Search in sources :

Example 61 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccountManagementTest method identityAccountCanBeCreatedTest.

@Test
public /**
 * Script on the mapping "Can be account created?" returns true.
 */
void identityAccountCanBeCreatedTest() {
    SysSystemDto system = initIdentityData();
    Assert.assertNotNull(system);
    SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
    Assert.assertNotNull(mapping);
    mapping.setCanBeAccountCreatedScript("return Boolean.FALSE;");
    mapping = systemMappingService.save(mapping);
    IdmIdentityDto identity = helper.createIdentity();
    AccIdentityAccountFilter roleAccountFilter = new AccIdentityAccountFilter();
    roleAccountFilter.setEntityId(identity.getId());
    roleAccountFilter.setOwnership(Boolean.TRUE);
    roleAccountFilter.setSystemId(system.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    // None role assigned
    Assert.assertEquals(0, identityAccounts.size());
    IdmRoleDto roleDefault = helper.createRole();
    SysRoleSystemDto roleSystemDefault = new SysRoleSystemDto();
    roleSystemDefault.setRole(roleDefault.getId());
    roleSystemDefault.setSystem(system.getId());
    roleSystemDefault.setSystemMapping(mapping.getId());
    roleSystemDefault = roleSystemService.save(roleSystemDefault);
    IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
    identityRole.setIdentityContract(identityContractService.getPrimeContract(identity.getId()).getId());
    identityRole.setRole(roleDefault.getId());
    identityRole = identityRoleService.save(identityRole);
    identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    // Role assigned, but script returns false
    Assert.assertEquals(0, identityAccounts.size());
    mapping.setCanBeAccountCreatedScript("return Boolean.TRUE;");
    mapping = systemMappingService.save(mapping);
    // Resave run the ACM
    identityRole = identityRoleService.save(identityRole);
    identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    // Delete
    identityService.delete(identity);
    roleService.delete(roleDefault);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 62 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createNonValidRole.

@Test
public void createNonValidRole() {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // provisioning is not executed
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> list = identityAccountService.find(filter, null).getContent();
    // it must not exists
    assertEquals(true, list.isEmpty());
}
Also used : IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 63 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class VsProvisioningMergeTest method test300ProvisioningsWithMergePerformance.

@Ignore
@Test
public void test300ProvisioningsWithMergePerformance() {
    VsSystemDto config = new VsSystemDto();
    config.setName(helper.createName());
    config.setCreateDefaultRole(false);
    SysSystemDto system = helper.createVirtualSystem(config);
    Assert.assertNotNull(system);
    IdmIdentityDto identity = helper.createIdentity();
    AccIdentityAccountFilter roleAccountFilter = new AccIdentityAccountFilter();
    roleAccountFilter.setEntityId(identity.getId());
    roleAccountFilter.setOwnership(Boolean.TRUE);
    roleAccountFilter.setSystemId(system.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    // None role assigned
    Assert.assertEquals(0, identityAccounts.size());
    List<IdmRoleDto> roles = this.createRolesWithSystem(system, 300);
    IdmIdentityContractDto primeContract = identityContractService.getPrimeContract(identity.getId());
    Date startAcm = new Date();
    IdmRoleRequestDto request = helper.createRoleRequest(primeContract, roles.toArray(new IdmRoleDto[0]));
    helper.executeRequest(request, false, true);
    Date endAcm = new Date();
    System.out.println("test300PrvisioningsWithMergePerformance - ACM duration: " + (endAcm.getTime() - startAcm.getTime()));
    identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    Assert.assertEquals(300, identityAccounts.size());
    Date startProv = new Date();
    // Save identity -> execute the provisioning
    identityService.save(identity);
    Date endProv = new Date();
    System.out.println("test300PrvisioningsWithMergePerformance - Provisioning duration: " + (endProv.getTime() - startProv.getTime()));
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) VsSystemDto(eu.bcvsolutions.idm.vs.dto.VsSystemDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) Date(java.util.Date) Ignore(org.junit.Ignore) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 64 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class ChangesOnSystemReportExecutor method findIdentityAndAccount.

