Example 51 with AccIdentityAccountDto
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityPasswordValidateProcessor method validateDefinition.
/**
* Method returns password policy list for accounts
*
* @param identity
* @param passwordChangeDto
* @return
*/
public List<IdmPasswordPolicyDto> validateDefinition(IdmIdentityDto identity, PasswordChangeDto passwordChangeDto) {
List<IdmPasswordPolicyDto> passwordPolicyList = new ArrayList<>();
// Find user accounts
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
//
// get default password policy
IdmPasswordPolicyDto defaultPasswordPolicy = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
//
if (passwordChangeDto.isIdm() && defaultPasswordPolicy != null) {
passwordPolicyList.add(defaultPasswordPolicy);
}
//
// get systems, only ownership
identityAccounts.stream().filter(identityAccount -> {
return identityAccount.isOwnership() && (passwordChangeDto.isAll() || passwordChangeDto.getAccounts().contains(identityAccount.getAccount().toString()));
}).forEach(identityAccount -> {
// get validate password policy from system
// TODO: change to DTO after refactoring
IdmPasswordPolicy passwordPolicyEntity = identityAccountRepository.findById(identityAccount.getId()).get().getAccount().getSystem().getPasswordPolicyValidate();
IdmPasswordPolicyDto passwordPolicy = null;
if (passwordPolicyEntity != null) {
passwordPolicy = passwordPolicyService.get(passwordPolicyEntity.getId());
}
// validate
if (passwordPolicy == null) {
passwordPolicy = defaultPasswordPolicy;
}
if (!passwordPolicyList.contains(passwordPolicy) && passwordPolicy != null) {
passwordPolicyList.add(passwordPolicy);
}
});
return passwordPolicyList;
}
Also used :
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Enabled(eu.bcvsolutions.idm.core.security.api.domain.Enabled)
CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor)
IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto)
IdmPasswordService(eu.bcvsolutions.idm.core.api.service.IdmPasswordService)
SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService)
ArrayList(java.util.ArrayList)
IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdentityEventType(eu.bcvsolutions.idm.core.model.event.IdentityEvent.IdentityEventType)
EventResult(eu.bcvsolutions.idm.core.api.event.EventResult)
IdentityProcessor(eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
Description(org.springframework.context.annotation.Description)
AccModuleDescriptor(eu.bcvsolutions.idm.acc.AccModuleDescriptor)
PasswordChangeType(eu.bcvsolutions.idm.core.api.domain.PasswordChangeType)
AccIdentityAccountRepository(eu.bcvsolutions.idm.acc.repository.AccIdentityAccountRepository)
IdmPasswordPolicyType(eu.bcvsolutions.idm.core.api.domain.IdmPasswordPolicyType)
IdentityPasswordProcessor(eu.bcvsolutions.idm.core.model.event.processor.identity.IdentityPasswordProcessor)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
List(java.util.List)
Component(org.springframework.stereotype.Component)
IdmPasswordPolicy(eu.bcvsolutions.idm.core.model.entity.IdmPasswordPolicy)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
IdentityConfiguration(eu.bcvsolutions.idm.core.api.config.domain.IdentityConfiguration)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
Assert(org.springframework.util.Assert)
IdmPasswordPolicyService(eu.bcvsolutions.idm.core.api.service.IdmPasswordPolicyService)
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmPasswordPolicy(eu.bcvsolutions.idm.core.model.entity.IdmPasswordPolicy)
ArrayList(java.util.ArrayList)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
Example 52 with AccIdentityAccountDto
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class AccountDeleteProcessor method process.
