Search in sources :

Example 51 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordValidateProcessor method validateDefinition.

/**
 * Method returns password policy list for accounts
 *
 * @param identity
 * @param passwordChangeDto
 * @return
 */
public List<IdmPasswordPolicyDto> validateDefinition(IdmIdentityDto identity, PasswordChangeDto passwordChangeDto) {
    List<IdmPasswordPolicyDto> passwordPolicyList = new ArrayList<>();
    // Find user accounts
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // 
    // get default password policy
    IdmPasswordPolicyDto defaultPasswordPolicy = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
    // 
    if (passwordChangeDto.isIdm() && defaultPasswordPolicy != null) {
        passwordPolicyList.add(defaultPasswordPolicy);
    }
    // 
    // get systems, only ownership
    identityAccounts.stream().filter(identityAccount -> {
        return identityAccount.isOwnership() && (passwordChangeDto.isAll() || passwordChangeDto.getAccounts().contains(identityAccount.getAccount().toString()));
    }).forEach(identityAccount -> {
        // get validate password policy from system
        // TODO: change to DTO after refactoring
        IdmPasswordPolicy passwordPolicyEntity = identityAccountRepository.findById(identityAccount.getId()).get().getAccount().getSystem().getPasswordPolicyValidate();
        IdmPasswordPolicyDto passwordPolicy = null;
        if (passwordPolicyEntity != null) {
            passwordPolicy = passwordPolicyService.get(passwordPolicyEntity.getId());
        }
        // validate
        if (passwordPolicy == null) {
            passwordPolicy = defaultPasswordPolicy;
        }
        if (!passwordPolicyList.contains(passwordPolicy) && passwordPolicy != null) {
            passwordPolicyList.add(passwordPolicy);
        }
    });
    return passwordPolicyList;
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent) Autowired(org.springframework.beans.factory.annotation.Autowired) Enabled(eu.bcvsolutions.idm.core.security.api.domain.Enabled) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) IdmPasswordDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordDto) IdmPasswordService(eu.bcvsolutions.idm.core.api.service.IdmPasswordService) SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService) ArrayList(java.util.ArrayList) IdmPasswordValidationDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordValidationDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdentityEventType(eu.bcvsolutions.idm.core.model.event.IdentityEvent.IdentityEventType) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) IdentityProcessor(eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) Description(org.springframework.context.annotation.Description) AccModuleDescriptor(eu.bcvsolutions.idm.acc.AccModuleDescriptor) PasswordChangeType(eu.bcvsolutions.idm.core.api.domain.PasswordChangeType) AccIdentityAccountRepository(eu.bcvsolutions.idm.acc.repository.AccIdentityAccountRepository) IdmPasswordPolicyType(eu.bcvsolutions.idm.core.api.domain.IdmPasswordPolicyType) IdentityPasswordProcessor(eu.bcvsolutions.idm.core.model.event.processor.identity.IdentityPasswordProcessor) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) List(java.util.List) Component(org.springframework.stereotype.Component) IdmPasswordPolicy(eu.bcvsolutions.idm.core.model.entity.IdmPasswordPolicy) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) IdentityConfiguration(eu.bcvsolutions.idm.core.api.config.domain.IdentityConfiguration) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) Assert(org.springframework.util.Assert) IdmPasswordPolicyService(eu.bcvsolutions.idm.core.api.service.IdmPasswordPolicyService) IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) IdmPasswordPolicy(eu.bcvsolutions.idm.core.model.entity.IdmPasswordPolicy) ArrayList(java.util.ArrayList) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 52 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccountDeleteProcessor method process.

