Examples with AttributeMapping eu.bcvsolutions.idm.acc.domain.AttributeMapping used on opensource projects

Example 11 with AttributeMapping

use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemAttributeMappingService method getAttributeValue.

/**
 * Find value for this mapped attribute by property name. Returned value can be list of objects. Returns transformed value.
 *
 * @param uid - Account identifier
 * @param entity
 * @param attributeHandling
 * @param idmValue
 * @return
 * @throws IntrospectionException
 * @throws IllegalAccessException
 * @throws InvocationTargetException
 */
@Override
public Object getAttributeValue(String uid, AbstractDto entity, AttributeMapping attributeHandling) {
    Object idmValue = null;
    // 
    SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attributeHandling);
    // 
    if (attributeHandling.isExtendedAttribute() && entity != null && formService.isFormable(entity.getClass())) {
        List<IdmFormValueDto> formValues = formService.getValues(entity, attributeHandling.getIdmPropertyName());
        if (formValues.isEmpty()) {
            idmValue = null;
        } else if (schemaAttributeDto.isMultivalued()) {
            // Multiple value extended attribute
            List<Object> values = new ArrayList<>();
            formValues.stream().forEachOrdered(formValue -> {
                values.add(formValue.getValue());
            });
            idmValue = values;
        } else {
            // Single value extended attribute
            IdmFormValueDto formValue = formValues.get(0);
            if (formValue.isConfidential()) {
                Object confidentialValue = formService.getConfidentialPersistentValue(formValue);
                // If is confidential value String and schema attribute is GuardedString type, then convert to GuardedString will be did.
                if (confidentialValue instanceof String && schemaAttributeDto.getClassType().equals(GuardedString.class.getName())) {
                    idmValue = new GuardedString((String) confidentialValue);
                } else {
                    idmValue = confidentialValue;
                }
            } else {
                idmValue = formValue.getValue();
            }
        }
    } else // Find value from entity
    if (attributeHandling.isEntityAttribute()) {
        if (attributeHandling.isConfidentialAttribute()) {
            // If is attribute isConfidential, then we will find value in
            // secured storage
            idmValue = confidentialStorage.getGuardedString(entity.getId(), entity.getClass(), attributeHandling.getIdmPropertyName());
        } else {
            try {
                // We will search value directly in entity by property name
                idmValue = EntityUtils.getEntityValue(entity, attributeHandling.getIdmPropertyName());
            } catch (IntrospectionException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | ProvisioningException o_O) {
                throw new ProvisioningException(AccResultCode.PROVISIONING_IDM_FIELD_NOT_FOUND, ImmutableMap.of("property", attributeHandling.getIdmPropertyName(), "entityType", entity.getClass()), o_O);
            }
        }
    } else {
    // If Attribute value is not in entity nor in extended attribute, then idmValue is null.
    // It means attribute is static ... we will call transformation to resource.
    }
    return this.transformValueToResource(uid, idmValue, attributeHandling, entity);
}

Example 12 with AttributeMapping

use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method doInternalProvisioning.

@Override
public void doInternalProvisioning(AccAccountDto account, DTO dto) {
    Assert.notNull(account);
    Assert.notNull(dto);
    // 
    ProvisioningOperationType operationType;
    SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
    SysSystemEntityDto systemEntity = getSystemEntity(account);
    SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
    String uid = account.getUid();
    // 
    if (systemEntity == null) {
        // prepare system entity - uid could be changed by provisioning, but
        // we need to link her with account
        // First we try find system entity with same uid.
        systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, entityType, uid);
        if (systemEntity == null) {
            systemEntity = new SysSystemEntityDto();
            systemEntity.setEntityType(entityType);
            systemEntity.setSystem(system.getId());
            systemEntity.setUid(uid);
            systemEntity.setWish(true);
            systemEntity = systemEntityService.save(systemEntity);
        }
        account.setSystemEntity(systemEntity.getId());
        account = accountService.save(account);
        // we wont create account, but after target system call can be
        // switched to UPDATE
        operationType = ProvisioningOperationType.CREATE;
    } else {
        // we wont update account, but after target system call can be
        // switched to CREATE
        operationType = ProvisioningOperationType.UPDATE;
    }
    List<AttributeMapping> finalAttributes = resolveMappedAttributes(account, dto, system, systemEntity.getEntityType());
    if (CollectionUtils.isEmpty(finalAttributes)) {
        // nothing to do - mapping is empty
        return;
    }
    doProvisioning(systemEntity, dto, dto.getId(), operationType, finalAttributes);
}

Example 13 with AttributeMapping

use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method compileAtributeForStrategy.

