Examples with SysProvisioningOperationDto eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto used on opensource projects

Example 31 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method changePassword.

@Override
public List<OperationResult> changePassword(DTO dto, PasswordChangeDto passwordChange) {
    Assert.notNull(dto);
    Assert.notNull(dto.getId(), "Password can be changed, when dto is already persisted.");
    Assert.notNull(passwordChange);
    List<SysProvisioningOperationDto> preparedOperations = new ArrayList<>();
    // 
    EntityAccountFilter filter = this.createEntityAccountFilter();
    filter.setEntityId(dto.getId());
    List<? extends EntityAccountDto> entityAccountList = getEntityAccountService().find(filter, null).getContent();
    if (entityAccountList == null) {
        return Collections.<OperationResult>emptyList();
    }
    // Distinct by accounts
    List<UUID> accountIds = new ArrayList<>();
    entityAccountList.stream().filter(entityAccount -> {
        if (!entityAccount.isOwnership()) {
            return false;
        }
        if (passwordChange.isAll()) {
            // Add all account supports change password
            if (entityAccount.getAccount() == null) {
                return false;
            }
            // Check if system for this account support change password
            AccAccountFilter accountFilter = new AccAccountFilter();
            accountFilter.setSupportChangePassword(Boolean.TRUE);
            accountFilter.setId(entityAccount.getAccount());
            List<AccAccountDto> accountsChecked = accountService.find(accountFilter, null).getContent();
            if (accountsChecked.size() == 1) {
                return true;
            }
            return false;
        } else {
            return passwordChange.getAccounts().contains(entityAccount.getAccount().toString());
        }
    }).forEach(entityAccount -> {
        if (!accountIds.contains(entityAccount.getAccount())) {
            accountIds.add(entityAccount.getAccount());
        }
    });
    // 
    List<AccAccountDto> accounts = new ArrayList<>();
    accountIds.forEach(accountId -> {
        AccAccountDto account = accountService.get(accountId);
        accounts.add(account);
        // find uid from system entity or from account
        String uid = account.getUid();
        SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
        SysSystemEntityDto systemEntity = systemEntityService.get(account.getSystemEntity());
        // 
        // Find mapped attributes (include overloaded attributes)
        List<AttributeMapping> finalAttributes = resolveMappedAttributes(account, dto, system, systemEntity.getEntityType());
        if (CollectionUtils.isEmpty(finalAttributes)) {
            return;
        }
        // We try find __PASSWORD__ attribute in mapped attributes
        Optional<? extends AttributeMapping> attriubuteHandlingOptional = finalAttributes.stream().filter((attribute) -> {
            SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
            return ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME.equals(schemaAttributeDto.getName());
        }).findFirst();
        if (!attriubuteHandlingOptional.isPresent()) {
            throw new ProvisioningException(AccResultCode.PROVISIONING_PASSWORD_FIELD_NOT_FOUND, ImmutableMap.of("uid", uid, "system", system.getName()));
        }
        AttributeMapping mappedAttribute = attriubuteHandlingOptional.get();
        // 
        // add all account attributes => standard provisioning
        SysProvisioningOperationDto additionalProvisioningOperation = null;
        List<AttributeMapping> additionalPasswordChangeAttributes = resolveAdditionalPasswordChangeAttributes(account, dto, system, systemEntity.getEntityType());
        if (!additionalPasswordChangeAttributes.isEmpty()) {
            additionalProvisioningOperation = prepareProvisioning(systemEntity, dto, dto.getId(), ProvisioningOperationType.UPDATE, additionalPasswordChangeAttributes);
        }
        // 
        // password change operation
        SysProvisioningOperationDto operation;
        if (provisioningExecutor.getConfiguration().isSendPasswordAttributesTogether() && additionalProvisioningOperation != null) {
            // all attributes as start
            operation = additionalProvisioningOperation;
            // 
            // add wish for password
            ProvisioningAttributeDto passwordAttribute = ProvisioningAttributeDto.createProvisioningAttributeKey(mappedAttribute, schemaAttributeService.get(mappedAttribute.getSchemaAttribute()).getName());
            Object value = passwordChange.getNewPassword();
            if (!mappedAttribute.isEntityAttribute() && !mappedAttribute.isExtendedAttribute()) {
            // If is attribute handling resolve as constant, then we
            // don't want
            // do transformation again (was did in getAttributeValue)
            } else {
                value = attributeMappingService.transformValueToResource(systemEntity.getUid(), value, mappedAttribute, dto);
            }
            operation.getProvisioningContext().getAccountObject().put(passwordAttribute, value);
            // 
            // do provisioning for additional attributes and password
            // together
            preparedOperations.add(operation);
        } else {
            // Change password on target system - only
            // TODO: refactor password change - use account wish instead
            // filling connector object attributes directly
            operation = prepareProvisioningForAttribute(systemEntity, mappedAttribute, passwordChange.getNewPassword(), ProvisioningOperationType.UPDATE, dto);
            preparedOperations.add(operation);
            // do provisioning for additional attributes in second
            if (additionalProvisioningOperation != null) {
                preparedOperations.add(additionalProvisioningOperation);
            }
        }
    });
    // execute prepared operations
    return preparedOperations.stream().map(operation -> {
        SysProvisioningOperationDto result = provisioningExecutor.executeSync(operation);
        Map<String, Object> parameters = new LinkedHashMap<String, Object>();
        AccAccountDto account = accounts.stream().filter(a -> {
            return a.getUid().equals(result.getSystemEntityUid()) && a.getSystem().equals(operation.getSystem());
        }).findFirst().get();
        SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system, SysSystemDto.class);
        // 
        IdmAccountDto resultAccountDto = new IdmAccountDto();
        resultAccountDto.setId(account.getId());
        resultAccountDto.setUid(account.getUid());
        resultAccountDto.setRealUid(account.getRealUid());
        resultAccountDto.setSystemId(system.getId());
        resultAccountDto.setSystemName(system.getName());
        parameters.put(IdmAccountDto.PARAMETER_NAME, resultAccountDto);
        // 
        if (result.getResult().getState() == OperationState.EXECUTED) {
            // Add success changed password account
            return new OperationResult.Builder(OperationState.EXECUTED).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_SUCCESS, parameters)).build();
        }
        OperationResult changeResult = new OperationResult.Builder(result.getResult().getState()).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_FAILED, parameters)).build();
        changeResult.setCause(result.getResult().getCause());
        changeResult.setCode(result.getResult().getCode());
        return changeResult;
    }).collect(Collectors.toList());
}

