Example 1 with AttributeMapping
use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method prepareMappedAttributesValues.
/**
* Prepare all mapped attribute values (= account)
*
* @param dto
* @param operationType
* @param systemEntity
* @param attributes
* @return
*/
protected Map<ProvisioningAttributeDto, Object> prepareMappedAttributesValues(DTO dto, ProvisioningOperationType operationType, SysSystemEntityDto systemEntity, List<? extends AttributeMapping> attributes) {
AccAccountDto account = getAccountSystemEntity(systemEntity.getId());
String uid = systemEntity.getUid();
SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
Map<ProvisioningAttributeDto, Object> accountAttributes = new HashMap<>();
// delete - account attributes is not needed
if (ProvisioningOperationType.DELETE == operationType) {
return accountAttributes;
}
// First we will resolve attribute without MERGE strategy
attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && AttributeMappingStrategyType.AUTHORITATIVE_MERGE != attribute.getStrategyType() && AttributeMappingStrategyType.MERGE != attribute.getStrategyType();
}).forEach(attribute -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
if (attribute.isUid()) {
// TODO: now we set UID from SystemEntity, may be UID from
// AccAccount will be more correct
Object uidValue = getAttributeValue(uid, dto, attribute);
if (uidValue == null) {
throw new ProvisioningException(AccResultCode.PROVISIONING_GENERATED_UID_IS_NULL, ImmutableMap.of("system", system.getName()));
}
if (!(uidValue instanceof String)) {
throw new ProvisioningException(AccResultCode.PROVISIONING_ATTRIBUTE_UID_IS_NOT_STRING, ImmutableMap.of("uid", uidValue, "system", system.getName()));
}
updateAccountUid(account, uid, (String) uidValue);
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), uidValue);
} else {
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), getAttributeValue(uid, dto, attribute));
}
});
// Second we will resolve MERGE attributes
List<? extends AttributeMapping> attributesMerge = attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && (AttributeMappingStrategyType.AUTHORITATIVE_MERGE == attribute.getStrategyType() || AttributeMappingStrategyType.MERGE == attribute.getStrategyType());
}).collect(Collectors.toList());
for (AttributeMapping attributeParent : attributesMerge) {
SysSchemaAttributeDto schemaAttributeParent = getSchemaAttribute(attributeParent);
ProvisioningAttributeDto attributeParentKey = ProvisioningAttributeDto.createProvisioningAttributeKey(attributeParent, schemaAttributeParent.getName());
if (!schemaAttributeParent.isMultivalued()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_MERGE_ATTRIBUTE_IS_NOT_MULTIVALUE, ImmutableMap.of("object", uid, "attribute", schemaAttributeParent.getName(), "system", system.getName()));
}
// we use SET collection because we want collection of merged values without duplicates
Set<Object> mergedValues = new LinkedHashSet<>();
attributes.stream().filter(attribute -> {
SysSchemaAttributeDto schemaAttribute = getSchemaAttribute(attribute);
return !accountAttributes.containsKey(attributeParentKey) && schemaAttributeParent.equals(schemaAttribute) && attributeParent.getStrategyType() == attribute.getStrategyType();
}).forEach(attribute -> {
Object value = getAttributeValue(uid, dto, attribute);
// provisioning in IC)
if (value != null) {
// main list!
if (value instanceof Collection) {
Collection<?> collectionNotNull = ((Collection<?>) value).stream().filter(item -> {
return item != null;
}).collect(Collectors.toList());
mergedValues.addAll(collectionNotNull);
} else {
mergedValues.add(value);
}
}
});
if (!accountAttributes.containsKey(attributeParentKey)) {
// we must put merged values as array list
accountAttributes.put(attributeParentKey, new ArrayList<>(mergedValues));
}
}
return accountAttributes;
}
Also used :
ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemEntity_(eu.bcvsolutions.idm.acc.entity.SysSystemEntity_)
Map(java.util.Map)
ProvisioningEntityExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningEntityExecutor)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
Set(java.util.Set)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
List(java.util.List)
EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
Optional(java.util.Optional)
IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent)
AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
HashMap(java.util.HashMap)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ImmutableList(com.google.common.collect.ImmutableList)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
ProvisioningOperationType(eu.bcvsolutions.idm.acc.domain.ProvisioningOperationType)
LinkedHashSet(java.util.LinkedHashSet)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable)
SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
IcConnectorKey(eu.bcvsolutions.idm.ic.api.IcConnectorKey)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
AccAccount_(eu.bcvsolutions.idm.acc.entity.AccAccount_)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService)
Collections(java.util.Collections)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Assert(org.springframework.util.Assert)
LinkedHashSet(java.util.LinkedHashSet)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
Collection(java.util.Collection)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Example 2 with AttributeMapping
use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemAttributeMappingService method getAttributeValue.