@Override
public EventResult<AccAccountDto> process(EntityEvent<AccAccountDto> event) {
AccAccountDto account = event.getContent();
UUID entityId = null;
Object entityIdObj = event.getProperties().get(AccAccountService.ENTITY_ID_PROPERTY);
if (entityIdObj instanceof UUID) {
entityId = (UUID) entityIdObj;
}
boolean deleteTargetAccount = false;
Object deleteTargetAccountObj = event.getProperties().get(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY);
if (deleteTargetAccountObj instanceof Boolean) {
deleteTargetAccount = (boolean) deleteTargetAccountObj;
}
Assert.notNull(account, "Account cannot be null!");
// We do not allow delete account in protection
if (account.isAccountProtectedAndValid()) {
throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_DELETED_IS_PROTECTED, ImmutableMap.of("uid", account.getUid()));
}
// delete all identity accounts
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setAccountId(account.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
identityAccounts.forEach(identityAccount -> {
identityAccountService.delete(identityAccount);
});
// delete all role accounts
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setAccountId(account.getId());
List<AccRoleAccountDto> roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
roleAccounts.forEach(roleAccount -> {
roleAccountService.delete(roleAccount);
});
// delete all roleCatalogue accounts
AccRoleCatalogueAccountFilter roleCatalogueAccountFilter = new AccRoleCatalogueAccountFilter();
roleCatalogueAccountFilter.setAccountId(account.getId());
List<AccRoleCatalogueAccountDto> roleCatalogueAccounts = roleCatalogueAccountService.find(roleCatalogueAccountFilter, null).getContent();
roleCatalogueAccounts.forEach(roleCatalogueAccount -> {
roleCatalogueAccountService.delete(roleCatalogueAccount);
});
// delete all tree accounts
AccTreeAccountFilter treeAccountFilter = new AccTreeAccountFilter();
treeAccountFilter.setAccountId(account.getId());
List<AccTreeAccountDto> treeAccounts = treeAccountService.find(treeAccountFilter, null).getContent();
treeAccounts.forEach(treeAccount -> {
treeAccountService.delete(treeAccount);
});
// delete all contract accounts
AccContractAccountFilter contractAccountFilter = new AccContractAccountFilter();
contractAccountFilter.setAccountId(account.getId());
List<AccContractAccountDto> contractAccounts = contractAccountService.find(contractAccountFilter, null).getContent();
contractAccounts.forEach(contractAccount -> {
contractAccountService.delete(contractAccount);
});
// delete all contract slice accounts
AccContractSliceAccountFilter contractSliceAccountFilter = new AccContractSliceAccountFilter();
contractSliceAccountFilter.setAccountId(account.getId());
contractAccountSliceService.find(contractSliceAccountFilter, null).forEach(contractAccount -> {
contractAccountSliceService.delete(contractAccount);
});
//
AccAccountDto refreshAccount = accountService.get(account.getId());
// directly now
if (refreshAccount != null) {
accountService.deleteInternal(refreshAccount);
}
if (deleteTargetAccount && account.getEntityType() != null) {
SystemEntityType entityType = account.getEntityType();
if (!entityType.isSupportsProvisioning()) {
LOG.warn(MessageFormat.format("Provisioning is not supported for [{1}] now [{0}]!", account.getUid(), entityType));
return new DefaultEventResult<>(event, this);
}
LOG.debug(MessageFormat.format("Call delete provisioning for account with UID [{0}] and entity ID [{1}].", account.getUid(), entityId));
// Create context for systemEntity in account DTO and set ID of role-request to it.
UUID roleRequestId = this.getRoleRequestIdProperty(event.getProperties());
this.initContext(account, roleRequestId);
this.provisioningService.doDeleteProvisioning(account, account.getEntityType(), entityId);
}
return new DefaultEventResult<>(event, this);
}
Also used :
AccRoleAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
AccContractAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccContractAccountFilter)
AccContractAccountDto(eu.bcvsolutions.idm.acc.dto.AccContractAccountDto)
AccContractSliceAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccContractSliceAccountFilter)
AccTreeAccountDto(eu.bcvsolutions.idm.acc.dto.AccTreeAccountDto)
AccRoleAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleAccountDto)
AccTreeAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccTreeAccountFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
AccRoleCatalogueAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleCatalogueAccountDto)
UUID(java.util.UUID)
AccRoleCatalogueAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleCatalogueAccountFilter)
Example 53 with AccIdentityAccountDto
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class CrossDomainAdUserConnectorTypeTest method testGetConnectorObjectWithCrossDomainValues.
