Examples with SysSchemaObjectClassDto eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto used on opensource projects

Example 21 with SysSchemaObjectClassDto

use of eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method initData.

private void initData() {
    SysSystemDto system = createTestSystem();
    List<SysSchemaObjectClassDto> objectClasses = sysSystemService.generateSchema(system);
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername(USERNAME);
    identity.setLastName(USERNAME);
    identity.setPassword(new GuardedString(PASSWORD));
    identity = identityService.save(identity);
    // Create mapped attributes to schema
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setObjectClass(objectClasses.get(0).getId());
    final SysSystemMappingDto entityHandlingResult = systemEntityHandlingService.save(systemMapping);
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    SysSystemAttributeMappingDto attributeHandlingLastName = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingPassword = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingUsername = new SysSystemAttributeMappingDto();
    Page<SysSchemaAttributeDto> schemaAttributesPage = schemaAttributeService.find(schemaAttributeFilter, null);
    for (SysSchemaAttributeDto schemaAttr : schemaAttributesPage) {
        if ("__NAME__".equals(schemaAttr.getName())) {
            attributeHandlingUsername.setUid(true);
            attributeHandlingUsername.setEntityAttribute(true);
            attributeHandlingUsername.setAuthenticationAttribute(true);
            attributeHandlingUsername.setIdmPropertyName("username");
            attributeHandlingUsername.setTransformToResourceScript("if(attributeValue){return \"x\"+ attributeValue;}");
            attributeHandlingUsername.setName(schemaAttr.getName());
            attributeHandlingUsername.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingUsername.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingUsername = schemaAttributeHandlingService.save(attributeHandlingUsername);
        } else if ("lastname".equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingLastName.setIdmPropertyName("lastName");
            attributeHandlingLastName.setName(schemaAttr.getName());
            attributeHandlingLastName.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingLastName.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingLastName = schemaAttributeHandlingService.save(attributeHandlingLastName);
        } else if (IcConnectorFacade.PASSWORD_ATTRIBUTE_NAME.equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingPassword.setIdmPropertyName("password");
            attributeHandlingPassword.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingPassword.setName(schemaAttr.getName());
            attributeHandlingPassword.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingPassword = schemaAttributeHandlingService.save(attributeHandlingPassword);
        }
    }
    // create two roles with same system and different override username
    IdmRoleDto role1 = new IdmRoleDto();
    role1.setName(ROLE_NAME);
    role1 = roleService.save(role1);
    SysRoleSystemDto role1System = new SysRoleSystemDto();
    role1System.setRole(role1.getId());
    role1System.setSystem(system.getId());
    role1System.setSystemMapping(entityHandlingResult.getId());
    role1System = roleSystemService.save(role1System);
    IdmRoleDto role2 = new IdmRoleDto();
    role2.setName(ROLE_NAME + "2");
    role2 = roleService.save(role2);
    SysRoleSystemDto roleSystem2 = new SysRoleSystemDto();
    roleSystem2.setSystem(system.getId());
    roleSystem2.setSystemMapping(entityHandlingResult.getId());
    roleSystem2.setRole(role2.getId());
    roleSystem2 = roleSystemService.save(roleSystem2);
    SysRoleSystemAttributeDto overloadedRole2 = new SysRoleSystemAttributeDto();
    overloadedRole2.setSystemAttributeMapping(attributeHandlingUsername.getId());
    overloadedRole2.setUid(true);
    overloadedRole2.setEntityAttribute(true);
    overloadedRole2.setTransformScript("return \"z" + USERNAME + "\";");
    overloadedRole2.setIdmPropertyName("username");
    overloadedRole2.setName("username");
    overloadedRole2.setRoleSystem(roleSystem2.getId());
    overloadedRole2 = roleSystemAttributeService.save(overloadedRole2);
}

Example 22 with SysSchemaObjectClassDto

use of eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto in project CzechIdMng by bcvsolutions.

the class CoreReferentialIntegrityIntegrationTest method testRoleReferentialIntegrity.

