use of com.tremolosecurity.provisioning.objects.Escalation in project OpenUnison by TremoloSecurity.
the class Approver method updateAllowedApprovals.
public boolean updateAllowedApprovals(Session session, ConfigManager cfg, Map<String, Object> request) throws ProvisioningException, SQLException {
boolean updateObj = false;
boolean localFail = false;
Approvals approvalObj = session.load(Approvals.class, this.id);
if (!this.failed && this.escalationRules != null && !this.escalationRules.isEmpty()) {
boolean continueLooking = true;
for (EscalationRule rule : this.escalationRules) {
if (!rule.isCompleted() && continueLooking) {
RunOptions res = rule.shouldExecute(this.getWorkflow().getUser());
switch(res) {
case notReadyYet:
continueLooking = false;
break;
case run:
continueLooking = false;
this.azRules.clear();
this.azRules.addAll(rule.getAzRules());
this.approvers = new ArrayList<Approver>();
for (AzRule azr : this.azRules) {
Approver approver = new Approver();
if (azr.getScope() == ScopeType.Filter) {
approver.type = ApproverType.Filter;
} else if (azr.getScope() == ScopeType.Group) {
approver.type = ApproverType.StaticGroup;
} else if (azr.getScope() == ScopeType.DN) {
approver.type = ApproverType.DN;
} else if (azr.getScope() == ScopeType.DynamicGroup) {
approver.type = ApproverType.DynamicGroup;
} else if (azr.getScope() == ScopeType.Custom) {
approver.type = ApproverType.Custom;
approver.customAz = azr.getCustomAuthorization();
}
approver.constraint = azr.getConstraint();
setupCustomParameters(approver);
this.approvers.add(approver);
}
if (this.approvers.size() == 0 && this.failOnNoAZ) {
this.azRules = this.failureAzRules;
this.approvers = new ArrayList<Approver>();
for (AzRule azr : this.azRules) {
Approver approver = new Approver();
if (azr.getScope() == ScopeType.Filter) {
approver.type = ApproverType.Filter;
} else if (azr.getScope() == ScopeType.Group) {
approver.type = ApproverType.StaticGroup;
} else if (azr.getScope() == ScopeType.DN) {
approver.type = ApproverType.DN;
} else if (azr.getScope() == ScopeType.DynamicGroup) {
approver.type = ApproverType.DynamicGroup;
} else if (azr.getScope() == ScopeType.Custom) {
approver.type = ApproverType.Custom;
approver.customAz = azr.getCustomAuthorization();
approver.params = azr.getCustomParameters();
}
approver.constraint = azr.getConstraint();
this.approvers.add(approver);
}
}
updateObj = true;
rule.setCompleted(true);
Escalation escalation = new Escalation();
escalation.setApprovals(approvalObj);
escalation.setWhenTs(new Timestamp(new DateTime().getMillis()));
session.save(escalation);
break;
case stopEscalating:
continueLooking = false;
localFail = true;
updateObj = true;
break;
}
}
}
}
boolean foundApprovers = false;
Approvals approval = session.load(Approvals.class, this.id);
if (!session.isJoinedToTransaction()) {
session.beginTransaction();
}
for (Approver approver : this.approvers) {
String constraintRendered = this.renderTemplate(approver.constraint, request);
String[] localParams = null;
localParams = renderCustomParameters(request, approver, localParams);
switch(approver.type) {
case StaticGroup:
foundApprovers |= AzUtils.loadStaticGroupApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case Filter:
foundApprovers |= AzUtils.loadFilterApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case DN:
foundApprovers |= AzUtils.loadDNApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case Custom:
foundApprovers |= AzUtils.loadCustomApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false, approver.customAz, localParams);
break;
}
}
if (!this.failed && (!foundApprovers || localFail)) {
if (this.failOnNoAZ) {
this.azRules = this.failureAzRules;
this.approvers = new ArrayList<Approver>();
for (AzRule azr : this.azRules) {
Approver approver = new Approver();
if (azr.getScope() == ScopeType.Filter) {
approver.type = ApproverType.Filter;
} else if (azr.getScope() == ScopeType.Group) {
approver.type = ApproverType.StaticGroup;
} else if (azr.getScope() == ScopeType.DN) {
approver.type = ApproverType.DN;
} else if (azr.getScope() == ScopeType.DynamicGroup) {
approver.type = ApproverType.DynamicGroup;
} else if (azr.getScope() == ScopeType.Custom) {
approver.type = ApproverType.Custom;
approver.customAz = azr.getCustomAuthorization();
approver.params = azr.getCustomParameters();
}
approver.constraint = azr.getConstraint();
this.approvers.add(approver);
}
}
for (Approver approver : this.approvers) {
String constraintRendered = this.renderTemplate(approver.constraint, request);
String[] localParams = null;
localParams = renderCustomParameters(request, approver, localParams);
switch(approver.type) {
case StaticGroup:
AzUtils.loadStaticGroupApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case Filter:
AzUtils.loadFilterApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case DN:
AzUtils.loadDNApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false);
break;
case Custom:
AzUtils.loadCustomApprovers(approval, this.emailTemplate, cfg, session, id, constraintRendered, false, approver.customAz, localParams);
break;
}
}
this.failed = true;
}
return updateObj;
}
Aggregations