/**
 *******************************************************************
 * ************* New methods
 *****************************************
 */
/**
 * Find the identity and account from the AccIdentityAccountDto binding
 *
 * @param accountId
 * @param systemId
 * @return
 */
private Pair<AccAccountDto, IdmIdentityDto> findIdentityAndAccount(UUID systemId, UUID accountId, UUID identityId) {
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setAccountId(accountId);
    filter.setIdentityId(identityId);
    filter.setSystemId(systemId);
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    if (identityAccounts.isEmpty()) {
        AccAccountDto account = accountService.get(accountId);
        return Pair.of(account, null);
    }
    IdmIdentityDto identity = getLookupService().lookupEmbeddedDto(identityAccounts.get(0), AccIdentityAccount_.identity);
    AccAccountDto account = getLookupService().lookupEmbeddedDto(identityAccounts.get(0), AccIdentityAccount_.account);
    return Pair.of(account, identity);
}
Also used : AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 65 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class RoleSynchronizationExecutor method assignMissingIdentityRoles.

/**
 * Assign missing identity roles.
 */
private void assignMissingIdentityRoles(IdmRoleDto roleDto, SysSyncRoleConfigDto config, SysSyncItemLogDto logItem, List<IdmIdentityRoleDto> existsIdentityRoleDtos, Set<UUID> membersContractIds, SysSystemDto userSystemDto, int[] count, String uid, SynchronizationContext context) {
    // On every 20th item will be hibernate flushed and check if sync was not ended.
    if (count[0] % 20 == 0 && count[0] > 0) {
        if (!checkForCancelAndFlush(config)) {
            return;
        }
    }
    count[0]++;
    // Need to find account using SysSystemEntityDto uid, because uid of AccAccountDto can be different.
    SysSystemEntityFilter entityFilter = new SysSystemEntityFilter();
    entityFilter.setEntityType(SystemEntityType.IDENTITY);
    entityFilter.setSystemId(userSystemDto.getId());
    entityFilter.setUid(uid);
    SysSystemEntityDto systemEntity = systemEntityService.find(entityFilter, null).stream().findFirst().orElse(null);
    if (systemEntity == null) {
        return;
    }
    AccAccountFilter accAccountFilter = new AccAccountFilter();
    accAccountFilter.setSystemEntityId(systemEntity.getId());
    final UUID accAccountId = accountService.findIds(accAccountFilter, null).stream().findFirst().orElse(null);
    if (accAccountId == null) {
        return;
    }
    AccIdentityAccountFilter identityAccountWithoutRelationFilter = new AccIdentityAccountFilter();
    identityAccountWithoutRelationFilter.setAccountId(accAccountId);
    AccIdentityAccountDto identityAccountDto = identityAccountService.find(identityAccountWithoutRelationFilter, null).getContent().stream().findFirst().orElse(null);
    if (identityAccountDto == null) {
        return;
    }
    UUID identityId = identityAccountDto.getIdentity();
    IdmIdentityContractDto primeContract = identityContractService.getPrimeContract(identityId);
    if (primeContract == null) {
        addToItemLog(logItem, MessageFormat.format("!!Role was not assigned to the user [{0}], because primary contract was not found!!", uid));
        initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, context.getLog(), context.getActionLogs());
        return;
    }
    membersContractIds.add(primeContract.getId());
    IdmIdentityRoleDto existIdentityRoleDto = existsIdentityRoleDtos.stream().filter(identityRole -> primeContract.getId().equals(identityRole.getIdentityContract())).findFirst().orElse(null);
    if (existIdentityRoleDto != null) {
        // Identity already has the role.
        return;
    }
    addToItemLog(logItem, MessageFormat.format("Role is not assigned for user [{0}] and contract [{1}]. Role request for add role will be created.", uid, primeContract.getId()));
    // Get cache with role-requests by identity-contract.
    Map<UUID, UUID> roleRequestCache = getRoleRequestCache();
    // Get role-request for the primary contract from a cache. If no request is present, then create one.
    initRoleRequest(primeContract, roleRequestCache, config);
    UUID roleRequestId = roleRequestCache.get(primeContract.getId());
    IdmRoleRequestDto mockRoleRequest = new IdmRoleRequestDto();
    mockRoleRequest.setId(roleRequestId);
    // Create a concept for assign a role to primary contract.
    roleRequestService.createConcept(mockRoleRequest, primeContract, null, roleDto.getId(), ConceptRoleRequestOperation.ADD);
}
Also used : AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) UUID(java.util.UUID) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemEntityFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemEntityFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16