use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentitySynchronizationExecutor method findDuplicate.
/**
* Search duplicate for given identity-account relation.
* If some duplicate is found, then is returned first.
* @param identityAccount
* @return
*/
private AccIdentityAccountDto findDuplicate(AccIdentityAccountDto identityAccount) {
Assert.notNull(identityAccount);
Assert.notNull(identityAccount.getAccount());
Assert.notNull(identityAccount.getIdentity());
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setAccountId(identityAccount.getAccount());
filter.setOwnership(identityAccount.isOwnership());
filter.setIdentityId(identityAccount.getIdentity());
filter.setIdentityRoleId(identityAccount.getIdentityRole());
filter.setRoleSystemId(identityAccount.getRoleSystem());
List<AccIdentityAccountDto> entityAccounts = identityAccoutnService.find(filter, null).getContent();
if (entityAccounts.isEmpty()) {
return null;
}
return entityAccounts.get(0);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentitySynchronizationExecutor method createEntityAccount.
@Override
protected EntityAccountDto createEntityAccount(AccAccountDto account, IdmIdentityDto entity, SynchronizationContext context) {
Assert.notNull(account);
Assert.notNull(entity);
EntityAccountDto entityAccount = super.createEntityAccount(account, entity, context);
Assert.isInstanceOf(AccIdentityAccountDto.class, entityAccount, "For identity sync must be entity-account relation instance of AccIdentityAccountDto!");
AccIdentityAccountDto identityAccount = (AccIdentityAccountDto) entityAccount;
SysSyncIdentityConfigDto config = this.getConfig(context);
UUID defaultRoleId = config.getDefaultRole();
if (defaultRoleId == null) {
return identityAccount;
}
// Default role is defines
IdmRoleDto defaultRole = DtoUtils.getEmbedded(config, SysSyncIdentityConfig_.defaultRole, IdmRoleDto.class);
context.getLogItem().addToLog(MessageFormat.format("Default role [{1}] is defines and will be assigned to the identity [{0}].", entity.getCode(), defaultRole.getCode()));
Assert.notNull(defaultRole, "Default role must be found for this sync configuration!");
IdmIdentityContractDto primeContract = identityContractService.getPrimeValidContract(entity.getId());
if (primeContract == null) {
context.getLogItem().addToLog("Warning! - Default role is set, but could not be assigned to identity, because was not found any valid identity contract!");
this.initSyncActionLog(context.getActionType(), OperationResultType.WARNING, context.getLogItem(), context.getLog(), context.getActionLogs());
return identityAccount;
}
// Create role request for default role and primary contract
IdmRoleRequestDto roleRequest = roleRequestService.createRequest(primeContract, defaultRole);
roleRequest = roleRequestService.startRequestInternal(roleRequest.getId(), false);
// Load concept (can be only one)
IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
conceptFilter.setRoleRequestId(roleRequest.getId());
UUID identityRoleId = conceptRoleRequestService.find(conceptFilter, null).getContent().get(0).getIdentityRole();
Assert.notNull(identityRoleId, "Identity role relation had to been created!");
identityAccount.setIdentityRole(identityRoleId);
AccIdentityAccountDto duplicate = this.findDuplicate(identityAccount);
if (duplicate != null) {
// This IdentityAccount is new and duplicated, we do not want create duplicated
// relation.
// Same IdentityAccount had to be created by assigned default role!
context.getLogItem().addToLog(MessageFormat.format("This identity-account (identity-role id: {2}) is new and duplicated, " + "we do not want create duplicated relation! " + "We will reusing already persisted identity-account [{3}]. " + "Probable reason: Same identity-account had to be created by assigned default role!", identityAccount.getAccount(), identityAccount.getIdentity(), identityAccount.getIdentityRole(), duplicate.getId()));
// Reusing duplicate
return duplicate;
}
return identityAccount;
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class AccountDeleteProcessor method process.