Example 32 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class ProvisioningBreakProcessorTest method testBlockSystemUpdateCombination.

@Test
public void testBlockSystemUpdateCombination() {
    SysSystemDto system = testHelper.createTestResourceSystem(true);
    // 
    IdmIdentityDto identity = testHelper.createIdentity();
    createProvisioningBreak(20l, 1, null, ProvisioningEventType.UPDATE, system.getId());
    // 
    this.createAccount(system, identity);
    // 
    // 
    // create
    provisioningService.doProvisioning(identity);
    // 
    SysSystemEntityDto systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, identity.getUsername());
    SysProvisioningBatchDto batch = batchService.findBatch(system.getId(), identity.getId(), systemEntity.getId());
    // 
    assertNull(batch);
    // 
    provisioningService.doProvisioning(identity);
    // block
    provisioningService.doProvisioning(identity);
    // 
    systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, identity.getUsername());
    batch = batchService.findBatch(system.getId(), identity.getId(), systemEntity.getId());
    List<SysProvisioningOperationDto> content = provisioningOperationService.findByBatchId(batch.getId(), null).getContent();
    assertEquals(1, content.size());
    // 
    SysProvisioningOperationDto sysProvisioningOperationDto = content.get(0);
    // 
    assertEquals(ProvisioningEventType.UPDATE, sysProvisioningOperationDto.getOperationType());
    assertEquals(OperationState.BLOCKED, sysProvisioningOperationDto.getResult().getState());
}

Example 33 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class CleanProvisioningQueueTaskExecutorIntegrationTest method testLrtWithFilterBatch.

