Search in sources :

Example 56 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultSynchronizationServiceTest method doStartSyncD_Missing_Account_doCreateAccount.

@Test
public void doStartSyncD_Missing_Account_doCreateAccount() {
    SysSyncConfigFilter configFilter = new SysSyncConfigFilter();
    configFilter.setName(SYNC_CONFIG_NAME);
    List<AbstractSysSyncConfigDto> syncConfigs = syncConfigService.find(configFilter, null).getContent();
    Assert.assertEquals(1, syncConfigs.size());
    AbstractSysSyncConfigDto syncConfigCustom = syncConfigs.get(0);
    Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
    // Create new identity THREE, with account
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername("x" + IDENTITY_USERNAME_THREE);
    identity.setFirstName(IDENTITY_USERNAME_THREE);
    identity.setLastName(IDENTITY_USERNAME_THREE);
    identity = identityService.save(identity);
    AccAccountDto accountOne = new AccAccountDto();
    SysSystemMappingDto systemMapping = systemMappingService.get(syncConfigCustom.getSystemMapping());
    SysSystemDto system = systemService.get(schemaObjectClassService.get(systemMapping.getObjectClass()).getSystem());
    accountOne.setSystem(system.getId());
    accountOne.setUid("x" + IDENTITY_USERNAME_THREE);
    accountOne.setAccountType(AccountType.PERSONAL);
    accountOne.setEntityType(SystemEntityType.IDENTITY);
    accountOne = accountService.save(accountOne);
    AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
    accountIdentityOne.setIdentity(identity.getId());
    accountIdentityOne.setOwnership(true);
    accountIdentityOne.setAccount(accountOne.getId());
    accountIdentityOne = identityAccoutnService.save(accountIdentityOne);
    // Set sync config
    syncConfigCustom.setLinkedAction(SynchronizationLinkedActionType.IGNORE);
    syncConfigCustom.setUnlinkedAction(SynchronizationUnlinkedActionType.IGNORE);
    syncConfigCustom.setMissingEntityAction(SynchronizationMissingEntityActionType.IGNORE);
    syncConfigCustom.setMissingAccountAction(ReconciliationMissingAccountActionType.CREATE_ACCOUNT);
    syncConfigCustom.setReconciliation(true);
    syncConfigService.save(syncConfigCustom);
    // Check state before sync
    Assert.assertNull(entityManager.find(TestResource.class, "x" + IDENTITY_USERNAME_THREE));
    // Start synchronization
    helper.startSynchronization(syncConfigCustom);
    // 
    SysSyncLogFilter logFilter = new SysSyncLogFilter();
    logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
    List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
    Assert.assertEquals(1, logs.size());
    SysSyncLogDto log = logs.get(0);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    SysSyncActionLogFilter actionLogFilter = new SysSyncActionLogFilter();
    actionLogFilter.setSynchronizationLogId(log.getId());
    List<SysSyncActionLogDto> actions = syncActionLogService.find(actionLogFilter, null).getContent();
    Assert.assertEquals(2, actions.size());
    SysSyncActionLogDto actionLog = actions.stream().filter(action -> {
        return SynchronizationActionType.CREATE_ACCOUNT == action.getSyncAction();
    }).findFirst().get();
    SysSyncItemLogFilter itemLogFilter = new SysSyncItemLogFilter();
    itemLogFilter.setSyncActionLogId(actionLog.getId());
    List<SysSyncItemLogDto> items = syncItemLogService.find(itemLogFilter, null).getContent();
    Assert.assertEquals(1, items.size());
    // Check state after sync
    Assert.assertNotNull(entityManager.find(TestResource.class, "x" + IDENTITY_USERNAME_THREE));
    // Delete log
    syncLogService.delete(log);
}
Also used : SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) SysSyncLogFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncLogFilter) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) SysSyncItemLogFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncItemLogFilter) SysSyncActionLogFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncActionLogFilter) SysSyncConfigFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 57 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccTestHelper method createIdentityAccount.

@Override
public AccIdentityAccountDto createIdentityAccount(SysSystemDto system, IdmIdentityDto identity) {
    AccAccountDto account = new AccAccountDto();
    account.setSystem(system.getId());
    account.setUid(identity.getUsername());
    account.setAccountType(AccountType.PERSONAL);
    account.setEntityType(SystemEntityType.IDENTITY);
    account = accountService.save(account);
    AccIdentityAccountDto accountIdentity = new AccIdentityAccountDto();
    accountIdentity.setIdentity(identity.getId());
    accountIdentity.setOwnership(true);
    accountIdentity.setAccount(account.getId());
    return identityAccountService.save(accountIdentity);
}
Also used : AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 58 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method createAccountByRoleSystem.

