Examples with AccUniformPasswordDto eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto used on opensource projects

Example 1 with AccUniformPasswordDto

use of eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultPasswordFilterManager method getAccountsForPasswordChange.

/**
 * Return accounts that exists in given uniform password definitions. Second parameter supportPasswordFilter
 * return only managed system with password filter (echo support).
 *
 * @param passwordDefinitions
 * @param identityId
 * @param supportPasswordFilter
 * @return
 */
private List<AccAccountDto> getAccountsForPasswordChange(List<AccUniformPasswordDto> passwordDefinitions, UUID identityId, Boolean supportPasswordFilter) {
    Assert.notNull(identityId, "Identity cannot be null!");
    List<AccAccountDto> accounts = Lists.newArrayList();
    AccAccountFilter filter = new AccAccountFilter();
    filter.setSupportPasswordFilter(supportPasswordFilter);
    filter.setIdentityId(identityId);
    for (AccUniformPasswordDto definition : passwordDefinitions) {
        filter.setUniformPasswordId(definition.getId());
        accounts.addAll(accountService.find(filter, null).getContent());
    }
    return accounts;
}

Example 2 with AccUniformPasswordDto

use of eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultPasswordFilterManager method getActiveUniformPasswordDefinitions.

/**
 * Get active uniform password definition for given system. System can be now only in
 * one password definition.
 * TODO: this behavior can be changed in future.
 *
 * @param systemDto
 * @return
 * @throws ResultCodeException when definition not found or uniform password definition is disabled
 */
private List<AccUniformPasswordDto> getActiveUniformPasswordDefinitions(SysSystemDto systemDto) {
    AccUniformPasswordFilter filter = new AccUniformPasswordFilter();
    filter.setSystemId(systemDto.getId());
    filter.setDisabled(Boolean.FALSE);
    List<AccUniformPasswordDto> definitions = uniformPasswordService.find(filter, null).getContent();
    if (definitions.isEmpty()) {
        return Lists.newArrayList();
    }
    return definitions;
}

Example 3 with AccUniformPasswordDto

use of eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultUniformPasswordManagerIntegrationTest method testUniformPasswordInIdM.

@Test
public void testUniformPasswordInIdM() {
    try {
        // Turn on an async execution.
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, true);
        getHelper().setConfigurationValue(SchedulerConfiguration.PROPERTY_TASK_ASYNCHRONOUS_ENABLED, true);
        SysSystemDto contractSystem = initData();
        Assert.assertNotNull(contractSystem);
        IdmTreeTypeDto treeType = helper.createTreeType();
        AbstractSysSyncConfigDto config = doCreateSyncConfig(contractSystem, treeType);
        Assert.assertTrue(config instanceof SysSyncContractConfigDto);
        SysSystemDto targetSystemOne = helper.createTestResourceSystem(true);
        // Create system two with account suffix "_targetSystemTwo".
        String targetSystemTwoSuffix = "_targetSystemTwo";
        SysSystemDto targetSystemTwo = helper.createTestResourceSystem(true);
        // Create uniform password definition.
        AccUniformPasswordDto uniformPasswordDef = createUniformPasswordDef(targetSystemOne, targetSystemTwo);
        // Enable change in the IdM.
        uniformPasswordDef.setChangeInIdm(true);
        uniformPasswordService.save(uniformPasswordDef);
        SysSystemMappingDto provisioningMapping = systemMappingService.findProvisioningMapping(targetSystemTwo.getId(), SystemEntityType.IDENTITY);
        List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(provisioningMapping);
        SysSystemAttributeMappingDto uidAttribute = schemaAttributeMappingService.getUidAttribute(attributeMappingDtos, targetSystemTwo);
        uidAttribute.setTransformToResourceScript("return attributeValue + \"" + targetSystemTwoSuffix + "\"");
        schemaAttributeMappingService.save(uidAttribute);
        IdmRoleDto automaticRoleTreeOne = helper.createRole();
        helper.createRoleSystem(automaticRoleTreeOne, targetSystemOne);
        IdmTreeNodeDto treeNodeOne = helper.createTreeNode(treeType, null);
        helper.createAutomaticRole(automaticRoleTreeOne, treeNodeOne);
        IdmRoleDto automaticRoleTreeTwo = helper.createRole();
        helper.createRoleSystem(automaticRoleTreeTwo, targetSystemTwo);
        IdmTreeNodeDto treeNodeTwo = helper.createTreeNode(treeType, null);
        helper.createAutomaticRole(automaticRoleTreeTwo, treeNodeTwo);
        IdmIdentityDto ownerOne = helper.createIdentityOnly();
        List<TestContractResource> contractResources = Lists.newArrayList(this.createContract("1", ownerOne.getUsername(), null, "true", treeNodeOne.getCode(), null, null, null), this.createContract("2", ownerOne.getUsername(), null, "false", treeNodeTwo.getCode(), null, null, null));
        this.getBean().initContractData(contractResources);
        IdmIdentityContractFilter contractFilter = new IdmIdentityContractFilter();
        contractFilter.setIdentity(ownerOne.getId());
        contractService.find(contractFilter, null).getContent().forEach(contract -> contractService.delete(contract));
        Assert.assertEquals(0, contractService.find(contractFilter, null).getTotalElements());
        IdmIdentityFilter identityFilter = new IdmIdentityFilter();
        identityFilter.setAddPasswordMetadata(true);
        ownerOne = identityService.get(ownerOne.getId(), identityFilter);
        // Identities should be in the CREATED state.
        Assert.assertEquals(IdentityState.CREATED, ownerOne.getState());
        Assert.assertNull(ownerOne.getPassword());
        Assert.assertNull(ownerOne.getPasswordMetadata());
        SynchronizationSchedulableTaskExecutor lrt = new SynchronizationSchedulableTaskExecutor(config.getId());
        LongRunningFutureTask<Boolean> longRunningFutureTask = longRunningTaskManager.execute(lrt);
        UUID transactionIdLrt = longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getTransactionId();
        // Waiting for the LRT will be running.
        getHelper().waitForResult(res -> {
            return !longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).isRunning();
        }, 50, 40);
        // Waiting for the LRT will be EXECUTED.
        getHelper().waitForResult(res -> {
            return longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState() != OperationState.EXECUTED;
        }, 250, 100);
        Assert.assertEquals(longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState(), OperationState.EXECUTED);
        SysSyncLogDto log = helper.checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 2, OperationResultType.SUCCESS);
        Assert.assertFalse(log.isRunning());
        Assert.assertFalse(log.isContainsError());
        UUID transactionId = log.getTransactionId();
        Assert.assertNotNull(transactionId);
        Assert.assertEquals(transactionIdLrt, transactionId);
        contractFilter.setIdentity(ownerOne.getId());
        Assert.assertEquals(2, contractService.count(contractFilter));
        ownerOne = identityService.get(ownerOne.getId());
        // Identities should have a valid state.
        Assert.assertEquals(IdentityState.VALID, ownerOne.getState());
        // Waiting for removing entity state.
        IdmIdentityDto finalOwnerOne = ownerOne;
        getHelper().waitForResult(res -> {
            return uniformPasswordManager.getEntityState(finalOwnerOne.getId(), IdmIdentityDto.class, transactionId) != null;
        }, 50, 100);
        // LRT ended, entityStates must be removed.
        IdmEntityStateDto entityStateDtoOwnerOne = uniformPasswordManager.getEntityState(ownerOne.getId(), IdmIdentityDto.class, transactionId);
        Assert.assertNull(entityStateDtoOwnerOne);
        TestResource resourceOwnerOne = helper.findResource(ownerOne.getUsername());
        Assert.assertNotNull(resourceOwnerOne);
        TestResource resourceOwnerTwo = helper.findResource(ownerOne.getUsername() + targetSystemTwoSuffix);
        Assert.assertNotNull(resourceOwnerTwo);
        String passwordOwnerOne = resourceOwnerOne.getPassword();
        String passwordOwnerTwo = resourceOwnerTwo.getPassword();
        Assert.assertNotNull(passwordOwnerOne);
        Assert.assertNotNull(passwordOwnerTwo);
        Assert.assertEquals(passwordOwnerOne, passwordOwnerTwo);
        // Change in the IdM is enabled.
        ownerOne = identityService.get(ownerOne.getId(), identityFilter);
        Assert.assertNotNull(ownerOne.getPasswordMetadata());
        // One uniform password notification was send.
        IdmNotificationFilter notificationFilter = new IdmNotificationFilter();
        notificationFilter.setRecipient(ownerOne.getUsername());
        notificationFilter.setNotificationType(IdmEmailLog.class);
        notificationFilter.setTopic(CoreModule.TOPIC_UNIFORM_PASSWORD_SET);
        List<IdmNotificationLogDto> notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(1, notificationLogDtos.size());
        // None a new password notification was send.
        notificationFilter.setTopic(AccModuleDescriptor.TOPIC_NEW_PASSWORD);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // None password set notification was send.
        notificationFilter.setTopic(CoreModule.TOPIC_PASSWORD_SET);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // None password change notification was send.
        notificationFilter.setTopic(CoreModule.TOPIC_PASSWORD_CHANGED);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // Delete log
        syncLogService.delete(log);
        // Delete identities.
        identityService.delete(ownerOne);
        // Delete uniform password def.
        uniformPasswordService.delete(uniformPasswordDef);
    } finally {
        // Turn off an async execution.
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, false);
        getHelper().setConfigurationValue(SchedulerConfiguration.PROPERTY_TASK_ASYNCHRONOUS_ENABLED, false);
    }
}

Example 4 with AccUniformPasswordDto

use of eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto in project CzechIdMng by bcvsolutions.

the class DefaultUniformPasswordManagerIntegrationTest method createUniformPasswordDef.

private AccUniformPasswordDto createUniformPasswordDef(SysSystemDto... systems) {
    // Create uniform password definition.
    AccUniformPasswordDto uniformPasswordDto = new AccUniformPasswordDto();
    uniformPasswordDto.setCode(helper.createName());
    uniformPasswordDto.setChangeInIdm(false);
    uniformPasswordDto.setDisabled(false);
    uniformPasswordDto = uniformPasswordService.save(uniformPasswordDto);
    for (SysSystemDto system : systems) {
        AccUniformPasswordSystemDto uniformPasswordSystemDto = new AccUniformPasswordSystemDto();
        uniformPasswordSystemDto.setUniformPassword(uniformPasswordDto.getId());
        uniformPasswordSystemDto.setSystem(system.getId());
        uniformPasswordSystemService.save(uniformPasswordSystemDto);
    }
    return uniformPasswordDto;
}

Example 5 with AccUniformPasswordDto

use of eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto in project CzechIdMng by bcvsolutions.

the class ProvisioningUniformPasswordNotificationProcessor method process.

@Override
@SuppressWarnings("unchecked")
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
    SysProvisioningOperationDto provisioningOperation = event.getContent();
    IdmIdentityDto identityDto = null;
    if (provisioningOperation.getEntityIdentifier() != null && SystemEntityType.IDENTITY == provisioningOperation.getEntityType()) {
        identityDto = identityService.get(provisioningOperation.getEntityIdentifier());
    }
    if (identityDto != null && identityDto.getState() != IdentityState.CREATED) {
        // Notification will be send after end of sync.
        if (identityDto.getId() != null) {
            IdmEntityStateDto uniformPasswordState = uniformPasswordManager.getEntityState(identityDto.getId(), identityDto.getClass(), provisioningOperation.getTransactionId());
            UUID systemId = provisioningOperation.getSystem();
            if (systemId != null) {
                AccUniformPasswordDto uniformPasswordBySystem = uniformPasswordManager.getUniformPasswordBySystem(systemId);
                if (uniformPasswordBySystem != null && uniformPasswordState != null) {
                    // Add name of uniform password group to the entity state.
                    uniformPasswordManager.addSystemNameToEntityState(uniformPasswordState, uniformPasswordBySystem.getCode());
                    ResultModel model = uniformPasswordState.getResult().getModel();
                    // Create new parameters for entity state.
                    HashMap<String, Object> newParameters = Maps.newHashMap(model.getParameters());
                    // Add system entity ID to entity state for uniform password (could be used in bulk notification).
                    UUID systemEntityId = provisioningOperation.getSystemEntity();
                    if (systemEntityId != null) {
                        Object successSystemEntitiesObj = model.getParameters().get(UniformPasswordManager.SUCCESS_SYSTEM_ENTITIES);
                        Set<UUID> successSystemEntities = null;
                        if (successSystemEntitiesObj instanceof Set) {
                            successSystemEntities = (Set<UUID>) successSystemEntitiesObj;
                        } else {
                            successSystemEntities = Sets.newHashSet();
                        }
                        successSystemEntities.add(systemEntityId);
                        newParameters.put(UniformPasswordManager.SUCCESS_SYSTEM_ENTITIES, successSystemEntities);
                    }
                    // Save entity state with new parameters.
                    uniformPasswordState.getResult().setModel(new DefaultResultModel(CoreResultCode.IDENTITY_UNIFORM_PASSWORD, newParameters));
                    entityStateManager.saveState(null, uniformPasswordState);
                }
            }
        }
    }
    return new DefaultEventResult<>(event, this);
}