Example 1 with IdmIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeService method removeAutomaticRoles.
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void removeAutomaticRoles(UUID contractId, Set<AbstractIdmAutomaticRoleDto> automaticRoles) {
for (AbstractIdmAutomaticRoleDto autoRole : automaticRoles) {
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setIdentityContractId(contractId);
identityRoleFilter.setAutomaticRoleId(autoRole.getId());
// TODO: possible performance update with pageable
for (IdmIdentityRoleDto identityRole : identityRoleService.find(identityRoleFilter, null).getContent()) {
// skip check granted authorities
IdentityRoleEvent event = new IdentityRoleEvent(IdentityRoleEventType.DELETE, identityRole);
event.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
identityRoleService.publish(event);
}
}
}
Also used :
IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent)
AbstractIdmAutomaticRoleDto(eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 2 with IdmIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class InitDemoData method init.
protected void init() {
// we need to be ensured admin and and admin role exists.
initApplicationData.init();
//
securityService.setSystemAuthentication();
//
try {
IdmIdentityDto identityAdmin = this.identityService.getByUsername(InitApplicationData.ADMIN_USERNAME);
//
Page<IdmTreeNodeDto> rootsList = treeNodeService.findRoots((UUID) null, new PageRequest(0, 1));
IdmTreeNodeDto rootOrganization = null;
if (!rootsList.getContent().isEmpty()) {
rootOrganization = rootsList.getContent().get(0);
} else {
IdmTreeNodeDto organizationRoot = new IdmTreeNodeDto();
organizationRoot.setCode("root");
organizationRoot.setName("Organization ROOT");
organizationRoot.setTreeType(treeTypeService.getByCode(InitApplicationData.DEFAULT_TREE_TYPE).getId());
organizationRoot = this.treeNodeService.save(organizationRoot);
}
//
if (!configurationService.getBooleanValue(PARAMETER_DEMO_DATA_CREATED, false)) {
LOG.info("Creating demo data ...");
//
// create default password policy for validate
IdmPasswordPolicyDto passValidate = null;
try {
passValidate = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
} catch (ResultCodeException e) {
// nothing, password policy for validate not exist
}
// default password policy not exist, try to found by name
if (passValidate == null) {
passValidate = this.passwordPolicyService.findOneByName("DEFAULT_VALIDATE_POLICY");
}
// if password policy still not exist create default password policy
if (passValidate == null) {
passValidate = new IdmPasswordPolicyDto();
passValidate.setName("DEFAULT_VALIDATE_POLICY");
passValidate.setDefaultPolicy(true);
passValidate.setType(IdmPasswordPolicyType.VALIDATE);
passwordPolicyService.save(passValidate);
}
//
// create default password policy for generate
IdmPasswordPolicyDto passGenerate = null;
try {
passGenerate = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.GENERATE);
} catch (ResultCodeException e) {
// nothing, password policy for generate password not exist
}
// try to found password policy by name
if (passGenerate == null) {
passGenerate = this.passwordPolicyService.findOneByName("DEFAULT_GENERATE_POLICY");
}
// if still not exist create default generate password policy
if (passGenerate == null) {
passGenerate = new IdmPasswordPolicyDto();
passGenerate.setName("DEFAULT_GENERATE_POLICY");
passGenerate.setDefaultPolicy(true);
passGenerate.setType(IdmPasswordPolicyType.GENERATE);
passGenerate.setMinLowerChar(2);
passGenerate.setMinNumber(2);
passGenerate.setMinSpecialChar(2);
passGenerate.setMinUpperChar(2);
passGenerate.setMinPasswordLength(8);
passGenerate.setMaxPasswordLength(12);
passwordPolicyService.save(passGenerate);
}
//
// role may exists from another module initialization
IdmRoleDto role1 = this.roleService.getByCode(DEFAULT_ROLE_NAME);
if (role1 == null) {
role1 = new IdmRoleDto();
role1.setName(DEFAULT_ROLE_NAME);
role1 = this.roleService.save(role1);
}
// self policy
