use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class PasswordPreValidationIntegrationTest method testLenght.
@Test
public void testLenght() {
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("test" + System.currentTimeMillis());
identity.setFirstName("testFirst");
identity.setLastName("testSecond");
identity = idmIdentityService.save(identity);
//
SysSystemDto system = testHelper.createTestResourceSystem(true);
//
AccAccountDto acc = new AccAccountDto();
acc.setId(UUID.randomUUID());
acc.setUid(System.currentTimeMillis() + "");
acc.setAccountType(AccountType.PERSONAL);
acc.setSystem(system.getId());
//
acc = accountService.save(acc);
//
AccIdentityAccountDto account = testHelper.createIdentityAccount(system, identity);
account.setAccount(acc.getId());
account.setOwnership(true);
account = accountIdentityService.save(account);
List<String> accounts = new ArrayList<String>();
accounts.add(acc.getId() + "");
// password policy default
IdmPasswordPolicyDto policyDefault = new IdmPasswordPolicyDto();
policyDefault.setName(System.currentTimeMillis() + "test1");
policyDefault.setDefaultPolicy(true);
policyDefault.setMinPasswordLength(5);
policyDefault.setMaxPasswordLength(10);
// password policy
IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
policy.setName(System.currentTimeMillis() + "test2");
policy.setDefaultPolicy(false);
policy.setMinPasswordLength(6);
policy.setMaxPasswordLength(11);
policyDefault = passwordPolicyService.save(policyDefault);
policy = passwordPolicyService.save(policy);
system.setPasswordPolicyValidate(policy.getId());
systemService.save(system);
PasswordChangeDto passwordChange = new PasswordChangeDto();
passwordChange.setIdm(true);
passwordChange.setAccounts(accounts);
passwordChange.setAll(true);
try {
idmIdentityService.validatePassword(passwordChange);
} catch (ResultCodeException ex) {
assertEquals(6, ex.getError().getError().getParameters().get("minLength"));
assertEquals(10, ex.getError().getError().getParameters().get("maxLength"));
assertEquals(policy.getName() + ", " + policyDefault.getName(), ex.getError().getError().getParameters().get("policiesNamesPreValidation"));
assertEquals(3, ex.getError().getError().getParameters().size());
policyDefault.setDefaultPolicy(false);
passwordPolicyService.save(policyDefault);
}
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountSaveProcessor method process.
@Override
public EventResult<AccIdentityAccountDto> process(EntityEvent<AccIdentityAccountDto> event) {
AccIdentityAccountDto entity = event.getContent();
UUID account = entity.getAccount();
AccAccountDto accountEntity = accountService.get(account);
Assert.notNull(account, "Account cannot be null!");
// identity-account
if (service.isNew(entity) && entity.isOwnership() && accountEntity.isInProtection()) {
AccIdentityAccountDto protectedIdentityAccount = findProtectedIdentityAccount(account);
// First we save new identity-account
event.setContent(service.saveInternal(entity));
// Second we delete protected identity-account
service.delete(protectedIdentityAccount);
// Next we set account to unprotected state
this.deactivateProtection(accountEntity);
accountEntity = accountService.save(accountEntity);
return new DefaultEventResult<>(event, this);
}
event.setContent(service.saveInternal(entity));
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountDeleteProcessor method process.
@Override
public EventResult<AccIdentityAccountDto> process(EntityEvent<AccIdentityAccountDto> event) {
AccIdentityAccountDto entity = event.getContent();
UUID account = entity.getAccount();
AccAccountDto accountDto = accountService.get(account);
Assert.notNull(accountDto, "Account cannot be null!");
// We check if exists another (ownership) identity-accounts, if not
// then we will delete account
List<AccIdentityAccountDto> identityAccounts = findIdentityAccounts(account);
boolean moreIdentityAccounts = identityAccounts.stream().filter(identityAccount -> {
return identityAccount.isOwnership() && !identityAccount.equals(entity);
}).findAny().isPresent();
boolean deleteTargetAccount = (boolean) event.getProperties().get(AccIdentityAccountService.DELETE_TARGET_ACCOUNT_KEY);
// If is account in protection, then we will not delete
// identity-account
// But is here exception from this. When is presented
// attribute FORCE_DELETE_OF_IDENTITY_ACCOUNT_KEY, then
// we will do delete of identity-account (it is important
// for integrity ... for example during delete of whole
// identity).