@Override
public EventResult<AccAccountDto> process(EntityEvent<AccAccountDto> event) {
AccAccountDto account = event.getContent();
UUID entityId = null;
Object entityIdObj = event.getProperties().get(AccAccountService.ENTITY_ID_PROPERTY);
if (entityIdObj instanceof UUID) {
entityId = (UUID) entityIdObj;
}
boolean deleteTargetAccount = false;
Object deleteTargetAccountObj = event.getProperties().get(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY);
if (deleteTargetAccountObj instanceof Boolean) {
deleteTargetAccount = (boolean) deleteTargetAccountObj;
}
Assert.notNull(account, "Account cannot be null!");
// We do not allow delete account in protection
if (account.isAccountProtectedAndValid()) {
throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_DELETED_IS_PROTECTED, ImmutableMap.of("uid", account.getUid()));
}
// delete all identity accounts
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setAccountId(account.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
identityAccounts.forEach(identityAccount -> {
identityAccountService.delete(identityAccount);
});
// delete all role accounts
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setAccountId(account.getId());
List<AccRoleAccountDto> roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
roleAccounts.forEach(roleAccount -> {
roleAccountService.delete(roleAccount);
});
// delete all roleCatalogue accounts
AccRoleCatalogueAccountFilter roleCatalogueAccountFilter = new AccRoleCatalogueAccountFilter();
roleCatalogueAccountFilter.setAccountId(account.getId());
List<AccRoleCatalogueAccountDto> roleCatalogueAccounts = roleCatalogueAccountService.find(roleCatalogueAccountFilter, null).getContent();
roleCatalogueAccounts.forEach(roleCatalogueAccount -> {
roleCatalogueAccountService.delete(roleCatalogueAccount);
});
// delete all tree accounts
AccTreeAccountFilter treeAccountFilter = new AccTreeAccountFilter();
treeAccountFilter.setAccountId(account.getId());
List<AccTreeAccountDto> treeAccounts = treeAccountService.find(treeAccountFilter, null).getContent();
treeAccounts.forEach(treeAccount -> {
treeAccountService.delete(treeAccount);
});
// delete all contract accounts
AccContractAccountFilter contractAccountFilter = new AccContractAccountFilter();
contractAccountFilter.setAccountId(account.getId());
List<AccContractAccountDto> contractAccounts = contractAccountService.find(contractAccountFilter, null).getContent();
contractAccounts.forEach(contractAccount -> {
contractAccountService.delete(contractAccount);
});
//
AccAccountDto refreshAccount = accountService.get(account.getId());
// If account still exists (was not deleted by entity-account), we delete him directly now
if (refreshAccount != null) {
accountService.deleteInternal(refreshAccount);
}
if (deleteTargetAccount) {
if (SystemEntityType.CONTRACT == account.getEntityType()) {
LOG.warn(MessageFormat.format("Provisioning is not supported for contract now [{0}]!", account.getUid()));
return new DefaultEventResult<>(event, this);
}
this.provisioningService.doDeleteProvisioning(account, account.getEntityType(), entityId);
}
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class PasswordPreValidationIntegrationTest method testAdvancedEnabledSimilarAttributes.
@Test
public void testAdvancedEnabledSimilarAttributes() {
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("test" + System.currentTimeMillis());
identity.setFirstName("testFirst");
identity.setLastName("testSecond");
identity = idmIdentityService.save(identity);
//
SysSystemDto system = testHelper.createTestResourceSystem(true);
//
AccAccountDto acc = new AccAccountDto();
acc.setId(UUID.randomUUID());
acc.setUid(System.currentTimeMillis() + "");
acc.setAccountType(AccountType.PERSONAL);
acc.setSystem(system.getId());
//
acc = accountService.save(acc);
//
AccIdentityAccountDto account = testHelper.createIdentityAccount(system, identity);
account.setAccount(acc.getId());
account = accountIdentityService.save(account);
account.setOwnership(true);
List<String> accounts = new ArrayList<String>();
accounts.add(acc.getId() + "");
// password policy default
IdmPasswordPolicyDto policyDefault = new IdmPasswordPolicyDto();
policyDefault.setName(System.currentTimeMillis() + "test1");
policyDefault.setDefaultPolicy(true);
policyDefault.setMinPasswordLength(10);
policyDefault.setMaxPasswordLength(20);
policyDefault.setPasswordLengthRequired(true);
policyDefault.setMinUpperChar(5);
policyDefault.setUpperCharRequired(true);
policyDefault.setMinLowerChar(4);
policyDefault.setLowerCharRequired(true);
policyDefault.setEnchancedControl(true);
policyDefault.setMinRulesToFulfill(1);