/**
* Find value for this mapped attribute by property name. Returned value can be list of objects. Returns transformed value.
*
* @param uid - Account identifier
* @param entity
* @param attributeHandling
* @param idmValue
* @return
* @throws IntrospectionException
* @throws IllegalAccessException
* @throws InvocationTargetException
*/
@Override
public Object getAttributeValue(String uid, AbstractDto entity, AttributeMapping attributeHandling) {
Object idmValue = null;
//
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attributeHandling);
//
if (attributeHandling.isExtendedAttribute() && entity != null && formService.isFormable(entity.getClass())) {
List<IdmFormValueDto> formValues = formService.getValues(entity, attributeHandling.getIdmPropertyName());
if (formValues.isEmpty()) {
idmValue = null;
} else if (schemaAttributeDto.isMultivalued()) {
// Multiple value extended attribute
List<Object> values = new ArrayList<>();
formValues.stream().forEachOrdered(formValue -> {
values.add(formValue.getValue());
});
idmValue = values;
} else {
// Single value extended attribute
IdmFormValueDto formValue = formValues.get(0);
if (formValue.isConfidential()) {
Object confidentialValue = formService.getConfidentialPersistentValue(formValue);
// If is confidential value String and schema attribute is GuardedString type, then convert to GuardedString will be did.
if (confidentialValue instanceof String && schemaAttributeDto.getClassType().equals(GuardedString.class.getName())) {
idmValue = new GuardedString((String) confidentialValue);
} else {
idmValue = confidentialValue;
}
} else {
idmValue = formValue.getValue();
}
}
} else // Find value from entity
if (attributeHandling.isEntityAttribute()) {
if (attributeHandling.isConfidentialAttribute()) {
// If is attribute isConfidential, then we will find value in
// secured storage
idmValue = confidentialStorage.getGuardedString(entity.getId(), entity.getClass(), attributeHandling.getIdmPropertyName());
} else {
try {
// We will search value directly in entity by property name
idmValue = EntityUtils.getEntityValue(entity, attributeHandling.getIdmPropertyName());
} catch (IntrospectionException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | ProvisioningException o_O) {
throw new ProvisioningException(AccResultCode.PROVISIONING_IDM_FIELD_NOT_FOUND, ImmutableMap.of("property", attributeHandling.getIdmPropertyName(), "entityType", entity.getClass()), o_O);
}
}
} else {
// If Attribute value is not in entity nor in extended attribute, then idmValue is null.
// It means attribute is static ... we will call transformation to resource.
}
return this.transformValueToResource(uid, idmValue, attributeHandling, entity);
}
Also used :
IdmScriptCategory(eu.bcvsolutions.idm.core.api.domain.IdmScriptCategory)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSystemAttributeMappingRepository(eu.bcvsolutions.idm.acc.repository.SysSystemAttributeMappingRepository)
FormPropertyManager(eu.bcvsolutions.idm.acc.service.api.FormPropertyManager)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
PluginRegistry(org.springframework.plugin.core.PluginRegistry)
Autowired(org.springframework.beans.factory.annotation.Autowired)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
GroovyScriptService(eu.bcvsolutions.idm.core.api.service.GroovyScriptService)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
Pageable(org.springframework.data.domain.Pageable)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
Collectors(java.util.stream.Collectors)
IntrospectionException(java.beans.IntrospectionException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
SysSyncConfigRepository(eu.bcvsolutions.idm.acc.repository.SysSyncConfigRepository)
List(java.util.List)
SysRoleSystemAttributeRepository(eu.bcvsolutions.idm.acc.repository.SysRoleSystemAttributeRepository)
Optional(java.util.Optional)
Identifiable(eu.bcvsolutions.idm.core.api.domain.Identifiable)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
OrderAwarePluginRegistry(org.springframework.plugin.core.OrderAwarePluginRegistry)
IcPasswordAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcPasswordAttributeImpl)
HashMap(java.util.HashMap)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ConfidentialStorage(eu.bcvsolutions.idm.core.api.service.ConfidentialStorage)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
Service(org.springframework.stereotype.Service)
EntityUtils(eu.bcvsolutions.idm.core.api.utils.EntityUtils)
AbstractReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadWriteDtoService)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
AbstractScriptEvaluator(eu.bcvsolutions.idm.core.script.evaluator.AbstractScriptEvaluator)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
StringUtils(org.springframework.util.StringUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
List(java.util.List)
ArrayList(java.util.ArrayList)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
Example 3 with AttributeMapping
use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method process.
