use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentitySyncTest method checkIdentityAccount.
private void checkIdentityAccount(IdmIdentityDto identity, int numberOfAccounts, UUID identityRole) {
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
Assert.assertEquals(numberOfAccounts, identityAccounts.size());
if (numberOfAccounts == 0) {
return;
}
Assert.assertEquals(identityRole, identityAccounts.get(0).getIdentityRole());
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentitySyncTest method testDefaultRoleToAllContractsWithDefaultContract.
@Test
public void testDefaultRoleToAllContractsWithDefaultContract() {
SysSystemDto system = initData();
Assert.assertNotNull(system);
IdmRoleDto defaultRole = helper.createRole();
//
SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
// Set default role to sync configuration
config.setDefaultRole(defaultRole.getId());
config.setInactiveOwnerBehavior(SynchronizationInactiveOwnerBehaviorType.LINK);
config.setCreateDefaultContract(true);
config.setAssignDefaultRoleToAll(true);
config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
//
// create default mapping for provisioning
helper.createMapping(system);
helper.createRoleSystem(defaultRole, system);
IdmIdentityFilter identityFilter = new IdmIdentityFilter();
identityFilter.setUsername(IDENTITY_ONE);
List<IdmIdentityDto> identities = identityService.find(identityFilter, null).getContent();
Assert.assertEquals(0, identities.size());
helper.startSynchronization(config);
// Have to be in the success state, because default role will be assigned to the default contract.
SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 1, OperationResultType.SUCCESS);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
identities = identityService.find(identityFilter, null).getContent();
Assert.assertEquals(1, identities.size());
IdmIdentityDto identity = identities.get(0);
List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identities.get(0).getId());
Assert.assertEquals(1, roles.size());
IdmIdentityRoleDto assignedRole = roles.get(0);
Assert.assertEquals(defaultRole.getId(), assignedRole.getRole());
// check only one identity account is created
AccIdentityAccountFilter accountFilter = new AccIdentityAccountFilter();
accountFilter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(accountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
Assert.assertEquals(assignedRole.getId(), identityAccounts.get(0).getIdentityRole());
// Delete log
syncLogService.delete(log);
syncConfigService.delete(config);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentitySyncTest method testCreateIdentityWithDefaultContractAndRoleSync.
@Test
public void testCreateIdentityWithDefaultContractAndRoleSync() {
SysSystemDto system = initData();
Assert.assertNotNull(system);
IdmRoleDto defaultRole = helper.createRole();
//
SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
// Set default role to sync configuration
config.setDefaultRole(defaultRole.getId());
config.setInactiveOwnerBehavior(SynchronizationInactiveOwnerBehaviorType.LINK);
config.setCreateDefaultContract(true);
config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
//
// create default mapping for provisioning
helper.createMapping(system);
helper.createRoleSystem(defaultRole, system);
IdmIdentityFilter identityFilter = new IdmIdentityFilter();
identityFilter.setUsername(IDENTITY_ONE);
List<IdmIdentityDto> identities = identityService.find(identityFilter, null).getContent();
Assert.assertEquals(0, identities.size());
helper.startSynchronization(config);
// Have to be in the success state, because default role will be assigned to the default contract.
SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 1, OperationResultType.SUCCESS);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
identities = identityService.find(identityFilter, null).getContent();
Assert.assertEquals(1, identities.size());
IdmIdentityDto identity = identities.get(0);
List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identities.get(0).getId());
Assert.assertEquals(1, roles.size());
IdmIdentityRoleDto assignedRole = roles.get(0);
Assert.assertEquals(defaultRole.getId(), assignedRole.getRole());
// check only one identity account is created
AccIdentityAccountFilter accountFilter = new AccIdentityAccountFilter();
accountFilter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(accountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
Assert.assertEquals(assignedRole.getId(), identityAccounts.get(0).getIdentityRole());
// Delete log
syncLogService.delete(log);
syncConfigService.delete(config);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class AccountManagementTest method testOneRoleAssingnTwoSystems.
