Examples with SysRoleSystemAttributeDto eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto used on opensource projects

Example 16 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemServiceIntegrationTest method testReferentialIntegrity.

@Test
public void testReferentialIntegrity() {
    SysSystemDto system = new SysSystemDto();
    String systemName = getHelper().createName();
    system.setName(systemName);
    system = systemService.save(system);
    // object class
    SysSchemaObjectClassDto objectClass = new SysSchemaObjectClassDto();
    objectClass.setSystem(system.getId());
    objectClass.setObjectClassName("obj_class");
    objectClass = schemaObjectClassService.save(objectClass);
    SysSchemaObjectClassFilter objectClassFilter = new SysSchemaObjectClassFilter();
    objectClassFilter.setSystemId(system.getId());
    // schema attribute
    SysSchemaAttributeDto schemaAttribute = new SysSchemaAttributeDto();
    schemaAttribute.setObjectClass(objectClass.getId());
    schemaAttribute.setName("name");
    schemaAttribute.setClassType("class");
    schemaAttribute = schemaAttributeService.save(schemaAttribute);
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    // system entity handling
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setObjectClass(objectClass.getId());
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping = systemMappingService.save(systemMapping);
    SysSystemMappingFilter entityHandlingFilter = new SysSystemMappingFilter();
    entityHandlingFilter.setSystemId(system.getId());
    // schema attribute handling
    SysSystemAttributeMappingDto schemaAttributeHandling = new SysSystemAttributeMappingDto();
    schemaAttributeHandling.setSchemaAttribute(schemaAttribute.getId());
    schemaAttributeHandling.setSystemMapping(systemMapping.getId());
    schemaAttributeHandling.setName("name");
    schemaAttributeHandling.setIdmPropertyName("name");
    schemaAttributeHandling = systemAttributeMappingService.save(schemaAttributeHandling);
    SysSystemAttributeMappingFilter schemaAttributeHandlingFilter = new SysSystemAttributeMappingFilter();
    schemaAttributeHandlingFilter.setSystemId(system.getId());
    // role system
    IdmRoleDto role = helper.createRole();
    SysRoleSystemDto roleSystem = new SysRoleSystemDto();
    roleSystem.setSystem(system.getId());
    roleSystem.setRole(role.getId());
    roleSystem.setSystemMapping(systemMapping.getId());
    roleSystem = roleSystemService.save(roleSystem);
    SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
    roleSystemFilter.setRoleId(role.getId());
    // role system attributes
    SysRoleSystemAttributeDto roleSystemAttribute = new SysRoleSystemAttributeDto();
    roleSystemAttribute.setRoleSystem(roleSystem.getId());
    roleSystemAttribute.setSystemAttributeMapping(schemaAttributeHandling.getId());
    roleSystemAttribute.setName("name");
    roleSystemAttribute.setIdmPropertyName("name");
    roleSystemAttribute = roleSystemAttributeService.save(roleSystemAttribute);
    assertEquals(systemName, systemService.getByCode(systemName).getName());
    assertEquals(1, schemaObjectClassService.find(objectClassFilter, null).getTotalElements());
    assertEquals(1, schemaAttributeService.find(schemaAttributeFilter, null).getTotalElements());
    assertEquals(1, systemMappingService.find(entityHandlingFilter, null).getTotalElements());
    assertEquals(1, systemAttributeMappingService.find(schemaAttributeHandlingFilter, null).getTotalElements());
    assertEquals(1, roleSystemService.find(roleSystemFilter, null).getTotalElements());
    assertNotNull(roleSystemAttributeService.get(roleSystemAttribute.getId()));
    systemService.delete(system);
    assertNull(systemService.getByCode(systemName));
    assertEquals(0, schemaObjectClassService.find(objectClassFilter, null).getTotalElements());
    assertEquals(0, schemaAttributeService.find(schemaAttributeFilter, null).getTotalElements());
    assertEquals(0, systemMappingService.find(entityHandlingFilter, null).getTotalElements());
    assertEquals(0, systemAttributeMappingService.find(schemaAttributeHandlingFilter, null).getTotalElements());
    assertEquals(0, roleSystemService.find(roleSystemFilter, null).getTotalElements());
    assertNull(roleSystemAttributeService.get(roleSystemAttribute.getId()));
}

Example 17 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class ProvisioningMergeTest method testChangeStrategyAttribteControlledValues.

