Examples with SysRoleSystemAttributeDto eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto used on opensource projects

Example 36 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class RoleWorkflowAdSyncTest method getSystemAttribute.

/**
 * Returns existing system attribute or null
 *
 * @param attr
 * @return
 */
private SysRoleSystemAttributeDto getSystemAttribute(UUID roleSystem, String attributeName, UUID roleId) {
    SysRoleSystemAttributeFilter filter = new SysRoleSystemAttributeFilter();
    filter.setRoleSystemId(getSysRoleSystem(roleSystem, roleId));
    List<SysRoleSystemAttributeDto> content = roleSystemAttributeService.find(filter, null).getContent();
    for (SysRoleSystemAttributeDto attribute : content) {
        if (attribute.getName().equalsIgnoreCase(attributeName)) {
            return attribute;
        }
    }
    return null;
}

Example 37 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class ComplexHrProcessIntegrationTest method createLdapGroupRoles.

private void createLdapGroupRoles(SysSystemDto system, SysSystemAttributeMappingDto mappingAttr) {
    IdmRoleDto role = roleService.getByCode(adUsersRole);
    SysRoleSystemDto roleSystem = accTestHelper.createRoleSystem(role, system);
    roleSystem.setForwardAccountManagemen(true);
    roleSystem = sysRoleService.save(roleSystem);
    // adding group roles
    Set<String> groupRoles = new HashSet<String>(Arrays.asList(adGroupAllRole, adGroupPkiRole, adGroupDep1Role, adGroupDep2Role, adGroupCons1Role, adGroupCons2Role, adGroupDirectorRole));
    groupRoles.stream().forEach(roleName -> {
        IdmRoleDto roleDto = roleService.getByCode(roleName);
        SysRoleSystemDto roleGroupSystem = accTestHelper.createRoleSystem(roleDto, system);
        // String roleDN = "cn="+roleName + ", " + ldapGroupOU + ", " + ldapBaseOU;
        SysRoleSystemAttributeDto roleSystemAttributeDto = new SysRoleSystemAttributeDto();
        roleSystemAttributeDto.setStrategyType(AttributeMappingStrategyType.MERGE);
        roleSystemAttributeDto.setRoleSystem(roleGroupSystem.getId());
        roleSystemAttributeDto.setSystemAttributeMapping(mappingAttr.getId());
        roleSystemAttributeDto.setSchemaAttribute(mappingAttr.getSchemaAttribute());
        roleSystemAttributeDto.setName(mappingAttr.getName());
        roleSystemAttributeDto.setEntityAttribute(false);
        roleSystemAttributeDto.setExtendedAttribute(false);
        roleSystemAttributeDto.setTransformToResourceScript("return '" + roleName + "';" + System.lineSeparator());
        roleSystemAttributeDto = roleSystemAttributeService.save(roleSystemAttributeDto);
    });
}

Example 38 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class ProvisioningMergeTest method testControlledAndHistoricValuesRemoveMapping.

@Test
public void testControlledAndHistoricValuesRemoveMapping() {
    SysSystemDto system = helper.createSystem("test_resource");
    SysSystemMappingDto mapping = helper.createMapping(system);
    IdmRoleDto roleOne = helper.createRole();
    IdmRoleDto roleTwo = helper.createRole();
    SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
    SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
    SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
    rightsSchemaAttribute.setObjectClass(mapping.getObjectClass());
    rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsSchemaAttribute.setMultivalued(true);
    rightsSchemaAttribute.setClassType(String.class.getName());
    rightsSchemaAttribute.setReadable(true);
    rightsSchemaAttribute.setUpdateable(true);
    rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
    SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
    rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
    rightsAttribute.setSystemMapping(mapping.getId());
    rightsAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsAttribute.setStrategyType(AttributeMappingStrategyType.MERGE);
    rightsAttribute = attributeMappingService.save(rightsAttribute);
    SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
    roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
    roleAttributeOne.setRoleSystem(roleSystemOne.getId());
    roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
    roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
    SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
    roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
    roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    List<Serializable> controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(2, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    assertTrue(controlledAttributeValues.contains(TWO_VALUE));
    attributeMappingService.recalculateAttributeControlledValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE, rightsAttribute);
    SysAttributeControlledValueFilter attributeHistoricalValueFilter = new SysAttributeControlledValueFilter();
    attributeHistoricalValueFilter.setHistoricValue(Boolean.TRUE);
    attributeHistoricalValueFilter.setAttributeMappingId(rightsAttribute.getId());
    List<SysAttributeControlledValueDto> historicAttributeValues = attributeControlledValueService.find(attributeHistoricalValueFilter, null).getContent();
    List<Serializable> onlyValues = // 
    historicAttributeValues.stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(onlyValues);
    assertEquals(0, onlyValues.size());
    // Remove whole mapping (this is different between another tests)
    roleSystemService.delete(roleSystemOne);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(1, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(TWO_VALUE));
    historicAttributeValues = attributeControlledValueService.find(attributeHistoricalValueFilter, null).getContent();
    onlyValues = // 
    historicAttributeValues.stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(onlyValues);
    assertEquals(1, onlyValues.size());
    assertTrue(onlyValues.contains(ONE_VALUE));
    // Remove second whole mapping (this is different between another tests)
    roleSystemService.delete(roleSystemTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(0, controlledAttributeValues.size());
    historicAttributeValues = attributeControlledValueService.find(attributeHistoricalValueFilter, null).getContent();
    onlyValues = // 
    historicAttributeValues.stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(onlyValues);
    assertEquals(2, onlyValues.size());
    assertTrue(onlyValues.contains(ONE_VALUE));
    assertTrue(onlyValues.contains(TWO_VALUE));
}

