Search in sources :

Example 66 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySynchronizationExecutor method doUnlink.

/**
 * Operation remove IdentityAccount relations and linked roles
 *
 * @param account
 * @param removeIdentityRole
 * @param log
 * @param logItem
 * @param actionLogs
 */
@Override
protected void doUnlink(AccAccountDto account, boolean removeIdentityRole, SysSyncLogDto log, SysSyncItemLogDto logItem, List<SysSyncActionLogDto> actionLogs) {
    EntityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setAccountId(account.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find((AccIdentityAccountFilter) identityAccountFilter, null).getContent();
    if (identityAccounts.isEmpty()) {
        addToItemLog(logItem, "Warning! - Identity account relation was not found!");
        initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
        return;
    }
    addToItemLog(logItem, MessageFormat.format("Identity-account relations to delete [{0}]", identityAccounts));
    identityAccounts.stream().forEach(identityAccount -> {
        // We will remove identity account, but without delete connected
        // account
        identityAccountService.delete(identityAccount, false);
        addToItemLog(logItem, MessageFormat.format("Identity-account relation deleted (without calling the delete provisioning operation) (username: [{0}], id: [{1}])", identityAccount.getIdentity(), identityAccount.getId()));
        UUID identityRole = identityAccount.getIdentityRole();
        if (removeIdentityRole && identityRole != null) {
            // We will remove connected identity role
            identityRoleService.deleteById(identityRole);
            addToItemLog(logItem, MessageFormat.format("Identity-role relation deleted (id: {0})", identityRole));
        }
    });
}
Also used : EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) UUID(java.util.UUID) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 67 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemMappingService method getMappingContext.

@Override
public MappingContext getMappingContext(SysSystemMappingDto mapping, SysSystemEntityDto systemEntity, AbstractDto dto, SysSystemDto system) {
    Assert.notNull(mapping, "Mapping cannot be null!");
    Assert.notNull(systemEntity, "System entity cannot be null!");
    Assert.notNull(system, "System cannot be null!");
    // Create new context.
    MappingContext mappingContext = new MappingContext();
    if (dto == null) {
        return mappingContext;
    }
    if ((mapping.isAddContextIdentityRoles() || mapping.isAddContextIdentityRolesForSystem()) && dto instanceof IdmIdentityDto) {
        IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
        identityRoleFilter.setIdentityId(dto.getId());
        List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(identityRoleFilter, PageRequest.of(0, Integer.MAX_VALUE, Sort.by(IdmIdentityRole_.created.getName()))).getContent();
        if (mapping.isAddContextIdentityRoles()) {
            // Set all identity-roles to the context.
            mappingContext.setIdentityRoles(identityRoles);
        }
        if (mapping.isAddContextIdentityRolesForSystem()) {
            Assert.notNull(system.getId(), "System identifier is required.");
            List<IdmIdentityRoleDto> identityRolesForSystem = Lists.newArrayList();
            AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
            identityAccountFilter.setIdentityId(dto.getId());
            identityAccountFilter.setSystemId(system.getId());
            List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
            // Filtering only identity-roles for this system.
            identityAccounts.forEach(identityAccount -> {
                identityRolesForSystem.addAll(identityRoles.stream().filter(identityRole -> identityRole.getId().equals(identityAccount.getIdentityRole())).collect(Collectors.toList()));
            });
            // Set identity-roles for this system to the context.
            mappingContext.setIdentityRolesForSystem(identityRolesForSystem);
        }
    }
    if (mapping.isAddContextContracts() && dto instanceof IdmIdentityDto) {
        // Set all identity contracts to the context.
        mappingContext.setContracts(identityContractService.findAllByIdentity(dto.getId()));
    }
    if (mapping.isAddContextConnectorObject()) {
        // Set connector object to the context.