@Test
public void testChangeStrategyAttribteControlledValues() {
    SysSystemDto system = helper.createSystem("test_resource");
    SysSystemMappingDto mapping = helper.createMapping(system);
    IdmRoleDto roleOne = helper.createRole();
    IdmRoleDto roleTwo = helper.createRole();
    SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
    SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
    SysSchemaObjectClassDto objectClass = schemaService.get(mapping.getObjectClass());
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setObjectClassId(objectClass.getId());
    schemaAttributeService.find(schemaAttributeFilter, null);
    SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
    rightsSchemaAttribute.setObjectClass(objectClass.getId());
    rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsSchemaAttribute.setMultivalued(true);
    rightsSchemaAttribute.setClassType(String.class.getName());
    rightsSchemaAttribute.setReadable(true);
    rightsSchemaAttribute.setUpdateable(true);
    rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
    SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
    rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
    rightsAttribute.setSystemMapping(mapping.getId());
    rightsAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsAttribute.setStrategyType(AttributeMappingStrategyType.MERGE);
    rightsAttribute = attributeMappingService.save(rightsAttribute);
    SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
    roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
    roleAttributeOne.setRoleSystem(roleSystemOne.getId());
    roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
    roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
    List<Serializable> controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
    roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
    roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(2, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    assertTrue(controlledAttributeValues.contains(TWO_VALUE));
    SysAttributeControlledValueFilter attributeControlledValueFilter = new SysAttributeControlledValueFilter();
    attributeControlledValueFilter.setAttributeMappingId(rightsAttribute.getId());
    attributeControlledValueFilter.setHistoricValue(Boolean.TRUE);
    List<Serializable> historicControlledValues = // 
    attributeControlledValueService.find(attributeControlledValueFilter, // 
    null).getContent().stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(historicControlledValues);
    assertEquals(0, historicControlledValues.size());
    // Set attribute TWO as SET (should be disappears from controlled values
    // and appears in the history)
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.SET);
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(1, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    // Search historic controlled values for that attribute
    historicControlledValues = // 
    attributeControlledValueService.find(attributeControlledValueFilter, // 
    null).getContent().stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(historicControlledValues);
    assertEquals(1, historicControlledValues.size());
    assertTrue(historicControlledValues.contains(TWO_VALUE));
    // Set attribute TWO as MERGE (should be appears in controlled values
    // and disappears from the history)
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(2, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    assertTrue(controlledAttributeValues.contains(TWO_VALUE));
    // Manual recalculation (needed for deleting redundant historic value)
    attributeMappingService.recalculateAttributeControlledValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE, rightsAttribute);
    // Search historic controlled values for that attribute
    historicControlledValues = // 
    attributeControlledValueService.find(attributeControlledValueFilter, // 
    null).getContent().stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(historicControlledValues);
    assertEquals(0, historicControlledValues.size());
}

Example 18 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountManagementTest method overloadedAttributeChangePassword.

@Test(expected = ResultCodeException.class)
public void overloadedAttributeChangePassword() {
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    filter.setSystemId(systemService.getByCode(SYSTEM_NAME).getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, PageRequest.of(0, 1, new Sort(Sort.Direction.ASC, AccIdentityAccount_.created.getName()))).getContent();
    TestResource resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
    // Create new password two
    PasswordChangeDto passwordChange = new PasswordChangeDto();
    passwordChange.setAccounts(ImmutableList.of(identityAccounts.get(0).getAccount().toString()));
    passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_TWO));
    passwordChange.setIdm(true);
    // Do change of password for selected accounts
    identityService.passwordChange(identity, passwordChange);
    // Check correct password two
    resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
    Assert.assertEquals("Check same password on target system", IDENTITY_PASSWORD_TWO, resourceAccount.getPassword());
    // Add overloaded password attribute
    IdmRoleDto rolePassword = roleService.getByCode(ROLE_OVERLOADING_PASSWORD);
    SysSystemDto systemDto = systemService.getByCode(SYSTEM_NAME);
    assertNotNull(systemDto);
    SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
    roleSystemFilter.setRoleId(rolePassword.getId());
    roleSystemFilter.setSystemId(systemDto.getId());
    List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
    assertEquals(1, roleSystems.size());
    SysRoleSystemDto roleSystemDto = roleSystems.get(0);
    SysSystemMappingDto systemMapping = helper.getDefaultMapping(systemDto);
    SysSystemAttributeMappingDto attributeHandlingPassword = schemaAttributeHandlingService.findBySystemMappingAndName(systemMapping.getId(), TestHelper.ATTRIBUTE_MAPPING_PASSWORD);
    // Attribute for overloading last name attribute
    SysRoleSystemAttributeDto attributePassword = new SysRoleSystemAttributeDto();
    attributePassword.setEntityAttribute(true);
    attributePassword.setIdmPropertyName("password");
    attributePassword.setConfidentialAttribute(true);
    attributePassword.setName("Overloaded password - add x");
    attributePassword.setRoleSystem(roleSystemDto.getId());
    attributePassword.setSystemAttributeMapping(attributeHandlingPassword.getId());
    attributePassword.setTransformScript("return new " + GuardedString.class.getName() + "(\"x\"+attributeValue.asString());");
    // Since 9.3.0 is not possible override password in role mapping exception will be thrown
    attributePassword = roleSystemAttributeService.save(attributePassword);
}

Example 19 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method initData.

