Example 1 with IdmIdentity_
use of eu.bcvsolutions.idm.core.model.entity.IdmIdentity_ in project CzechIdMng by bcvsolutions.
the class IdentityAnonymousUsernameGenerator method generate.
@Override
public IdmIdentityDto generate(IdmIdentityDto dto, IdmGenerateValueDto valueGenerator) {
Assert.notNull(dto, "DTO is required.");
Assert.notNull(valueGenerator, "Value generator is required.");
// if exists username and configuration doesn't allow regenerate return dto
if (!valueGenerator.isRegenerateValue() && StringUtils.isNotEmpty(dto.getUsername())) {
return dto;
}
// generator configuration
int numPartLen = getNumberPartLength(valueGenerator);
int numPartMax = calcMaxValueForLen(numPartLen);
String prefix = getPrefixString(valueGenerator);
// try to generate the new unique username within several attempts
int attepts = GENERATE_ATTEMPTS;
do {
int randomPartVal = generateNumberPart(numPartMax);
String username = createUsername(prefix, randomPartVal, numPartLen);
// find at the first attempt OK
if (!usernameInUse(username)) {
dto.setUsername(username);
return dto;
}
} while (--attepts != 0);
// unsuccessful with random generation -> search for empty number slots
String usernameRoot = createUsername(prefix, null, null);
IdmIdentityFilter identityFilt = new IdmIdentityFilter();
identityFilt.setText(usernameRoot);
Page<IdmIdentityDto> page = null;
int pageSize = SEARCH_PAGE_SIZE;
int pageNum = 0;
do {
page = identityService.find(identityFilt, PageRequest.of(pageNum, pageSize, Sort.by(IdmIdentity_.username.getName()).ascending()));
List<IdmIdentityDto> dtos = page.getContent();
List<String> usernameNumbers = dtos.stream().map(IdmIdentityDto::getUsername).filter(usernameFilterFactory(usernameRoot, numPartLen)).map(name -> name.replace(usernameRoot, "")).collect(Collectors.toList());
Integer newRandomPartVal = findEmptySlotFromRange(usernameNumbers, 0, usernameNumbers.size() - 1);
if (newRandomPartVal != null) {
String username = createUsername(prefix, newRandomPartVal, Integer.valueOf(numPartLen));
dto.setUsername(username);
return dto;
}
pageNum++;
} while (pageNum < page.getTotalPages());
// unable to find empty space by bisect? try min and max values which may still be missing
// first index
String username = createUsername(prefix, 0, numPartLen);
if (!usernameInUse(username)) {
dto.setUsername(username);
return dto;
}
// last index
username = createUsername(prefix, numPartMax, numPartLen);
if (!usernameInUse(username)) {
dto.setUsername(username);
return dto;
}
// it's over nothing remains to try
LOG.warn("The anonymous username generator reached the limit of the count of available numbers. Increase nuemric part length in the generator setting.");
throw new ResultCodeException(CoreResultCode.IDENTITY_UNABLE_GENERATE_UNIQUE_USERNAME);
}
Also used :
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Random(java.util.Random)
StringUtils(org.apache.commons.lang3.StringUtils)
PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType)
BigDecimal(java.math.BigDecimal)
IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Math(java.lang.Math)
Sort(org.springframework.data.domain.Sort)
AbstractValueGenerator(eu.bcvsolutions.idm.core.api.generator.AbstractValueGenerator)
Description(org.springframework.context.annotation.Description)
Predicate(java.util.function.Predicate)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
PageRequest(org.springframework.data.domain.PageRequest)
Page(org.springframework.data.domain.Page)
Collectors(java.util.stream.Collectors)
List(java.util.List)
Component(org.springframework.stereotype.Component)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
Pattern(java.util.regex.Pattern)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
IdmGenerateValueDto(eu.bcvsolutions.idm.core.api.dto.IdmGenerateValueDto)
Assert(org.springframework.util.Assert)
IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Example 2 with IdmIdentity_
use of eu.bcvsolutions.idm.core.model.entity.IdmIdentity_ in project CzechIdMng by bcvsolutions.
the class IdentityFilterTest method testCorrelableFilter.