        mappingContext.setConnectorObject(systemEntityService.getConnectorObject(systemEntity));
    }
    String script = mapping.getMappingContextScript();
    if (StringUtils.isEmpty(script)) {
        return mappingContext;
    } else {
        Map<String, Object> variables = new HashMap<>();
        variables.put(SysSystemAttributeMappingService.ACCOUNT_UID, systemEntity.getUid());
        variables.put(SysSystemAttributeMappingService.SYSTEM_KEY, system);
        variables.put(SysSystemAttributeMappingService.ENTITY_KEY, dto);
        variables.put(SysSystemAttributeMappingService.CONTEXT_KEY, mappingContext);
        // Add default script evaluator, for call another scripts
        variables.put(AbstractScriptEvaluator.SCRIPT_EVALUATOR, pluginExecutors.getPluginFor(IdmScriptCategory.MAPPING_CONTEXT));
        // Add access for script evaluator
        List<Class<?>> extraClass = new ArrayList<>();
        extraClass.add(AbstractScriptEvaluator.Builder.class);
        extraClass.add(IcConnectorObject.class);
        // 
        Object result = groovyScriptService.evaluate(script, variables, extraClass);
        if (result instanceof MappingContext) {
            return (MappingContext) result;
        } else {
            throw new ProvisioningException(AccResultCode.MAPPING_CONTEXT_SCRIPT_RETURNS_WRONG_TYPE, ImmutableMap.of("system", system.getCode()));
        }
    }
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) MappingContext(eu.bcvsolutions.idm.acc.domain.MappingContext) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AbstractScriptEvaluator(eu.bcvsolutions.idm.core.script.evaluator.AbstractScriptEvaluator) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)

Example 68 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccRoleDuplicateBulkActionIntegrationTest method testDontRemoveAccount.

@Test
public void testDontRemoveAccount() {
    IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
    String environment = getHelper().createName();
    IdmRoleDto role = getHelper().createRole(null, null, environment);
    IdmRoleDto roleSubOne = getHelper().createRole(null, null, environment);
    IdmRoleDto roleSubTwo = getHelper().createRole(null, null, environment);
    IdmRoleCompositionDto compositionSubOne = getHelper().createRoleComposition(role, roleSubOne);
    // 
    // create system mapping on the target
    String targetEnvironment = getHelper().createName();
    IdmRoleDto roleTarget = getHelper().createRole(null, role.getBaseCode(), targetEnvironment);
    IdmRoleDto roleSubOneTarget = getHelper().createRole(null, roleSubOne.getBaseCode(), targetEnvironment);
    IdmRoleDto roleSubTwoTarget = getHelper().createRole(null, roleSubTwo.getBaseCode(), targetEnvironment);
    SysSystemDto system = getHelper().createTestResourceSystem(true);
    getHelper().createRoleSystem(roleSubOneTarget, system);
    getHelper().createRoleSystem(roleSubTwoTarget, system);
    getHelper().createIdentityRole(identity, roleTarget);
    // 
    // check account not exist now - composition on target doesn't exist
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNull(account);
    // 
    // bulk action updates composition only
    IdmBulkActionDto bulkAction = findBulkAction(IdmRole.class, RoleDuplicateBulkAction.NAME);
    bulkAction.setIdentifiers(Sets.newHashSet(role.getId()));
    bulkAction.getProperties().put(RoleDuplicateBulkAction.PROPERTY_ENVIRONMENT, targetEnvironment);
    bulkAction.getProperties().put(DuplicateRoleCompositionProcessor.PARAMETER_INCLUDE_ROLE_COMPOSITION, true);
    IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
    // 
    checkResultLrt(processAction, 1l, null, null);
    // 
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(roleSubOneTarget.getId())));
    Assert.assertTrue(assignedRoles.stream().allMatch(ir -> !ir.getRole().equals(roleSubTwoTarget.getId())));
    // 
    // change a source composition
    roleCompositionService.delete(compositionSubOne);
    getHelper().createRoleComposition(role, roleSubTwo);
    // 
    processAction = bulkActionManager.processAction(bulkAction);
    checkResultLrt(processAction, 1l, null, null);
    // 
    List<IdmRoleCompositionDto> targetSubRoles = roleCompositionService.findAllSubRoles(roleTarget.getId());
