use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityRoleValidRequestSchedulerTest method createNonValidRoleAndValid.
@Test
public void createNonValidRoleAndValid() throws InterruptedException, ExecutionException {
IdmIdentityDto identity = createAndSaveIdentity();
IdmRoleDto role = createAndSaveRole();
createAndSaveRoleSystem(role, system);
IdmTreeTypeDto treeType = createAndSaveTreeType();
IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
LocalDate validFrom = new LocalDate();
// set plus days
validFrom = validFrom.plusDays(5);
// provisioning is not executed, role isn't valid from now
createAndSaveIdentityRole(identityContract, role, null, validFrom);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> list = identityAccountService.find(filter, null).getContent();
// it must not exists
assertEquals(true, list.isEmpty());
//
IdentityRoleValidRequestTaskExecutor taskExecutor1 = new IdentityRoleValidRequestTaskExecutor();
LongRunningFutureTask<Boolean> futureTask1 = longRunningTaskManager.execute(taskExecutor1);
assertEquals(true, futureTask1.getFutureTask().get());
IdmLongRunningTaskDto longRunningTask1 = longRunningTaskService.get(taskExecutor1.getLongRunningTaskId());
assertEquals(OperationState.EXECUTED, longRunningTask1.getResult().getState());
list = identityAccountService.find(filter, null).getContent();
// still empty, role isn't valid
assertEquals(true, list.isEmpty());
List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
assertEquals(1, roles.size());
IdmIdentityRole identityRole = roles.get(0);
validFrom = new LocalDate();
validFrom = validFrom.minusDays(5);
identityRole.setValidFrom(validFrom);
identityRoleRepository.save(identityRole);
// execute again
IdentityRoleValidRequestTaskExecutor taskExecutor2 = new IdentityRoleValidRequestTaskExecutor();
LongRunningFutureTask<Boolean> futureTask2 = longRunningTaskManager.execute(taskExecutor2);
assertEquals(true, futureTask2.getFutureTask().get());
IdmLongRunningTaskDto longRunningTask2 = longRunningTaskService.get(taskExecutor2.getLongRunningTaskId());
assertEquals(OperationState.EXECUTED, longRunningTask2.getResult().getState());
list = identityAccountService.find(filter, null).getContent();
assertEquals(false, list.isEmpty());
assertEquals(1, list.size());
// newly created accounts
assertNotNull(list.get(0));
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityRoleValidRequestSchedulerTest method createLotsOfValidRequests.
@Test
public void createLotsOfValidRequests() throws InterruptedException, ExecutionException {
IdmRoleDto role = createAndSaveRole();
createAndSaveRoleSystem(role, system);
IdmTreeTypeDto treeType = createAndSaveTreeType();
IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
LocalDate validFrom = new LocalDate();
// set plus days
validFrom = validFrom.plusDays(5);
// clear request, if any
List<IdmIdentityRoleValidRequestDto> list = identityRoleValidRequestService.findAllValid();
for (IdmIdentityRoleValidRequestDto request : list) {
identityRoleValidRequestService.delete(request);
}
List<IdmIdentityDto> identities = new ArrayList<>();
for (int index = 0; index < MAX_CREATE; index++) {
IdmIdentityDto identity = createAndSaveIdentity();
IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
// provisioning is not executed, role isn't valid from now
createAndSaveIdentityRole(identityContract, role, null, validFrom);
identities.add(identity);
}
list = identityRoleValidRequestService.findAllValid();
assertEquals(0, list.size());
validFrom = validFrom.minusDays(15);
for (IdmIdentityDto identity : identities) {
List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
assertEquals(1, roles.size());
IdmIdentityRole identityRole = roles.get(0);
identityRole.setValidFrom(validFrom);
identityRoleRepository.save(identityRole);
}
list = identityRoleValidRequestService.findAllValid();
assertEquals(MAX_CREATE, list.size());
IdentityRoleValidRequestTaskExecutor taskExecutor = new IdentityRoleValidRequestTaskExecutor();
LongRunningFutureTask<Boolean> futureTask = longRunningTaskManager.execute(taskExecutor);
assertEquals(true, futureTask.getFutureTask().get());
IdmLongRunningTaskDto longRunningTask = longRunningTaskService.get(taskExecutor.getLongRunningTaskId());
assertEquals(OperationState.EXECUTED, longRunningTask.getResult().getState());
list = identityRoleValidRequestService.findAllValid();
assertEquals(0, list.size());
for (IdmIdentityDto identity : identities) {
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> accountsList = identityAccountService.find(filter, null).getContent();
assertEquals(false, accountsList.isEmpty());
assertEquals(1, accountsList.size());
}
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountByRoleEvaluatorIntegrationTest method testCanReadIdentityAccount.