IdmAuthorizationPolicyDto selfPolicy = new IdmAuthorizationPolicyDto();
selfPolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdentityBasePermission.PASSWORDCHANGE, IdentityBasePermission.CHANGEPERMISSION);
selfPolicy.setRole(role1.getId());
selfPolicy.setGroupPermission(CoreGroupPermission.IDENTITY.getName());
selfPolicy.setAuthorizableType(IdmIdentity.class.getCanonicalName());
selfPolicy.setEvaluator(SelfIdentityEvaluator.class);
authorizationPolicyService.save(selfPolicy);
// read identity roles by identity
IdmAuthorizationPolicyDto identityRolePolicy = new IdmAuthorizationPolicyDto();
identityRolePolicy.setRole(role1.getId());
identityRolePolicy.setGroupPermission(CoreGroupPermission.IDENTITYROLE.getName());
identityRolePolicy.setAuthorizableType(IdmIdentityRole.class.getCanonicalName());
identityRolePolicy.setEvaluator(IdentityRoleByIdentityEvaluator.class);
authorizationPolicyService.save(identityRolePolicy);
// read identity contracts by identity
IdmAuthorizationPolicyDto identityContractPolicy = new IdmAuthorizationPolicyDto();
identityContractPolicy.setRole(role1.getId());
identityContractPolicy.setGroupPermission(CoreGroupPermission.IDENTITYCONTRACT.getName());
identityContractPolicy.setAuthorizableType(IdmIdentityContract.class.getCanonicalName());
identityContractPolicy.setEvaluator(IdentityContractByIdentityEvaluator.class);
authorizationPolicyService.save(identityContractPolicy);
// read contract guarantees by identity contract
IdmAuthorizationPolicyDto contractGuaranteePolicy = new IdmAuthorizationPolicyDto();
contractGuaranteePolicy.setRole(role1.getId());
contractGuaranteePolicy.setGroupPermission(CoreGroupPermission.CONTRACTGUARANTEE.getName());
contractGuaranteePolicy.setAuthorizableType(IdmContractGuarantee.class.getCanonicalName());
contractGuaranteePolicy.setEvaluator(ContractGuaranteeByIdentityContractEvaluator.class);
authorizationPolicyService.save(contractGuaranteePolicy);
// only autocomplete roles that can be requested
IdmAuthorizationPolicyDto applyForPolicy = new IdmAuthorizationPolicyDto();
applyForPolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
applyForPolicy.setRole(role1.getId());
applyForPolicy.setGroupPermission(CoreGroupPermission.ROLE.getName());
applyForPolicy.setAuthorizableType(IdmRole.class.getCanonicalName());
applyForPolicy.setEvaluator(RoleCanBeRequestedEvaluator.class);
authorizationPolicyService.save(applyForPolicy);
// role requests by identity
IdmAuthorizationPolicyDto roleRequestByIdentityPolicy = new IdmAuthorizationPolicyDto();
roleRequestByIdentityPolicy.setRole(role1.getId());
roleRequestByIdentityPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
roleRequestByIdentityPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
roleRequestByIdentityPolicy.setEvaluator(RoleRequestByIdentityEvaluator.class);
authorizationPolicyService.save(roleRequestByIdentityPolicy);
// self role requests
IdmAuthorizationPolicyDto selfRoleRequestPolicy = new IdmAuthorizationPolicyDto();
selfRoleRequestPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE, IdmBasePermission.CREATE, IdmBasePermission.DELETE);
selfRoleRequestPolicy.setRole(role1.getId());
selfRoleRequestPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
selfRoleRequestPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
selfRoleRequestPolicy.setEvaluator(SelfRoleRequestEvaluator.class);
authorizationPolicyService.save(selfRoleRequestPolicy);
// role rerquests in approval
IdmAuthorizationPolicyDto roleRequestByWfPolicy = new IdmAuthorizationPolicyDto();
roleRequestByWfPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE);
roleRequestByWfPolicy.setRole(role1.getId());
roleRequestByWfPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
roleRequestByWfPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
roleRequestByWfPolicy.setEvaluator(RoleRequestByWfInvolvedIdentityEvaluator.class);
authorizationPolicyService.save(roleRequestByWfPolicy);
// tree node - autocomplete
IdmAuthorizationPolicyDto treeNodePolicy = new IdmAuthorizationPolicyDto();
treeNodePolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
treeNodePolicy.setRole(role1.getId());
treeNodePolicy.setGroupPermission(CoreGroupPermission.TREENODE.getName());
treeNodePolicy.setAuthorizableType(IdmTreeNode.class.getCanonicalName());
treeNodePolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(treeNodePolicy);
// tree type - autocomplete all
IdmAuthorizationPolicyDto treeTypePolicy = new IdmAuthorizationPolicyDto();
treeTypePolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
treeTypePolicy.setRole(role1.getId());
treeTypePolicy.setGroupPermission(CoreGroupPermission.TREETYPE.getName());
treeTypePolicy.setAuthorizableType(IdmTreeType.class.getCanonicalName());
treeTypePolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(treeTypePolicy);
// workflow task read and execute
IdmAuthorizationPolicyDto workflowTaskPolicy = new IdmAuthorizationPolicyDto();
workflowTaskPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.EXECUTE);
workflowTaskPolicy.setRole(role1.getId());
workflowTaskPolicy.setGroupPermission(CoreGroupPermission.WORKFLOWTASK.getName());
workflowTaskPolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(workflowTaskPolicy);
//
LOG.info(MessageFormat.format("Role created [id: {0}]", role1.getId()));
//
IdmRoleDto role2 = new IdmRoleDto();
role2.setName("customRole");
// TODO: subroles are disabled for now
// List<IdmRoleComposition> subRoles = new ArrayList<>();
// subRoles.add(new IdmRoleComposition(role2, superAdminRole));
// role2.setSubRoles(subRoles);
role2 = this.roleService.save(role2);
LOG.info(MessageFormat.format("Role created [id: {0}]", role2.getId()));
//
IdmRoleDto roleManager = new IdmRoleDto();
roleManager.setName("manager");
roleManager = this.roleService.save(roleManager);
LOG.info(MessageFormat.format("Role created [id: {0}]", roleManager.getId()));
//
//
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("tomiska");
identity.setPassword(new GuardedString("heslo"));
identity.setFirstName("Radek");
identity.setLastName("Tomiška");
identity.setEmail("radek.tomiska@bcvsolutions.eu");
identity = this.identityService.save(identity);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity.getId()));
//
// create prime contract
IdmIdentityContractDto identityContract = identityContractService.getPrimeContract(identity.getId());
if (identityContract == null) {
identityContract = identityContractService.prepareMainContract(identity.getId());
identityContract = identityContractService.save(identityContract);
}
//
IdmIdentityRoleDto identityRole1 = new IdmIdentityRoleDto();
identityRole1.setIdentityContract(identityContract.getId());
identityRole1.setRole(role1.getId());
identityRole1 = identityRoleService.save(identityRole1);
//
IdmIdentityRoleDto identityRole2 = new IdmIdentityRoleDto();
identityRole2.setIdentityContract(identityContract.getId());
identityRole2.setRole(role2.getId());
identityRole2 = identityRoleService.save(identityRole2);
//
IdmIdentityDto identity2 = new IdmIdentityDto();
identity2.setUsername("svanda");
identity2.setFirstName("Vít");
identity2.setPassword(new GuardedString("heslo"));
identity2.setLastName("Švanda");
identity2.setEmail("vit.svanda@bcvsolutions.eu");
identity2 = this.identityService.save(identity2);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity2.getId()));
//
IdmIdentityDto identity3 = new IdmIdentityDto();
identity3.setUsername("kopr");
identity3.setFirstName("Ondrej");
identity3.setPassword(new GuardedString("heslo"));
identity3.setLastName("Kopr");
identity3.setEmail("ondrej.kopr@bcvsolutions.eu");
identity3 = this.identityService.save(identity3);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity3.getId()));
//
// get tree type for organization
IdmTreeTypeDto treeType = treeTypeService.getByCode(InitApplicationData.DEFAULT_TREE_TYPE);
//
IdmTreeNodeDto organization1 = new IdmTreeNodeDto();
organization1.setCode("one");
organization1.setName("Organization One");
organization1.setParent(rootOrganization.getId());