    Assert.assertEquals(1, targetSubRoles.size());
    Assert.assertEquals(roleSubTwoTarget.getId(), targetSubRoles.get(0).getSub());
    // 
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(roleSubTwoTarget.getId())));
    Assert.assertTrue(assignedRoles.stream().allMatch(ir -> !ir.getRole().equals(roleSubOneTarget.getId())));
    // 
    // search identity accounts
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    // 
    AccAccountDto switchedAccount = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(switchedAccount);
    Assert.assertEquals(account.getId(), switchedAccount.getId());
}
Also used : IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AbstractBulkActionTest(eu.bcvsolutions.idm.test.api.AbstractBulkActionTest) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) After(org.junit.After) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) Before(org.junit.Before) RoleDuplicateBulkAction(eu.bcvsolutions.idm.core.bulk.action.impl.role.RoleDuplicateBulkAction) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Test(org.junit.Test) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) Sets(com.google.common.collect.Sets) List(java.util.List) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) DuplicateRoleCompositionProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.DuplicateRoleCompositionProcessor) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) TestHelper(eu.bcvsolutions.idm.acc.TestHelper) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Assert(org.junit.Assert) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AbstractBulkActionTest(eu.bcvsolutions.idm.test.api.AbstractBulkActionTest) Test(org.junit.Test)

Example 69 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class ContractSliceSyncTest method setDirtyStateAndCheckIt.

@Test
public void setDirtyStateAndCheckIt() {
    // create tree type and node, tree node is used as position in contrac slice synchronization
    IdmTreeTypeDto treeType = this.getHelper().createTreeType();
    IdmTreeNodeDto treeNode = this.getHelper().createTreeNode(treeType, null);
    // create two roles, one role is used as automatic role by organization structure
    // second role is used as manually added
    IdmRoleDto roleOne = this.getHelper().createRole();
    IdmRoleDto roleTwo = this.getHelper().createRole();
    this.getHelper().createAutomaticRole(roleOne, treeNode);
    // init system
    SysSystemDto system = initData();
    // set default tree type for synchronization
    SysSyncContractConfigDto config = (SysSyncContractConfigDto) doCreateSyncConfig(system);
    config.setDefaultTreeType(treeType.getId());
    syncConfigService.save(config);
    IdmIdentityDto identity = helper.createIdentity();
    // for sure remove all contracts
    contractService.findAllByIdentity(identity.getId()).forEach(contract -> {
        contractService.delete(contract);
    });
    // check current delete audits record for identity (and their related entities)
    IdmAuditFilter filter = new IdmAuditFilter();
    filter.setOwnerId(identity.getId().toString());
    filter.setModification("DELETE");
    List<IdmAuditDto> audits = auditService.find(filter, null).getContent();
    assertEquals(0, audits.size());
    // check current slices
    IdmContractSliceFilter contractSliceFilter = new IdmContractSliceFilter();
    contractSliceFilter.setIdentity(identity.getId());
    List<IdmContractSliceDto> slices = contractSliceService.find(contractSliceFilter, null).getContent();
    assertEquals(0, slices.size());
    // check current contracts
    List<IdmIdentityContractDto> allByIdentity = contractService.findAllByIdentity(identity.getId());
    assertEquals(0, allByIdentity.size());
    // delete all data in resource
    this.getBean().deleteAllResourceData();
    // create step one data, please see inside method
    this.getBean().createTestDataStepOne(identity.getUsername(), treeNode.getCode());
    // start synchronization
    helper.startSynchronization(config);
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 1);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    // after first synchronization exists one contract
    allByIdentity = contractService.findAllByIdentity(identity.getId());
    assertEquals(1, allByIdentity.size());