boolean forceDeleteIdentityAccount = isForceDeleteAttributePresent(event.getProperties());
if (!moreIdentityAccounts && entity.isOwnership()) {
if (accountDto.isAccountProtectedAndValid()) {
if (forceDeleteIdentityAccount) {
// Target account and AccAccount will deleted!
deleteTargetAccount = true;
} else {
throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_DELETED_IS_PROTECTED, ImmutableMap.of("uid", accountDto.getUid()));
}
// Is account protection activated on system mapping?
// Set account as protected we can only on account without protection (event has already invalid protection)!
} else if (!accountDto.isInProtection() && systemMappingService.isEnabledProtection(accountDto)) {
// This identity account is last ... protection will be
// activated
activateProtection(accountDto);
accountDto = accountService.save(accountDto);
entity.setRoleSystem(null);
entity.setIdentityRole(null);
service.save(entity);
doProvisioningSkipAccountProtection(accountDto, entity.getEntity());
// identity-account
if (forceDeleteIdentityAccount) {
// Target account and AccAccount will be deleted!
deleteTargetAccount = true;
} else {
return new DefaultEventResult<>(event, this);
}
}
}
service.deleteInternal(entity);
if (!moreIdentityAccounts && entity.isOwnership()) {
// We delete all identity accounts first
identityAccounts.stream().filter(identityAccount -> identityAccount.isOwnership() && !identityAccount.equals(entity)).forEach(identityAccount -> {
service.delete(identityAccount);
});
// Finally we can delete account
accountService.publish(new AccountEvent(AccountEventType.DELETE, accountDto, ImmutableMap.of(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY, deleteTargetAccount, AccAccountService.ENTITY_ID_PROPERTY, entity.getEntity())));
}
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountManagementService method resolveIdentityAccounts.
@Override
public boolean resolveIdentityAccounts(IdmIdentityDto identity) {
Assert.notNull(identity);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
List<AccIdentityAccountDto> identityAccountList = identityAccountService.find(filter, null).getContent();
List<IdmIdentityRole> identityRoles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
boolean provisioningRequired = false;
if (CollectionUtils.isEmpty(identityRoles) && CollectionUtils.isEmpty(identityAccountList)) {
// No roles and accounts ... we don't have anything to do
return false;
}
List<AccIdentityAccountDto> identityAccountsToCreate = new ArrayList<>();
List<AccIdentityAccountDto> identityAccountsToDelete = new ArrayList<>();
// Is role valid in this moment
resolveIdentityAccountForCreate(identity, identityAccountList, identityRoles, identityAccountsToCreate, identityAccountsToDelete);
// Is role invalid in this moment
resolveIdentityAccountForDelete(identityAccountList, identityRoles, identityAccountsToDelete);
// Delete invalid identity accounts
provisioningRequired = !identityAccountsToDelete.isEmpty() ? true : provisioningRequired;
identityAccountsToDelete.forEach(identityAccount -> identityAccountService.deleteById(identityAccount.getId()));
// Create new identity accounts
provisioningRequired = !identityAccountsToCreate.isEmpty() ? true : provisioningRequired;
identityAccountsToCreate.forEach(identityAccount -> identityAccountService.save(identityAccount));
return provisioningRequired;
}
use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountManagementService method deleteIdentityAccount.
@Override
public void deleteIdentityAccount(IdmIdentityRoleDto entity) {
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityRoleId(entity.getId());
Page<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null);
List<AccIdentityAccountDto> identityAccountList = identityAccounts.getContent();
identityAccountList.forEach(identityAccount -> {
identityAccountService.delete(identityAccount);
});
}
Aggregations