/**
 * Create Account by given roleSystem
 *
 * @param identity
 * @param roleSystem
 * @param identityAccountsToCreate
 * @return
 */
private UUID createAccountByRoleSystem(IdmIdentityDto identity, SysRoleSystemDto roleSystem, List<AccIdentityAccountDto> identityAccountsToCreate) {
    String uid = generateUID(identity, roleSystem);
    // We try find account for same uid on same system
    // First we try search same account in list for create new accounts
    Optional<AccIdentityAccountDto> sameAccountOptional = identityAccountsToCreate.stream().filter(ia -> {
        AccAccountDto account = accountService.get(ia.getAccount());
        return account.getUid().equals(uid) && roleSystem.getId().equals(ia.getRoleSystem());
    }).findFirst();
    if (sameAccountOptional.isPresent()) {
        return sameAccountOptional.get().getAccount();
    }
    UUID accountId = null;
    // If account is not in the list accounts to create, then we will search in
    // database
    // Account management - can be the account created? - execute the script on the
    // system mapping
    SysSystemDto system = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
    SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
    if (mapping == null) {
        return null;
    }
    if (!this.canBeAccountCreated(uid, identity, mapping, system)) {
        LOG.info(MessageFormat.format("For entity [{0}] and entity type [{1}] cannot be created the account (on system [{2}])," + " because script \"Can be account created\" on the mapping returned \"false\"!", identity.getCode(), SystemEntityType.IDENTITY, system.getName()));
        return null;
    }
    AccAccountFilter accountFilter = new AccAccountFilter();
    accountFilter.setUid(uid);
    accountFilter.setSystemId(roleSystem.getSystem());
    List<AccAccountDto> sameAccounts = accountService.find(accountFilter, null).getContent();
    if (CollectionUtils.isEmpty(sameAccounts)) {
        // Create and persist new account
        accountId = createAccount(uid, roleSystem);
    } else {
        // We use existed account
        accountId = sameAccounts.get(0).getId();
    }
    return accountId;
}
Also used : DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) Autowired(org.springframework.beans.factory.annotation.Autowired) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IdmIdentityRoleRepository(eu.bcvsolutions.idm.core.model.repository.IdmIdentityRoleRepository) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) Service(org.springframework.stereotype.Service) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_) ImmutableMap(com.google.common.collect.ImmutableMap) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) Collectors(java.util.stream.Collectors) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) CollectionUtils(org.springframework.util.CollectionUtils) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AccountType(eu.bcvsolutions.idm.acc.domain.AccountType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) Optional(java.util.Optional) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) Assert(org.springframework.util.Assert) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) UUID(java.util.UUID) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)

Example 59 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method resolveIdentityAccountForCreate.

/**
 * Resolve Identity account - to create
 *
 * @param identity
 * @param identityAccountList
 * @param identityRoles
 * @param identityAccountsToCreate
 * @param identityAccountsToDelete
 * @param resolvedRolesForCreate
 */
private void resolveIdentityAccountForCreate(IdmIdentityDto identity, List<AccIdentityAccountDto> identityAccountList, List<IdmIdentityRole> identityRoles, List<AccIdentityAccountDto> identityAccountsToCreate, List<AccIdentityAccountDto> identityAccountsToDelete) {
    // Is role valid in this moment
    identityRoles.stream().filter(identityRole -> {
        return identityRole.isValid();
    }).forEach(identityRole -> {
        IdmRole role = identityRole.getRole();
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(role.getId());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        roleSystems.stream().filter(roleSystem -> {
            // Filter out identity-accounts for same role-system, account (by UID)
            return !identityAccountList.stream().filter(identityAccount -> {
                if (roleSystem.getId().equals(identityAccount.getRoleSystem())) {
                    // Has identity account same uid as account?
                    String uid = generateUID(identity, roleSystem);
                    AccAccountDto account = AccIdentityAccountService.getEmbeddedAccount(identityAccount);
                    if (!uid.equals(account.getUid())) {
                        // We found identityAccount for same identity and roleSystem, but this
                        // identityAccount
                        // is link to Account with different UID. It's probably means definition of UID
                        // (transformation)\
                        // on roleSystem was changed. We have to delete this identityAccount.
                        identityAccountsToDelete.add(identityAccount);
                    }
                }
                return false;
            }).findFirst().isPresent();
        }).forEach(roleSystem -> {
            // For this system we have to create new account
            UUID accountId = createAccountByRoleSystem(identity, roleSystem, identityAccountsToCreate);
            if (accountId == null) {
                return;
            }
            // TODO: find the better place for this check
            if (identityAccountList.stream().filter(identityAccount -> {
                return identityAccount.getAccount().equals(accountId) && identityRole.getId().equals(identityAccount.getIdentityRole()) && roleSystem.getId().equals(identityAccount.getRoleSystem());
            }).count() == 0) {
                AccIdentityAccountDto identityAccount = new AccIdentityAccountDto();
                identityAccount.setAccount(accountId);
                identityAccount.setIdentity(identity.getId());
                identityAccount.setIdentityRole(identityRole.getId());
                identityAccount.setRoleSystem(roleSystem.getId());
                // TODO: Add flag ownership to SystemRole and set here.
                identityAccount.setOwnership(true);
                identityAccountsToCreate.add(identityAccount);
            }
        });
    });
}
Also used : DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) Autowired(org.springframework.beans.factory.annotation.Autowired) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IdmIdentityRoleRepository(eu.bcvsolutions.idm.core.model.repository.IdmIdentityRoleRepository) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) Service(org.springframework.stereotype.Service) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_) ImmutableMap(com.google.common.collect.ImmutableMap) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) Collectors(java.util.stream.Collectors) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) CollectionUtils(org.springframework.util.CollectionUtils) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AccountType(eu.bcvsolutions.idm.acc.domain.AccountType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) Optional(java.util.Optional) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) Assert(org.springframework.util.Assert) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) UUID(java.util.UUID) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 60 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method createIdentityAccount.

@Override
public AccIdentityAccountDto createIdentityAccount(SysSystemDto system, IdmIdentityDto identity) {
    AccAccountDto account = new AccAccountDto();
    account.setSystem(system.getId());
    account.setUid(identity.getUsername());
    account.setAccountType(AccountType.PERSONAL);
    account = accountService.save(account);
    AccIdentityAccountDto accountIdentity = new AccIdentityAccountDto();
    accountIdentity.setIdentity(identity.getId());
    accountIdentity.setOwnership(true);
    accountIdentity.setAccount(account.getId());
    return identityAccountService.save(accountIdentity);
}
Also used : AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16