    // after first synchronization exists one slice
    slices = contractSliceService.find(contractSliceFilter, null).getContent();
    assertEquals(1, slices.size());
    // after first synchronization exists one identity role - automatic role
    List<IdmIdentityRoleDto> identityRoles = identityRoleService.findAllByIdentity(identity.getId());
    assertEquals(1, identityRoles.size());
    IdmIdentityRoleDto identityRoleDto = identityRoles.get(0);
    // manually create identity account for check if identity account will be changed or deleted after second synchronization
    // this state create two audit records for the identity account
    AccIdentityAccountDto identityAccount = helper.createIdentityAccount(system, identity);
    identityAccount.setIdentityRole(identityRoleDto.getId());
    identityAccount = identityAccountService.save(identityAccount);
    // add manually role
    IdmIdentityContractDto identityContractDto = allByIdentity.get(0);
    this.getHelper().createIdentityRole(identityContractDto, roleTwo);
    // check current identity roles - one is automatic, second is manually added
    identityRoles = identityRoleService.findAllByIdentity(identity.getId());
    assertEquals(2, identityRoles.size());
    // prepare data for second step
    this.getBean().createTestDataStepTwo(identity.getUsername(), treeNode.getCode());
    helper.startSynchronization(config);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    // after second synchronization still exists one contract
    allByIdentity = contractService.findAllByIdentity(identity.getId());
    assertEquals(1, allByIdentity.size());
    // after second synchronization exists two slices
    slices = contractSliceService.find(contractSliceFilter, null).getContent();
    assertEquals(2, slices.size());
    // after second synchronization must also exists both roles
    identityRoles = identityRoleService.findAllByIdentity(identity.getId());
    assertEquals(2, identityRoles.size());
    // check delete operation for identity and their related entities
    filter = new IdmAuditFilter();
    filter.setOwnerId(identity.getId().toString());
    filter.setModification("DELETE");
    audits = auditService.find(filter, null).getContent();
    assertEquals(0, audits.size());
    // check audit for identity roles
    for (IdmIdentityRoleDto identityRole : identityRoles) {
        filter = new IdmAuditFilter();
        filter.setEntityId(identityRole.getId());
        List<IdmAuditDto> auditsForIdentityRole = auditService.find(filter, null).getContent();
        if (identityRole.getAutomaticRole() == null) {
            // manually added role, just create
            assertEquals(1, auditsForIdentityRole.size());
        } else {
            // automatic role change validity
            assertEquals(2, auditsForIdentityRole.size());
        }
    }
    // Check audit records for identity account, exists three record, because helper
    // create one and second create save with change identity role and third is
    // delete of this identity-account (role does not mapping the system)
    filter = new IdmAuditFilter();
    filter.setEntityId(identityAccount.getId());
    List<IdmAuditDto> auditsForIdentityAccount = auditService.find(filter, null).getContent();
    assertEquals(3, auditsForIdentityAccount.size());
    // some tests expect data as contract slice with id 1. Just for sure we clear test slices
    slices = contractSliceService.find(contractSliceFilter, null).getContent();
    slices.forEach(slice -> {
        contractSliceService.delete(slice);
    });
    identityService.delete(identity);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuditDto(eu.bcvsolutions.idm.core.api.audit.dto.IdmAuditDto) IdmAuditFilter(eu.bcvsolutions.idm.core.api.audit.dto.filter.IdmAuditFilter) IdmContractSliceFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmContractSliceFilter) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) IdmContractSliceDto(eu.bcvsolutions.idm.core.api.dto.IdmContractSliceDto) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) SysSyncContractConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncContractConfigDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 70 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method testDefaultRoleToAllContracts.

