use of eu.bcvsolutions.idm.acc.dto.SysProvisioningBreakConfigDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessor method process.
@Override
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
try {
SysProvisioningOperationDto provisioningOperation = event.getContent();
ProvisioningEventType operationType = provisioningOperation.getOperationType();
SysSystemDto system = systemService.get(provisioningOperation.getSystem());
// system may be blocked
boolean blocked = isSystemBlockedOperation(operationType, system);
//
if (blocked) {
// system is already blocked
provisioningOperation = blockOperation(provisioningOperation, system);
event.setContent(provisioningOperation);
return new DefaultEventResult<>(event, this, blocked);
}
//
// try found provisioning break configuration
SysProvisioningBreakConfigDto breakConfig = breakConfigService.getConfig(operationType, system.getId());
if (breakConfig == null) {
LOG.debug("Provisioning break configuration for system name: [{}] and operation: [{}] not found. Global configuration will be used.", system.getCode(), operationType.toString());
breakConfig = breakConfigService.getGlobalBreakConfiguration(operationType);
}
//
if (breakConfig == null) {
LOG.debug("Global configuration for provisioning break isn't found.");
return new DefaultEventResult<>(event, this, blocked);
}
//
if (breakConfig.isDisabled()) {
LOG.debug("Provisioning break configuration id: [{}] for system name: [{}] and operation: [{}] is disabled.", breakConfig.getId(), system.getCode(), operationType.toString());
// break configuration is disable continue
return new DefaultEventResult<>(event, this, blocked);
}
Long currentTimeMillis = System.currentTimeMillis();
//
// get cache for system
SysProvisioningBreakItems cache = breakConfigService.getCacheProcessedItems(system.getId());
// calculate timestamp without period
Long timestampWithoutPeriod = currentTimeMillis - breakConfig.getPeriod(TimeUnit.MILLISECONDS);
// remove older records
cache.removeOlderRecordsThan(operationType, timestampWithoutPeriod);
// get actual count - processed items from timestampWithoutPeriod
int actualCount = cache.getSizeRecordsNewerThan(operationType, timestampWithoutPeriod);
// operation count is sum all previous operation except this operation
if (breakConfig.getWarningLimit() != null && breakConfig.getWarningLimit().equals(actualCount)) {
// disabled may be null
if (breakConfig.getDisableLimit() == null) {
LOG.warn("Block for the system id [{}] and operation [{}] is not set. Operation counter [{}].", provisioningOperation.getSystem(), provisioningOperation.getOperationType().toString(), actualCount);
} else {
LOG.warn("To block the system id [{}] for operation [{}] remains [{}] operations + send message.", provisioningOperation.getSystem(), provisioningOperation.getOperationType().toString(), breakConfig.getDisableLimit() - actualCount);
}
IdmNotificationTemplateDto template = null;
if (breakConfig.getWarningTemplate() == null) {
LOG.debug("Warning template for provisioning break id [{}] missing.", breakConfig.getId());
} else {
template = DtoUtils.getEmbedded(breakConfig, SysProvisioningBreakConfig_.warningTemplate, IdmNotificationTemplateDto.class);
}
//
sendMessage(AccModuleDescriptor.TOPIC_PROVISIONING_BREAK_WARNING, system, actualCount, template, breakConfig, operationType, cache.getDiffBetweenActualAndLast(operationType, currentTimeMillis));
} else if (breakConfig.getDisableLimit() != null && actualCount >= breakConfig.getDisableLimit()) {
// check count is higher than disable limit
// block system for operation
blockSystemForOperation(operationType, system);
//
IdmNotificationTemplateDto template = null;
if (breakConfig.getWarningTemplate() == null) {
LOG.debug("Warning template for provisioning break id [{}] missing.", breakConfig.getId());
} else {
template = DtoUtils.getEmbedded(breakConfig, SysProvisioningBreakConfig_.disableTemplate, IdmNotificationTemplateDto.class);
}
//
sendMessage(AccModuleDescriptor.TOPIC_PROVISIONING_BREAK_DISABLE, system, actualCount, template, breakConfig, operationType, cache.getDiffBetweenActualAndLast(operationType, currentTimeMillis));
//
LOG.warn("System id: [{}] will be blocked for operation: [{}].", provisioningOperation.getSystem(), operationType.toString());
provisioningOperation = blockOperation(provisioningOperation, system);
blocked = true;
} else if (breakConfig.getWarningLimit() != null && actualCount > breakConfig.getWarningLimit()) {
// after overrun warning limit, isn't send any another notification - add at least log
if (breakConfig.getDisableLimit() == null) {
LOG.warn("Block for the system id [{}] and operation [{}] is not set. Operation counter [{}].", provisioningOperation.getSystem(), provisioningOperation.getOperationType().toString(), actualCount);
} else {
LOG.warn("To block the system id [{}] for operation [{}] remains [{}] operations.", provisioningOperation.getSystem(), provisioningOperation.getOperationType().toString(), breakConfig.getDisableLimit() - actualCount);
}
}
// remove all unless items in cache
cache.addItem(operationType, currentTimeMillis);
breakConfigService.saveCacheProcessedItems(provisioningOperation.getSystem(), cache);
//
event.setContent(provisioningOperation);
return new DefaultEventResult<>(event, this, blocked);
} catch (Exception ex) {
LOG.error("Unexpect error while evaluate provisioning break.", ex);
throw new ProvisioningException(AccResultCode.PROVISIONING_FAILED, ex);
}
}
use of eu.bcvsolutions.idm.acc.dto.SysProvisioningBreakConfigDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testWarningUpdateOperation.