/**
 * Compile given attribute for strategy
 *
 * @param strategy
 * @param defaultAttribute
 * @param overloadingAttributes
 * @return
 */
protected List<AttributeMapping> compileAtributeForStrategy(AttributeMappingStrategyType strategy, AttributeMapping defaultAttribute, List<SysRoleSystemAttributeDto> overloadingAttributes) {
    List<AttributeMapping> finalAttributes = new ArrayList<>();
    List<SysRoleSystemAttributeDto> attributesOrdered = overloadingAttributes.stream().filter(roleSystemAttribute -> {
        // Search attribute override same schema attribute
        SysSystemAttributeMappingDto attributeMapping = systemAttributeMappingService.get(roleSystemAttribute.getSystemAttributeMapping());
        return attributeMapping.equals(defaultAttribute);
    }).sorted((att1, att2) -> {
        // Sort attributes by role priority
        SysRoleSystemDto roleSystem2 = roleSystemService.get(att2.getRoleSystem());
        SysRoleSystemDto roleSystem1 = roleSystemService.get(att1.getRoleSystem());
        IdmRoleDto role1 = roleService.get(roleSystem1.getRole());
        IdmRoleDto role2 = roleService.get(roleSystem2.getRole());
        return Integer.valueOf(role2.getPriority()).compareTo(Integer.valueOf(role1.getPriority()));
    }).collect(Collectors.toList());
    // We have some overloaded attributes
    if (!attributesOrdered.isEmpty()) {
        List<SysRoleSystemAttributeDto> attributesOrderedGivenStrategy = attributesOrdered.stream().filter(attribute -> {
            return strategy == attribute.getStrategyType();
        }).collect(Collectors.toList());
        // We do not have overloaded attributes for given strategy
        if (attributesOrderedGivenStrategy.isEmpty()) {
            return finalAttributes;
        }
        // First element have role with max priority
        SysRoleSystemDto roleSystemForSetMaxPriority = roleSystemService.get(attributesOrderedGivenStrategy.get(0).getRoleSystem());
        IdmRoleDto roleForSetMaxPriority = roleService.get(roleSystemForSetMaxPriority.getRole());
        int maxPriority = roleForSetMaxPriority.getPriority();
        // We will search for attribute with highest priority (and role
        // name)
        Optional<SysRoleSystemAttributeDto> highestPriorityAttributeOptional = attributesOrderedGivenStrategy.stream().filter(attribute -> {
            SysRoleSystemDto roleSystem = roleSystemService.get(attribute.getRoleSystem());
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            // Filter attributes by max priority
            return maxPriority == roleDto.getPriority();
        }).sorted((att1, att2) -> {
            // Second filtering, if we have same priority, then
            // we will sort by role name
            SysRoleSystemDto roleSystem1 = roleSystemService.get(att1.getRoleSystem());
            SysRoleSystemDto roleSystem2 = roleSystemService.get(att2.getRoleSystem());
            // 
            IdmRoleDto roleDto1 = roleService.get(roleSystem1.getRole());
            IdmRoleDto roleDto2 = roleService.get(roleSystem2.getRole());
            // 
            return roleDto2.getName().compareTo(roleDto1.getName());
        }).findFirst();
        if (highestPriorityAttributeOptional.isPresent()) {
            SysRoleSystemAttributeDto highestPriorityAttribute = highestPriorityAttributeOptional.get();
            // overloaded attributes
            if (strategy == AttributeMappingStrategyType.AUTHORITATIVE_MERGE || strategy == AttributeMappingStrategyType.MERGE) {
                attributesOrderedGivenStrategy.forEach(attribute -> {
                    // Disabled attribute will be skipped
                    if (!attribute.isDisabledDefaultAttribute()) {
                        // Default values (values from schema attribute
                        // handling)
                        attribute.setSchemaAttribute(defaultAttribute.getSchemaAttribute());
                        attribute.setTransformFromResourceScript(defaultAttribute.getTransformFromResourceScript());
                        // Common properties (for MERGE strategy) will be
                        // set from MERGE attribute with highest priority
                        attribute.setSendAlways(highestPriorityAttribute.isSendAlways());
                        attribute.setSendOnlyIfNotNull(highestPriorityAttribute.isSendOnlyIfNotNull());
                        // Add modified attribute to final list
                        finalAttributes.add(attribute);
                    }
                });
                return finalAttributes;
            }
            // We will search for disabled overloaded attribute
            Optional<SysRoleSystemAttributeDto> disabledOverloadedAttOptional = attributesOrderedGivenStrategy.stream().filter(attribute -> {
                // Filter attributes by max priority
                SysRoleSystemDto roleSystem = roleSystemService.get(attribute.getRoleSystem());
                IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
                return maxPriority == roleDto.getPriority();
            }).filter(attribute -> {
                // overloaded attribute
                return attribute.isDisabledDefaultAttribute();
            }).findFirst();
            if (disabledOverloadedAttOptional.isPresent()) {
                // priority
                return finalAttributes;
            }
            // Disabled attribute will be skipped
            if (!highestPriorityAttribute.isDisabledDefaultAttribute()) {
                // Default values (values from schema attribute handling)
                highestPriorityAttribute.setSchemaAttribute(defaultAttribute.getSchemaAttribute());
                highestPriorityAttribute.setCached(defaultAttribute.isCached());
                highestPriorityAttribute.setTransformFromResourceScript(defaultAttribute.getTransformFromResourceScript());
                // Add modified attribute to final list
                finalAttributes.add(highestPriorityAttribute);
                return finalAttributes;
            }
        }
    }
    if (!defaultAttribute.isDisabledAttribute() && strategy == defaultAttribute.getStrategyType()) {
        finalAttributes.add(defaultAttribute);
    }
    return finalAttributes;
}