@Override
public EventResult<AccAccountDto> process(EntityEvent<AccAccountDto> event) {
    AccAccountDto account = event.getContent();
    UUID entityId = null;
    Object entityIdObj = event.getProperties().get(AccAccountService.ENTITY_ID_PROPERTY);
    if (entityIdObj instanceof UUID) {
        entityId = (UUID) entityIdObj;
    }
    boolean deleteTargetAccount = false;
    Object deleteTargetAccountObj = event.getProperties().get(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY);
    if (deleteTargetAccountObj instanceof Boolean) {
        deleteTargetAccount = (boolean) deleteTargetAccountObj;
    }
    Assert.notNull(account, "Account cannot be null!");
    // We do not allow delete account in protection
    if (account.isAccountProtectedAndValid()) {
        throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_DELETED_IS_PROTECTED, ImmutableMap.of("uid", account.getUid()));
    }
    // delete all identity accounts
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setAccountId(account.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    identityAccounts.forEach(identityAccount -> {
        identityAccountService.delete(identityAccount);
    });
    // delete all role accounts
    AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
    roleAccountFilter.setAccountId(account.getId());
    List<AccRoleAccountDto> roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
    roleAccounts.forEach(roleAccount -> {
        roleAccountService.delete(roleAccount);
    });
    // delete all roleCatalogue accounts
    AccRoleCatalogueAccountFilter roleCatalogueAccountFilter = new AccRoleCatalogueAccountFilter();
    roleCatalogueAccountFilter.setAccountId(account.getId());
    List<AccRoleCatalogueAccountDto> roleCatalogueAccounts = roleCatalogueAccountService.find(roleCatalogueAccountFilter, null).getContent();
    roleCatalogueAccounts.forEach(roleCatalogueAccount -> {
        roleCatalogueAccountService.delete(roleCatalogueAccount);
    });
    // delete all tree accounts
    AccTreeAccountFilter treeAccountFilter = new AccTreeAccountFilter();
    treeAccountFilter.setAccountId(account.getId());
    List<AccTreeAccountDto> treeAccounts = treeAccountService.find(treeAccountFilter, null).getContent();
    treeAccounts.forEach(treeAccount -> {
        treeAccountService.delete(treeAccount);
    });
    // delete all contract accounts
    AccContractAccountFilter contractAccountFilter = new AccContractAccountFilter();
    contractAccountFilter.setAccountId(account.getId());
    List<AccContractAccountDto> contractAccounts = contractAccountService.find(contractAccountFilter, null).getContent();
    contractAccounts.forEach(contractAccount -> {
        contractAccountService.delete(contractAccount);
    });
    // delete all contract slice accounts
    AccContractSliceAccountFilter contractSliceAccountFilter = new AccContractSliceAccountFilter();
    contractSliceAccountFilter.setAccountId(account.getId());
    contractAccountSliceService.find(contractSliceAccountFilter, null).forEach(contractAccount -> {
        contractAccountSliceService.delete(contractAccount);
    });
    // 
    AccAccountDto refreshAccount = accountService.get(account.getId());
    // directly now
    if (refreshAccount != null) {
        accountService.deleteInternal(refreshAccount);
    }
    if (deleteTargetAccount && account.getEntityType() != null) {
        SystemEntityType entityType = account.getEntityType();
        if (!entityType.isSupportsProvisioning()) {
            LOG.warn(MessageFormat.format("Provisioning is not supported for [{1}] now [{0}]!", account.getUid(), entityType));
            return new DefaultEventResult<>(event, this);
        }
        LOG.debug(MessageFormat.format("Call delete provisioning for account with UID [{0}] and entity ID [{1}].", account.getUid(), entityId));
        // Create context for systemEntity in account DTO and set ID of role-request to it.
        UUID roleRequestId = this.getRoleRequestIdProperty(event.getProperties());
        this.initContext(account, roleRequestId);
        this.provisioningService.doDeleteProvisioning(account, account.getEntityType(), entityId);
    }
    return new DefaultEventResult<>(event, this);
}
Also used : AccRoleAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AccContractAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccContractAccountFilter) AccContractAccountDto(eu.bcvsolutions.idm.acc.dto.AccContractAccountDto) AccContractSliceAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccContractSliceAccountFilter) AccTreeAccountDto(eu.bcvsolutions.idm.acc.dto.AccTreeAccountDto) AccRoleAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleAccountDto) AccTreeAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccTreeAccountFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) AccRoleCatalogueAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleCatalogueAccountDto) UUID(java.util.UUID) AccRoleCatalogueAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleCatalogueAccountFilter)

Example 53 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class CrossDomainAdUserConnectorTypeTest method testGetConnectorObjectWithCrossDomainValues.