@Test
public void testRoleReferentialIntegrity() {
    IdmRoleDto role = helper.createRole();
    // role systems
    SysSystemDto system = new SysSystemDto();
    system.setName("system_" + System.currentTimeMillis());
    system = systemService.save(system);
    // schema
    SysSchemaObjectClassDto objectClass = new SysSchemaObjectClassDto();
    objectClass.setSystem(system.getId());
    objectClass.setObjectClassName("__ACCOUNT__");
    objectClass = schemaObjectClassService.save(objectClass);
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setObjectClass(objectClass.getId());
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping = systemEntityHandlingService.save(systemMapping);
    SysRoleSystemDto roleSystem = new SysRoleSystemDto();
    roleSystem.setSystem(system.getId());
    roleSystem.setRole(role.getId());
    roleSystem.setSystemMapping(systemMapping.getId());
    roleSystemService.save(roleSystem);
    SysRoleSystemFilter filter = new SysRoleSystemFilter();
    filter.setRoleId(role.getId());
    assertNotNull(roleService.getByCode(role.getName()));
    assertEquals(1, roleSystemService.find(filter, null).getTotalElements());
    roleService.delete(role);
    assertNull(roleService.getByCode(role.getName()));
    assertEquals(0, roleSystemService.find(filter, null).getTotalElements());
}

Example 23 with SysSchemaObjectClassDto

use of eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method prepareProvisioning.

private SysProvisioningOperationDto prepareProvisioning(SysSystemEntityDto systemEntity, DTO dto, UUID entityId, ProvisioningOperationType operationType, List<? extends AttributeMapping> attributes) {
    Assert.notNull(systemEntity);
    Assert.notNull(systemEntity.getUid());
    Assert.notNull(systemEntity.getEntityType());
    SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
    Assert.notNull(system);
    // If are input attributes null, then we load default mapped attributes
    if (attributes == null) {
        attributes = findAttributeMappings(system, systemEntity.getEntityType());
    }
    if (attributes == null || attributes.isEmpty()) {
        return null;
    }
    // Find connector identification persisted in system
    IcConnectorKey connectorKey = system.getConnectorKey();
    if (connectorKey == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // Find connector configuration persisted in system
    IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(system);
    if (connectorConfig == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // One IDM object can be mapped to one connector object (= one connector
    // class).
    SysSystemMappingDto mapping = getMapping(system, systemEntity.getEntityType());
    if (mapping == null) {
        // TODO: delete operation?
        return null;
    }
    // 
    Map<ProvisioningAttributeDto, Object> accountAttributes = prepareMappedAttributesValues(dto, operationType, systemEntity, attributes);
    // public provisioning event
    SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
    IcConnectorObject connectorObject = new IcConnectorObjectImpl(systemEntity.getUid(), new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName()), null);
    SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(operationType).setSystemEntity(systemEntity).setEntityIdentifier(entityId).setProvisioningContext(new ProvisioningContext(accountAttributes, connectorObject));
    // 
    return operationBuilder.build();
}

Example 24 with SysSchemaObjectClassDto

use of eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method createAccountsForAllSystems.

@Override
public void createAccountsForAllSystems(DTO dto) {
    SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
    List<SysSystemMappingDto> systemMappings = findSystemMappingsForEntityType(dto, entityType);
    systemMappings.forEach(mapping -> {
        SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
        UUID systemId = schemaObjectClassDto.getSystem();
        UUID accountId = this.getAccountByEntity(dto.getId(), systemId);
        if (accountId != null) {
            // We already have account for this system -> next
            return;
        }
        SysSystemDto system = DtoUtils.getEmbedded(schemaObjectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
        List<SysSystemAttributeMappingDto> mappedAttributes = attributeMappingService.findBySystemMapping(mapping);
        SysSystemAttributeMappingDto uidAttribute = attributeMappingService.getUidAttribute(mappedAttributes, system);
        String uid = attributeMappingService.generateUid(dto, uidAttribute);
        // Account management - can be the account created? - execute the script on the system mapping
        if (!this.canBeAccountCreated(uid, dto, mapping, system)) {
            String entityStr = dto.toString();
            if (dto instanceof Codeable) {
                entityStr = ((Codeable) dto).getCode();
            }
            LOG.info(MessageFormat.format("For entity [{0}] and entity type [{1}] cannot be created the account (on system [{2}])," + " because script \"Can be account created\" on the mapping returned \"false\"!", entityStr, entityType, system.getName()));
            return;
        }
        // Create AccAccount and relation between account and entity
        createEntityAccount(uid, dto.getId(), systemId);
    });
}

Example 25 with SysSchemaObjectClassDto

use of eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method process.

