Search in sources :

Example 71 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method checkIdentityAccount.

private void checkIdentityAccount(IdmIdentityDto identity, int numberOfAccounts, UUID identityRole) {
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    Assert.assertEquals(numberOfAccounts, identityAccounts.size());
    if (numberOfAccounts == 0) {
        return;
    }
    Assert.assertEquals(identityRole, identityAccounts.get(0).getIdentityRole());
}
Also used : AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 72 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method testDefaultRoleToAllContractsWithDefaultContract.

@Test
public void testDefaultRoleToAllContractsWithDefaultContract() {
    SysSystemDto system = initData();
    Assert.assertNotNull(system);
    IdmRoleDto defaultRole = helper.createRole();
    // 
    SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
    // Set default role to sync configuration
    config.setDefaultRole(defaultRole.getId());
    config.setInactiveOwnerBehavior(SynchronizationInactiveOwnerBehaviorType.LINK);
    config.setCreateDefaultContract(true);
    config.setAssignDefaultRoleToAll(true);
    config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
    // 
    // create default mapping for provisioning
    helper.createMapping(system);
    helper.createRoleSystem(defaultRole, system);
    IdmIdentityFilter identityFilter = new IdmIdentityFilter();
    identityFilter.setUsername(IDENTITY_ONE);
    List<IdmIdentityDto> identities = identityService.find(identityFilter, null).getContent();
    Assert.assertEquals(0, identities.size());
    helper.startSynchronization(config);
    // Have to be in the success state, because default role will be assigned to the default contract.
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 1, OperationResultType.SUCCESS);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    identities = identityService.find(identityFilter, null).getContent();
    Assert.assertEquals(1, identities.size());
    IdmIdentityDto identity = identities.get(0);
    List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identities.get(0).getId());
    Assert.assertEquals(1, roles.size());
    IdmIdentityRoleDto assignedRole = roles.get(0);
    Assert.assertEquals(defaultRole.getId(), assignedRole.getRole());
    // check only one identity account is created
    AccIdentityAccountFilter accountFilter = new AccIdentityAccountFilter();
    accountFilter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(accountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertEquals(assignedRole.getId(), identityAccounts.get(0).getIdentityRole());
    // Delete log
    syncLogService.delete(log);
    syncConfigService.delete(config);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) DefaultSynchronizationServiceTest(eu.bcvsolutions.idm.acc.service.impl.DefaultSynchronizationServiceTest)

Example 73 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method testCreateIdentityWithDefaultContractAndRoleSync.

@Test
public void testCreateIdentityWithDefaultContractAndRoleSync() {
    SysSystemDto system = initData();
    Assert.assertNotNull(system);
    IdmRoleDto defaultRole = helper.createRole();
    // 
    SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
    // Set default role to sync configuration
    config.setDefaultRole(defaultRole.getId());
    config.setInactiveOwnerBehavior(SynchronizationInactiveOwnerBehaviorType.LINK);
    config.setCreateDefaultContract(true);
    config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
    // 
    // create default mapping for provisioning
    helper.createMapping(system);
    helper.createRoleSystem(defaultRole, system);
    IdmIdentityFilter identityFilter = new IdmIdentityFilter();
    identityFilter.setUsername(IDENTITY_ONE);
    List<IdmIdentityDto> identities = identityService.find(identityFilter, null).getContent();
    Assert.assertEquals(0, identities.size());
    helper.startSynchronization(config);
    // Have to be in the success state, because default role will be assigned to the default contract.
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 1, OperationResultType.SUCCESS);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    identities = identityService.find(identityFilter, null).getContent();
    Assert.assertEquals(1, identities.size());
    IdmIdentityDto identity = identities.get(0);
    List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identities.get(0).getId());
    Assert.assertEquals(1, roles.size());
    IdmIdentityRoleDto assignedRole = roles.get(0);
    Assert.assertEquals(defaultRole.getId(), assignedRole.getRole());
    // check only one identity account is created
    AccIdentityAccountFilter accountFilter = new AccIdentityAccountFilter();
    accountFilter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(accountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertEquals(assignedRole.getId(), identityAccounts.get(0).getIdentityRole());
    // Delete log
    syncLogService.delete(log);
    syncConfigService.delete(config);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) DefaultSynchronizationServiceTest(eu.bcvsolutions.idm.acc.service.impl.DefaultSynchronizationServiceTest)

Example 74 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccountManagementTest method testOneRoleAssingnTwoSystems.

