use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method changePassword.
@Override
public List<OperationResult> changePassword(DTO dto, PasswordChangeDto passwordChange) {
Assert.notNull(dto);
Assert.notNull(dto.getId(), "Password can be changed, when dto is already persisted.");
Assert.notNull(passwordChange);
List<SysProvisioningOperationDto> preparedOperations = new ArrayList<>();
//
EntityAccountFilter filter = this.createEntityAccountFilter();
filter.setEntityId(dto.getId());
List<? extends EntityAccountDto> entityAccountList = getEntityAccountService().find(filter, null).getContent();
if (entityAccountList == null) {
return Collections.<OperationResult>emptyList();
}
// Distinct by accounts
List<UUID> accountIds = new ArrayList<>();
entityAccountList.stream().filter(entityAccount -> {
if (!entityAccount.isOwnership()) {
return false;
}
if (passwordChange.isAll()) {
// Add all account supports change password
if (entityAccount.getAccount() == null) {
return false;
}
// Check if system for this account support change password
AccAccountFilter accountFilter = new AccAccountFilter();
accountFilter.setSupportChangePassword(Boolean.TRUE);
accountFilter.setId(entityAccount.getAccount());
List<AccAccountDto> accountsChecked = accountService.find(accountFilter, null).getContent();
if (accountsChecked.size() == 1) {
return true;
}
return false;
} else {
return passwordChange.getAccounts().contains(entityAccount.getAccount().toString());
}
}).forEach(entityAccount -> {
if (!accountIds.contains(entityAccount.getAccount())) {
accountIds.add(entityAccount.getAccount());
}
});
//
List<AccAccountDto> accounts = new ArrayList<>();
accountIds.forEach(accountId -> {
AccAccountDto account = accountService.get(accountId);
accounts.add(account);
// find uid from system entity or from account
String uid = account.getUid();
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
SysSystemEntityDto systemEntity = systemEntityService.get(account.getSystemEntity());
//
// Find mapped attributes (include overloaded attributes)
List<AttributeMapping> finalAttributes = resolveMappedAttributes(account, dto, system, systemEntity.getEntityType());
if (CollectionUtils.isEmpty(finalAttributes)) {
return;
}
// We try find __PASSWORD__ attribute in mapped attributes
Optional<? extends AttributeMapping> attriubuteHandlingOptional = finalAttributes.stream().filter((attribute) -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
return ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME.equals(schemaAttributeDto.getName());
}).findFirst();
if (!attriubuteHandlingOptional.isPresent()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_PASSWORD_FIELD_NOT_FOUND, ImmutableMap.of("uid", uid, "system", system.getName()));
}
AttributeMapping mappedAttribute = attriubuteHandlingOptional.get();
//
// add all account attributes => standard provisioning
SysProvisioningOperationDto additionalProvisioningOperation = null;
List<AttributeMapping> additionalPasswordChangeAttributes = resolveAdditionalPasswordChangeAttributes(account, dto, system, systemEntity.getEntityType());
if (!additionalPasswordChangeAttributes.isEmpty()) {
additionalProvisioningOperation = prepareProvisioning(systemEntity, dto, dto.getId(), ProvisioningOperationType.UPDATE, additionalPasswordChangeAttributes);
}
//
// password change operation
SysProvisioningOperationDto operation;
if (provisioningExecutor.getConfiguration().isSendPasswordAttributesTogether() && additionalProvisioningOperation != null) {
// all attributes as start
operation = additionalProvisioningOperation;
//
// add wish for password
ProvisioningAttributeDto passwordAttribute = ProvisioningAttributeDto.createProvisioningAttributeKey(mappedAttribute, schemaAttributeService.get(mappedAttribute.getSchemaAttribute()).getName());
Object value = passwordChange.getNewPassword();
if (!mappedAttribute.isEntityAttribute() && !mappedAttribute.isExtendedAttribute()) {
// If is attribute handling resolve as constant, then we
// don't want
// do transformation again (was did in getAttributeValue)
} else {
value = attributeMappingService.transformValueToResource(systemEntity.getUid(), value, mappedAttribute, dto);
}
operation.getProvisioningContext().getAccountObject().put(passwordAttribute, value);
//
// do provisioning for additional attributes and password
// together
preparedOperations.add(operation);
} else {
// Change password on target system - only
// TODO: refactor password change - use account wish instead
// filling connector object attributes directly
operation = prepareProvisioningForAttribute(systemEntity, mappedAttribute, passwordChange.getNewPassword(), ProvisioningOperationType.UPDATE, dto);
preparedOperations.add(operation);
// do provisioning for additional attributes in second
if (additionalProvisioningOperation != null) {
preparedOperations.add(additionalProvisioningOperation);
}
}
});
// execute prepared operations
return preparedOperations.stream().map(operation -> {
SysProvisioningOperationDto result = provisioningExecutor.executeSync(operation);
Map<String, Object> parameters = new LinkedHashMap<String, Object>();
AccAccountDto account = accounts.stream().filter(a -> {
return a.getUid().equals(result.getSystemEntityUid()) && a.getSystem().equals(operation.getSystem());
}).findFirst().get();
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
//
IdmAccountDto resultAccountDto = new IdmAccountDto();
resultAccountDto.setId(account.getId());
resultAccountDto.setUid(account.getUid());
resultAccountDto.setRealUid(account.getRealUid());
resultAccountDto.setSystemId(system.getId());
resultAccountDto.setSystemName(system.getName());
parameters.put(IdmAccountDto.PARAMETER_NAME, resultAccountDto);
//
if (result.getResult().getState() == OperationState.EXECUTED) {
// Add success changed password account
return new OperationResult.Builder(OperationState.EXECUTED).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_SUCCESS, parameters)).build();
}
OperationResult changeResult = new OperationResult.Builder(result.getResult().getState()).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_FAILED, parameters)).build();
changeResult.setCause(result.getResult().getCause());
changeResult.setCode(result.getResult().getCode());
return changeResult;
}).collect(Collectors.toList());
}
use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method createEntityAccount.