/**
* Test find identity by all string fields
*/
@Test
public void testCorrelableFilter() {
IdmIdentityDto identity = getHelper().createIdentity();
identity.setTitleAfter(UUID.randomUUID().toString());
identity.setTitleBefore(UUID.randomUUID().toString());
identity.setDescription(UUID.randomUUID().toString());
identity.setExternalCode(UUID.randomUUID().toString());
identity.setExternalId(UUID.randomUUID().toString());
identity.setPhone(UUID.randomUUID().toString().substring(0, 29));
identity.setRealmId(UUID.randomUUID());
identity.setBlockLoginDate(ZonedDateTime.now());
IdmIdentityDto identityFull = identityService.save(identity);
ArrayList<Field> fields = Lists.newArrayList(IdmIdentity_.class.getFields());
IdmIdentityFilter filter = new IdmIdentityFilter();
fields.forEach(field -> {
filter.setProperty(field.getName());
try {
Object value = EntityUtils.getEntityValue(identityFull, field.getName());
if (value == null || !(value instanceof String)) {
return;
}
filter.setValue(value.toString());
List<IdmIdentityDto> identities = identityService.find(filter, null).getContent();
assertTrue(identities.contains(identityFull));
} catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException | IntrospectionException e) {
e.printStackTrace();
}
});
}
Also used :
IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)
IntrospectionException(java.beans.IntrospectionException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Field(java.lang.reflect.Field)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 3 with IdmIdentity_
use of eu.bcvsolutions.idm.core.model.entity.IdmIdentity_ in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeServiceIntegrationTest method testRemoveLastRuleRecount.
@Test
public void testRemoveLastRuleRecount() {
// start transaction
TransactionContextHolder.setContext(TransactionContextHolder.createEmptyContext());
UUID transactionId = TransactionContextHolder.getContext().getTransactionId();
//
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmRoleDto role = getHelper().createRole();
//
IdmAutomaticRoleAttributeDto automaticRole = getHelper().createAutomaticRole(role.getId());
//
IdmAutomaticRoleAttributeRuleDto automaticRoleRule = getHelper().createAutomaticRoleRule(automaticRole.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.username.getName(), null, identity.getUsername());
this.recalculateSync(automaticRole.getId());
//
List<IdmIdentityRoleDto> identityRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(1, identityRoles.size());
Assert.assertEquals(transactionId, identityRoles.get(0).getTransactionId());
//
automaticRoleAttributeRuleService.delete(automaticRoleRule);
identityRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertTrue(identityRoles.isEmpty());
//
this.recalculateSync(automaticRole.getId());
identityRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertTrue(identityRoles.isEmpty());
//
// check all LRT ended successfully
IdmLongRunningTaskFilter filter = new IdmLongRunningTaskFilter();
filter.setTransactionId(transactionId);
List<IdmLongRunningTaskDto> lrts = longRunningTaskManager.findLongRunningTasks(filter, null).getContent();
Assert.assertFalse(lrts.isEmpty());
Assert.assertTrue(lrts.stream().allMatch(lrt -> lrt.getResultState() == OperationState.EXECUTED));
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
ZonedDateTime(java.time.ZonedDateTime)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
IdmIdentityContract(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
BaseCodeList(eu.bcvsolutions.idm.core.eav.api.domain.BaseCodeList)
IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
ProcessAllAutomaticRoleByAttributeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAllAutomaticRoleByAttributeTaskExecutor)
AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
After(org.junit.After)
TransactionContextHolder(eu.bcvsolutions.idm.core.api.domain.TransactionContextHolder)
IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter)
Assert.fail(org.junit.Assert.fail)
Sort(org.springframework.data.domain.Sort)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
ContractState(eu.bcvsolutions.idm.core.api.domain.ContractState)
PageRequest(org.springframework.data.domain.PageRequest)
IdmFormProjectionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto)
UUID(java.util.UUID)
Instant(java.time.Instant)
IdentityState(eu.bcvsolutions.idm.core.api.domain.IdentityState)
ZoneId(java.time.ZoneId)
Serializable(java.io.Serializable)
List(java.util.List)
EventConfiguration(eu.bcvsolutions.idm.core.api.config.domain.EventConfiguration)
IdmEmailLogRepository(eu.bcvsolutions.idm.core.notification.repository.IdmEmailLogRepository)
Assert.assertFalse(org.junit.Assert.assertFalse)
ProcessAutomaticRoleByAttributeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAutomaticRoleByAttributeTaskExecutor)
LocalDate(java.time.LocalDate)
Identifiable(eu.bcvsolutions.idm.core.api.domain.Identifiable)
IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
AbstractIdmAutomaticRoleDto(eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
IdmNotificationLogRepository(eu.bcvsolutions.idm.core.notification.repository.IdmNotificationLogRepository)
ArrayList(java.util.ArrayList)
IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto)
PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType)
Lists(com.google.common.collect.Lists)
IdmFormProjectionService(eu.bcvsolutions.idm.core.eav.api.service.IdmFormProjectionService)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
BaseFaceType(eu.bcvsolutions.idm.core.eav.api.domain.BaseFaceType)
Direction(org.springframework.data.domain.Sort.Direction)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Before(org.junit.Before)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Assert.assertTrue(org.junit.Assert.assertTrue)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
Test(org.junit.Test)
IdmIdentityContract_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract_)
Assert.assertNotEquals(org.junit.Assert.assertNotEquals)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)
Assert.assertNull(org.junit.Assert.assertNull)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto)
Ignore(org.junit.Ignore)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
Assert(org.junit.Assert)
Assert.assertEquals(org.junit.Assert.assertEquals)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto)
IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter)
IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)
UUID(java.util.UUID)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 4 with IdmIdentity_
use of eu.bcvsolutions.idm.core.model.entity.IdmIdentity_ in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method notRightForExecuteImmediatelyExceptionTest.
@Test(expected = RoleRequestException.class)
public void notRightForExecuteImmediatelyExceptionTest() {
this.logout();
IdmIdentityDto identity = getHelper().createIdentity();
// Log as user without right for immediately execute role request (without
// approval)
Collection<GrantedAuthority> authorities = IdmAuthorityUtils.toAuthorities(moduleService.getAvailablePermissions()).stream().filter(authority -> {
return !CoreGroupPermission.AUTOMATIC_ROLE_REQUEST_ADMIN.equals(authority.getAuthority()) && !IdmGroupPermission.APP_ADMIN.equals(authority.getAuthority());
}).collect(Collectors.toList());
SecurityContextHolder.getContext().setAuthentication(new IdmJwtAuthentication(new IdmIdentityDto(identity.getUsername()), null, authorities, "test"));
IdmRoleDto role = prepareRole();
IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
request.setState(RequestState.EXECUTED);
request.setOperation(RequestOperationType.ADD);
request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
request.setExecuteImmediately(true);
request.setName(role.getCode());
request.setRole(role.getId());
request = roleRequestService.save(request);
Assert.assertEquals(RequestState.CONCEPT, request.getState());
IdmAutomaticRoleAttributeRuleRequestDto rule = new IdmAutomaticRoleAttributeRuleRequestDto();
rule.setRequest(request.getId());
rule.setOperation(RequestOperationType.ADD);
rule.setAttributeName(IdmIdentity_.username.getName());
rule.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule.setType(AutomaticRoleAttributeRuleType.IDENTITY);
rule.setValue("test");
rule = ruleRequestService.save(rule);
// We expect exception state (we don`t have right for execute without approval)
roleRequestService.startRequestInternal(request.getId(), true);
}
Also used :
RequestState(eu.bcvsolutions.idm.core.api.domain.RequestState)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)
AutomaticRoleManager(eu.bcvsolutions.idm.core.api.service.AutomaticRoleManager)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
After(org.junit.After)
WorkflowTaskInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowTaskInstanceService)
Assert.fail(org.junit.Assert.fail)
ModuleService(eu.bcvsolutions.idm.core.api.service.ModuleService)
SecurityContextHolder(org.springframework.security.core.context.SecurityContextHolder)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
RecursionType(eu.bcvsolutions.idm.core.api.domain.RecursionType)
IdmAutomaticRoleAttributeRuleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleRequestService)
Collection(java.util.Collection)
AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
List(java.util.List)
IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
RequestOperationType(eu.bcvsolutions.idm.core.api.domain.RequestOperationType)
IdmTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmTreeNodeService)
IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService)
IdmConfigurationService(eu.bcvsolutions.idm.core.api.service.IdmConfigurationService)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)
IdmAuthorityUtils(eu.bcvsolutions.idm.core.security.api.utils.IdmAuthorityUtils)
AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)
TestHelper(eu.bcvsolutions.idm.test.api.TestHelper)
WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)
AutomaticRoleRequestType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleRequestType)
Before(org.junit.Before)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
SchedulerConfiguration(eu.bcvsolutions.idm.core.scheduler.api.config.SchedulerConfiguration)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Test(org.junit.Test)
IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)
Assert(org.junit.Assert)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
IdmJwtAuthentication(eu.bcvsolutions.idm.core.security.api.domain.IdmJwtAuthentication)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)
Test(org.junit.Test)
Example 5 with IdmIdentity_
use of eu.bcvsolutions.idm.core.model.entity.IdmIdentity_ in project CzechIdMng by bcvsolutions.
the class CrossDomainAdUserConnectorTypeTest method testRoleInCrossDomainGroupProvisioningForAutomaticRole.
@Test
public void testRoleInCrossDomainGroupProvisioningForAutomaticRole() {
ConnectorType connectorType = connectorManager.getConnectorType(MockCrossDomainAdUserConnectorType.NAME);
SysSystemDto systemDto = initSystem(connectorType);
SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
filter.setSystemId(systemDto.getId());
filter.setName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(filter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto ldapGroupsAttribute = attributes.stream().findFirst().get();
// Creates cross-domain group.
SysSystemGroupDto groupSystemDto = new SysSystemGroupDto();
groupSystemDto.setCode(getHelper().createName());
groupSystemDto.setType(SystemGroupType.CROSS_DOMAIN);
groupSystemDto = systemGroupService.save(groupSystemDto);
SysSystemGroupSystemDto systemGroupSystemOne = new SysSystemGroupSystemDto();
systemGroupSystemOne.setSystemGroup(groupSystemDto.getId());
systemGroupSystemOne.setMergeAttribute(ldapGroupsAttribute.getId());
systemGroupSystemOne.setSystem(systemDto.getId());
systemGroupSystemService.save(systemGroupSystemOne);
// Creates the login role.
IdmRoleDto loginRole = helper.createRole();
helper.createRoleSystem(loginRole, systemDto);
// Creates no-login role.
IdmRoleDto noLoginRole = helper.createRole();
SysRoleSystemDto roleSystem = helper.createRoleSystem(noLoginRole, systemDto);
roleSystem.setCreateAccountByDefault(true);
roleSystemService.save(roleSystem);
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setIsInCrossDomainGroupRoleId(noLoginRole.getId());
roleSystemFilter.setCheckIfIsInCrossDomainGroup(Boolean.TRUE);
roleSystemFilter.setId(roleSystem.getId());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(0, roleSystemDtos.size());
// Creates overridden ldapGroup merge attribute.
createOverriddenLdapGroupAttribute(ldapGroupsAttribute, roleSystem);
// Role-system should be in cross-domain group now.
roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystemDto = roleSystemDtos.stream().findFirst().get();
assertTrue(roleSystemDto.isInCrossDomainGroup());
String automaticRoleValue = getHelper().createName();
IdmAutomaticRoleAttributeDto automaticRole = getHelper().createAutomaticRole(noLoginRole.getId());
getHelper().createAutomaticRoleRule(automaticRole.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.description.getName(), null, automaticRoleValue);
IdmIdentityDto identity = getHelper().createIdentity();
IdmIdentityContractDto contract = getHelper().getPrimeContract(identity.getId());
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setIdentityId(identity.getId());
identityRoleFilter.setRoleId(noLoginRole.getId());
assertEquals(0, identityRoleService.count(identityRoleFilter));
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setIdentityId(identity.getId());
identityAccountFilter.setSystemId(systemDto.getId());
assertEquals(0, identityAccountService.find(identityAccountFilter, null).getContent().size());
IdmRoleRequestDto roleRequestDto = getHelper().assignRoles(contract, false, loginRole);
assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
assertNotNull(roleRequestDto.getSystemState());
assertEquals(1, identityAccountService.find(identityAccountFilter, null).getContent().size());
// Check if provisioning NOT contains ldapGroups attribute with value ('ONE') from the role.