@Test
public void testDefaultRoleToAllContracts() {
    IdmIdentityDto identityDto = helper.createIdentity((GuardedString) null);
    SysSystemDto system = initData(identityDto.getUsername());
    Assert.assertNotNull(system);
    IdmRoleDto defaultRole = helper.createRole();
    // 
    SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
    // Set default role to sync configuration
    config.setDefaultRole(defaultRole.getId());
    config.setInactiveOwnerBehavior(SynchronizationInactiveOwnerBehaviorType.LINK);
    config.setCreateDefaultContract(false);
    config.setAssignDefaultRoleToAll(true);
    config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
    // 
    // create default mapping for provisioning
    helper.createMapping(system);
    helper.createRoleSystem(defaultRole, system);
    IdmIdentityContractDto validContract = helper.getPrimeContract(identityDto);
    IdmIdentityContractDto validFutureContract = helper.createContract(identityDto, null, LocalDate.now().plusDays(10), null);
    helper.createContract(identityDto, null, null, LocalDate.now().minusDays(1));
    List<IdmIdentityContractDto> contracts = contractService.findAllByIdentity(identityDto.getId());
    Assert.assertEquals(3, contracts.size());
    helper.startSynchronization(config);
    // Have to be in the success state, because default role will be assigned to the valid contracts.
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.LINK, 1, OperationResultType.SUCCESS);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    IdmIdentityDto identity = identityService.get(identityDto);
    List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(2, roles.size());
    long identityRolesWithDefaultRole = roles.stream().filter(role -> role.getRole().equals(defaultRole.getId())).count();
    Assert.assertEquals(2, identityRolesWithDefaultRole);
    // Valid contract must have default role
    long identityRolesWithValidContract = roles.stream().filter(role -> role.getIdentityContract().equals(validContract.getId())).count();
    Assert.assertEquals(1, identityRolesWithValidContract);
    // Future contract must have default role
    long identityRolesWithFutureContract = roles.stream().filter(role -> role.getIdentityContract().equals(validFutureContract.getId())).count();
    Assert.assertEquals(1, identityRolesWithFutureContract);
    // Check only one identity account is created.
    // Only one identity-account relation can exists, because only one
    // current valid identity-role exists now (the second is future valid).
    AccIdentityAccountFilter accountFilter = new AccIdentityAccountFilter();
    accountFilter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(accountFilter, null).getContent();
    // !!!!To delete - Test doesn't pass on the Jenkins, we need to more information
    if (identityAccounts.size() > 1) {
        identityAccounts.forEach(identityAccountDtoOne -> {
            System.out.println("Id - identityAccount: " + identityAccountDtoOne.getId());
            System.out.println("Account: " + identityAccountDtoOne.getAccount());
            System.out.println("RoleSystem: " + identityAccountDtoOne.getRoleSystem());
            System.out.println("Identity: " + identityAccountDtoOne.getIdentity());
            System.out.println("IdentityRole: " + identityAccountDtoOne.getIdentityRole());
            System.out.println("----");
        });
    }
    // !!!
