Examples with Role org.apache.syncope.core.persistence.api.entity.Role used on opensource projects

Example 1 with Role

use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.

the class JPARoleDAO method delete.

@Override
public void delete(final String key) {
    Role role = find(key);
    if (role == null) {
        return;
    }
    delete(role);
}

Example 2 with Role

use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.

the class JPARoleDAO method save.

@Override
public Role save(final Role role) {
    Role merged = entityManager().merge(role);
    // refresh dynamic memberships
    if (merged.getDynMembership() != null) {
        List<User> matching = searchDAO().search(SearchCondConverter.convert(merged.getDynMembership().getFIQLCond()), AnyTypeKind.USER);
        clearDynMembers(merged);
        matching.forEach((user) -> {
            Query insert = entityManager().createNativeQuery("INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)");
            insert.setParameter(1, user.getKey());
            insert.setParameter(2, merged.getKey());
            insert.executeUpdate();
            publisher.publishEvent(new AnyCreatedUpdatedEvent<>(this, user, AuthContextUtils.getDomain()));
        });
    }
    return merged;
}

Example 3 with Role

use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.

the class JPARoleDAO method refreshDynMemberships.

@Transactional
@Override
public void refreshDynMemberships(final User user) {
    findAll().stream().filter(role -> role.getDynMembership() != null).forEach(role -> {
        Query delete = entityManager().createNativeQuery("DELETE FROM " + DYNMEMB_TABLE + " WHERE role_id=? AND any_id=?");
        delete.setParameter(1, role.getKey());
        delete.setParameter(2, user.getKey());
        delete.executeUpdate();
        if (searchDAO().matches(user, SearchCondConverter.convert(role.getDynMembership().getFIQLCond()))) {
            Query insert = entityManager().createNativeQuery("INSERT INTO " + DYNMEMB_TABLE + " VALUES(?, ?)");
            insert.setParameter(1, user.getKey());
            insert.setParameter(2, role.getKey());
            insert.executeUpdate();
        }
    });
}

Example 4 with Role

use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.

the class JPAUserDAO method findDynRoles.

@Transactional(propagation = Propagation.REQUIRES_NEW, readOnly = true)
@Override
@SuppressWarnings("unchecked")
public List<Role> findDynRoles(final String key) {
    Query query = entityManager().createNativeQuery("SELECT role_id FROM " + JPARoleDAO.DYNMEMB_TABLE + " WHERE any_id=?");
    query.setParameter(1, key);
    List<Role> result = new ArrayList<>();
    query.getResultList().stream().map(resultKey -> resultKey instanceof Object[] ? (String) ((Object[]) resultKey)[0] : ((String) resultKey)).forEachOrdered(actualKey -> {
        Role role = roleDAO.find(actualKey.toString());
        if (role == null) {
            LOG.error("Could not find role with id {}, even though returned by the native query", actualKey);
        } else if (!result.contains(role)) {
            result.add(role);
        }
    });
    return result;
}

Example 5 with Role

use of org.apache.syncope.core.persistence.api.entity.Role in project syncope by apache.

the class UserDataBinderImpl method create.

@Override
public void create(final User user, final UserTO userTO, final boolean storePassword) {
    SyncopeClientCompositeException scce = SyncopeClientException.buildComposite();
    // set username
    user.setUsername(userTO.getUsername());
    // set password
    if (StringUtils.isBlank(userTO.getPassword()) || !storePassword) {
        LOG.debug("Password was not provided or not required to be stored");
    } else {
        setPassword(user, userTO.getPassword(), scce);
    }
    user.setMustChangePassword(userTO.isMustChangePassword());
    // security question / answer
    if (userTO.getSecurityQuestion() != null) {
        SecurityQuestion securityQuestion = securityQuestionDAO.find(userTO.getSecurityQuestion());
        if (securityQuestion != null) {
            user.setSecurityQuestion(securityQuestion);
        }
    }
    user.setSecurityAnswer(userTO.getSecurityAnswer());
    // roles
    userTO.getRoles().forEach(roleKey -> {
        Role role = roleDAO.find(roleKey);
        if (role == null) {
            LOG.warn("Ignoring unknown role with id {}", roleKey);
        } else {
            user.add(role);
        }
    });
    // realm
    Realm realm = realmDAO.findByFullPath(userTO.getRealm());
    if (realm == null) {
        SyncopeClientException noRealm = SyncopeClientException.build(ClientExceptionType.InvalidRealm);
        noRealm.getElements().add("Invalid or null realm specified: " + userTO.getRealm());
        scce.addException(noRealm);
    }
    user.setRealm(realm);
    AnyUtils anyUtils = anyUtilsFactory.getInstance(AnyTypeKind.USER);
    if (user.getRealm() != null) {
        // relationships
        userTO.getRelationships().forEach(relationshipTO -> {
            AnyObject otherEnd = anyObjectDAO.find(relationshipTO.getOtherEndKey());
            if (otherEnd == null) {
                LOG.debug("Ignoring invalid anyObject " + relationshipTO.getOtherEndKey());
            } else if (user.getRealm().getFullPath().startsWith(otherEnd.getRealm().getFullPath())) {
                RelationshipType relationshipType = relationshipTypeDAO.find(relationshipTO.getType());
                if (relationshipType == null) {
                    LOG.debug("Ignoring invalid relationship type {}", relationshipTO.getType());
                } else {
                    URelationship relationship = entityFactory.newEntity(URelationship.class);
                    relationship.setType(relationshipType);
                    relationship.setRightEnd(otherEnd);
                    relationship.setLeftEnd(user);
                    user.add(relationship);
                }
            } else {
                LOG.error("{} cannot be assigned to {}", otherEnd, user);
                SyncopeClientException unassignabled = SyncopeClientException.build(ClientExceptionType.InvalidRelationship);
                unassignabled.getElements().add("Cannot be assigned: " + otherEnd);
                scce.addException(unassignabled);
            }
        });
        // memberships
        userTO.getMemberships().forEach(membershipTO -> {
            Group group = membershipTO.getGroupKey() == null ? groupDAO.findByName(membershipTO.getGroupName()) : groupDAO.find(membershipTO.getGroupKey());
            if (group == null) {
                LOG.debug("Ignoring invalid group " + membershipTO.getGroupKey() + " / " + membershipTO.getGroupName());
            } else if (user.getRealm().getFullPath().startsWith(group.getRealm().getFullPath())) {
                UMembership membership = entityFactory.newEntity(UMembership.class);
                membership.setRightEnd(group);
                membership.setLeftEnd(user);
                user.add(membership);
                // membership attributes
                fill(user, membership, membershipTO, anyUtils, scce);
            } else {
                LOG.error("{} cannot be assigned to {}", group, user);
                SyncopeClientException unassignable = SyncopeClientException.build(ClientExceptionType.InvalidMembership);
                unassignable.getElements().add("Cannot be assigned: " + group);
                scce.addException(unassignable);
            }
        });
    }
    // attributes and resources
    fill(user, userTO, anyUtils, scce);
    // Throw composite exception if there is at least one element set in the composing exceptions
    if (scce.hasExceptions()) {
        throw scce;
    }
}