Examples with IdmRoleRequestDto eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto used on opensource projects

Search in sources :

Example 66 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testGetTaskByAnotherUser.

@Test
@Transactional
public void testGetTaskByAnotherUser() {
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    // 
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = helper.createIdentity();
    IdmIdentityDto anotherUser = helper.createIdentity();
    IdmRoleDto role = helper.createRole();
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = helper.createRole();
    IdmIdentityDto helpdeskIdentity = helper.createIdentity();
    // add role directly
    helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
    // check task before create request
    loginAsAdmin(test1.getUsername());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK login
    loginAsAdmin(helpdeskIdentity.getUsername());
    taskFilter.setCandidateOrAssigned(helpdeskIdentity.getUsername());
    tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(1, tasks.size());
    WorkflowTaskInstanceDto taskInstanceDto = tasks.get(0);
    String id = taskInstanceDto.getId();
    WorkflowTaskInstanceDto workflowTaskInstanceDto = workflowTaskInstanceService.get(id);
    assertNotNull(workflowTaskInstanceDto);
    // check task get by id
    loginWithout(test1.getUsername(), IdmGroupPermission.APP_ADMIN, CoreGroupPermission.WORKFLOW_TASK_ADMIN);
    workflowTaskInstanceDto = workflowTaskInstanceService.get(id);
    assertNull(workflowTaskInstanceDto);
    loginWithout(anotherUser.getUsername(), IdmGroupPermission.APP_ADMIN, CoreGroupPermission.WORKFLOW_TASK_ADMIN);
    workflowTaskInstanceDto = workflowTaskInstanceService.get(id);
    assertNull(workflowTaskInstanceDto);
    // candidate
    loginWithout(helpdeskIdentity.getUsername(), IdmGroupPermission.APP_ADMIN, CoreGroupPermission.WORKFLOW_TASK_ADMIN);
    workflowTaskInstanceDto = workflowTaskInstanceService.get(id);
    assertNotNull(workflowTaskInstanceDto);
    // WF admin
    loginWithout(InitTestData.TEST_ADMIN_USERNAME, IdmGroupPermission.APP_ADMIN);
    workflowTaskInstanceDto = workflowTaskInstanceService.get(id);
    assertNotNull(workflowTaskInstanceDto);
    // Attacker
    loginWithout(anotherUser.getUsername(), IdmGroupPermission.APP_ADMIN, CoreGroupPermission.WORKFLOW_TASK_ADMIN);
    taskFilter.setCandidateOrAssigned(helpdeskIdentity.getUsername());
    try {
        tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
        fail();
    } catch (ResultCodeException ex) {
        assertEquals(HttpStatus.FORBIDDEN, ex.getStatus());
    } catch (Exception e) {
        fail();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 67 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testCompleteTaskByPreviosApprover.

@Test
public void testCompleteTaskByPreviosApprover() {
    // approve only by help desk
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    // 
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = helper.createIdentity();
    IdmIdentityDto guarantee = helper.createIdentity();
    // Guarantee
    int priority = 500;
    IdmRoleDto role = helper.createRole();
    role.setPriority(priority);
    IdmRoleGuaranteeDto roleGuarantee = new IdmRoleGuaranteeDto();
    roleGuarantee.setRole(role.getId());
    roleGuarantee.setGuarantee(guarantee.getId());
    role.getGuarantees().add(roleGuarantee);
    role = roleService.save(role);
    // set approve by guarantee
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
    // 
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = helper.createRole();
    IdmIdentityDto helpdeskIdentity = helper.createIdentity();
    // add role directly
    helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
    loginAsNoAdmin(test1.getUsername());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(helpdeskIdentity.getUsername());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
    } catch (ResultCodeException ex) {
        fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(helpdeskIdentity.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
        fail("This user: " + helpdeskIdentity.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(test1.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(guarantee.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
    } catch (ResultCodeException ex) {
        fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Example 68 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessDisapproveTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessDisapproveTest() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK - must be skipped
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Subprocess - approve by GUARANTEE
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "disapprove");
    // SECURITY
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityId(test1.getId());
    Page<IdmIdentityRoleDto> page = identityRoleService.find(filter, null);
    assertEquals(0, page.getSize());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 69 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method assignRoles.

@Override
public IdmRoleRequestDto assignRoles(IdmIdentityContractDto contract, boolean startInNewTransaction, IdmRoleDto... roles) {
    IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
    roleRequest.setApplicant(contract.getIdentity());
    roleRequest.setRequestedByType(RoleRequestedByType.MANUALLY);
    roleRequest.setExecuteImmediately(true);
    roleRequest = roleRequestService.save(roleRequest);
    // 
    for (IdmRoleDto role : roles) {
        IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
        conceptRoleRequest.setRoleRequest(roleRequest.getId());
        conceptRoleRequest.setIdentityContract(contract.getId());
        conceptRoleRequest.setValidFrom(contract.getValidFrom());
        conceptRoleRequest.setValidTill(contract.getValidTill());
        conceptRoleRequest.setRole(role.getId());
        // 
        conceptRoleRequest.setOperation(ConceptRoleRequestOperation.ADD);
        // 
        conceptRoleRequestService.save(conceptRoleRequest);
    }
    // 
    if (startInNewTransaction) {
        return roleRequestService.startRequest(roleRequest.getId(), false);
    }
    return roleRequestService.startRequestInternal(roleRequest.getId(), false);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Aggregations

IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)52 Test (org.junit.Test)52 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)51 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)49 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)44 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)35 List (java.util.List)27 ArrayList (java.util.ArrayList)26 IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)24 IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)24 Transactional (org.springframework.transaction.annotation.Transactional)20 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)9 IdmConceptRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)9 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)9 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)8 IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)7 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)7
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial