Search in sources :

Example 1 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createValidRole.

@Test
public void createValidRole() {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set minus days
    validFrom = validFrom.minusDays(5);
    // provisioning is not executed
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentity = identityAccountService.find(filter, null).getContent().get(0);
    // it must exists
    assertNotNull(accountIdentity);
}
Also used : IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 2 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createNonValidRoleAndValid.

@Test
public void createNonValidRoleAndValid() throws InterruptedException, ExecutionException {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // provisioning is not executed, role isn't valid from now
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> list = identityAccountService.find(filter, null).getContent();
    // it must not exists
    assertEquals(true, list.isEmpty());
    // 
    IdentityRoleValidRequestTaskExecutor taskExecutor1 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask1 = longRunningTaskManager.execute(taskExecutor1);
    assertEquals(true, futureTask1.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask1 = longRunningTaskService.get(taskExecutor1.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask1.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    // still empty, role isn't valid
    assertEquals(true, list.isEmpty());
    List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
    assertEquals(1, roles.size());
    IdmIdentityRole identityRole = roles.get(0);
    validFrom = new LocalDate();
    validFrom = validFrom.minusDays(5);
    identityRole.setValidFrom(validFrom);
    identityRoleRepository.save(identityRole);
    // execute again
    IdentityRoleValidRequestTaskExecutor taskExecutor2 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask2 = longRunningTaskManager.execute(taskExecutor2);
    assertEquals(true, futureTask2.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask2 = longRunningTaskService.get(taskExecutor2.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask2.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    assertEquals(false, list.isEmpty());
    assertEquals(1, list.size());
    // newly created accounts
    assertNotNull(list.get(0));
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 3 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createLotsOfValidRequests.

@Test
public void createLotsOfValidRequests() throws InterruptedException, ExecutionException {
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // clear request, if any
    List<IdmIdentityRoleValidRequestDto> list = identityRoleValidRequestService.findAllValid();
    for (IdmIdentityRoleValidRequestDto request : list) {
        identityRoleValidRequestService.delete(request);
    }
    List<IdmIdentityDto> identities = new ArrayList<>();
    for (int index = 0; index < MAX_CREATE; index++) {
        IdmIdentityDto identity = createAndSaveIdentity();
        IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
        // provisioning is not executed, role isn't valid from now
        createAndSaveIdentityRole(identityContract, role, null, validFrom);
        identities.add(identity);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    validFrom = validFrom.minusDays(15);
    for (IdmIdentityDto identity : identities) {
        List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
        assertEquals(1, roles.size());
        IdmIdentityRole identityRole = roles.get(0);
        identityRole.setValidFrom(validFrom);
        identityRoleRepository.save(identityRole);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(MAX_CREATE, list.size());
    IdentityRoleValidRequestTaskExecutor taskExecutor = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask = longRunningTaskManager.execute(taskExecutor);
    assertEquals(true, futureTask.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask = longRunningTaskService.get(taskExecutor.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask.getResult().getState());
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    for (IdmIdentityDto identity : identities) {
        AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
        filter.setIdentityId(identity.getId());
        List<AccIdentityAccountDto> accountsList = identityAccountService.find(filter, null).getContent();
        assertEquals(false, accountsList.isEmpty());
        assertEquals(1, accountsList.size());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) ArrayList(java.util.ArrayList) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmIdentityRoleValidRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleValidRequestDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 4 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityProvisioningExecutor method findOverloadingAttributes.

/**
 * Return list of all overloading attributes for given identity, system and
 * uid
 *
 * @param identityAccount
 * @param idenityAccoutnList
 * @param operationType
 * @param entityType
 * @return
 */
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
    List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
    idenityAccoutnList.stream().filter(ia -> {
        AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
        return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
    }).forEach((identityAccountInner) -> {
        AbstractDto identityAccount = (AbstractDto) identityAccountInner;
        // All identity account with same system and with filled
        // identityRole
        AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
        IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(identityRole.getRole());
        roleSystemFilter.setSystemId(account.getSystem());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        if (roleSystems.size() > 1) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
        }
        if (!roleSystems.isEmpty()) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
            roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
            List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
            if (!CollectionUtils.isEmpty(roleAttributes)) {
                roleSystemAttributesAll.addAll(roleAttributes);
            }
        }
    });
    return roleSystemAttributesAll;
}
Also used : ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor) IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade) DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService) Autowired(org.springframework.beans.factory.annotation.Autowired) AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_) EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) ArrayList(java.util.ArrayList) AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) Service(org.springframework.stereotype.Service) Qualifier(org.springframework.beans.factory.annotation.Qualifier) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) ImmutableMap(com.google.common.collect.ImmutableMap) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) CollectionUtils(org.springframework.util.CollectionUtils) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) Assert(org.springframework.util.Assert) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ArrayList(java.util.ArrayList) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)

Example 5 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySetPasswordProcessorIntegrationTest method testGeneratePassword.

@Test
public void testGeneratePassword() {
    SysSystemDto system = helper.createTestResourceSystem(true);
    // 
    IdmRoleDto role = helper.createRole();
    helper.createRoleSystem(role, system);
    IdmIdentityDto identity = helper.createIdentity();
    IdmIdentityContractDto contract = helper.getPrimeContract(identity.getId());
    contract.setValidFrom(LocalDate.now().plusDays(1));
    identityContractService.save(contract);
    identity = identityService.get(identity.getId());
    Assert.assertEquals(IdentityState.FUTURE_CONTRACT, identity.getState());
    helper.createIdentityRole(identity, role);
    // 
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
    AccAccountDto account = accountService.get(accountIdentityOne.getAccount());
    // Create new password one
    PasswordChangeDto passwordChange = new PasswordChangeDto();
    passwordChange.setAccounts(ImmutableList.of(account.getId().toString()));
    passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_ONE));
    passwordChange.setIdm(true);
    // 
    // Do change of password for selected accounts
    identityService.passwordChange(identity, passwordChange);
    // 
    // Check correct password One
    TestResource resource = helper.findResource(account.getRealUid());
    Assert.assertNotNull(resource);
    Assert.assertEquals(IDENTITY_PASSWORD_ONE, resource.getPassword());
    // 
    // set contract to valid
    contract.setValidFrom(LocalDate.now());
    identityContractService.save(contract);
    identity = identityService.get(identity.getId());
    Assert.assertEquals(IdentityState.VALID, identity.getState());
    // 
    // check password on target system was changed
    resource = helper.findResource(account.getRealUid());
    Assert.assertNotNull(resource);
    Assert.assertNotEquals(IDENTITY_PASSWORD_ONE, resource.getPassword());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16