Search in sources :

Example 26 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class PrepareConnectorObjectProcessor method process.

/**
 * Prepare provisioning operation execution
 */
@Override
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
    SysProvisioningOperationDto provisioningOperation = event.getContent();
    SysSystemDto system = systemService.get(provisioningOperation.getSystem());
    IcObjectClass objectClass = provisioningOperation.getProvisioningContext().getConnectorObject().getObjectClass();
    SysSystemEntityDto systemEntity = provisioningOperationService.getByProvisioningOperation(provisioningOperation);
    String uid = systemEntity.getUid();
    boolean isWish = systemEntity.isWish();
    LOG.debug("Start preparing attribubes for provisioning operation [{}] for object with uid [{}] and connector object [{}]", provisioningOperation.getOperationType(), uid, objectClass.getType());
    // Find connector identification persisted in system
    if (system.getConnectorKey() == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // load connector configuration
    IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(system);
    if (connectorConfig == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // 
    try {
        IcConnectorObject existsConnectorObject = null;
        // call the connector and auto mapping is not allowed.
        if (!(isWish && !provisioningConfiguration.isAllowedAutoMappingOnExistingAccount())) {
            IcUidAttribute uidAttribute = new IcUidAttributeImpl(null, uid, null);
            existsConnectorObject = connectorFacade.readObject(system.getConnectorInstance(), connectorConfig, objectClass, uidAttribute);
        }
        if (existsConnectorObject == null) {
            processCreate(provisioningOperation);
        } else {
            processUpdate(provisioningOperation, connectorConfig, existsConnectorObject);
        }
        // 
        LOG.debug("Preparing attribubes for provisioning operation [{}] for object with uid [{}] and connector object [{}] is sucessfully completed", provisioningOperation.getOperationType(), uid, objectClass.getType());
        // set back to event content
        provisioningOperation = provisioningOperationService.save(provisioningOperation);
        event.setContent(provisioningOperation);
        return new DefaultEventResult<>(event, this);
    } catch (Exception ex) {
        ResultModel resultModel;
        if (ex instanceof ResultCodeException) {
            resultModel = ((ResultCodeException) ex).getError().getError();
        } else {
            resultModel = new DefaultResultModel(AccResultCode.PROVISIONING_PREPARE_ACCOUNT_ATTRIBUTES_FAILED, ImmutableMap.of("name", uid, "system", system.getName(), "operationType", provisioningOperation.getOperationType(), "objectClass", objectClass.getType()));
        }
        LOG.error(resultModel.toString(), ex);
        provisioningOperation.setResult(new OperationResult.Builder(OperationState.EXCEPTION).setModel(resultModel).setCause(ex).build());
        // 
        provisioningOperation = provisioningOperationService.save(provisioningOperation);
        // 
        notificationManager.send(AccModuleDescriptor.TOPIC_PROVISIONING, new IdmMessageDto.Builder().setModel(resultModel).build());
        // set back to event content
        event.setContent(provisioningOperation);
        return new DefaultEventResult<>(event, this, true);
    }
}
Also used : IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IcUidAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcUidAttributeImpl) IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)

Example 27 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class ProvisioningSendNotificationProcessor method process.

@Override
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
    SysProvisioningOperationDto provisioningOperation = event.getContent();
    String uid = provisioningOperationService.getByProvisioningOperation(provisioningOperation).getUid();
    IdmIdentityDto identity = null;
    if (provisioningOperation.getEntityIdentifier() != null && SystemEntityType.IDENTITY == provisioningOperation.getEntityType()) {
        identity = identityService.get(provisioningOperation.getEntityIdentifier());
    }
    // TODO: identity or email null, send message to actual log user?
    if (identity != null && identity.getState() != IdentityState.CREATED) {
        for (IcAttribute attribute : provisioningOperationService.getFullConnectorObject(provisioningOperation).getAttributes()) {
            // TODO: send password always, when create?
            if (attribute instanceof IcPasswordAttribute && attribute.getValue() != null) {
                GuardedString password = ((IcPasswordAttribute) attribute).getPasswordValue();
                // 
                // send message with new password to identity, topic has connection to templates
                SysSystemDto system = systemService.get(provisioningOperation.getSystem());
                notificationManager.send(AccModuleDescriptor.TOPIC_NEW_PASSWORD, new IdmMessageDto.Builder().setLevel(NotificationLevel.SUCCESS).addParameter("systemName", system.getName()).addParameter("uid", uid).addParameter("password", password).build(), identity);
                break;
            }
        }
    }
    return new DefaultEventResult<>(event, this);
}
Also used : IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IcPasswordAttribute(eu.bcvsolutions.idm.ic.api.IcPasswordAttribute) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)

Example 28 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class SysProvisioningOperationController method cancel.

