filter.setAttributeId(dto.getId());
    formValueServices.getPlugins().forEach(formValueService -> {
        if (formValueService.find(filter, PageRequest.of(0, 1)).getTotalElements() > 0) {
            throw new ResultCodeException(CoreResultCode.FORM_ATTRIBUTE_DELETE_FAILED_HAS_VALUES, ImmutableMap.of("formAttribute", dto.getCode()));
        }
    });
    // 
    // check rules for automatic role attributes
    IdmAutomaticRoleAttributeRuleFilter automaticRoleRuleFilter = new IdmAutomaticRoleAttributeRuleFilter();
    automaticRoleRuleFilter.setFormAttributeId(dto.getId());
    long totalElements = automaticRoleAttributeService.find(automaticRoleRuleFilter, PageRequest.of(0, 1)).getTotalElements();
    if (totalElements > 0) {
        // some automatic roles use this attribute
        throw new ResultCodeException(CoreResultCode.FORM_ATTRIBUTE_DELETE_FAILED_AUTOMATIC_ROLE_RULE_ASSIGNED, ImmutableMap.of("formAttribute", dto.getId()));
    }
    // Check on using this attribute on role (sub-definition)
    if (dto.getId() != null) {
        IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
        roleFormAttributeFilter.setFormAttribute(dto.getId());
        List<IdmRoleFormAttributeDto> attributes = roleFormAttributeService.find(roleFormAttributeFilter, PageRequest.of(0, 1)).getContent();
        if (attributes.size() > 0) {
            IdmRoleDto roleDto = DtoUtils.getEmbedded(attributes.get(0), IdmRoleFormAttribute_.role.getName(), IdmRoleDto.class);
            throw new ResultCodeException(CoreResultCode.FORM_ATTRIBUTE_DELETE_FAILED_ROLE_ATTRIBUTE, ImmutableMap.of("definition", dto.getCode(), "role", roleDto.getCode()));
        }
    }
    // 
    // Check rules requests for automatic role attributes. Deletes relation on this form attribute.
    IdmAutomaticRoleAttributeRuleRequestFilter automaticRoleRuleRequestFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
    automaticRoleRuleRequestFilter.setFormAttributeId(dto.getId());
    List<IdmAutomaticRoleAttributeRuleRequestDto> ruleRequests = automaticRoleAttributeRequestService.find(automaticRoleRuleRequestFilter, null).getContent();
    ruleRequests.forEach(rule -> {
        rule.setFormAttribute(null);
        automaticRoleAttributeRequestService.save(rule);
    });
    // 
    super.deleteInternal(dto);
}
Also used : IdmRoleFormAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleFormAttributeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmFormValueFilter(eu.bcvsolutions.idm.core.eav.api.dto.filter.IdmFormValueFilter) IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter) IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter) Transactional(org.springframework.transaction.annotation.Transactional)

Example 5 with IdmAutomaticRoleAttributeRuleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestService method startRequest.

@Override
@Transactional
public IdmAutomaticRoleRequestDto startRequest(UUID requestId, boolean checkRight) {
    IdmAutomaticRoleRequestDto request = get(requestId);
    Assert.notNull(request, "Request is required!");
    // Validation on exist some rule
    if (AutomaticRoleRequestType.ATTRIBUTE == request.getRequestType() && RequestOperationType.REMOVE != request.getOperation()) {
        IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
        ruleFilter.setRoleRequestId(requestId);
        List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
        if (ruleConcepts.isEmpty()) {
            throw new RoleRequestException(CoreResultCode.AUTOMATIC_ROLE_REQUEST_START_WITHOUT_RULE, ImmutableMap.of("request", request.getName()));
        }
    }
    try {
        IdmAutomaticRoleRequestService service = this.getIdmAutomaticRoleRequestService();
        if (!(service instanceof DefaultIdmAutomaticRoleRequestService)) {
            throw new CoreException("We expects instace of DefaultIdmAutomaticRoleRequestService!");
        }
        return ((DefaultIdmAutomaticRoleRequestService) service).startRequestNewTransactional(requestId, checkRight);
    } catch (Exception ex) {
        LOG.error(ex.getLocalizedMessage(), ex);
        request = get(requestId);
        Throwable exceptionToLog = ExceptionUtils.resolveException(ex);
        // TODO: I set only cause of exception, not code and properties. If are
        // properties set, then request cannot be save!
        request.setResult(new OperationResultDto.Builder(OperationState.EXCEPTION).setCause(exceptionToLog).build());
        request.setState(RequestState.EXCEPTION);
        return save(request);
    }
}
Also used : IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter) RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService) RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

IdmAutomaticRoleAttributeRuleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)9 IdmAutomaticRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)7 AcceptedException (eu.bcvsolutions.idm.core.api.exception.AcceptedException)6 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)5 IdmAutomaticRoleAttributeRuleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)5 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)5 UUID (java.util.UUID)5 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)4 IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)4 IdmRoleTreeNodeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)4 CoreException (eu.bcvsolutions.idm.core.api.exception.CoreException)4 IdmAutomaticRoleRequestService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)4 AutomaticRoleRequestType (eu.bcvsolutions.idm.core.api.domain.AutomaticRoleRequestType)3 RequestOperationType (eu.bcvsolutions.idm.core.api.domain.RequestOperationType)3 RequestState (eu.bcvsolutions.idm.core.api.domain.RequestState)3 IdmAutomaticRoleAttributeRuleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)3 RoleRequestException (eu.bcvsolutions.idm.core.api.exception.RoleRequestException)3 IdmAutomaticRoleAttributeRuleRequestService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleRequestService)3 IdmAutomaticRoleAttributeRuleService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService)3 IdmAutomaticRoleAttributeService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial