Search in sources :

Example 41 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class PasswordPreValidationIntegrationTest method testLenght.

@Test
public void testLenght() {
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername("test" + System.currentTimeMillis());
    identity.setFirstName("testFirst");
    identity.setLastName("testSecond");
    identity = idmIdentityService.save(identity);
    // 
    SysSystemDto system = testHelper.createTestResourceSystem(true);
    // 
    AccAccountDto acc = new AccAccountDto();
    acc.setId(UUID.randomUUID());
    acc.setUid(System.currentTimeMillis() + "");
    acc.setAccountType(AccountType.PERSONAL);
    acc.setSystem(system.getId());
    // 
    acc = accountService.save(acc);
    // 
    AccIdentityAccountDto account = testHelper.createIdentityAccount(system, identity);
    account.setAccount(acc.getId());
    account.setOwnership(true);
    account = accountIdentityService.save(account);
    List<String> accounts = new ArrayList<String>();
    accounts.add(acc.getId() + "");
    // password policy default
    IdmPasswordPolicyDto policyDefault = new IdmPasswordPolicyDto();
    policyDefault.setName(System.currentTimeMillis() + "test1");
    policyDefault.setDefaultPolicy(true);
    policyDefault.setMinPasswordLength(5);
    policyDefault.setMaxPasswordLength(10);
    // password policy
    IdmPasswordPolicyDto policy = new IdmPasswordPolicyDto();
    policy.setName(System.currentTimeMillis() + "test2");
    policy.setDefaultPolicy(false);
    policy.setMinPasswordLength(6);
    policy.setMaxPasswordLength(11);
    policyDefault = passwordPolicyService.save(policyDefault);
    policy = passwordPolicyService.save(policy);
    system.setPasswordPolicyValidate(policy.getId());
    systemService.save(system);
    PasswordChangeDto passwordChange = new PasswordChangeDto();
    passwordChange.setIdm(true);
    passwordChange.setAccounts(accounts);
    passwordChange.setAll(true);
    try {
        idmIdentityService.validatePassword(passwordChange);
    } catch (ResultCodeException ex) {
        assertEquals(6, ex.getError().getError().getParameters().get("minLength"));
        assertEquals(10, ex.getError().getError().getParameters().get("maxLength"));
        assertEquals(policy.getName() + ", " + policyDefault.getName(), ex.getError().getError().getParameters().get("policiesNamesPreValidation"));
        assertEquals(3, ex.getError().getError().getParameters().size());
        policyDefault.setDefaultPolicy(false);
        passwordPolicyService.save(policyDefault);
    }
}
Also used : IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) ArrayList(java.util.ArrayList) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 42 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountSaveProcessor method process.

@Override
public EventResult<AccIdentityAccountDto> process(EntityEvent<AccIdentityAccountDto> event) {
    AccIdentityAccountDto entity = event.getContent();
    UUID account = entity.getAccount();
    AccAccountDto accountEntity = accountService.get(account);
    Assert.notNull(account, "Account cannot be null!");
    // identity-account
    if (service.isNew(entity) && entity.isOwnership() && accountEntity.isInProtection()) {
        AccIdentityAccountDto protectedIdentityAccount = findProtectedIdentityAccount(account);
        // First we save new identity-account
        event.setContent(service.saveInternal(entity));
        // Second we delete protected identity-account
        service.delete(protectedIdentityAccount);
        // Next we set account to unprotected state
        this.deactivateProtection(accountEntity);
        accountEntity = accountService.save(accountEntity);
        return new DefaultEventResult<>(event, this);
    }
    event.setContent(service.saveInternal(entity));
    return new DefaultEventResult<>(event, this);
}
Also used : DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) UUID(java.util.UUID) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 43 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountDeleteProcessor method process.