organization1.setTreeType(treeType.getId());
organization1 = this.treeNodeService.save(organization1);
//
IdmTreeNodeDto organization2 = new IdmTreeNodeDto();
organization2.setCode("two");
organization2.setName("Organization Two");
organization2.setCreator("ja");
organization2.setParent(rootOrganization.getId());
organization2.setTreeType(treeType.getId());
organization2 = this.treeNodeService.save(organization2);
//
IdmIdentityContractDto identityWorkPosition = new IdmIdentityContractDto();
identityWorkPosition.setIdentity(identityAdmin.getId());
identityWorkPosition.setWorkPosition(organization2.getId());
identityWorkPosition = identityContractService.save(identityWorkPosition);
IdmContractGuaranteeDto contractGuarantee = new IdmContractGuaranteeDto();
contractGuarantee.setIdentityContract(identityWorkPosition.getId());
contractGuarantee.setGuarantee(identity2.getId());
contractGuaranteeService.save(contractGuarantee);
//
LOG.info("Demo data was created.");
//
configurationService.setBooleanValue(PARAMETER_DEMO_DATA_CREATED, true);
//
// demo eav identity form
IdmFormAttributeDto letter = new IdmFormAttributeDto();
letter.setCode("letter");
letter.setName("Favorite letter");
letter.setPlaceholder("Character");
letter.setDescription("Some favorite character");
letter.setPersistentType(PersistentType.CHAR);
letter.setRequired(true);
letter = formService.saveAttribute(IdmIdentity.class, letter);
IdmFormAttributeDto phone = new IdmFormAttributeDto();
phone.setCode(FORM_ATTRIBUTE_PHONE);
phone.setName("Phone");
phone.setDescription("Additional identitiy's phone");
phone.setPersistentType(PersistentType.TEXT);
phone = formService.saveAttribute(IdmIdentity.class, phone);
IdmFormAttributeDto description = new IdmFormAttributeDto();
description.setCode("description");
description.setName("Description");
description.setDescription("Some longer optional text (2000 characters)");
description.setPersistentType(PersistentType.TEXT);
description.setFaceType(BaseFaceType.TEXTAREA);
description = formService.saveAttribute(IdmIdentity.class, description);
IdmFormAttributeDto rich = new IdmFormAttributeDto();
rich.setCode("rich");
rich.setName("RichText");
rich.setDescription("Some rich text (2000 characters)");
rich.setPersistentType(PersistentType.TEXT);
description.setFaceType(BaseFaceType.RICHTEXTAREA);
rich = formService.saveAttribute(IdmIdentity.class, rich);
IdmFormAttributeDto sure = new IdmFormAttributeDto();
sure.setCode("sure");
sure.setName("Registration");
sure.setPersistentType(PersistentType.BOOLEAN);
sure.setDefaultValue(Boolean.TRUE.toString());
sure = formService.saveAttribute(IdmIdentity.class, sure);
IdmFormAttributeDto intNumber = new IdmFormAttributeDto();
intNumber.setCode("intNumber");
intNumber.setName("Int number");
intNumber.setPersistentType(PersistentType.INT);
intNumber = formService.saveAttribute(IdmIdentity.class, intNumber);
IdmFormAttributeDto longNumber = new IdmFormAttributeDto();
longNumber.setCode("longNumber");
longNumber.setName("Long number");
longNumber.setPersistentType(PersistentType.LONG);
longNumber = formService.saveAttribute(IdmIdentity.class, longNumber);
IdmFormAttributeDto doubleNumber = new IdmFormAttributeDto();
doubleNumber.setCode("doubleNumber");
doubleNumber.setName("Double number");
doubleNumber.setPersistentType(PersistentType.DOUBLE);
doubleNumber = formService.saveAttribute(IdmIdentity.class, doubleNumber);
IdmFormAttributeDto currency = new IdmFormAttributeDto();
currency.setCode("currency");
currency.setName("Price");
currency.setPersistentType(PersistentType.DOUBLE);
currency.setFaceType(BaseFaceType.CURRENCY);
currency = formService.saveAttribute(IdmIdentity.class, currency);
IdmFormAttributeDto date = new IdmFormAttributeDto();
date.setCode("date");
date.setName("Date");
date.setPersistentType(PersistentType.DATE);
date.setRequired(true);
date.setDescription("Important date");
date = formService.saveAttribute(IdmIdentity.class, date);
IdmFormAttributeDto datetime = new IdmFormAttributeDto();
datetime.setCode(FORM_ATTRIBUTE_DATETIME);
datetime.setName("Date and time");
datetime.setPersistentType(PersistentType.DATETIME);
datetime = formService.saveAttribute(IdmIdentity.class, datetime);
IdmFormAttributeDto uuid = new IdmFormAttributeDto();
uuid.setCode(FORM_ATTRIBUTE_UUID);
uuid.setName("UUID");
uuid.setDescription("Some uuid value");
uuid.setPersistentType(PersistentType.UUID);
uuid = formService.saveAttribute(IdmIdentity.class, uuid);
IdmFormAttributeDto webPages = new IdmFormAttributeDto();
webPages.setCode(FORM_ATTRIBUTE_WWW);
webPages.setName("WWW");
webPages.setDescription("Favorite web pages (every line in new value)");
webPages.setPersistentType(PersistentType.TEXT);
webPages.setMultiple(true);
webPages = formService.saveAttribute(IdmIdentity.class, webPages);
IdmFormAttributeDto password = new IdmFormAttributeDto();
password.setCode(FORM_ATTRIBUTE_PASSWORD);
password.setName("Custom password");
password.setPersistentType(PersistentType.TEXT);
password.setConfidential(true);
password.setDescription("Test password");
password = formService.saveAttribute(IdmIdentity.class, password);
IdmFormAttributeDto byteArray = new IdmFormAttributeDto();
byteArray.setCode("byteArray");
byteArray.setName("Byte array");
byteArray.setPersistentType(PersistentType.BYTEARRAY);
byteArray.setConfidential(false);
byteArray.setDescription("Test byte array");
byteArray.setPlaceholder("or image :-)");
byteArray = formService.saveAttribute(IdmIdentity.class, byteArray);
List<IdmFormValueDto> values = new ArrayList<>();
IdmFormValueDto phoneValue = new IdmFormValueDto();
phoneValue.setFormAttribute(phone.getId());
phoneValue.setStringValue("12345679");
values.add(phoneValue);
formService.saveValues(identity.getId(), IdmIdentity.class, null, values);
//
// demo eav role form
IdmFormAttributeDto roleExt = new IdmFormAttributeDto();
roleExt.setCode("extAttr");
roleExt.setName("Ext.attr");
roleExt.setPersistentType(PersistentType.TEXT);
roleExt.setConfidential(false);
roleExt.setDescription("Role's custom extended attribute");
roleExt = formService.saveAttribute(IdmRole.class, roleExt);
//
// demo eav tree node form
IdmFormAttributeDto treeNodeExt = new IdmFormAttributeDto();
treeNodeExt.setCode("extAttr");
treeNodeExt.setName("Ext.attr");
treeNodeExt.setPersistentType(PersistentType.TEXT);
treeNodeExt.setConfidential(false);
treeNodeExt.setDescription("Tree node's custom extended attribute");
treeNodeExt = formService.saveAttribute(IdmTreeNode.class, treeNodeExt);
//
// demo eav identity contract's form
IdmFormAttributeDto identityContractExt = new IdmFormAttributeDto();
identityContractExt.setCode("extAttr");
identityContractExt.setName("Ext.attr");
identityContractExt.setPersistentType(PersistentType.TEXT);
identityContractExt.setConfidential(false);
identityContractExt.setDescription("Identity contract's custom extended attribute");
identityContractExt = formService.saveAttribute(IdmIdentityContract.class, identityContractExt);
}
} catch (Exception ex) {
LOG.warn("Demo data was not created", ex);
} finally {
SecurityContextHolder.clearContext();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmContractGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmContractGuarantee)
ArrayList(java.util.ArrayList)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto)
PageRequest(org.springframework.data.domain.PageRequest)
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContract(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract)
IdmRoleRequest(eu.bcvsolutions.idm.core.model.entity.IdmRoleRequest)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
IdmTreeType(eu.bcvsolutions.idm.core.model.entity.IdmTreeType)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmContractGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmContractGuaranteeDto)
IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Example 3 with IdmIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleTreeNodeService method addAutomaticRoles.