@ResponseBody
@PreAuthorize("hasAuthority('" + AccGroupPermission.SYSTEM_ADMIN + "')")
@RequestMapping(value = "/{backendId}/cancel", method = RequestMethod.PUT)
@ApiOperation(value = "Cancel provisioning operation", nickname = "cancelProvisioningOperation", response = SysProvisioningOperation.class, tags = { SysProvisioningOperationController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = AccGroupPermission.SYSTEM_ADMIN, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = AccGroupPermission.SYSTEM_ADMIN, description = "") }) })
public ResponseEntity<?> cancel(@ApiParam(value = "Provisioning operation's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
    SysProvisioningOperationDto provisioningOperation = getDto(backendId);
    if (provisioningOperation == null) {
        throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
    }
    provisioningOperation = provisioningExecutor.cancel(provisioningOperation);
    return new ResponseEntity<>(toResource(provisioningOperation), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ResponseBody(org.springframework.web.bind.annotation.ResponseBody) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 29 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class SysProvisioningOperationController method retry.

@ResponseBody
@PreAuthorize("hasAuthority('" + AccGroupPermission.SYSTEM_ADMIN + "')")
@RequestMapping(value = "/{backendId}/retry", method = RequestMethod.PUT)
@ApiOperation(value = "Retry provisioning operation", nickname = "retryProvisioningOperation", response = SysProvisioningOperation.class, tags = { SysProvisioningOperationController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = AccGroupPermission.SYSTEM_ADMIN, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = AccGroupPermission.SYSTEM_ADMIN, description = "") }) })
public ResponseEntity<?> retry(@ApiParam(value = "Provisioning operation's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
    SysProvisioningOperationDto provisioningOperation = getDto(backendId);
    if (provisioningOperation == null) {
        throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
    }
    provisioningOperation = provisioningExecutor.executeSync(provisioningOperation);
    return new ResponseEntity<>(toResource(provisioningOperation), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ResponseBody(org.springframework.web.bind.annotation.ResponseBody) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 30 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method prepareProvisioningForAttribute.

private SysProvisioningOperationDto prepareProvisioningForAttribute(SysSystemEntityDto systemEntity, AttributeMapping attributeMapping, Object value, ProvisioningOperationType operationType, DTO dto) {
    Assert.notNull(systemEntity);
    Assert.notNull(systemEntity.getSystem());
    Assert.notNull(systemEntity.getEntityType());
    Assert.notNull(systemEntity.getUid());
    Assert.notNull(attributeMapping);
    SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attributeMapping);
    if (!schemaAttributeDto.isUpdateable()) {
        throw new ProvisioningException(AccResultCode.PROVISIONING_SCHEMA_ATTRIBUTE_IS_NOT_UPDATEABLE, ImmutableMap.of("property", attributeMapping.getIdmPropertyName(), "uid", systemEntity.getUid()));
    }
    SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(schemaAttributeDto.getObjectClass());
    String objectClassName = schemaObjectClassDto.getObjectClassName();
    // We do transformation to system if is attribute only constant
    Object valueTransformed = value;
    if (!attributeMapping.isEntityAttribute() && !attributeMapping.isExtendedAttribute()) {
    // If is attribute handling resolve as constant, then we don't want
    // do transformation again (was did in getAttributeValue)
    } else {
        valueTransformed = attributeMappingService.transformValueToResource(systemEntity.getUid(), value, attributeMapping, dto);
    }
    IcAttribute icAttributeForCreate = attributeMappingService.createIcAttribute(schemaAttributeDto, valueTransformed);
    // 
    // Call ic modul for update single attribute
    IcConnectorObject connectorObject = new IcConnectorObjectImpl(systemEntity.getUid(), new IcObjectClassImpl(objectClassName), ImmutableList.of(icAttributeForCreate));
    SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(ProvisioningEventType.UPDATE).setSystemEntity(systemEntity).setEntityIdentifier(dto == null ? null : dto.getId()).setProvisioningContext(new ProvisioningContext(connectorObject));
    // 
    return operationBuilder.build();
}
Also used : IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)

Aggregations

SysProvisioningOperationDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)39 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)31 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)19 Test (org.junit.Test)19 SysProvisioningOperationFilter (eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)17 SysSystemEntityDto (eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)16 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)16 ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)13 OperationResult (eu.bcvsolutions.idm.core.api.entity.OperationResult)12 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 ProvisioningContext (eu.bcvsolutions.idm.acc.domain.ProvisioningContext)10 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)10 SysProvisioningBatchDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningBatchDto)9 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)9 IcObjectClass (eu.bcvsolutions.idm.ic.api.IcObjectClass)9 ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)8 DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)8 IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)8 IcUidAttribute (eu.bcvsolutions.idm.ic.api.IcUidAttribute)8 IcConnectorObjectImpl (eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)8