@Override
public AbstractSysSyncConfigDto process(UUID synchronizationConfigId) {
    // Clear cache
    this.clearCache();
    // Validate and create basic context
    SynchronizationContext context = this.validate(synchronizationConfigId);
    AbstractSysSyncConfigDto config = context.getConfig();
    SystemEntityType entityType = context.getEntityType();
    SysSystemDto system = context.getSystem();
    IcConnectorConfiguration connectorConfig = context.getConnectorConfig();
    SysSystemMappingDto systemMapping = systemMappingService.get(config.getSystemMapping());
    SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(systemMapping.getObjectClass());
    IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
    // Load last token
    Object lastToken = config.isReconciliation() ? null : config.getToken();
    IcSyncToken lastIcToken = lastToken != null ? new IcSyncTokenImpl(lastToken) : null;
    // Create basic synchronization log
    SysSyncLogDto log = new SysSyncLogDto();
    log.setSynchronizationConfig(config.getId());
    log.setStarted(LocalDateTime.now());
    log.setRunning(true);
    log.setToken(lastToken != null ? lastToken.toString() : null);
    log.addToLog(MessageFormat.format("Synchronization was started in {0}.", log.getStarted()));
    // List of all accounts keys (used in reconciliation)
    Set<String> systemAccountsList = new HashSet<>();
    // TODO: Export is not fully implemented (FE, configuration and Groovy
    // part missing)
    boolean export = false;
    longRunningTaskExecutor.setCounter(0L);
    try {
        log = synchronizationLogService.save(log);
        List<SysSyncActionLogDto> actionsLog = new ArrayList<>();
        // add logs to context
        context.addLog(log).addActionLogs(actionsLog);
        if (export) {
            // Start exporting entities to resource
            log.addToLog("Exporting entities to resource started...");
            this.startExport(entityType, config, context.getMappedAttributes(), log, actionsLog);
        } else if (config.isCustomFilter() || config.isReconciliation()) {
            // Custom filter Sync
            log.addToLog("Synchronization will use custom filter (not synchronization implemented in connector).");
            AttributeMapping tokenAttribute = null;
            if (config.getTokenAttribute() != null) {
                tokenAttribute = systemAttributeMappingService.get(config.getTokenAttribute());
            }
            if (tokenAttribute == null && !config.isReconciliation()) {
                throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TOKEN_ATTRIBUTE_NOT_FOUND);
            }
            context.addTokenAttribute(tokenAttribute);
            // Resolve filter for custom search
            IcFilter filter = resolveSynchronizationFilter(config);
            log.addToLog(MessageFormat.format("Start search with filter {0}.", filter != null ? filter : "NONE"));
            connectorFacade.search(system.getConnectorInstance(), connectorConfig, objectClass, filter, new DefaultResultHandler(context, systemAccountsList));
        } else {
            // Inner Sync
            log.addToLog("Synchronization will use inner connector synchronization implementation.");
            DefalutSyncResultHandler syncResultsHandler = new DefalutSyncResultHandler(context, systemAccountsList);
            connectorFacade.synchronization(system.getConnectorInstance(), connectorConfig, objectClass, lastIcToken, syncResultsHandler);
        }
        // We do reconciliation (find missing account)
        if (config.isReconciliation() && log.isRunning()) {
            startReconciliation(entityType, systemAccountsList, config, system, log, actionsLog);
        }
        // Sync is correctly ends if wasn't cancelled
        if (log.isRunning()) {
            log = syncCorrectlyEnded(log, context);
        }
        config = synchronizationConfigService.save(config);
    } catch (Exception e) {
        String message = "Error during synchronization";
        log.addToLog(message);
        log.setContainsError(true);
        log.addToLog(Throwables.getStackTraceAsString(e));
        LOG.error(message, e);
    } finally {
        log.setRunning(false);
        log.setEnded(LocalDateTime.now());
        log = synchronizationLogService.save(log);
        // 
        longRunningTaskExecutor.setCount(longRunningTaskExecutor.getCounter());
        longRunningTaskExecutor.updateState();
        // Clear cache
        this.clearCache();
    }
    return config;
}