@Test
public void testGetConnectorObjectWithCrossDomainValues() {
ConnectorType connectorType = connectorManager.getConnectorType(MockCrossDomainAdUserConnectorType.NAME);
SysSystemDto systemDto = initSystem(connectorType);
SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
filter.setSystemId(systemDto.getId());
filter.setName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(filter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto ldapGroupsAttribute = attributes.stream().findFirst().get();
// Creates cross-domain group.
SysSystemGroupDto groupSystemDto = new SysSystemGroupDto();
groupSystemDto.setCode(getHelper().createName());
groupSystemDto.setType(SystemGroupType.CROSS_DOMAIN);
groupSystemDto = systemGroupService.save(groupSystemDto);
SysSystemGroupSystemDto systemGroupSystemOne = new SysSystemGroupSystemDto();
systemGroupSystemOne.setSystemGroup(groupSystemDto.getId());
systemGroupSystemOne.setMergeAttribute(ldapGroupsAttribute.getId());
systemGroupSystemOne.setSystem(systemDto.getId());
systemGroupSystemService.save(systemGroupSystemOne);
// Creates the login role.
IdmRoleDto loginRole = helper.createRole();
helper.createRoleSystem(loginRole, systemDto);
// Creates cross-domain no-login role.
IdmRoleDto roleInCrossDomainGroup = helper.createRole();
SysRoleSystemDto roleSystem = helper.createRoleSystem(roleInCrossDomainGroup, systemDto);
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setIsInCrossDomainGroupRoleId(roleInCrossDomainGroup.getId());
roleSystemFilter.setCheckIfIsInCrossDomainGroup(Boolean.TRUE);
roleSystemFilter.setId(roleSystem.getId());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(0, roleSystemDtos.size());
// Creates overridden ldapGroup merge attribute.
createOverriddenLdapGroupAttribute(ldapGroupsAttribute, roleSystem);
// Role-system should be in cross-domain group now.
roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystemDto = roleSystemDtos.stream().findFirst().get();
assertTrue(roleSystemDto.isInCrossDomainGroup());
IdmIdentityDto identity = getHelper().createIdentity();
IdmIdentityContractDto contract = getHelper().createContract(identity);
mockCrossDomainAdUserConnectorType.setReadConnectorObjectCallBack((system, uid, objectClass) -> {
IcConnectorObjectImpl connectorObject = new IcConnectorObjectImpl(identity.getUsername(), null, null);
connectorObject.getAttributes().add(new IcAttributeImpl(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE, "TWO"));
return mockCrossDomainAdUserConnectorType.getCrossDomainConnectorObject(system, uid, objectClass, connectorObject);
});
IdmRoleRequestDto roleRequestDto = getHelper().assignRoles(contract, roleInCrossDomainGroup, loginRole);
assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
assertNotNull(roleRequestDto.getSystemState());
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setIdentityId(identity.getId());
identityAccountFilter.setSystemId(systemDto.getId());
List<AccIdentityAccountDto> identityAccountDtos = identityAccountService.find(identityAccountFilter, null).getContent();
assertEquals(1, identityAccountDtos.size());
UUID accountId = identityAccountDtos.get(0).getAccount();
IcConnectorObject connectorObject = accountService.getConnectorObject(accountService.get(accountId));
assertNotNull(connectorObject);
IcAttribute ldapGroupsAtt = connectorObject.getAttributeByName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
assertEquals(1, ldapGroupsAtt.getValues().size());
assertTrue(ldapGroupsAtt.getValues().stream().anyMatch(value -> value.equals("TWO")));
// Clean
provisioningOperationService.deleteOperations(systemDto.getId());
systemGroupService.delete(groupSystemDto);
getHelper().deleteIdentity(identity.getId());
mockCrossDomainAdUserConnectorType.setReadConnectorObjectCallBack(null);
}
Also used :
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
GuardedString(org.identityconnectors.common.security.GuardedString)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
After(org.junit.After)
SecurityUtil(org.identityconnectors.common.security.SecurityUtil)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
StandardCharsets(java.nio.charset.StandardCharsets)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
ConnectorManager(eu.bcvsolutions.idm.acc.service.api.ConnectorManager)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Assert.assertFalse(org.junit.Assert.assertFalse)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
IcObjectClassInfo(eu.bcvsolutions.idm.ic.api.IcObjectClassInfo)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IcConfigurationProperty(eu.bcvsolutions.idm.ic.api.IcConfigurationProperty)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