SysProvisioningOperationFilter provisioningOperationFilter = new SysProvisioningOperationFilter();
provisioningOperationFilter.setSystemId(systemDto.getId());
provisioningOperationFilter.setEntityType(SystemEntityType.IDENTITY);
provisioningOperationFilter.setEntityIdentifier(identity.getId());
List<SysProvisioningOperationDto> provisioningOperationDtos = provisioningOperationService.find(provisioningOperationFilter, null).getContent();
assertEquals(1, provisioningOperationDtos.size());
SysProvisioningOperationDto provisioningOperationDto = provisioningOperationDtos.stream().findFirst().get();
ProvisioningAttributeDto provisioningAttributeLdapGroupsDto = provisioningOperationDto.getProvisioningContext().getAccountObject().keySet().stream().filter(provisioningAtt -> MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE.equals(provisioningAtt.getSchemaAttributeName())).findFirst().get();
assertNotNull(provisioningAttributeLdapGroupsDto);
Object ldapGroupsValue = provisioningOperationDto.getProvisioningContext().getAccountObject().get(provisioningAttributeLdapGroupsDto);
assertEquals(0, ((List<?>) ldapGroupsValue).size());
// Delete old provisioning.
provisioningOperationService.delete(provisioningOperationDto);
// Assign automatic role.
identity.setDescription(automaticRoleValue);
identityService.save(identity);
// Check if provisioning contains ldapGroups attribute with value ('ONE') from the role.
provisioningOperationFilter = new SysProvisioningOperationFilter();
provisioningOperationFilter.setSystemId(systemDto.getId());
provisioningOperationFilter.setEntityType(SystemEntityType.IDENTITY);
provisioningOperationFilter.setEntityIdentifier(identity.getId());
provisioningOperationDtos = provisioningOperationService.find(provisioningOperationFilter, null).getContent();
// Two provisioning were made. First for save identity, second for assign automatic role.
assertEquals(2, provisioningOperationDtos.size());
provisioningOperationDto = provisioningOperationDtos.stream().max(Comparator.comparing(SysProvisioningOperationDto::getCreated)).get();
provisioningAttributeLdapGroupsDto = provisioningOperationDto.getProvisioningContext().getAccountObject().keySet().stream().filter(provisioningAtt -> MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE.equals(provisioningAtt.getSchemaAttributeName())).findFirst().get();
assertNotNull(provisioningAttributeLdapGroupsDto);
ldapGroupsValue = provisioningOperationDto.getProvisioningContext().getAccountObject().get(provisioningAttributeLdapGroupsDto);
assertEquals("ONE", ((List<?>) ldapGroupsValue).get(0));
assertEquals(1, identityRoleService.count(identityRoleFilter));
// Clean
provisioningOperationService.deleteOperations(systemDto.getId());
getHelper().deleteIdentity(identity.getId());
automaticRoleAttributeService.delete(automaticRole);
getHelper().deleteRole(noLoginRole.getId());
}
Also used :
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
GuardedString(org.identityconnectors.common.security.GuardedString)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
After(org.junit.After)
SecurityUtil(org.identityconnectors.common.security.SecurityUtil)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
StandardCharsets(java.nio.charset.StandardCharsets)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
ConnectorManager(eu.bcvsolutions.idm.acc.service.api.ConnectorManager)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Assert.assertFalse(org.junit.Assert.assertFalse)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
IcObjectClassInfo(eu.bcvsolutions.idm.ic.api.IcObjectClassInfo)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IcConfigurationProperty(eu.bcvsolutions.idm.ic.api.IcConfigurationProperty)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
ConnectorTypeDto(eu.bcvsolutions.idm.acc.dto.ConnectorTypeDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
IcAttributeInfo(eu.bcvsolutions.idm.ic.api.IcAttributeInfo)
Before(org.junit.Before)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Assert.assertTrue(org.junit.Assert.assertTrue)
RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState)
Test(org.junit.Test)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysSystemGroupService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupService)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SystemGroupType(eu.bcvsolutions.idm.acc.domain.SystemGroupType)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Assert.assertNull(org.junit.Assert.assertNull)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
TestHelper(eu.bcvsolutions.idm.acc.TestHelper)
Comparator(java.util.Comparator)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
Assert.assertEquals(org.junit.Assert.assertEquals)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
GuardedString(org.identityconnectors.common.security.GuardedString)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Aggregations
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)8
IdmIdentity_ (eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)8
List (java.util.List)7
Test (org.junit.Test)6
Autowired (org.springframework.beans.factory.annotation.Autowired)6
IdmIdentityService (eu.bcvsolutions.idm.core.api.service.IdmIdentityService)5
UUID (java.util.UUID)5
AutomaticRoleAttributeRuleComparison (eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)4
AutomaticRoleAttributeRuleType (eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)4
IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)4
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)4
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)4
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)4
IdmAutomaticRoleAttributeService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)4
IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)4
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)4
Assert (org.junit.Assert)4
Lists (com.google.common.collect.Lists)3
IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)3
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)3