/**
* Create instance of relation between account and sync entity. Create and fill
* relation instance. Do not persist she.
*
* @param account
* @param entity
* @param context
* @return
*/
protected EntityAccountDto createEntityAccount(AccAccountDto account, DTO entity, SynchronizationContext context) {
// Create new entity account relation
EntityAccountDto entityAccount = this.createEntityAccountDto();
entityAccount.setAccount(account.getId());
entityAccount.setEntity(entity.getId());
entityAccount.setOwnership(true);
return entityAccount;
}
use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method getAccountByEntity.
/**
* Find account ID by entity ID
*
* @param entityId
* @param systemId
* @return
*/
protected UUID getAccountByEntity(UUID entityId, UUID systemId) {
EntityAccountFilter entityAccountFilter = createEntityAccountFilter();
entityAccountFilter.setEntityId(entityId);
entityAccountFilter.setSystemId(systemId);
entityAccountFilter.setOwnership(Boolean.TRUE);
@SuppressWarnings("unchecked") List<EntityAccountDto> entityAccounts = this.getEntityAccountService().find((BaseFilter) entityAccountFilter, null).getContent();
if (entityAccounts.isEmpty()) {
return null;
} else {
// ownership) have same account!
return entityAccounts.get(0).getEntity();
}
}
use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method getEntityByAccount.
/**
* Find entity by account
*
* @param account
* @param log
* @param logItem
* @param actionLogs
* @return
*/
protected UUID getEntityByAccount(UUID accountId) {
EntityAccountFilter entityAccountFilter = createEntityAccountFilter();
entityAccountFilter.setAccountId(accountId);
entityAccountFilter.setOwnership(Boolean.TRUE);
@SuppressWarnings("unchecked") List<EntityAccountDto> entityAccounts = this.getEntityAccountService().find((BaseFilter) entityAccountFilter, null).getContent();
if (entityAccounts.isEmpty()) {
return null;
} else {
// ownership) have same identity!
return entityAccounts.get(0).getEntity();
}
}
use of eu.bcvsolutions.idm.acc.dto.EntityAccountDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method doCreateEntity.
/**
* Create and persist new entity by data from IC attributes
*
* @param entityType
* @param mappedAttributes
* @param logItem
* @param uid
* @param icAttributes
* @param account
* @param context
*/
@SuppressWarnings("unchecked")
protected void doCreateEntity(SystemEntityType entityType, List<SysSystemAttributeMappingDto> mappedAttributes, SysSyncItemLogDto logItem, String uid, List<IcAttribute> icAttributes, AccAccountDto account, SynchronizationContext context) {
// We will create new entity
addToItemLog(logItem, "Missing entity action is CREATE_ENTITY, we will do create new entity.");
DTO entity = this.createEntityDto();
// Fill entity by mapped attribute
entity = fillEntity(mappedAttributes, uid, icAttributes, entity, true, context);
// Create new entity
entity = this.save(entity, true);
// Update extended attribute (entity must be persisted first)
updateExtendedAttributes(mappedAttributes, uid, icAttributes, entity, true, context);
// Update confidential attribute (entity must be persisted first)
updateConfidentialAttributes(mappedAttributes, uid, icAttributes, entity, true, context);
EntityAccountDto roleAccount = createEntityAccount(account, entity, context);
this.getEntityAccountService().save(roleAccount);
// Entity created
addToItemLog(logItem, MessageFormat.format("Entity with id {0} was created", entity.getId()));
if (logItem != null) {
logItem.setDisplayName(this.getDisplayNameForEntity(entity));
}
// Call provisioning for entity
this.callProvisioningForEntity(entity, entityType, logItem);
}
Aggregations