@Test
public void testWarningUpdateOperation() {
SysSystemDto system = testHelper.createTestResourceSystem(true);
IdmIdentityDto identity = testHelper.createIdentity();
SysProvisioningBreakConfigDto breakConfig = createProvisioningBreak(20l, null, 2, ProvisioningEventType.UPDATE, system.getId());
IdmIdentityDto recipient = testHelper.createIdentity();
createRecipient(breakConfig.getId(), recipient.getId(), null);
//
this.createAccount(system, identity);
//
//
// create
provisioningService.doProvisioning(identity);
provisioningService.doProvisioning(identity);
provisioningService.doProvisioning(identity);
provisioningService.doProvisioning(identity);
//
IdmNotificationFilter filter = new IdmNotificationFilter();
filter.setRecipient(recipient.getUsername());
List<IdmNotificationLogDto> content = notificationLogService.find(filter, null).getContent();
// two notification (notification +
assertEquals(2, content.size());
// parent)
//
system = systemService.get(system.getId());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getUpdateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getCreateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getDeleteOperation());
}
use of eu.bcvsolutions.idm.acc.dto.SysProvisioningBreakConfigDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testUpdateOperationCombination.
@Test
public void testUpdateOperationCombination() {
SysSystemDto system = testHelper.createTestResourceSystem(true);
IdmIdentityDto identity = testHelper.createIdentity();
SysProvisioningBreakConfigDto breakConfig = createProvisioningBreak(20l, 3, 1, ProvisioningEventType.UPDATE, system.getId());
IdmIdentityDto recipient = testHelper.createIdentity();
createRecipient(breakConfig.getId(), recipient.getId(), null);
//
this.createAccount(system, identity);
//
//
// create
provisioningService.doProvisioning(identity);
provisioningService.doProvisioning(identity);
// warning
provisioningService.doProvisioning(identity);
//
IdmNotificationFilter filter = new IdmNotificationFilter();
filter.setRecipient(recipient.getUsername());
List<IdmNotificationLogDto> content = notificationLogService.find(filter, null).getContent();
// two notification (notification +
assertEquals(2, content.size());
// parent)
//
system = systemService.get(system.getId());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getUpdateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getCreateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getDeleteOperation());
//
provisioningService.doProvisioning(identity);
// block
provisioningService.doProvisioning(identity);
//
filter = new IdmNotificationFilter();
filter.setRecipient(recipient.getUsername());
content = notificationLogService.find(filter, null).getContent();
// four notification (notification +
assertEquals(4, content.size());
// parent) + previous
//
system = systemService.get(system.getId());
assertEquals(Boolean.TRUE, system.getBlockedOperation().getUpdateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getCreateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getDeleteOperation());
}
use of eu.bcvsolutions.idm.acc.dto.SysProvisioningBreakConfigDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testRecipientRoleIntegrity.
@Test
public void testRecipientRoleIntegrity() {
SysSystemDto systemDto = testHelper.createSystem(TestResource.TABLE_NAME);
SysProvisioningBreakConfigDto breakConfig = createProvisioningBreak(20l, null, null, ProvisioningEventType.CREATE, systemDto.getId());
//
IdmRoleDto roleDto = testHelper.createRole();
//
this.createRecipient(breakConfig.getId(), null, roleDto.getId());
//
int size = provisioningBreakRecipient.findAllByBreakConfig(breakConfig.getId()).size();
assertEquals(1, size);
//
roleService.delete(roleDto);
//
size = provisioningBreakRecipient.findAllByBreakConfig(breakConfig.getId()).size();
assertEquals(0, size);
}
use of eu.bcvsolutions.idm.acc.dto.SysProvisioningBreakConfigDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testDisableDeleteOperation.
@Test
public void testDisableDeleteOperation() {
SysSystemDto system = testHelper.createTestResourceSystem(true);
IdmIdentityDto identity = testHelper.createIdentity();
IdmIdentityDto identity2 = testHelper.createIdentity();
IdmIdentityDto identity3 = testHelper.createIdentity();
SysProvisioningBreakConfigDto breakConfig = createProvisioningBreak(20l, 2, null, ProvisioningEventType.DELETE, system.getId());
IdmIdentityDto recipient = testHelper.createIdentity();
createRecipient(breakConfig.getId(), recipient.getId(), null);
//
this.createAccount(system, identity);
this.createAccount(system, identity2);
this.createAccount(system, identity3);
//
provisioningService.doProvisioning(identity);
provisioningService.doProvisioning(identity2);
provisioningService.doProvisioning(identity3);
//
identityService.delete(identity);
identityService.delete(identity2);
identityService.delete(identity3);
//
IdmNotificationFilter filter = new IdmNotificationFilter();
filter.setRecipient(recipient.getUsername());
List<IdmNotificationLogDto> content = notificationLogService.find(filter, null).getContent();
// two notification (notification +
assertEquals(2, content.size());
// parent)
//
system = systemService.get(system.getId());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getUpdateOperation());
assertNotEquals(Boolean.TRUE, system.getBlockedOperation().getCreateOperation());
assertEquals(Boolean.TRUE, system.getBlockedOperation().getDeleteOperation());
}
Aggregations