@Test
public void testLrtWithFilterBatch() {
    // create identity
    IdmIdentityDto person = createIdentity("firstName" + System.currentTimeMillis(), "Surname" + System.currentTimeMillis(), "email" + System.currentTimeMillis() + "@gemail.eu", "000000009", false);
    IdmIdentityDto personSecond = createIdentity("firstName" + System.currentTimeMillis(), "Surname" + System.currentTimeMillis(), "email" + System.currentTimeMillis() + "@gemail.eu", "000000009", false);
    // create system read only
    SysSystemDto system = helper.createTestResourceSystem(true);
    system.setReadonly(true);
    systemService.save(system);
    // create role, "assign" role to system, "assign" role to identity
    IdmRoleDto role = helper.createRole();
    SysRoleSystemDto roleSystemDefault = helper.createRoleSystem(role, system);
    roleSystemDefault.setSystemMapping(helper.getDefaultMapping(system).getId());
    roleSystemService.save(roleSystemDefault);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(person, role);
    identityRole.setValidFrom(LocalDate.now().plusDays(1));
    identityRoleService.save(identityRole);
    // create system read only
    SysSystemDto systemSecond = helper.createTestResourceSystem(true);
    systemSecond.setReadonly(true);
    systemService.save(systemSecond);
    // create role, "assign" role to system, "assign" role to identity
    IdmRoleDto roleSecond = helper.createRole();
    SysRoleSystemDto roleSystemDefaultSecond = helper.createRoleSystem(roleSecond, systemSecond);
    roleSystemDefaultSecond.setSystemMapping(helper.getDefaultMapping(systemSecond).getId());
    roleSystemService.save(roleSystemDefaultSecond);
    helper.createIdentityRole(personSecond, roleSecond);
    // find items in provisioning queue// first system// 2 provisioning operations, but 1 batch
    SysProvisioningOperationFilter filter = new SysProvisioningOperationFilter();
    filter.setSystemId(system.getId());
    Page<SysProvisioningOperationDto> page = sysProvisioningOperationService.find(filter, null);
    Assert.assertEquals(2, page.getContent().size());
    // find items in provisioning queue// second system
    SysProvisioningOperationFilter filterSecond = new SysProvisioningOperationFilter();
    filterSecond.setSystemId(systemSecond.getId());
    Page<SysProvisioningOperationDto> pageSecond = sysProvisioningOperationService.find(filterSecond, null);
    Assert.assertEquals(1, pageSecond.getContent().size());
    UUID batchId = page.getContent().get(0).getBatch();
    SysProvisioningBatchDto batch = sysProvisioningBatchService.get(batchId);
    assertNotNull(batch);
    // find items in provisioning queue
    SysProvisioningOperationFilter filterBatch = new SysProvisioningOperationFilter();
    filterBatch.setBatchId(batchId);
    Page<SysProvisioningOperationDto> pageBatch = sysProvisioningOperationService.find(filterBatch, null);
    Assert.assertEquals(2, pageBatch.getContent().size());
    // create and start LRT to clean
    CancelProvisioningQueueTaskExecutor lrt = new CancelProvisioningQueueTaskExecutor();
    // 
    SysProvisioningOperationFilter filterLrt = new SysProvisioningOperationFilter();
    filterLrt.setSystemId(system.getId());
    filterLrt.setOperationType(ProvisioningEventType.CREATE);
    // 
    // filter will find just 1 provisioning operation of same batch, but clean both
    page = sysProvisioningOperationService.find(filterLrt, null);
    Assert.assertEquals(1, page.getContent().size());
    lrt.setFilter(filterLrt);
    // 
    longRunningTaskManager.executeSync(lrt);
    // items in queue are cleaned
    filter = new SysProvisioningOperationFilter();
    filter.setSystemId(system.getId());
    page = sysProvisioningOperationService.find(filter, null);
    Assert.assertEquals(0, page.getContent().size());
    batch = sysProvisioningBatchService.get(batchId);
    assertNull(batch);
    // find items in provisioning queue// both systems
    pageSecond = sysProvisioningOperationService.find(filterSecond, null);
    Assert.assertEquals(1, pageSecond.getContent().size());
    // archive
    SysProvisioningOperationFilter filterArchive = new SysProvisioningOperationFilter();
    filterArchive.setSystemId(system.getId());
    Page<SysProvisioningArchiveDto> archivePage = archiveService.find(filterArchive, null);
    // 2 provisioning operation
    Assert.assertEquals(2, archivePage.getContent().size());
}

Example 34 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class DefaultProvisioningExecutorIntegrationTest method createProvisioningOperation.

