Examples with IdmIdentityRole eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole used on opensource projects

Example 6 with IdmIdentityRole

use of eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createLotsOfValidRequests.

@Test
public void createLotsOfValidRequests() throws InterruptedException, ExecutionException {
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // clear request, if any
    List<IdmIdentityRoleValidRequestDto> list = identityRoleValidRequestService.findAllValid();
    for (IdmIdentityRoleValidRequestDto request : list) {
        identityRoleValidRequestService.delete(request);
    }
    List<IdmIdentityDto> identities = new ArrayList<>();
    for (int index = 0; index < MAX_CREATE; index++) {
        IdmIdentityDto identity = createAndSaveIdentity();
        IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
        // provisioning is not executed, role isn't valid from now
        createAndSaveIdentityRole(identityContract, role, null, validFrom);
        identities.add(identity);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    validFrom = validFrom.minusDays(15);
    for (IdmIdentityDto identity : identities) {
        List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
        assertEquals(1, roles.size());
        IdmIdentityRole identityRole = roles.get(0);
        identityRole.setValidFrom(validFrom);
        identityRoleRepository.save(identityRole);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(MAX_CREATE, list.size());
    IdentityRoleValidRequestTaskExecutor taskExecutor = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask = longRunningTaskManager.execute(taskExecutor);
    assertEquals(true, futureTask.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask = longRunningTaskService.get(taskExecutor.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask.getResult().getState());
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    for (IdmIdentityDto identity : identities) {
        AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
        filter.setIdentityId(identity.getId());
        List<AccIdentityAccountDto> accountsList = identityAccountService.find(filter, null).getContent();
        assertEquals(false, accountsList.isEmpty());
        assertEquals(1, accountsList.size());
    }
}

Example 7 with IdmIdentityRole

use of eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method resolveIdentityAccounts.

@Override
public boolean resolveIdentityAccounts(IdmIdentityDto identity) {
    Assert.notNull(identity);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccountList = identityAccountService.find(filter, null).getContent();
    List<IdmIdentityRole> identityRoles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
    boolean provisioningRequired = false;
    if (CollectionUtils.isEmpty(identityRoles) && CollectionUtils.isEmpty(identityAccountList)) {
        // No roles and accounts ... we don't have anything to do
        return false;
    }
    List<AccIdentityAccountDto> identityAccountsToCreate = new ArrayList<>();
    List<AccIdentityAccountDto> identityAccountsToDelete = new ArrayList<>();
    // Is role valid in this moment
    resolveIdentityAccountForCreate(identity, identityAccountList, identityRoles, identityAccountsToCreate, identityAccountsToDelete);
    // Is role invalid in this moment
    resolveIdentityAccountForDelete(identityAccountList, identityRoles, identityAccountsToDelete);
    // Delete invalid identity accounts
    provisioningRequired = !identityAccountsToDelete.isEmpty() ? true : provisioningRequired;
    identityAccountsToDelete.forEach(identityAccount -> identityAccountService.deleteById(identityAccount.getId()));
    // Create new identity accounts
    provisioningRequired = !identityAccountsToCreate.isEmpty() ? true : provisioningRequired;
    identityAccountsToCreate.forEach(identityAccount -> identityAccountService.save(identityAccount));
    return provisioningRequired;
}

Example 8 with IdmIdentityRole

use of eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method resolveIdentityAccountForCreate.

/**
 * Resolve Identity account - to create
 *
 * @param identity
 * @param identityAccountList
 * @param identityRoles
 * @param identityAccountsToCreate
 * @param identityAccountsToDelete
 * @param resolvedRolesForCreate
 */
private void resolveIdentityAccountForCreate(IdmIdentityDto identity, List<AccIdentityAccountDto> identityAccountList, List<IdmIdentityRole> identityRoles, List<AccIdentityAccountDto> identityAccountsToCreate, List<AccIdentityAccountDto> identityAccountsToDelete) {
    // Is role valid in this moment
    identityRoles.stream().filter(identityRole -> {
        return identityRole.isValid();
    }).forEach(identityRole -> {
        IdmRole role = identityRole.getRole();
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(role.getId());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        roleSystems.stream().filter(roleSystem -> {
            // Filter out identity-accounts for same role-system, account (by UID)
            return !identityAccountList.stream().filter(identityAccount -> {
                if (roleSystem.getId().equals(identityAccount.getRoleSystem())) {
                    // Has identity account same uid as account?
                    String uid = generateUID(identity, roleSystem);
                    AccAccountDto account = AccIdentityAccountService.getEmbeddedAccount(identityAccount);
                    if (!uid.equals(account.getUid())) {
                        // We found identityAccount for same identity and roleSystem, but this
                        // identityAccount
                        // is link to Account with different UID. It's probably means definition of UID
                        // (transformation)\
                        // on roleSystem was changed. We have to delete this identityAccount.
                        identityAccountsToDelete.add(identityAccount);
                    }
                }
                return false;
            }).findFirst().isPresent();
        }).forEach(roleSystem -> {
            // For this system we have to create new account
            UUID accountId = createAccountByRoleSystem(identity, roleSystem, identityAccountsToCreate);
            if (accountId == null) {
                return;
            }
            // TODO: find the better place for this check
            if (identityAccountList.stream().filter(identityAccount -> {
                return identityAccount.getAccount().equals(accountId) && identityRole.getId().equals(identityAccount.getIdentityRole()) && roleSystem.getId().equals(identityAccount.getRoleSystem());
            }).count() == 0) {
                AccIdentityAccountDto identityAccount = new AccIdentityAccountDto();
                identityAccount.setAccount(accountId);
                identityAccount.setIdentity(identity.getId());
                identityAccount.setIdentityRole(identityRole.getId());
                identityAccount.setRoleSystem(roleSystem.getId());
                // TODO: Add flag ownership to SystemRole and set here.
                identityAccount.setOwnership(true);
                identityAccountsToCreate.add(identityAccount);
            }
        });
    });
}

Example 9 with IdmIdentityRole

use of eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole in project CzechIdMng by bcvsolutions.

the class ModelMapperConfig method modelMapper.