@Override
public EventResult<AccIdentityAccountDto> process(EntityEvent<AccIdentityAccountDto> event) {
    AccIdentityAccountDto entity = event.getContent();
    UUID account = entity.getAccount();
    AccAccountDto accountDto = accountService.get(account);
    Assert.notNull(accountDto, "Account cannot be null!");
    // We check if exists another (ownership) identity-accounts, if not
    // then we will delete account
    List<AccIdentityAccountDto> identityAccounts = findIdentityAccounts(account);
    boolean moreIdentityAccounts = identityAccounts.stream().filter(identityAccount -> {
        return identityAccount.isOwnership() && !identityAccount.equals(entity);
    }).findAny().isPresent();
    boolean deleteTargetAccount = (boolean) event.getProperties().get(AccIdentityAccountService.DELETE_TARGET_ACCOUNT_KEY);
    // If is account in protection, then we will not delete
    // identity-account
    // But is here exception from this. When is presented
    // attribute FORCE_DELETE_OF_IDENTITY_ACCOUNT_KEY, then
    // we will do delete of identity-account (it is important
    // for integrity ... for example during delete of whole
    // identity).
    boolean forceDeleteIdentityAccount = isForceDeleteAttributePresent(event.getProperties());
    if (!moreIdentityAccounts && entity.isOwnership()) {
        if (accountDto.isAccountProtectedAndValid()) {
            if (forceDeleteIdentityAccount) {
                // Target account and AccAccount will deleted!
                deleteTargetAccount = true;
            } else {
                throw new ResultCodeException(AccResultCode.ACCOUNT_CANNOT_BE_DELETED_IS_PROTECTED, ImmutableMap.of("uid", accountDto.getUid()));
            }
        // Is account protection activated on system mapping?
        // Set account as protected we can only on account without protection (event has already invalid protection)!
        } else if (!accountDto.isInProtection() && systemMappingService.isEnabledProtection(accountDto)) {
            // This identity account is last ... protection will be
            // activated
            activateProtection(accountDto);
            accountDto = accountService.save(accountDto);
            entity.setRoleSystem(null);
            entity.setIdentityRole(null);
            service.save(entity);
            doProvisioningSkipAccountProtection(accountDto, entity.getEntity());
            // identity-account
            if (forceDeleteIdentityAccount) {
                // Target account and AccAccount will be deleted!
                deleteTargetAccount = true;
            } else {
                return new DefaultEventResult<>(event, this);
            }
        }
    }
    service.deleteInternal(entity);
    if (!moreIdentityAccounts && entity.isOwnership()) {
        // We delete all identity accounts first
        identityAccounts.stream().filter(identityAccount -> identityAccount.isOwnership() && !identityAccount.equals(entity)).forEach(identityAccount -> {
            service.delete(identityAccount);
        });
        // Finally we can delete account
        accountService.publish(new AccountEvent(AccountEventType.DELETE, accountDto, ImmutableMap.of(AccAccountService.DELETE_TARGET_ACCOUNT_PROPERTY, deleteTargetAccount, AccAccountService.ENTITY_ID_PROPERTY, entity.getEntity())));
    }
    return new DefaultEventResult<>(event, this);
}
Also used : AccountEvent(eu.bcvsolutions.idm.acc.event.AccountEvent) ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent) Autowired(org.springframework.beans.factory.annotation.Autowired) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) CoreEvent(eu.bcvsolutions.idm.core.api.event.CoreEvent) SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) Map(java.util.Map) IdentityAccountEventType(eu.bcvsolutions.idm.acc.event.IdentityAccountEvent.IdentityAccountEventType) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) AccountEventType(eu.bcvsolutions.idm.acc.event.AccountEvent.AccountEventType) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) Description(org.springframework.context.annotation.Description) ImmutableMap(com.google.common.collect.ImmutableMap) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) DateTime(org.joda.time.DateTime) UUID(java.util.UUID) Serializable(java.io.Serializable) ProvisioningEventType(eu.bcvsolutions.idm.acc.event.ProvisioningEvent.ProvisioningEventType) List(java.util.List) Component(org.springframework.stereotype.Component) AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService) ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) Assert(org.springframework.util.Assert) AccountEvent(eu.bcvsolutions.idm.acc.event.AccountEvent) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) UUID(java.util.UUID) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 44 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method resolveIdentityAccounts.

@Override
public boolean resolveIdentityAccounts(IdmIdentityDto identity) {
    Assert.notNull(identity);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccountList = identityAccountService.find(filter, null).getContent();
    List<IdmIdentityRole> identityRoles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
    boolean provisioningRequired = false;
    if (CollectionUtils.isEmpty(identityRoles) && CollectionUtils.isEmpty(identityAccountList)) {
        // No roles and accounts ... we don't have anything to do
        return false;
    }
    List<AccIdentityAccountDto> identityAccountsToCreate = new ArrayList<>();
    List<AccIdentityAccountDto> identityAccountsToDelete = new ArrayList<>();
    // Is role valid in this moment
    resolveIdentityAccountForCreate(identity, identityAccountList, identityRoles, identityAccountsToCreate, identityAccountsToDelete);
    // Is role invalid in this moment
    resolveIdentityAccountForDelete(identityAccountList, identityRoles, identityAccountsToDelete);
    // Delete invalid identity accounts
    provisioningRequired = !identityAccountsToDelete.isEmpty() ? true : provisioningRequired;
    identityAccountsToDelete.forEach(identityAccount -> identityAccountService.deleteById(identityAccount.getId()));
    // Create new identity accounts
    provisioningRequired = !identityAccountsToCreate.isEmpty() ? true : provisioningRequired;
    identityAccountsToCreate.forEach(identityAccount -> identityAccountService.save(identityAccount));
    return provisioningRequired;
}
Also used : IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) ArrayList(java.util.ArrayList) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Example 45 with AccIdentityAccountDto

use of eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method deleteIdentityAccount.

@Override
public void deleteIdentityAccount(IdmIdentityRoleDto entity) {
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityRoleId(entity.getId());
    Page<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null);
    List<AccIdentityAccountDto> identityAccountList = identityAccounts.getContent();
    identityAccountList.forEach(identityAccount -> {
        identityAccountService.delete(identityAccount);
    });
}
Also used : AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)

Aggregations

AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)50 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)46 Test (org.junit.Test)46 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)32 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)26 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)25 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)24 PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)16 ArrayList (java.util.ArrayList)16 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)13 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)11 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)10 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)10 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)10 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)10 UUID (java.util.UUID)9 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)8 IdmPasswordPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)8