@Override
public AbstractSysSyncConfigDto process(UUID synchronizationConfigId) {
// Clear cache
idmCacheManager.evictCache(CACHE_NAME);
SysSyncLogDto log = new SysSyncLogDto();
// Create basic synchronization log
log.setSynchronizationConfig(synchronizationConfigId);
log.setStarted(ZonedDateTime.now());
try {
// Validate and create basic context
SynchronizationContext context = this.validate(synchronizationConfigId);
AbstractSysSyncConfigDto config = context.getConfig();
SystemEntityType entityType = context.getEntityType();
SysSystemDto system = context.getSystem();
IcConnectorConfiguration connectorConfig = context.getConnectorConfig();
SysSystemMappingDto systemMapping = systemMappingService.get(config.getSystemMapping());
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(systemMapping.getObjectClass());
IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
// Load last token
String lastToken = config.isReconciliation() ? null : config.getToken();
IcSyncToken lastIcToken = Strings.isNullOrEmpty(lastToken) ? null : new IcSyncTokenImpl(lastToken);
log.setToken(lastToken != null ? lastToken : null);
log.setRunning(true);
log = syncStarted(log, context);
// List of all accounts keys (used in reconciliation)
Set<String> systemAccountsList = new HashSet<>();
longRunningTaskExecutor.setCounter(0L);
log = synchronizationLogService.save(log);
List<SysSyncActionLogDto> actionsLog = new ArrayList<>();
// add logs to context
context.addLog(log).addActionLogs(actionsLog);
// Is differential sync enabled?
if (config.isDifferentialSync()) {
log.addToLog("Synchronization is running as differential (entities will be updated only if least one attribute was changed).");
}
if (config.isCustomFilter() || config.isReconciliation()) {
// Custom filter Sync
log.addToLog("Synchronization will use custom filter (not synchronization implemented in connector).");
AttributeMapping tokenAttribute = null;
if (config.getTokenAttribute() != null) {
tokenAttribute = systemAttributeMappingService.get(config.getTokenAttribute());
}
if (tokenAttribute == null && !config.isReconciliation()) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TOKEN_ATTRIBUTE_NOT_FOUND);
}
context.addTokenAttribute(tokenAttribute);
// Resolve filter for custom search
IcFilter filter = resolveSynchronizationFilter(config);
log.addToLog(MessageFormat.format("Start search with filter [{0}].", filter != null ? filter : "NONE"));
connectorFacade.search(systemService.getConnectorInstance(system), connectorConfig, objectClass, filter, new DefaultResultHandler(context, systemAccountsList));
} else {
// Inner Sync
log.addToLog("Synchronization will use inner connector synchronization implementation.");
DefalutSyncResultHandler syncResultsHandler = new DefalutSyncResultHandler(context, systemAccountsList);
connectorFacade.synchronization(systemService.getConnectorInstance(system), connectorConfig, objectClass, lastIcToken, syncResultsHandler);
}
// We do reconciliation (find missing account)
if (config.isReconciliation() && log.isRunning()) {
startReconciliation(entityType, systemAccountsList, config, system, log, actionsLog);
}
// Sync is correctly ends if wasn't cancelled
if (log.isRunning()) {
log = syncCorrectlyEnded(log, context);
}
return synchronizationConfigService.save(config);
} catch (Exception e) {
String message = "Error during synchronization";
log.addToLog(message);
log.setContainsError(true);
log.addToLog(Throwables.getStackTraceAsString(e));
throw e;
} finally {
syncEnd(log, syncContext);
log.setRunning(false);
log.setEnded(ZonedDateTime.now());
synchronizationLogService.save(log);
//
longRunningTaskExecutor.setCount(longRunningTaskExecutor.getCounter());
longRunningTaskExecutor.updateState();
// Clear cache
idmCacheManager.evictCache(CACHE_NAME);
}
}
Also used :
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
IcSyncToken(eu.bcvsolutions.idm.ic.api.IcSyncToken)
ArrayList(java.util.ArrayList)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
IntrospectionException(java.beans.IntrospectionException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto)
AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)
SynchronizationContext(eu.bcvsolutions.idm.acc.domain.SynchronizationContext)
IcSyncTokenImpl(eu.bcvsolutions.idm.ic.impl.IcSyncTokenImpl)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)
IcFilter(eu.bcvsolutions.idm.ic.filter.api.IcFilter)
HashSet(java.util.HashSet)
Example 4 with AttributeMapping
use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method handleIcObject.
/**
* Handle IC connector object
*
* @param itemContext
* @return
*/
protected boolean handleIcObject(SynchronizationContext itemContext) {
Assert.notNull(itemContext, "Item context is required.");
IcConnectorObject icObject = itemContext.getIcObject();
AbstractSysSyncConfigDto config = itemContext.getConfig();
SysSyncLogDto log = itemContext.getLog();
AttributeMapping tokenAttribute = itemContext.getTokenAttribute();
SysSyncItemLogDto itemLog = new SysSyncItemLogDto();
// Synchronization by custom filter not supported DELETE
// event
IcSyncDeltaTypeEnum type = IcSyncDeltaTypeEnum.CREATE_OR_UPDATE;
itemContext.addLogItem(itemLog).addType(type);
// Find token by token attribute
// For Reconciliation can be token attribute null
Object tokenObj = null;
if (tokenAttribute != null) {
tokenObj = getValueByMappedAttribute(tokenAttribute, icObject.getAttributes(), itemContext);
}
// Token is saved in Sync as String, therefore we transform token (from
// IcObject) to String too.