@SuppressWarnings("unchecked")
@Bean
public ModelMapper modelMapper() {
    ModelMapper modeler = new ModelMapper();
    // We want use STRICT matching strategy ... others can be ambiguous
    modeler.getConfiguration().setMatchingStrategy(MatchingStrategies.STRICT);
    // Convert BaseEntity to UIID (get ID)
    Converter<? extends BaseEntity, UUID> entityToUiid = new EntityToUuidConverter(modeler, applicationContext);
    // Convert UIID to Entity
    Converter<UUID, ? extends BaseEntity> uiidToEntity = new UuidToEntityConverter(applicationContext);
    // This converter must be set for only one purpose... workaround fixed
    // error in ModelMapper.
    // When is in DTO field (applicant for example) with type UUID (with
    // conversion to IdmIdentity) and other UUID field (for example
    // modifierId), but with same value as first field, then mapper will be
    // set converted value from first field (applicant) to second field (IdmIdentity to UUID) ->
    // Class cast exception will be throw.
    // + Additionally this converter allows load DTO (by UUID) and put him to embedded map.
    Converter<UUID, UUID> uuidToUiid = new UuidToUuidConverter(applicationContext);
    modeler.createTypeMap(UUID.class, UUID.class).setConverter(uuidToUiid);
    // Converter for resolve problem with 0x00 character in Postgress.
    modeler.createTypeMap(String.class, String.class).setConverter(new StringToStringConverter());
    // Converter OperationResult for resolve problem with 0x00 character in Postgress.
    modeler.createTypeMap(OperationResult.class, OperationResult.class).setConverter(new OperationResultConverter(modeler));
    // Condition for property ... if is property list and dto is trimmed,
    // then will be not used (set null)
    // or if is property list and have parent dto, then will be to set null
    // (only two levels are allowed).
    Condition<Object, Object> trimmListCondition = new Condition<Object, Object>() {

        @Override
        public boolean applies(MappingContext<Object, Object> context) {
            if (List.class.isAssignableFrom(context.getDestinationType())) {
                MappingContext<?, ?> parentContext = context.getParent();
                MappingContext<?, ?> superContext = parentContext != null ? parentContext.getParent() : null;
                if (superContext != null) {
                    if (parentContext != null && parentContext.getDestination() instanceof AbstractDto) {
                        ((AbstractDto) parentContext.getDestination()).setTrimmed(true);
                    }
                    return false;
                }
                if (parentContext != null && parentContext.getDestination() instanceof AbstractDto && ((AbstractDto) parentContext.getDestination()).isTrimmed()) {
                    return false;
                }
            }
            return true;
        }
    };
    modeler.getConfiguration().setPropertyCondition(trimmListCondition);
    // entity to uiid converters will be set for all entities
    entityManager.getMetamodel().getEntities().forEach(entityType -> {
        if (entityType.getJavaType() == null) {
            return;
        }
        @SuppressWarnings("rawtypes") TypeMap typeMapEntityToUiid = modeler.createTypeMap(entityType.getJavaType(), UUID.class);
        typeMapEntityToUiid.setConverter(entityToUiid);
        @SuppressWarnings("rawtypes") TypeMap typeMapUiidToEntity = modeler.createTypeMap(UUID.class, entityType.getJavaType());
        typeMapUiidToEntity.setConverter(uiidToEntity);
    });
    // configure default type map for entities
    // this behavior must be placed in this class, not in toDto methods (getEmbedded use mapper for map entity to dto)
    // identity role and backward compatibility with automatic role
    TypeMap<IdmIdentityRole, IdmIdentityRoleDto> typeMapIdentityRole = modeler.getTypeMap(IdmIdentityRole.class, IdmIdentityRoleDto.class);
    if (typeMapIdentityRole == null) {
        modeler.createTypeMap(IdmIdentityRole.class, IdmIdentityRoleDto.class);
        typeMapIdentityRole = modeler.getTypeMap(IdmIdentityRole.class, IdmIdentityRoleDto.class);
        typeMapIdentityRole.addMappings(new PropertyMap<IdmIdentityRole, IdmIdentityRoleDto>() {

            @Override
            protected void configure() {
                this.skip().setAutomaticRole(this.source.getAutomaticRole() != null);
            }
        });
    }
    // concept role request and automatic role backward compatibility
    TypeMap<IdmConceptRoleRequest, IdmConceptRoleRequestDto> typeMapRoleConcept = modeler.getTypeMap(IdmConceptRoleRequest.class, IdmConceptRoleRequestDto.class);
    if (typeMapRoleConcept == null) {
        modeler.createTypeMap(IdmConceptRoleRequest.class, IdmConceptRoleRequestDto.class);
        typeMapRoleConcept = modeler.getTypeMap(IdmConceptRoleRequest.class, IdmConceptRoleRequestDto.class);
        typeMapRoleConcept.addMappings(new PropertyMap<IdmConceptRoleRequest, IdmConceptRoleRequestDto>() {

            @Override
            protected void configure() {
                this.skip().setAutomaticRole(null);
            }
        });
    }
    return modeler;
}