    Assert.assertEquals(1, identityAccounts.size());
    // Delete log
    syncLogService.delete(log);
    syncConfigService.delete(config);
}
Also used : IdmScriptCategory(eu.bcvsolutions.idm.core.api.domain.IdmScriptCategory) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) ZonedDateTime(java.time.ZonedDateTime) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) Autowired(org.springframework.beans.factory.annotation.Autowired) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) ConfigurationService(eu.bcvsolutions.idm.core.api.service.ConfigurationService) FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) SynchronizationUnlinkedActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationUnlinkedActionType) Task(eu.bcvsolutions.idm.core.scheduler.api.dto.Task) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType) Page(org.springframework.data.domain.Page) ReconciliationMissingAccountActionType(eu.bcvsolutions.idm.acc.domain.ReconciliationMissingAccountActionType) IdentityState(eu.bcvsolutions.idm.core.api.domain.IdentityState) ZoneId(java.time.ZoneId) Assert.assertFalse(org.junit.Assert.assertFalse) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SynchronizationSchedulableTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.SynchronizationSchedulableTaskExecutor) SynchronizationInactiveOwnerBehaviorType(eu.bcvsolutions.idm.acc.domain.SynchronizationInactiveOwnerBehaviorType) SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService) ObserveLongRunningTaskEndProcessor(eu.bcvsolutions.idm.core.scheduler.ObserveLongRunningTaskEndProcessor) IdmFormProjectionService(eu.bcvsolutions.idm.core.eav.api.service.IdmFormProjectionService) SynchronizationLinkedActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationLinkedActionType) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) SchedulerConfiguration(eu.bcvsolutions.idm.core.scheduler.api.config.SchedulerConfiguration) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Assert.assertTrue(org.junit.Assert.assertTrue) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) Test(org.junit.Test) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) EntityManager(javax.persistence.EntityManager) Assert.assertNotEquals(org.junit.Assert.assertNotEquals) DefaultSynchronizationServiceTest(eu.bcvsolutions.idm.acc.service.impl.DefaultSynchronizationServiceTest) ScriptAuthorityType(eu.bcvsolutions.idm.core.api.domain.ScriptAuthorityType) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) PrivateIdentityConfiguration(eu.bcvsolutions.idm.core.api.config.domain.PrivateIdentityConfiguration) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison) IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_) Assert(org.junit.Assert) SysSyncActionLogService(eu.bcvsolutions.idm.acc.service.api.SysSyncActionLogService) Assert.assertEquals(org.junit.Assert.assertEquals) OperationResultType(eu.bcvsolutions.idm.acc.domain.OperationResultType) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) DependentTaskTrigger(eu.bcvsolutions.idm.core.scheduler.api.dto.DependentTaskTrigger) SysSyncConfigFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) After(org.junit.After) SynchronizationMissingEntityActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationMissingEntityActionType) ProvisioningConfiguration(eu.bcvsolutions.idm.acc.config.domain.ProvisioningConfiguration) SysSyncConfigService(eu.bcvsolutions.idm.acc.service.api.SysSyncConfigService) SysSyncLogService(eu.bcvsolutions.idm.acc.service.api.SysSyncLogService) IdmScriptAuthorityDto(eu.bcvsolutions.idm.core.api.dto.IdmScriptAuthorityDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IdmFormProjectionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormProjectionDto) UUID(java.util.UUID) SchedulerManager(eu.bcvsolutions.idm.core.scheduler.api.service.SchedulerManager) Lists(com.beust.jcommander.internal.Lists) SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto) List(java.util.List) Query(javax.persistence.Query) EventConfiguration(eu.bcvsolutions.idm.core.api.config.domain.EventConfiguration) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) LocalDate(java.time.LocalDate) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmScriptService(eu.bcvsolutions.idm.core.api.service.IdmScriptService) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) MessageFormat(java.text.MessageFormat) ProcessEngine(org.activiti.engine.ProcessEngine) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) SynchronizationActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationActionType) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) Assert.assertNotNull(org.junit.Assert.assertNotNull) SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) ApplicationContext(org.springframework.context.ApplicationContext) IdmScriptDto(eu.bcvsolutions.idm.core.api.dto.IdmScriptDto) SysSyncItemLogFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncItemLogFilter) SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SysSyncActionLogFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncActionLogFilter) SynchronizationService(eu.bcvsolutions.idm.acc.service.api.SynchronizationService) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSyncItemLogService(eu.bcvsolutions.idm.acc.service.api.SysSyncItemLogService) TestHelper(eu.bcvsolutions.idm.acc.TestHelper) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) IdmScriptAuthorityService(eu.bcvsolutions.idm.core.api.service.IdmScriptAuthorityService) Transactional(org.springframework.transaction.annotation.Transactional) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) DefaultSynchronizationServiceTest(eu.bcvsolutions.idm.acc.service.impl.DefaultSynchronizationServiceTest)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16