/**
 * Prepare provisioning context and operation
 *
 * @param system
 * @return
 */
private SysProvisioningOperationDto createProvisioningOperation(SysSystemDto system, String firstname) {
    ProvisioningContext context = new ProvisioningContext();
    SysSystemEntityDto systemEntity = helper.createSystemEntity(system);
    Map<ProvisioningAttributeDto, Object> accoutObject = createAccountObject(systemEntity, firstname);
    context.setAccountObject(accoutObject);
    // 
    // prepare provisioning operation
    SysSystemMappingDto systemMapping = helper.getDefaultMapping(system);
    IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassService.get(systemMapping.getObjectClass()).getObjectClassName());
    IcConnectorObject connectorObject = new IcConnectorObjectImpl(null, objectClass, null);
    SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(ProvisioningOperationType.CREATE).setSystemEntity(systemEntity).setProvisioningContext(new ProvisioningContext(accoutObject, connectorObject));
    return operationBuilder.build();
}

Example 35 with SysProvisioningOperationDto

use of eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto in project CzechIdMng by bcvsolutions.

the class DefaultProvisioningExecutorIntegrationTest method testRetryProvisioning.

@Test
public void testRetryProvisioning() {
    testProvisioningExceptionProcessor.setDisabled(false);
    try {
        SysSystemDto system = helper.createTestResourceSystem(true);
        SysProvisioningOperationDto provisioningOperation = createProvisioningOperation(system, "firstname");
        Map<ProvisioningAttributeDto, Object> accoutObject = provisioningOperation.getProvisioningContext().getAccountObject();
        String uid = (String) accoutObject.get(getProvisioningAttribute(TestHelper.ATTRIBUTE_MAPPING_NAME));
        DateTime now = new DateTime();
        // 
        // publish event
        // publish event
        // 1 - create
        provisioningExecutor.execute(provisioningOperation);
        // is necessary to get again operation from service
        SysProvisioningOperationFilter filter = new SysProvisioningOperationFilter();
        filter.setSystemEntity(provisioningOperation.getSystemEntity());
        filter.setSystemId(system.getId());
        SysProvisioningOperationDto operation = provisioningOperationService.find(filter, null).getContent().get(0);
        SysProvisioningBatchDto batch = provisioningBatchService.findBatch(system.getId(), operation.getEntityIdentifier(), operation.getSystemEntity());
        Assert.assertEquals(OperationState.EXCEPTION, operation.getResultState());
        Assert.assertEquals(AccResultCode.PROVISIONING_FAILED.name(), operation.getResult().getModel().getStatusEnum());
        Assert.assertEquals(1, operation.getCurrentAttempt());
        Assert.assertTrue(operation.getMaxAttempts() > 1);
        Assert.assertTrue(batch.getNextAttempt().isAfter(now));
        SysSystemEntityDto systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, uid);
        Assert.assertTrue(systemEntity.isWish());
        Assert.assertNull(helper.findResource(uid));
        // 
        batch.setNextAttempt(new DateTime());
        provisioningBatchService.save(batch);
        // 
        // retry - the same exception expected
        RetryProvisioningTaskExecutor retryProvisioningTaskExecutor = new RetryProvisioningTaskExecutor();
        Boolean result = longRunningTaskManager.executeSync(retryProvisioningTaskExecutor);
        Assert.assertTrue(result);
        operation = provisioningOperationService.get(operation.getId());
        batch = provisioningBatchService.findBatch(system.getId(), operation.getEntityIdentifier(), systemEntity.getId());
        Assert.assertEquals(2, operation.getCurrentAttempt());
        Assert.assertTrue(batch.getNextAttempt().isAfter(now));
        // 
        batch.setNextAttempt(new DateTime());
        provisioningBatchService.save(batch);
        // 
        // retry - expected success now
        testProvisioningExceptionProcessor.setDisabled(true);
        retryProvisioningTaskExecutor = new RetryProvisioningTaskExecutor();
        result = longRunningTaskManager.executeSync(retryProvisioningTaskExecutor);
        Assert.assertTrue(result);
        // 
        systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, SystemEntityType.IDENTITY, uid);
        Assert.assertFalse(systemEntity.isWish());
        Assert.assertNotNull(helper.findResource(uid));
        Assert.assertNull(provisioningBatchService.get(batch.getId()));
    } finally {
        testProvisioningExceptionProcessor.setDisabled(true);
    }
}