ConnectorTypeDto(eu.bcvsolutions.idm.acc.dto.ConnectorTypeDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
IcAttributeInfo(eu.bcvsolutions.idm.ic.api.IcAttributeInfo)
Before(org.junit.Before)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Assert.assertTrue(org.junit.Assert.assertTrue)
RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState)
Test(org.junit.Test)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysSystemGroupService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupService)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SystemGroupType(eu.bcvsolutions.idm.acc.domain.SystemGroupType)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Assert.assertNull(org.junit.Assert.assertNull)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
TestHelper(eu.bcvsolutions.idm.acc.TestHelper)
Comparator(java.util.Comparator)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
Assert.assertEquals(org.junit.Assert.assertEquals)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
UUID(java.util.UUID)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 54 with AccIdentityAccountDto
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountServiceFilterTest method createAccount.
private AccAccountDto createAccount(UUID systemId, UUID identityId, String uid, AccountType accountType, Boolean ownership) {
AccAccountDto account = new AccAccountDto();
account.setSystem(systemId);
account.setUid(uid);
account.setAccountType(accountType);
account = accAccountService.save(account);
AccIdentityAccountDto accountIdentity = new AccIdentityAccountDto();
accountIdentity.setIdentity(identityId);
accountIdentity.setOwnership(ownership);
accountIdentity.setAccount(account.getId());
identityAccoutnService.save(accountIdentity);
return account;
}
Also used :
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
Example 55 with AccIdentityAccountDto
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountServiceTest method getConnectorObjectNotFullTest.
@Test
public void getConnectorObjectNotFullTest() {
String userOneName = "UserOne";
String eavAttributeName = "EAV_ATTRIBUTE";
SysSystemDto system = initData();
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(system.getId());
// Find and delete EAV schema attribute.
SysSchemaAttributeDto eavAttribute = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase(eavAttributeName)).findFirst().orElse(null);
Assert.assertNotNull(eavAttribute);
schemaAttributeService.delete(eavAttribute);
Assert.assertNotNull(system);
// Change resources (set state on exclude) .. must be call in transaction
this.getBean().persistResource(createResource(userOneName, ZonedDateTime.now()));
AccAccountDto account = new AccAccountDto();
account.setEntityType(SystemEntityType.IDENTITY);
account.setSystem(system.getId());
account.setAccountType(AccountType.PERSONAL);
account.setUid(userOneName);
account = accountService.save(account);
IdmIdentityDto identity = helper.createIdentity();
AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
accountIdentityOne.setIdentity(identity.getId());
accountIdentityOne.setOwnership(true);
accountIdentityOne.setAccount(account.getId());
accountIdentityOne = identityAccountService.save(accountIdentityOne);
// Create role with evaluator
IdmRoleDto role = helper.createRole();
IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
policyAccount.setRole(role.getId());
policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
authorizationPolicyService.save(policyAccount);
// Assign role with evaluator
helper.createIdentityRole(identity, role);
logout();
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
Assert.assertNotNull(connectorObject);
Assert.assertEquals(userOneName, connectorObject.getUidValue());
// EAV attribute must be null, because we deleted the schema definition
Assert.assertNull(connectorObject.getAttributeByName(eavAttributeName));
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Aggregations
AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92
AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90
Test (org.junit.Test)79
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59
AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34
TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22
ArrayList (java.util.ArrayList)22
UUID (java.util.UUID)21
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19
PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17
Transactional (org.springframework.transaction.annotation.Transactional)17
SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16
SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16