@Test
public void testGetConnectorObjectWithCrossDomainValues() {
    ConnectorType connectorType = connectorManager.getConnectorType(MockCrossDomainAdUserConnectorType.NAME);
    SysSystemDto systemDto = initSystem(connectorType);
    SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
    filter.setSystemId(systemDto.getId());
    filter.setName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
    List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(filter, null).getContent();
    assertEquals(1, attributes.size());
    SysSystemAttributeMappingDto ldapGroupsAttribute = attributes.stream().findFirst().get();
    // Creates cross-domain group.
    SysSystemGroupDto groupSystemDto = new SysSystemGroupDto();
    groupSystemDto.setCode(getHelper().createName());
    groupSystemDto.setType(SystemGroupType.CROSS_DOMAIN);
    groupSystemDto = systemGroupService.save(groupSystemDto);
    SysSystemGroupSystemDto systemGroupSystemOne = new SysSystemGroupSystemDto();
    systemGroupSystemOne.setSystemGroup(groupSystemDto.getId());
    systemGroupSystemOne.setMergeAttribute(ldapGroupsAttribute.getId());
    systemGroupSystemOne.setSystem(systemDto.getId());
    systemGroupSystemService.save(systemGroupSystemOne);
    // Creates the login role.
    IdmRoleDto loginRole = helper.createRole();
    helper.createRoleSystem(loginRole, systemDto);
    // Creates cross-domain no-login role.
    IdmRoleDto roleInCrossDomainGroup = helper.createRole();
    SysRoleSystemDto roleSystem = helper.createRoleSystem(roleInCrossDomainGroup, systemDto);
    SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
    roleSystemFilter.setIsInCrossDomainGroupRoleId(roleInCrossDomainGroup.getId());
    roleSystemFilter.setCheckIfIsInCrossDomainGroup(Boolean.TRUE);
    roleSystemFilter.setId(roleSystem.getId());
    List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
    assertEquals(0, roleSystemDtos.size());
    // Creates overridden ldapGroup merge attribute.
    createOverriddenLdapGroupAttribute(ldapGroupsAttribute, roleSystem);
    // Role-system should be in cross-domain group now.
    roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
    assertEquals(1, roleSystemDtos.size());
    SysRoleSystemDto roleSystemDto = roleSystemDtos.stream().findFirst().get();
    assertTrue(roleSystemDto.isInCrossDomainGroup());
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmIdentityContractDto contract = getHelper().createContract(identity);
    mockCrossDomainAdUserConnectorType.setReadConnectorObjectCallBack((system, uid, objectClass) -> {
        IcConnectorObjectImpl connectorObject = new IcConnectorObjectImpl(identity.getUsername(), null, null);
        connectorObject.getAttributes().add(new IcAttributeImpl(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE, "TWO"));
        return mockCrossDomainAdUserConnectorType.getCrossDomainConnectorObject(system, uid, objectClass, connectorObject);
    });
    IdmRoleRequestDto roleRequestDto = getHelper().assignRoles(contract, roleInCrossDomainGroup, loginRole);
    assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
    assertNotNull(roleRequestDto.getSystemState());
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setIdentityId(identity.getId());
    identityAccountFilter.setSystemId(systemDto.getId());
    List<AccIdentityAccountDto> identityAccountDtos = identityAccountService.find(identityAccountFilter, null).getContent();
    assertEquals(1, identityAccountDtos.size());
    UUID accountId = identityAccountDtos.get(0).getAccount();
    IcConnectorObject connectorObject = accountService.getConnectorObject(accountService.get(accountId));
    assertNotNull(connectorObject);
    IcAttribute ldapGroupsAtt = connectorObject.getAttributeByName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
    assertEquals(1, ldapGroupsAtt.getValues().size());
    assertTrue(ldapGroupsAtt.getValues().stream().anyMatch(value -> value.equals("TWO")));
    // Clean
    provisioningOperationService.deleteOperations(systemDto.getId());
    systemGroupService.delete(groupSystemDto);
    getHelper().deleteIdentity(identity.getId());
    mockCrossDomainAdUserConnectorType.setReadConnectorObjectCallBack(null);
}
Also used : IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) Autowired(org.springframework.beans.factory.annotation.Autowired) MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType) GuardedString(org.identityconnectors.common.security.GuardedString) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) After(org.junit.After) SecurityUtil(org.identityconnectors.common.security.SecurityUtil) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType) SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) StandardCharsets(java.nio.charset.StandardCharsets) SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) ConnectorManager(eu.bcvsolutions.idm.acc.service.api.ConnectorManager) SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) Assert.assertFalse(org.junit.Assert.assertFalse) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) MessageFormat(java.text.MessageFormat) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) IcObjectClassInfo(eu.bcvsolutions.idm.ic.api.IcObjectClassInfo) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IcConfigurationProperty(eu.bcvsolutions.idm.ic.api.IcConfigurationProperty) IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl) IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Qualifier(org.springframework.beans.factory.annotation.Qualifier) ConnectorTypeDto(eu.bcvsolutions.idm.acc.dto.ConnectorTypeDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl) SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto) IcAttributeInfo(eu.bcvsolutions.idm.ic.api.IcAttributeInfo) Before(org.junit.Before) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) Assert.assertNotNull(org.junit.Assert.assertNotNull) SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Assert.assertTrue(org.junit.Assert.assertTrue) RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState) Test(org.junit.Test) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) SysSystemGroupService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupService) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SystemGroupType(eu.bcvsolutions.idm.acc.domain.SystemGroupType) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) Assert.assertNull(org.junit.Assert.assertNull) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison) IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_) BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto) TestHelper(eu.bcvsolutions.idm.acc.TestHelper) Comparator(java.util.Comparator) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) Assert.assertEquals(org.junit.Assert.assertEquals) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType) ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl) UUID(java.util.UUID) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 54 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceFilterTest method createAccount.

