Search in sources :

Example 26 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createNonValidRoleAndValid.

@Test
public void createNonValidRoleAndValid() throws InterruptedException, ExecutionException {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // provisioning is not executed, role isn't valid from now
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> list = identityAccountService.find(filter, null).getContent();
    // it must not exists
    assertEquals(true, list.isEmpty());
    // 
    IdentityRoleValidRequestTaskExecutor taskExecutor1 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask1 = longRunningTaskManager.execute(taskExecutor1);
    assertEquals(true, futureTask1.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask1 = longRunningTaskService.get(taskExecutor1.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask1.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    // still empty, role isn't valid
    assertEquals(true, list.isEmpty());
    List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
    assertEquals(1, roles.size());
    IdmIdentityRole identityRole = roles.get(0);
    validFrom = new LocalDate();
    validFrom = validFrom.minusDays(5);
    identityRole.setValidFrom(validFrom);
    identityRoleRepository.save(identityRole);
    // execute again
    IdentityRoleValidRequestTaskExecutor taskExecutor2 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask2 = longRunningTaskManager.execute(taskExecutor2);
    assertEquals(true, futureTask2.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask2 = longRunningTaskService.get(taskExecutor2.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask2.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    assertEquals(false, list.isEmpty());
    assertEquals(1, list.size());
    // newly created accounts
    assertNotNull(list.get(0));
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 27 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createLotsOfValidRequests.

@Test
public void createLotsOfValidRequests() throws InterruptedException, ExecutionException {
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // clear request, if any
    List<IdmIdentityRoleValidRequestDto> list = identityRoleValidRequestService.findAllValid();
    for (IdmIdentityRoleValidRequestDto request : list) {
        identityRoleValidRequestService.delete(request);
    }
    List<IdmIdentityDto> identities = new ArrayList<>();
    for (int index = 0; index < MAX_CREATE; index++) {
        IdmIdentityDto identity = createAndSaveIdentity();
        IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
        // provisioning is not executed, role isn't valid from now
        createAndSaveIdentityRole(identityContract, role, null, validFrom);
        identities.add(identity);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    validFrom = validFrom.minusDays(15);
    for (IdmIdentityDto identity : identities) {
        List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
        assertEquals(1, roles.size());
        IdmIdentityRole identityRole = roles.get(0);
        identityRole.setValidFrom(validFrom);
        identityRoleRepository.save(identityRole);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(MAX_CREATE, list.size());
    IdentityRoleValidRequestTaskExecutor taskExecutor = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask = longRunningTaskManager.execute(taskExecutor);
    assertEquals(true, futureTask.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask = longRunningTaskService.get(taskExecutor.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask.getResult().getState());
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    for (IdmIdentityDto identity : identities) {
        AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
        filter.setIdentityId(identity.getId());
        List<AccIdentityAccountDto> accountsList = identityAccountService.find(filter, null).getContent();
        assertEquals(false, accountsList.isEmpty());
        assertEquals(1, accountsList.size());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) ArrayList(java.util.ArrayList) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmIdentityRoleValidRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleValidRequestDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 28 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountByRoleEvaluatorIntegrationTest method testCanReadIdentityAccount.

