use of eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto in project CzechIdMng by bcvsolutions.
the class DefaultProvisioningExecutorIntegrationTest method testAsynchronousSystem.
@Test
public void testAsynchronousSystem() {
SysSystemDto system = helper.createTestResourceSystem(true);
system.setQueue(true);
system = systemService.save(system);
//
// create test provisioning context
SysProvisioningOperationDto provisioningOperation = createProvisioningOperation(system, "firstname");
Map<ProvisioningAttributeDto, Object> accoutObject = provisioningOperation.getProvisioningContext().getAccountObject();
String uid = (String) accoutObject.get(getProvisioningAttribute(TestHelper.ATTRIBUTE_MAPPING_NAME));
//
// publish event
provisioningExecutor.execute(provisioningOperation);
// is necessary to get again operation from service
SysProvisioningOperationFilter filter = new SysProvisioningOperationFilter();
filter.setSystemEntity(provisioningOperation.getSystemEntity());
filter.setSystemId(system.getId());
SysProvisioningOperationDto operation = provisioningOperationService.find(filter, null).getContent().get(0);
assertEquals(OperationState.CREATED, operation.getResultState());
SysSystemEntityDto systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, uid);
assertTrue(systemEntity.isWish());
assertNull(helper.findResource(uid));
//
// execute LRT with incorrect setting - virtual at fist - expected no process
ProvisioningQueueTaskExecutor provisioningQueueExecutor = new ProvisioningQueueTaskExecutor();
provisioningQueueExecutor.setVirtual(true);
Boolean result = longRunningTaskManager.executeSync(provisioningQueueExecutor);
assertTrue(result);
IdmLongRunningTaskDto lrt = longRunningTaskManager.getLongRunningTask(provisioningQueueExecutor.getLongRunningTaskId());
assertEquals(0L, lrt.getCount().longValue());
systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, uid);
assertTrue(systemEntity.isWish());
assertNull(helper.findResource(uid));
//
// execute LRT with correct setting
provisioningQueueExecutor = new ProvisioningQueueTaskExecutor();
result = longRunningTaskManager.executeSync(provisioningQueueExecutor);
assertTrue(result);
lrt = longRunningTaskManager.getLongRunningTask(provisioningQueueExecutor);
assertEquals(1L, lrt.getCount().longValue());
systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, uid);
assertFalse(systemEntity.isWish());
assertNotNull(helper.findResource(uid));
}
use of eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method prepareProvisioning.
private SysProvisioningOperationDto prepareProvisioning(SysSystemEntityDto systemEntity, DTO dto, UUID entityId, ProvisioningOperationType operationType, List<? extends AttributeMapping> attributes) {
Assert.notNull(systemEntity);
Assert.notNull(systemEntity.getUid());
Assert.notNull(systemEntity.getEntityType());
SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
Assert.notNull(system);
// If are input attributes null, then we load default mapped attributes
if (attributes == null) {
attributes = findAttributeMappings(system, systemEntity.getEntityType());
}
if (attributes == null || attributes.isEmpty()) {
return null;
}
// Find connector identification persisted in system
IcConnectorKey connectorKey = system.getConnectorKey();
if (connectorKey == null) {
throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
}
// Find connector configuration persisted in system
IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(system);
if (connectorConfig == null) {
throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
}
// One IDM object can be mapped to one connector object (= one connector
// class).
SysSystemMappingDto mapping = getMapping(system, systemEntity.getEntityType());
if (mapping == null) {
// TODO: delete operation?
return null;
}
//
Map<ProvisioningAttributeDto, Object> accountAttributes = prepareMappedAttributesValues(dto, operationType, systemEntity, attributes);
// public provisioning event
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
IcConnectorObject connectorObject = new IcConnectorObjectImpl(systemEntity.getUid(), new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName()), null);
SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(operationType).setSystemEntity(systemEntity).setEntityIdentifier(entityId).setProvisioningContext(new ProvisioningContext(accountAttributes, connectorObject));
//
return operationBuilder.build();
}
use of eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method prepareMappedAttributesValues.
/**
* Prepare all mapped attribute values (= account)
*
* @param dto
* @param operationType
* @param systemEntity
* @param attributes
* @return
*/
protected Map<ProvisioningAttributeDto, Object> prepareMappedAttributesValues(DTO dto, ProvisioningOperationType operationType, SysSystemEntityDto systemEntity, List<? extends AttributeMapping> attributes) {
AccAccountDto account = getAccountSystemEntity(systemEntity.getId());
String uid = systemEntity.getUid();
SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
Map<ProvisioningAttributeDto, Object> accountAttributes = new HashMap<>();
// delete - account attributes is not needed
if (ProvisioningOperationType.DELETE == operationType) {
return accountAttributes;
}
// First we will resolve attribute without MERGE strategy
attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && AttributeMappingStrategyType.AUTHORITATIVE_MERGE != attribute.getStrategyType() && AttributeMappingStrategyType.MERGE != attribute.getStrategyType();
}).forEach(attribute -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
if (attribute.isUid()) {
// TODO: now we set UID from SystemEntity, may be UID from
// AccAccount will be more correct
Object uidValue = getAttributeValue(uid, dto, attribute);
if (uidValue == null) {
throw new ProvisioningException(AccResultCode.PROVISIONING_GENERATED_UID_IS_NULL, ImmutableMap.of("system", system.getName()));
}
if (!(uidValue instanceof String)) {
throw new ProvisioningException(AccResultCode.PROVISIONING_ATTRIBUTE_UID_IS_NOT_STRING, ImmutableMap.of("uid", uidValue, "system", system.getName()));
}
updateAccountUid(account, uid, (String) uidValue);
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), uidValue);
} else {
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), getAttributeValue(uid, dto, attribute));
}
});
// Second we will resolve MERGE attributes
List<? extends AttributeMapping> attributesMerge = attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && (AttributeMappingStrategyType.AUTHORITATIVE_MERGE == attribute.getStrategyType() || AttributeMappingStrategyType.MERGE == attribute.getStrategyType());
}).collect(Collectors.toList());
for (AttributeMapping attributeParent : attributesMerge) {
SysSchemaAttributeDto schemaAttributeParent = getSchemaAttribute(attributeParent);
ProvisioningAttributeDto attributeParentKey = ProvisioningAttributeDto.createProvisioningAttributeKey(attributeParent, schemaAttributeParent.getName());
if (!schemaAttributeParent.isMultivalued()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_MERGE_ATTRIBUTE_IS_NOT_MULTIVALUE, ImmutableMap.of("object", uid, "attribute", schemaAttributeParent.getName(), "system", system.getName()));
}
// we use SET collection because we want collection of merged values without duplicates
Set<Object> mergedValues = new LinkedHashSet<>();
attributes.stream().filter(attribute -> {
SysSchemaAttributeDto schemaAttribute = getSchemaAttribute(attribute);
return !accountAttributes.containsKey(attributeParentKey) && schemaAttributeParent.equals(schemaAttribute) && attributeParent.getStrategyType() == attribute.getStrategyType();
}).forEach(attribute -> {
Object value = getAttributeValue(uid, dto, attribute);
// provisioning in IC)
if (value != null) {
// main list!
if (value instanceof Collection) {
Collection<?> collectionNotNull = ((Collection<?>) value).stream().filter(item -> {
return item != null;
}).collect(Collectors.toList());
mergedValues.addAll(collectionNotNull);
} else {
mergedValues.add(value);
}
}
});
if (!accountAttributes.containsKey(attributeParentKey)) {
// we must put merged values as array list
accountAttributes.put(attributeParentKey, new ArrayList<>(mergedValues));
}
}
return accountAttributes;
}
use of eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningOperationService method getFullAccountObject.
/**
* Returns fully loaded AccountObject with guarded strings.
*
* @param provisioningOperation
* @return
*/
@Override
public Map<ProvisioningAttributeDto, Object> getFullAccountObject(SysProvisioningOperationDto provisioningOperation) {
if (provisioningOperation == null || provisioningOperation.getProvisioningContext() == null || provisioningOperation.getProvisioningContext().getAccountObject() == null) {
return null;
}
//
Map<ProvisioningAttributeDto, Object> fullAccountObject = new HashMap<>();
Map<ProvisioningAttributeDto, Object> accountObject = provisioningOperation.getProvisioningContext().getAccountObject();
for (Entry<ProvisioningAttributeDto, Object> entry : accountObject.entrySet()) {
if (entry.getValue() == null) {
fullAccountObject.put(entry.getKey(), entry.getValue());
continue;
}
Object idmValue = entry.getValue();
// single value
if (idmValue instanceof ConfidentialString) {
fullAccountObject.put(entry.getKey(), confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) idmValue).getKey()));
continue;
}
// array
if (idmValue.getClass().isArray()) {
if (!idmValue.getClass().getComponentType().isPrimitive()) {
// objects only, we dont want pto proces byte, boolean etc.
Object[] idmValues = (Object[]) idmValue;
List<GuardedString> processedValues = new ArrayList<>();
for (int j = 0; j < idmValues.length; j++) {
Object singleValue = idmValues[j];
if (singleValue instanceof ConfidentialString) {
processedValues.add(confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey()));
}
}
if (!processedValues.isEmpty()) {
fullAccountObject.put(entry.getKey(), processedValues.toArray(new GuardedString[processedValues.size()]));
continue;
}
}
} else // collection
if (idmValue instanceof Collection) {
Collection<?> idmValues = (Collection<?>) idmValue;
List<GuardedString> processedValues = new ArrayList<>();
idmValues.forEach(singleValue -> {
if (singleValue instanceof ConfidentialString) {
processedValues.add(confidentialStorage.getGuardedString(provisioningOperation.getId(), SysProvisioningOperation.class, ((ConfidentialString) singleValue).getKey()));
}
});
if (!processedValues.isEmpty()) {
fullAccountObject.put(entry.getKey(), processedValues);
continue;
}
}
// copy value
fullAccountObject.put(entry.getKey(), entry.getValue());
}
return fullAccountObject;
}
use of eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto in project CzechIdMng by bcvsolutions.
the class PrepareConnectorObjectProcessor method updateAttribute.
/**
* Update attribute on resource by given handling attribute and mapped value
* in entity
*
* @param uid
* @param entity
* @param attributeMapping
* @param schemaAttribute
* @param connectorObject
*/
private IcAttribute updateAttribute(String uid, Object idmValue, SysSchemaAttributeDto schemaAttribute, IcConnectorObject existsConnectorObject, SysSystemDto system, ProvisioningAttributeDto provisioningAttributeDto) {
List<IcAttribute> icAttributes = existsConnectorObject.getAttributes();
//
Optional<IcAttribute> icAttributeOptional = icAttributes.stream().filter(ica -> {
return schemaAttribute.getName().equals(ica.getName());
}).findFirst();
IcAttribute icAttribute = null;
if (icAttributeOptional.isPresent()) {
icAttribute = icAttributeOptional.get();
}
return updateAttributeValue(uid, idmValue, schemaAttribute, icAttribute, icAttributes, system, provisioningAttributeDto.getTransformValueFromResourceScript(), provisioningAttributeDto.isSendAlways());
}
Aggregations