Example 14 with AttributeMapping

use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method resolveAdditionalPasswordChangeAttributes.

private List<AttributeMapping> resolveAdditionalPasswordChangeAttributes(AccAccountDto account, DTO dto, SysSystemDto system, SystemEntityType entityType) {
    EntityAccountFilter filter = this.createEntityAccountFilter();
    filter.setEntityId(dto.getId());
    filter.setSystemId(system.getId());
    filter.setOwnership(Boolean.TRUE);
    filter.setAccountId(account.getId());
    List<? extends EntityAccountDto> entityAccoutnList = this.getEntityAccountService().find(filter, null).getContent();
    if (entityAccoutnList == null) {
        return Collections.<AttributeMapping>emptyList();
    }
    // 
    SysSystemMappingDto mapping = getMapping(system, entityType);
    if (mapping == null) {
        return Collections.<AttributeMapping>emptyList();
    }
    // 
    // All additional mapped attributes from system, witch has to be send on
    // password change
    SysSystemAttributeMappingFilter attributeFilter = new SysSystemAttributeMappingFilter();
    attributeFilter.setSystemMappingId(mapping.getId());
    attributeFilter.setSendOnPasswordChange(Boolean.TRUE);
    List<? extends AttributeMapping> additionalPasswordChangeAttributes = attributeMappingService.find(attributeFilter, null).getContent();
    // 
    // All role system attributes (overloading) for this uid and same system
    List<SysRoleSystemAttributeDto> roleSystemAttributesAll = findOverloadingAttributes(dto, system, entityAccoutnList, entityType);
    // 
    // Final list of attributes use for provisioning
    List<AttributeMapping> results = compileAttributes(additionalPasswordChangeAttributes, roleSystemAttributesAll, entityType);
    // 
    return results == null ? Collections.<AttributeMapping>emptyList() : results;
}

Example 15 with AttributeMapping

use of eu.bcvsolutions.idm.acc.domain.AttributeMapping in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method compileAttributes.

/**
 * Create final list of attributes for provisioning.
 *
 * @param identityAccount
 * @param defaultAttributes
 * @param overloadingAttributes
 * @return
 */
@Override
public List<AttributeMapping> compileAttributes(List<? extends AttributeMapping> defaultAttributes, List<SysRoleSystemAttributeDto> overloadingAttributes, SystemEntityType entityType) {
    Assert.notNull(overloadingAttributes, "List of overloading attributes cannot be null!");
    List<AttributeMapping> finalAttributes = new ArrayList<>();
    if (defaultAttributes == null) {
        return null;
    }
    defaultAttributes.stream().forEach(defaultAttribute -> {
        for (AttributeMappingStrategyType strategy : AttributeMappingStrategyType.values()) {
            finalAttributes.addAll(compileAtributeForStrategy(strategy, defaultAttribute, overloadingAttributes));
        }
    });
    // Validate attributes on incompatible strategies
    validateAttributesStrategy(finalAttributes);
    return finalAttributes;
}