@Test
public void testCanReadIdentityAccount() {
    IdmIdentityDto identity;
    AccIdentityAccountDto accountIdentityOne;
    try {
        loginAsAdmin(InitApplicationData.ADMIN_USERNAME);
        // 
        identity = helper.createIdentity();
        SysSystemDto system = helper.createTestResourceSystem(true);
        AccAccountDto accountOne = new AccAccountDto();
        accountOne.setSystem(system.getId());
        accountOne.setUid(identity.getUsername());
        accountOne.setAccountType(AccountType.PERSONAL);
        accountOne = accountService.save(accountOne);
        accountIdentityOne = new AccIdentityAccountDto();
        accountIdentityOne.setIdentity(identity.getId());
        accountIdentityOne.setOwnership(true);
        accountIdentityOne.setAccount(accountOne.getId());
        accountIdentityOne = identityAccountService.save(accountIdentityOne);
        IdmRoleDto role = helper.createRole();
        IdmRoleDto defaultRole = roleService.getByCode(InitDemoData.DEFAULT_ROLE_NAME);
        IdmAuthorizationPolicyDto policy = new IdmAuthorizationPolicyDto();
        policy.setRole(role.getId());
        policy.setGroupPermission(AccGroupPermission.IDENTITYACCOUNT.getName());
        policy.setAuthorizableType(AccIdentityAccount.class.getCanonicalName());
        policy.setEvaluator(IdentityAccountByAccountEvaluator.class);
        authorizationPolicyService.save(policy);
        IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
        policyAccount.setRole(role.getId());
        policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
        policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
        policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
        authorizationPolicyService.save(policyAccount);
        helper.createIdentityRole(identity, role);
        helper.createIdentityRole(identity, defaultRole);
    } finally {
        logout();
    }
    // check
    try {
        loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
        AccIdentityAccountDto read = identityAccountService.get(accountIdentityOne.getId(), IdmBasePermission.READ);
        Assert.assertEquals(accountIdentityOne, read);
    } finally {
        logout();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) AccIdentityAccount(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 29 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionSystemTest method deleteAccountOnProtectionSystemTest.

@Test
public void deleteAccountOnProtectionSystemTest() {
    IdmIdentityDto identity = helper.createIdentity();
    SysSystemDto system = initSystem();
    IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
    // Set system to protected mode
    SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
    mapping.setProtectionEnabled(Boolean.TRUE);
    mapping.setProtectionInterval(null);
    systemMappingService.save(mapping);
    // Assign the role
    helper.createIdentityRole(identity, roleOne);
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setAccountId(account.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    // Identity account have relation on the role
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNotNull(identityAccounts.get(0).getIdentityRole());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Remove account directly. Account must be transformed to the protection state.
    accountService.delete(account);
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Identity account have not relation on the role now.
    identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNull(identityAccounts.get(0).getIdentityRole());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 30 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class CoreReferentialIntegrityIntegrationTest method testIdentityReferentialIntegrity.

@Test
public void testIdentityReferentialIntegrity() {
    IdmIdentityDto identity = new IdmIdentityDto();
    String username = "delete_test_" + System.currentTimeMillis();
    identity.setUsername(username);
    // confidential storage
    identity.setPassword(new GuardedString("heslo"));
    identity.setFirstName("Test");
    identity.setLastName("Identity");
    identity = identityService.save(identity);
    // accounts
    SysSystemDto system = new SysSystemDto();
    system.setName("system_" + System.currentTimeMillis());
    system = systemService.save(system);
    SysSystemEntityDto systemEntity = new SysSystemEntityDto();
    systemEntity.setUid("test_uid_" + System.currentTimeMillis());
    systemEntity.setEntityType(SystemEntityType.IDENTITY);
    systemEntity.setWish(true);
    systemEntity.setSystem(system.getId());
    systemEntity = systemEntityService.save(systemEntity);
    AccAccountDto account = new AccAccountDto();
    account.setSystem(system.getId());
    account.setSystemEntity(systemEntity.getId());
    account.setUid(systemEntity.getUid());
    account.setAccountType(AccountType.PERSONAL);
    account.setEntityType(SystemEntityType.IDENTITY);
    account = accountService.save(account);
    AccIdentityAccountDto identityAccount = new AccIdentityAccountDto();
    identityAccount.setIdentity(identity.getId());
    identityAccount.setAccount(account.getId());
    identityAccount.setOwnership(true);
    identityAccount = identityAccountService.save(identityAccount);
    assertNotNull(identityService.getByUsername(username));
    assertNotNull(identityAccountService.get(identityAccount.getId()));
    assertNotNull(accountService.get(account.getId()));
    identityService.delete(identity);
    assertNull(identityService.getByUsername(username));
    assertNull(identityAccountService.get(identityAccount.getId()));
    assertNull(accountService.get(account.getId()));
}
Also used : GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)50 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)46 Test (org.junit.Test)46 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)32 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)26 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)25 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)24 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)16 ArrayList (java.util.ArrayList)16 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)13 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)11 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)10 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)10 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)10 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)10 UUID (java.util.UUID)9 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)8 IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)8