@Test
public void testOneRoleAssingnTwoSystems() {
IdmRoleDto roleOne = getHelper().createRole();
// create test system with mapping and link her to role
SysSystemDto systemOne = getHelper().createTestResourceSystem(true);
SysSystemDto systemTwo = getHelper().createTestResourceSystem(true);
getHelper().createRoleSystem(roleOne, systemOne);
IdmIdentityDto identity = getHelper().createIdentity();
getHelper().createIdentityRole(identity, roleOne);
// Role assign systemTwo now -> second account is not created
getHelper().createRoleSystem(roleOne, systemTwo);
// check after create
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(1, assignedRoles.size());
// check created account (second account is not created )
AccAccountDto accountOne = accountService.getAccount(identity.getUsername(), systemOne.getId());
Assert.assertNotNull(accountOne);
Assert.assertNotNull(getHelper().findResource(accountOne.getRealUid()));
AccAccountDto accountTwo = accountService.getAccount(identity.getUsername(), systemTwo.getId());
Assert.assertNull(accountTwo);
// Execute ACM and provisioning via bulk action
IdmBulkActionDto bulkAction = this.findBulkAction(IdmIdentity.class, IdentityAccountManagementBulkAction.NAME);
bulkAction.setIdentifiers(Sets.newHashSet(identity.getId()));
bulkActionManager.processAction(bulkAction);
// check created account
accountOne = accountService.getAccount(identity.getUsername(), systemOne.getId());
Assert.assertNotNull(accountOne);
Assert.assertNotNull(getHelper().findResource(accountOne.getRealUid()));
accountTwo = accountService.getAccount(identity.getUsername(), systemTwo.getId());
Assert.assertNotNull(accountTwo);
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
// We have one role and two system -> two identity-accounts for roleOne should be exists.
Assert.assertEquals(2, identityAccounts.size());
long countIdentityAccountsWithRoleOne = identityAccounts.stream().filter(identityAccount -> identityAccount.getIdentityRole().equals(assignedRoles.get(0).getId())).count();
Assert.assertEquals(2, countIdentityAccountsWithRoleOne);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class AccountManagementTest method testIdentityAccountCanBeCreated.
@Test
public /**
* Script on the mapping "Can be account created?" returns true.
*/
void testIdentityAccountCanBeCreated() {
SysSystemDto system = initIdentityData();
Assert.assertNotNull(system);
SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
Assert.assertNotNull(mapping);
mapping.setCanBeAccountCreatedScript("return Boolean.FALSE;");
mapping = systemMappingService.save(mapping);
IdmIdentityDto identity = helper.createIdentity();
AccIdentityAccountFilter roleAccountFilter = new AccIdentityAccountFilter();
roleAccountFilter.setEntityId(identity.getId());
roleAccountFilter.setOwnership(Boolean.TRUE);
roleAccountFilter.setSystemId(system.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
// None role assigned
Assert.assertEquals(0, identityAccounts.size());
IdmRoleDto roleDefault = helper.createRole();
SysRoleSystemDto roleSystemDefault = new SysRoleSystemDto();
roleSystemDefault.setRole(roleDefault.getId());
roleSystemDefault.setSystem(system.getId());
roleSystemDefault.setSystemMapping(mapping.getId());
roleSystemDefault = roleSystemService.save(roleSystemDefault);
IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
identityRole.setIdentityContract(identityContractService.getPrimeContract(identity.getId()).getId());
identityRole.setRole(roleDefault.getId());
identityRole = identityRoleService.save(identityRole);
identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
// Role assigned, but script returns false
Assert.assertEquals(0, identityAccounts.size());
mapping.setCanBeAccountCreatedScript("return Boolean.TRUE;");
mapping = systemMappingService.save(mapping);
// Resave run the ACM
identityRole = identityRoleService.save(identityRole);
identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
// Delete
identityService.delete(identity);
roleService.delete(roleDefault);
}
Aggregations