private void initData() {
    SysSystemDto system = createTestSystem();
    List<SysSchemaObjectClassDto> objectClasses = sysSystemService.generateSchema(system);
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername(USERNAME);
    identity.setLastName(USERNAME);
    identity.setPassword(new GuardedString(PASSWORD));
    identity = identityService.save(identity);
    // Create mapped attributes to schema
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setObjectClass(objectClasses.get(0).getId());
    final SysSystemMappingDto entityHandlingResult = systemEntityHandlingService.save(systemMapping);
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    SysSystemAttributeMappingDto attributeHandlingLastName = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingPassword = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingUsername = new SysSystemAttributeMappingDto();
    Page<SysSchemaAttributeDto> schemaAttributesPage = schemaAttributeService.find(schemaAttributeFilter, null);
    for (SysSchemaAttributeDto schemaAttr : schemaAttributesPage) {
        if ("__NAME__".equals(schemaAttr.getName())) {
            attributeHandlingUsername.setUid(true);
            attributeHandlingUsername.setEntityAttribute(true);
            attributeHandlingUsername.setAuthenticationAttribute(true);
            attributeHandlingUsername.setIdmPropertyName("username");
            attributeHandlingUsername.setTransformToResourceScript("if(attributeValue){return \"x\"+ attributeValue;}");
            attributeHandlingUsername.setName(schemaAttr.getName());
            attributeHandlingUsername.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingUsername.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingUsername = schemaAttributeHandlingService.save(attributeHandlingUsername);
        } else if ("lastname".equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingLastName.setIdmPropertyName("lastName");
            attributeHandlingLastName.setName(schemaAttr.getName());
            attributeHandlingLastName.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingLastName.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingLastName = schemaAttributeHandlingService.save(attributeHandlingLastName);
        } else if (IcConnectorFacade.PASSWORD_ATTRIBUTE_NAME.equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingPassword.setIdmPropertyName("password");
            attributeHandlingPassword.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingPassword.setName(schemaAttr.getName());
            attributeHandlingPassword.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingPassword = schemaAttributeHandlingService.save(attributeHandlingPassword);
        }
    }
    // create two roles with same system and different override username
    IdmRoleDto role1 = getHelper().createRole(ROLE_NAME);
    SysRoleSystemDto role1System = new SysRoleSystemDto();
    role1System.setRole(role1.getId());
    role1System.setSystem(system.getId());
    role1System.setSystemMapping(entityHandlingResult.getId());
    role1System = roleSystemService.save(role1System);
    IdmRoleDto role2 = getHelper().createRole(ROLE_NAME + "2");
    role2 = roleService.save(role2);
    SysRoleSystemDto roleSystem2 = new SysRoleSystemDto();
    roleSystem2.setSystem(system.getId());
    roleSystem2.setSystemMapping(entityHandlingResult.getId());
    roleSystem2.setRole(role2.getId());
    roleSystem2 = roleSystemService.save(roleSystem2);
    SysRoleSystemAttributeDto overloadedRole2 = new SysRoleSystemAttributeDto();
    overloadedRole2.setSystemAttributeMapping(attributeHandlingUsername.getId());
    overloadedRole2.setUid(true);
    overloadedRole2.setEntityAttribute(true);
    overloadedRole2.setTransformScript("return \"z" + USERNAME + "\";");
    overloadedRole2.setIdmPropertyName("username");
    overloadedRole2.setName("username");
    overloadedRole2.setRoleSystem(roleSystem2.getId());
    overloadedRole2 = roleSystemAttributeService.save(overloadedRole2);
}

Example 20 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class VsProvisioningMergeTest method createRolesWithSystem.

private List<IdmRoleDto> createRolesWithSystem(SysSystemDto system, int numberOfRoles) {
    List<IdmRoleDto> roles = Lists.newArrayList();
    for (int i = 0; i < numberOfRoles; i++) {
        IdmRoleDto role = helper.createRole();
        String mergeValue = role.getCode();
        SysRoleSystemDto roleSystem = helper.createRoleSystem(role, system);
        SysSystemMappingDto mapping = mappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
        SysSystemAttributeMappingFilter attributeFilter = new SysSystemAttributeMappingFilter();
        attributeFilter.setSystemMappingId(mapping.getId());
        attributeFilter.setSchemaAttributeName(RIGHTS_ATTRIBUTE);
        List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(attributeFilter, null).getContent();
        assertEquals(1, attributes.size());
        SysSystemAttributeMappingDto rightsAttribute = attributes.get(0);
        SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
        roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
        roleAttributeOne.setRoleSystem(roleSystem.getId());
        roleAttributeOne.setEntityAttribute(false);
        roleAttributeOne.setExtendedAttribute(false);
        roleAttributeOne.setUid(false);
        roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
        roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
        roleAttributeOne.setTransformToResourceScript("return '" + mergeValue + "';");
        roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
        roles.add(role);
    }
    return roles;
}