policyDefault.setMinNumber(3);
policyDefault.setNumberRequired(false);
policyDefault.setMinSpecialChar(4);
policyDefault.setSpecialCharRequired(false);
policyDefault.setIdentityAttributeCheck("EMAIL, FIRSTNAME");
// password policy
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setName(System.currentTimeMillis() + "test2");
policy.setDefaultPolicy(false);
policy.setMinPasswordLength(9);
policy.setMaxPasswordLength(21);
policy.setPasswordLengthRequired(true);
policy.setMinUpperChar(4);
policy.setUpperCharRequired(true);
policy.setMinLowerChar(3);
policy.setLowerCharRequired(true);
policy.setEnchancedControl(true);
policy.setMinRulesToFulfill(1);
policy.setMinNumber(5);
policy.setNumberRequired(false);
policy.setMinSpecialChar(2);
policy.setSpecialCharRequired(false);
policy.setIdentityAttributeCheck("USERNAME");
policyDefault = passwordPolicyService.save(policyDefault);
policy = passwordPolicyService.save(policy);
system.setPasswordPolicyValidate(policy.getId());
systemService.save(system);
PasswordChangeDto passwordChange = new PasswordChangeDto();
passwordChange.setIdm(true);
passwordChange.setAccounts(accounts);
passwordChange.setAll(true);
try {
idmIdentityService.validatePassword(passwordChange);
} catch (ResultCodeException ex) {
Map<String, Object> parametrs = new HashMap<String, Object>();
parametrs.put("minNumber", 3);
parametrs.put("minSpecialChar", 4);
assertEquals(10, ex.getError().getError().getParameters().get("minLength"));
assertEquals(20, ex.getError().getError().getParameters().get("maxLength"));
assertEquals(5, ex.getError().getError().getParameters().get("minUpperChar"));
assertEquals(4, ex.getError().getError().getParameters().get("minLowerChar"));
assertEquals(parametrs.toString(), ex.getError().getError().getParameters().get("minRulesToFulfill").toString());
assertEquals(policy.getName() + ", " + policyDefault.getName(), ex.getError().getError().getParameters().get("policiesNamesPreValidation"));
// special char base, passwordSimilarUsername, passwordSimilarLastName,
// passwordSimilarEmail -> 11
assertEquals(11, ex.getError().getError().getParameters().size());
policyDefault.setDefaultPolicy(false);
passwordPolicyService.save(policyDefault);
}
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class PasswordPreValidationIntegrationTest method testNumberSpecialChar.
@Test
public void testNumberSpecialChar() {
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("test" + System.currentTimeMillis());
identity.setFirstName("testFirst");
identity.setLastName("testSecond");
identity = idmIdentityService.save(identity);
//
SysSystemDto system = testHelper.createTestResourceSystem(true);
//
AccAccountDto acc = new AccAccountDto();
acc.setId(UUID.randomUUID());
acc.setUid(System.currentTimeMillis() + "");
acc.setAccountType(AccountType.PERSONAL);
acc.setSystem(system.getId());
//
acc = accountService.save(acc);
//
AccIdentityAccountDto account = testHelper.createIdentityAccount(system, identity);
account.setAccount(acc.getId());
account = accountIdentityService.save(account);
account.setOwnership(true);
List<String> accounts = new ArrayList<String>();
accounts.add(acc.getId() + "");
// password policy default
IdmPasswordPolicyDto policyDefault = new IdmPasswordPolicyDto();
policyDefault.setName(System.currentTimeMillis() + "test1");
policyDefault.setDefaultPolicy(true);
policyDefault.setMinNumber(6);
policyDefault.setMinSpecialChar(10);
// password policy
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setName(System.currentTimeMillis() + "test2");
policy.setDefaultPolicy(false);
policy.setMinNumber(5);
policy.setMinSpecialChar(11);
policyDefault = passwordPolicyService.save(policyDefault);
policy = passwordPolicyService.save(policy);
system.setPasswordPolicyValidate(policy.getId());
systemService.save(system);
PasswordChangeDto passwordChange = new PasswordChangeDto();
passwordChange.setIdm(true);
passwordChange.setAccounts(accounts);
passwordChange.setAll(true);
try {
idmIdentityService.validatePassword(passwordChange);
} catch (ResultCodeException ex) {
assertEquals(6, ex.getError().getError().getParameters().get("minNumber"));
assertEquals(11, ex.getError().getError().getParameters().get("minSpecialChar"));
assertEquals(policy.getName() + ", " + policyDefault.getName(), ex.getError().getError().getParameters().get("policiesNamesPreValidation"));
assertFalse(ex.getError().getError().getParameters().get("specialCharacterBase") == null);
assertEquals(4, ex.getError().getError().getParameters().size());
policyDefault.setDefaultPolicy(false);
passwordPolicyService.save(policyDefault);
}
}
Aggregations