@Override
@Transactional
public void addAutomaticRoles(IdmIdentityContractDto contract, Set<IdmRoleTreeNodeDto> automaticRoles) {
// original method assignAutomaticRoles has also only @Transactional without reguired new
for (AbstractIdmAutomaticRoleDto autoRole : automaticRoles) {
// create identity role directly
IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
identityRole.setRoleTreeNode(autoRole.getId());
identityRole.setIdentityContract(contract.getId());
identityRole.setRole(autoRole.getRole());
identityRole.setValidFrom(contract.getValidFrom());
identityRole.setValidTill(contract.getValidTill());
//
// start event with skip check authorities
IdentityRoleEvent event = new IdentityRoleEvent(IdentityRoleEventType.CREATE, identityRole);
event.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
identityRoleService.publish(event);
}
}
Also used :
IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent)
AbstractIdmAutomaticRoleDto(eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 4 with IdmIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class AccountProtectionExpirationTaskExecutorIntegrationTest method testRemoveExpiredAccount.
@Test
public void testRemoveExpiredAccount() {
IdmIdentityDto identity = helper.createIdentity();
IdmRoleDto role = helper.createRole();
SysSystemDto system = helper.createTestResourceSystem(true);
SysSystemMappingDto mapping = helper.getDefaultMapping(system);
mapping.setProtectionInterval(1);
mapping.setProtectionEnabled(true);
systemMappingService.save(mapping);
helper.createRoleSystem(role, system);
IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
//
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// remove role
identityRoleService.deleteById(identityRole.getId());
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// test LRT - nothing to remove
AccountProtectionExpirationTaskExecutor taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// change account expiration
account.setEndOfProtection(new DateTime().minusDays(1));
account = accountService.save(account);
taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
AccAccountDto removedAccount = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNull(removedAccount);
createdAccount = helper.findResource(account.getUid());
Assert.assertNull(createdAccount);
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccountProtectionExpirationTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.AccountProtectionExpirationTaskExecutor)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
DateTime(org.joda.time.DateTime)
Test(org.junit.Test)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Example 5 with IdmIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityRoleValidRequestSchedulerTest method createAndSaveIdentityRole.
private IdmIdentityRoleDto createAndSaveIdentityRole(IdmIdentityContractDto identityContract, IdmRoleDto role, LocalDate validTill, LocalDate validFrom) {
IdmIdentityRoleDto entity = new IdmIdentityRoleDto();
entity.setValidTill(validTill);
entity.setValidFrom(validFrom);
entity.setRole(role.getId());
entity.setIdentityContract(identityContract.getId());
return saveInTransaction(entity, idmIdentityRoleSerivce);
}
Also used :
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Aggregations
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)511
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)407
Test (org.junit.Test)401
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)400
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)282
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)280
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)151
UUID (java.util.UUID)146
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)113
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)113
IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)111
IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)109
List (java.util.List)108
Autowired (org.springframework.beans.factory.annotation.Autowired)107
IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)101
Transactional (org.springframework.transaction.annotation.Transactional)94
IdmFormAttributeDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)92
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)89
LocalDate (java.time.LocalDate)87
Assert (org.junit.Assert)79