Example 39 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class ProvisioningMergeTest method testSkipAuthoritativeMergeValueIfContractExcluded.

@Test
public void testSkipAuthoritativeMergeValueIfContractExcluded() {
    SysSystemDto system = helper.createSystem("test_resource");
    SysSystemMappingDto mapping = helper.createMapping(system);
    IdmRoleDto roleOne = helper.createRole();
    IdmRoleDto roleTwo = helper.createRole();
    SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
    SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
    SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
    rightsSchemaAttribute.setObjectClass(mapping.getObjectClass());
    rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsSchemaAttribute.setMultivalued(true);
    rightsSchemaAttribute.setClassType(String.class.getName());
    rightsSchemaAttribute.setReadable(true);
    rightsSchemaAttribute.setUpdateable(true);
    rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
    SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
    rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
    rightsAttribute.setSystemMapping(mapping.getId());
    rightsAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsAttribute.setStrategyType(AttributeMappingStrategyType.AUTHORITATIVE_MERGE);
    rightsAttribute = attributeMappingService.save(rightsAttribute);
    SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
    roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
    roleAttributeOne.setEntityAttribute(false);
    roleAttributeOne.setExtendedAttribute(false);
    roleAttributeOne.setRoleSystem(roleSystemOne.getId());
    roleAttributeOne.setStrategyType(AttributeMappingStrategyType.AUTHORITATIVE_MERGE);
    roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
    roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
    SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
    roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
    roleAttributeTwo.setEntityAttribute(false);
    roleAttributeTwo.setExtendedAttribute(false);
    roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.AUTHORITATIVE_MERGE);
    roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    IdmIdentityDto identity = this.getHelper().createIdentity();
    IdmIdentityContractDto contract = this.getHelper().getPrimeContract(identity);
    // Set contract as excluded
    contract.setState(ContractState.EXCLUDED);
    contract = identityContractService.save(contract);
    assertTrue(contract.isExcluded());
    this.getHelper().createIdentityRole(identity, roleOne);
    this.getHelper().createIdentityRole(identity, roleTwo);
    SysProvisioningOperationFilter operationFilter = new SysProvisioningOperationFilter();
    operationFilter.setEntityIdentifier(identity.getId());
    List<SysProvisioningArchiveDto> archives = provisioningArchiveService.find(operationFilter, PageRequest.of(0, 1, new Sort(Direction.DESC, AbstractEntity_.created.getName()))).getContent();
    assertEquals(1, archives.size());
    SysProvisioningArchiveDto archive = archives.get(0);
    assertEquals(ProvisioningEventType.UPDATE, archive.getOperationType());
    ProvisioningContext provisioningContext = archive.getProvisioningContext();
    Map<ProvisioningAttributeDto, Object> accountObject = provisioningContext.getAccountObject();
    Entry<ProvisioningAttributeDto, Object> attributeEntry = accountObject.entrySet().stream().filter(entry -> RIGHTS_ATTRIBUTE.equals(entry.getKey().getSchemaAttributeName())).findFirst().get();
    List<?> values = (List<?>) attributeEntry.getValue();
    assertEquals(2, values.size());
    // Set attribute TWO to skip value if contract is excluded
    roleAttributeTwo.setSkipValueIfExcluded(true);
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    // Save identity -> execute provisioning
    identityService.save(identity);
    archives = provisioningArchiveService.find(operationFilter, PageRequest.of(0, 1, new Sort(Direction.DESC, AbstractEntity_.created.getName()))).getContent();
    assertEquals(1, archives.size());
    archive = archives.get(0);
    assertEquals(ProvisioningEventType.UPDATE, archive.getOperationType());
    provisioningContext = archive.getProvisioningContext();
    accountObject = provisioningContext.getAccountObject();
    attributeEntry = // 
    accountObject.entrySet().stream().filter(// 
    entry -> RIGHTS_ATTRIBUTE.equals(entry.getKey().getSchemaAttributeName())).findFirst().get();
    values = (List<?>) attributeEntry.getValue();
    assertEquals(1, values.size());
    assertEquals(ONE_VALUE, values.get(0));
    // Set contract as not excluded
    contract.setState(null);
    contract = identityContractService.save(contract);
    assertFalse(contract.isExcluded());
    // Save identity -> execute provisioning
    identityService.save(identity);
    archives = provisioningArchiveService.find(operationFilter, PageRequest.of(0, 1, new Sort(Direction.DESC, AbstractEntity_.created.getName()))).getContent();
    assertEquals(1, archives.size());
    archive = archives.get(0);
    assertEquals(ProvisioningEventType.UPDATE, archive.getOperationType());
    provisioningContext = archive.getProvisioningContext();
    accountObject = provisioningContext.getAccountObject();
    attributeEntry = // 
    accountObject.entrySet().stream().filter(// 
    entry -> RIGHTS_ATTRIBUTE.equals(entry.getKey().getSchemaAttributeName())).findFirst().get();
    values = (List<?>) attributeEntry.getValue();
    assertEquals(2, values.size());
}