private AccAccountDto createAccount(UUID systemId, UUID identityId, String uid, AccountType accountType, Boolean ownership) {
    AccAccountDto account = new AccAccountDto();
    account.setSystem(systemId);
    account.setUid(uid);
    account.setAccountType(accountType);
    account = accAccountService.save(account);
    AccIdentityAccountDto accountIdentity = new AccIdentityAccountDto();
    accountIdentity.setIdentity(identityId);
    accountIdentity.setOwnership(ownership);
    accountIdentity.setAccount(account.getId());
    identityAccoutnService.save(accountIdentity);
    return account;
}
Also used : AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 55 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectNotFullTest.

@Test
public void getConnectorObjectNotFullTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    // Find and delete EAV schema attribute.
    SysSchemaAttributeDto eavAttribute = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase(eavAttributeName)).findFirst().orElse(null);
    Assert.assertNotNull(eavAttribute);
    schemaAttributeService.delete(eavAttribute);
    Assert.assertNotNull(system);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, ZonedDateTime.now()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    IdmIdentityDto identity = helper.createIdentity();
    AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
    accountIdentityOne.setIdentity(identity.getId());
    accountIdentityOne.setOwnership(true);
    accountIdentityOne.setAccount(account.getId());
    accountIdentityOne = identityAccountService.save(accountIdentityOne);
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    // EAV attribute must be null, because we deleted the schema definition
    Assert.assertNull(connectorObject.getAttributeByName(eavAttributeName));
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16