@Test
public void testOneRoleAssingnTwoSystems() {
    IdmRoleDto roleOne = getHelper().createRole();
    // create test system with mapping and link her to role
    SysSystemDto systemOne = getHelper().createTestResourceSystem(true);
    SysSystemDto systemTwo = getHelper().createTestResourceSystem(true);
    getHelper().createRoleSystem(roleOne, systemOne);
    IdmIdentityDto identity = getHelper().createIdentity();
    getHelper().createIdentityRole(identity, roleOne);
    // Role assign systemTwo now -> second account is not created
    getHelper().createRoleSystem(roleOne, systemTwo);
    // check after create
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(1, assignedRoles.size());
    // check created account (second account is not created )
    AccAccountDto accountOne = accountService.getAccount(identity.getUsername(), systemOne.getId());
    Assert.assertNotNull(accountOne);
    Assert.assertNotNull(getHelper().findResource(accountOne.getRealUid()));
    AccAccountDto accountTwo = accountService.getAccount(identity.getUsername(), systemTwo.getId());
    Assert.assertNull(accountTwo);
    // Execute ACM and provisioning via bulk action
    IdmBulkActionDto bulkAction = this.findBulkAction(IdmIdentity.class, IdentityAccountManagementBulkAction.NAME);
    bulkAction.setIdentifiers(Sets.newHashSet(identity.getId()));
    bulkActionManager.processAction(bulkAction);
    // check created account
    accountOne = accountService.getAccount(identity.getUsername(), systemOne.getId());
    Assert.assertNotNull(accountOne);
    Assert.assertNotNull(getHelper().findResource(accountOne.getRealUid()));
    accountTwo = accountService.getAccount(identity.getUsername(), systemTwo.getId());
    Assert.assertNotNull(accountTwo);
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    // We have one role and two system -> two identity-accounts for roleOne should be exists.
    Assert.assertEquals(2, identityAccounts.size());
    long countIdentityAccountsWithRoleOne = identityAccounts.stream().filter(identityAccount -> identityAccount.getIdentityRole().equals(assignedRoles.get(0).getId())).count();
    Assert.assertEquals(2, countIdentityAccountsWithRoleOne);
}
Also used : SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AccRoleAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) SysProvisioningArchiveDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningArchiveDto) After(org.junit.After) Assert.fail(org.junit.Assert.fail) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AccRoleAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleAccountDto) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) AbstractEntity(eu.bcvsolutions.idm.core.api.entity.AbstractEntity) IdentityAccountManagementBulkAction(eu.bcvsolutions.idm.acc.bulk.action.impl.IdentityAccountManagementBulkAction) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) Page(org.springframework.data.domain.Page) Sets(com.google.common.collect.Sets) SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter) List(java.util.List) Query(javax.persistence.Query) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) Assert.assertFalse(org.junit.Assert.assertFalse) LocalDate(java.time.LocalDate) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) BulkActionManager(eu.bcvsolutions.idm.core.api.bulk.action.BulkActionManager) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Before(org.junit.Before) SysProvisioningArchiveService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningArchiveService) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Test(org.junit.Test) EntityManager(javax.persistence.EntityManager) AccRoleAccountService(eu.bcvsolutions.idm.acc.service.api.AccRoleAccountService) ApplicationContext(org.springframework.context.ApplicationContext) SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService) IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) TestRoleResource(eu.bcvsolutions.idm.acc.entity.TestRoleResource) TestHelper(eu.bcvsolutions.idm.acc.TestHelper) Assert(org.junit.Assert) SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService) ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation) Transactional(org.springframework.transaction.annotation.Transactional) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 75 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccountManagementTest method testIdentityAccountCanBeCreated.

@Test
public /**
 * Script on the mapping "Can be account created?" returns true.
 */
void testIdentityAccountCanBeCreated() {
    SysSystemDto system = initIdentityData();
    Assert.assertNotNull(system);
    SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
    Assert.assertNotNull(mapping);
    mapping.setCanBeAccountCreatedScript("return Boolean.FALSE;");
    mapping = systemMappingService.save(mapping);
    IdmIdentityDto identity = helper.createIdentity();
    AccIdentityAccountFilter roleAccountFilter = new AccIdentityAccountFilter();
    roleAccountFilter.setEntityId(identity.getId());
    roleAccountFilter.setOwnership(Boolean.TRUE);
    roleAccountFilter.setSystemId(system.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    // None role assigned
    Assert.assertEquals(0, identityAccounts.size());
    IdmRoleDto roleDefault = helper.createRole();
    SysRoleSystemDto roleSystemDefault = new SysRoleSystemDto();
    roleSystemDefault.setRole(roleDefault.getId());
    roleSystemDefault.setSystem(system.getId());
    roleSystemDefault.setSystemMapping(mapping.getId());
    roleSystemDefault = roleSystemService.save(roleSystemDefault);
    IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
    identityRole.setIdentityContract(identityContractService.getPrimeContract(identity.getId()).getId());
    identityRole.setRole(roleDefault.getId());
    identityRole = identityRoleService.save(identityRole);
    identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    // Role assigned, but script returns false
    Assert.assertEquals(0, identityAccounts.size());
    mapping.setCanBeAccountCreatedScript("return Boolean.TRUE;");
    mapping = systemMappingService.save(mapping);
    // Resave run the ACM
    identityRole = identityRoleService.save(identityRole);
    identityAccounts = identityAccountService.find(roleAccountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    // Delete
    identityService.delete(identity);
    roleService.delete(roleDefault);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)115 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)92 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)90 Test (org.junit.Test)79 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)76 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)59 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)38 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)34 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)31 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)29 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)22 ArrayList (java.util.ArrayList)22 UUID (java.util.UUID)21 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)19 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)17 Transactional (org.springframework.transaction.annotation.Transactional)17 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)16 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16