Example 40 with SysRoleSystemAttributeDto

use of eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto in project CzechIdMng by bcvsolutions.

the class ProvisioningMergeTest method testCachedControlledAndHistoricValues.

@Test
public void testCachedControlledAndHistoricValues() {
    SysSystemDto system = helper.createSystem("test_resource");
    SysSystemMappingDto mapping = helper.createMapping(system);
    IdmRoleDto roleOne = helper.createRole();
    IdmRoleDto roleTwo = helper.createRole();
    SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
    SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
    SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
    rightsSchemaAttribute.setObjectClass(mapping.getObjectClass());
    rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsSchemaAttribute.setMultivalued(true);
    rightsSchemaAttribute.setClassType(String.class.getName());
    rightsSchemaAttribute.setReadable(true);
    rightsSchemaAttribute.setUpdateable(true);
    rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
    SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
    rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
    rightsAttribute.setSystemMapping(mapping.getId());
    rightsAttribute.setName(RIGHTS_ATTRIBUTE);
    rightsAttribute.setStrategyType(AttributeMappingStrategyType.MERGE);
    rightsAttribute = attributeMappingService.save(rightsAttribute);
    SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
    roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
    roleAttributeOne.setRoleSystem(roleSystemOne.getId());
    roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
    roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
    List<Serializable> controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
    roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
    roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
    roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
    roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
    roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(2, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    assertTrue(controlledAttributeValues.contains(TWO_VALUE));
    SysAttributeControlledValueFilter attributeControlledValueFilter = new SysAttributeControlledValueFilter();
    attributeControlledValueFilter.setAttributeMappingId(rightsAttribute.getId());
    attributeControlledValueFilter.setHistoricValue(Boolean.TRUE);
    List<Serializable> historicControlledValues = // 
    attributeControlledValueService.find(attributeControlledValueFilter, // 
    null).getContent().stream().map(// 
    SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
    assertNotNull(historicControlledValues);
    assertEquals(0, historicControlledValues.size());
    // Manual recalculation
    attributeMappingService.recalculateAttributeControlledValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE, rightsAttribute);
    // Check cached controlled and historic values (results are controlled and
    // historic values in one lists)
    List<Serializable> cachedControlledAndHistoricAttributeValues = attributeMappingService.getCachedControlledAndHistoricAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(cachedControlledAndHistoricAttributeValues);
    assertEquals(2, cachedControlledAndHistoricAttributeValues.size());
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(ONE_VALUE));
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(TWO_VALUE));
    // Change value definition on attribute TWO (should be changed in controlled
    // values
    // and old value appears in the history)
    roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "Changed';");
    roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
    controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(controlledAttributeValues);
    assertEquals(2, controlledAttributeValues.size());
    assertTrue(controlledAttributeValues.contains(ONE_VALUE));
    assertTrue(controlledAttributeValues.contains(TWO_VALUE + "Changed"));
    // Search historic controlled values for that attribute
    List<SysAttributeControlledValueDto> historicControlledValueDtos = // 
    attributeControlledValueService.find(attributeControlledValueFilter, // 
    null).getContent();
    assertNotNull(historicControlledValueDtos);
    assertEquals(1, historicControlledValueDtos.size());
    assertTrue(historicControlledValueDtos.get(0).getValue().equals(TWO_VALUE));
    // Manual recalculation (needed for deleting redundant historic value)
    attributeMappingService.recalculateAttributeControlledValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE, rightsAttribute);
    // Check cached controlled and historic values (results are controlled and
    // historic values in one lists)
    cachedControlledAndHistoricAttributeValues = attributeMappingService.getCachedControlledAndHistoricAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(cachedControlledAndHistoricAttributeValues);
    assertEquals(3, cachedControlledAndHistoricAttributeValues.size());
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(ONE_VALUE));
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(TWO_VALUE));
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(TWO_VALUE + "Changed"));
    // Delete historic value TWO. Should be disappear from the cached values
    attributeControlledValueService.delete(historicControlledValueDtos.get(0));
    cachedControlledAndHistoricAttributeValues = attributeMappingService.getCachedControlledAndHistoricAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
    assertNotNull(cachedControlledAndHistoricAttributeValues);
    assertEquals(2, cachedControlledAndHistoricAttributeValues.size());
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(ONE_VALUE));
    assertTrue(cachedControlledAndHistoricAttributeValues.contains(TWO_VALUE + "Changed"));
}