String token = tokenObj != null ? tokenObj.toString() : null;
// grater token to config and log.
if (token != null && config.getToken() != null && token.compareTo(config.getToken()) <= -1) {
token = config.getToken();
}
// Save token
log.setToken(token);
if (!config.isReconciliation()) {
config.setToken(token);
}
boolean result = startItemSynchronization(itemContext);
// sync or LRT)
return updateAndCheckState(result, log);
}
Also used :
AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)
IcSyncDeltaTypeEnum(eu.bcvsolutions.idm.ic.impl.IcSyncDeltaTypeEnum)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)
Example 5 with AttributeMapping
use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method resolveSynchronizationFilter.
/**
* Compile filter for search from filter attribute and filter script
*
* @param config
* @return
*/
protected IcFilter resolveSynchronizationFilter(AbstractSysSyncConfigDto config) {
// If is reconciliation, then is filter null
if (config.isReconciliation()) {
return null;
}
IcFilter filter = null;
AttributeMapping filterAttributeMapping = null;
if (config.getFilterAttribute() != null) {
filterAttributeMapping = systemAttributeMappingService.get(config.getFilterAttribute());
}
String configToken = config.getToken();
String filterScript = config.getCustomFilterScript();
if (filterAttributeMapping == null && configToken == null && StringUtils.isEmpty(filterScript)) {
return null;
}
if (filterAttributeMapping != null) {
Object transformedValue = systemAttributeMappingService.transformValueToResource(null, configToken, filterAttributeMapping, config);
if (transformedValue != null) {
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.get(filterAttributeMapping.getSchemaAttribute());
IcAttributeImpl filterAttribute = new IcAttributeImpl(schemaAttributeDto.getName(), transformedValue);
switch(config.getFilterOperation()) {
case GREATER_THAN:
filter = IcFilterBuilder.greaterThan(filterAttribute);
break;
case LESS_THAN:
filter = IcFilterBuilder.lessThan(filterAttribute);
break;
case EQUAL_TO:
filter = IcFilterBuilder.equalTo(filterAttribute);
break;
case CONTAINS:
filter = IcFilterBuilder.contains(filterAttribute);
break;
case ENDS_WITH:
filter = IcFilterBuilder.endsWith(filterAttribute);
break;
case STARTS_WITH:
filter = IcFilterBuilder.startsWith(filterAttribute);
break;
}
}
}
if (StringUtils.hasLength(filterScript)) {
Map<String, Object> variables = new HashMap<>();
variables.put("filter", filter);
variables.put("token", configToken);
IcFilterOperationType[] values = IcFilterOperationType.values();
List<Class<?>> allowTypes = new ArrayList<>(values.length + 6);
// Allow all IC filter operator
for (IcFilterOperationType operation : values) {
allowTypes.add(operation.getImplementation());
}
allowTypes.add(IcAndFilter.class);
allowTypes.add(IcOrFilter.class);
allowTypes.add(IcFilterBuilder.class);
allowTypes.add(IcAttributeImpl.class);
allowTypes.add(IcAttribute.class);
allowTypes.add(IcNotFilter.class);
Object filterObj = groovyScriptService.evaluate(filterScript, variables, allowTypes);
if (filterObj != null && !(filterObj instanceof IcFilter)) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_FILTER_VALUE_WRONG_TYPE, ImmutableMap.of("type", filterObj.getClass().getName()));
}
filter = (IcFilter) filterObj;
}
return filter;
}
Also used :
HashMap(java.util.HashMap)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
ArrayList(java.util.ArrayList)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
IcFilterOperationType(eu.bcvsolutions.idm.ic.domain.IcFilterOperationType)
IcFilter(eu.bcvsolutions.idm.ic.filter.api.IcFilter)
Aggregations
AttributeMapping (eu.bcvsolutions.idm.acc.domain.AttributeMapping)26
SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)20
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)20
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)20
ArrayList (java.util.ArrayList)20
SysRoleSystemAttributeDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)18
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)17
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)17
ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)17
SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)16
SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)16
SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16
AttributeMappingStrategyType (eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)15
SystemOperationType (eu.bcvsolutions.idm.acc.domain.SystemOperationType)15
SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)15
SysSchemaAttributeService (eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)15
SysSystemAttributeMappingService (eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)15
SysSystemMappingService (eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)15
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)15
DtoUtils (eu.bcvsolutions.idm.core.api.utils.DtoUtils)15