@Test
public void testCanReadIdentityAccount() {
IdmIdentityDto identity;
AccIdentityAccountDto accountIdentityOne;
try {
loginAsAdmin(InitApplicationData.ADMIN_USERNAME);
//
identity = helper.createIdentity();
SysSystemDto system = helper.createTestResourceSystem(true);
AccAccountDto accountOne = new AccAccountDto();
accountOne.setSystem(system.getId());
accountOne.setUid(identity.getUsername());
accountOne.setAccountType(AccountType.PERSONAL);
accountOne = accountService.save(accountOne);
accountIdentityOne = new AccIdentityAccountDto();
accountIdentityOne.setIdentity(identity.getId());
accountIdentityOne.setOwnership(true);
accountIdentityOne.setAccount(accountOne.getId());
accountIdentityOne = identityAccountService.save(accountIdentityOne);
IdmRoleDto role = helper.createRole();
IdmRoleDto defaultRole = roleService.getByCode(InitDemoData.DEFAULT_ROLE_NAME);
IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
policy.setRole(role.getId());
policy.setGroupPermission(AccGroupPermission.IDENTITYACCOUNT.getName());
policy.setAuthorizableType(AccIdentityAccount.class.getCanonicalName());
policy.setEvaluator(IdentityAccountByAccountEvaluator.class);
authorizationPolicyService.save(policy);
IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
policyAccount.setRole(role.getId());
policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
authorizationPolicyService.save(policyAccount);
helper.createIdentityRole(identity, role);
helper.createIdentityRole(identity, defaultRole);
} finally {
logout();
}
// check
try {
loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
AccIdentityAccountDto read = identityAccountService.get(accountIdentityOne.getId(), IdmBasePermission.READ);
Assert.assertEquals(accountIdentityOne, read);
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class AccountProtectionSystemTest method deleteAccountOnProtectionSystemTest.
@Test
public void deleteAccountOnProtectionSystemTest() {
IdmIdentityDto identity = helper.createIdentity();
SysSystemDto system = initSystem();
IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
// Set system to protected mode
SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
mapping.setProtectionEnabled(Boolean.TRUE);
mapping.setProtectionInterval(null);
systemMappingService.save(mapping);
// Assign the role
helper.createIdentityRole(identity, roleOne);
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setAccountId(account.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
// Identity account have relation on the role
Assert.assertEquals(1, identityAccounts.size());
Assert.assertNotNull(identityAccounts.get(0).getIdentityRole());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Remove account directly. Account must be transformed to the protection state.
accountService.delete(account);
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Identity account have not relation on the role now.
identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
Assert.assertNull(identityAccounts.get(0).getIdentityRole());
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class CoreReferentialIntegrityIntegrationTest method testIdentityReferentialIntegrity.
@Test
public void testIdentityReferentialIntegrity() {
IdmIdentityDto identity = new IdmIdentityDto();
String username = "delete_test_" + System.currentTimeMillis();
identity.setUsername(username);
// confidential storage
identity.setPassword(new GuardedString("heslo"));
identity.setFirstName("Test");
identity.setLastName("Identity");
identity = identityService.save(identity);
// accounts
SysSystemDto system = new SysSystemDto();
system.setName("system_" + System.currentTimeMillis());
system = systemService.save(system);
SysSystemEntityDto systemEntity = new SysSystemEntityDto();
systemEntity.setUid("test_uid_" + System.currentTimeMillis());
systemEntity.setEntityType(SystemEntityType.IDENTITY);
systemEntity.setWish(true);
systemEntity.setSystem(system.getId());
systemEntity = systemEntityService.save(systemEntity);
AccAccountDto account = new AccAccountDto();
account.setSystem(system.getId());
account.setSystemEntity(systemEntity.getId());
account.setUid(systemEntity.getUid());
account.setAccountType(AccountType.PERSONAL);
account.setEntityType(SystemEntityType.IDENTITY);
account = accountService.save(account);
AccIdentityAccountDto identityAccount = new AccIdentityAccountDto();
identityAccount.setIdentity(identity.getId());
identityAccount.setAccount(account.getId());
identityAccount.setOwnership(true);
identityAccount = identityAccountService.save(identityAccount);
assertNotNull(identityService.getByUsername(username));
assertNotNull(identityAccountService.get(identityAccount.getId()));
assertNotNull(accountService.get(account.getId()));
identityService.delete(identity);
assertNull(identityService.getByUsername(username));
assertNull(identityAccountService.get(identityAccount.getId()));
assertNull(accountService.get(account.getId()));
}
Aggregations