Search in sources :

Example 6 with SysSyncItemLogDto

use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method removeSystemEntityWishIfPossible.

/**
 * Removes the flag "wish" from system entity, if the flag is true and removing
 * the flag is possible and safe = it won't lead to any unwanted linking: A) The
 * system entity wasn't linked to any IdM entity before this synchronization.
 * It's just some relic of previous operations in IdM. The entity on the system
 * exists, so we will correct the information that it is only Wish (because it
 * really exists). B) The system entity is linked to IdM entity and automapping
 * existing accounts is allowed. This can happen when identity had been assigned
 * a role, but provisioning hadn't been executed yet for some reason (read-only
 * system, error,...). Since automapping is enabled, we can remove the flag, so
 * following provisioning will be Update and not Create.
 *
 * @param systemEntity The system entity which will be processed
 * @param existingLink If the link (AccAccount) already exists for this system
 * entity
 * @param context
 * @return Updated system entity
 */
private SysSystemEntityDto removeSystemEntityWishIfPossible(SysSystemEntityDto systemEntity, boolean existingLink, SynchronizationContext context) {
    if (systemEntity == null || !systemEntity.isWish()) {
        return systemEntity;
    }
    SysSyncItemLogDto logItem = context.getLogItem();
    if (existingLink && !provisioningConfiguration.isAllowedAutoMappingOnExistingAccount()) {
        addToItemLog(logItem, MessageFormat.format("WARNING: Existing system entity ({0}) has the flag Wish, which means it was neither created by IdM nor linked by synchronization. " + "But account for this entity already exists and it is linked to IdM entity [{1}]." + "Auto mapping of existing accounts is not allowed by property [{2}]. " + "We will not remove the flag Wish, because that would effectively complete the auto mapping.", systemEntity.getUid(), context.getEntityId(), ProvisioningConfiguration.PROPERTY_ALLOW_AUTO_MAPPING_ON_EXISTING_ACCOUNT));
        initSyncActionLog(context.getActionType(), OperationResultType.WARNING, logItem, context.getLog(), context.getActionLogs());
        return systemEntity;
    }
    addToItemLog(logItem, MessageFormat.format("Existing system entity [{0}] has the flag Wish, we can safely remove it (the system entity really exists).", systemEntity.getUid()));
    systemEntity.setWish(false);
    return systemEntityService.save(systemEntity);
}
Also used : SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)

Example 7 with SysSyncItemLogDto

use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method doUpdateEntity.

/**
 * Fill data from IC attributes to entity (EAV and confidential storage too)
 *
 * @param context
 */
protected void doUpdateEntity(SynchronizationContext context) {
    String uid = context.getUid();
    SysSyncLogDto log = context.getLog();
    SysSyncItemLogDto logItem = context.getLogItem();
    if (context.isSkipEntityUpdate()) {
        addToItemLog(logItem, MessageFormat.format("Update of entity for account with uid [{0}] is skipped", uid));
        return;
    }
    List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
    List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
    AccAccountDto account = context.getAccount();
    List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
    // Find entity ID, first try entity ID in the context then load by account
    UUID entityId = context.getEntityId();
    if (entityId == null && account != null) {
        entityId = getEntityByAccount(account.getId());
    }
    DTO entity = null;
    if (entityId != null) {
        entity = this.getService().get(entityId);
    }
    if (entity != null) {
        // Fill entity
        entity = fillEntity(mappedAttributes, uid, icAttributes, entity, false, context);
        // Fill extended attributes to the entity. EAV attributes will be saved within entity.
        if (entity instanceof FormableDto) {
            FormableDto formableDto = (FormableDto) entity;
            formableDto.getEavs().clear();
            IdmFormInstanceDto formInstanceDto = fillExtendedAttributes(mappedAttributes, uid, icAttributes, entity, false, context);
            formableDto.getEavs().add(formInstanceDto);
        }
        // Update entity
        if (context.isEntityDifferent()) {
            entity = this.save(entity, true, context);
        }
        // Entity updated
        addToItemLog(logItem, MessageFormat.format("Entity with id [{0}] was updated", entity.getId()));
        if (logItem != null) {
            logItem.setDisplayName(this.getDisplayNameForEntity(entity));
        }
        SystemEntityType entityType = context.getEntityType();
        if (context.isEntityDifferent() && this.isProvisioningImplemented(entityType, logItem) && !context.isSkipProvisioning()) {
            // Call provisioning for this entity
            callProvisioningForEntity(entity, entityType, logItem);
        }
        // Add updated entity to the context
        context.addEntityDto(entity);
    } else {
        addToItemLog(logItem, "Warning! - Entity-account relation (with ownership = true) was not found!");
        initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
    }
}
Also used : IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) FormableDto(eu.bcvsolutions.idm.core.api.dto.FormableDto) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) UUID(java.util.UUID) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)

Example 8 with SysSyncItemLogDto

use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method resolveMissingEntitySituation.

/**
 * Method for resolve missing entity situation for one item.
 *
 * @param actionType
 * @param context
 */
@Override
public void resolveMissingEntitySituation(SynchronizationMissingEntityActionType actionType, SynchronizationContext context) {
    String uid = context.getUid();
    SystemEntityType entityType = context.getEntityType();
    SysSystemDto system = context.getSystem();
    SysSyncLogDto log = context.getLog();
    SysSyncItemLogDto logItem = context.getLogItem();
    List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
    List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
    List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
    addToItemLog(logItem, "Account and entity don't exist (missing entity).");
    switch(actionType) {
        case IGNORE:
            // Ignore we will do nothing
            addToItemLog(logItem, "Missing entity action is IGNORE, we will do nothing.");
            initSyncActionLog(SynchronizationActionType.MISSING_ENTITY, OperationResultType.IGNORE, logItem, log, actionLogs);
            return;
        case CREATE_ENTITY:
            // We don't want compute different in create entity situation.
            context.setIsEntityDifferent(true);
            // Generate UID value from mapped attribute marked as UID (Unique
            // ID).
            // UID mapped attribute must exist and returned value must be not
            // null and must be String
            String attributeUid = this.generateUID(context);
            // Create idm account
            AccAccountDto account = doCreateIdmAccount(attributeUid, system);
            // Find and set SystemEntity (must exist)
            account.setSystemEntity(this.findSystemEntity(uid, system, entityType).getId());
            // Apply specific settings - check, if the account and the entity can be created
            account = this.applySpecificSettingsBeforeLink(account, null, context);
            if (account == null) {
                return;
            }
            account = accountService.save(account);
            // Create new entity
            doCreateEntity(entityType, mappedAttributes, logItem, uid, icAttributes, account, context);
            initSyncActionLog(SynchronizationActionType.CREATE_ENTITY, OperationResultType.SUCCESS, logItem, log, actionLogs);
    }
}
Also used : SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)

Example 9 with SysSyncItemLogDto

use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.

the class DefaultSysSyncActionLogService method save.

@Override
public SysSyncActionLogDto save(SysSyncActionLogDto dto, BasePermission... permission) {
    Assert.notNull(dto, "DTO is required.");
    // 
    if (!ObjectUtils.isEmpty(permission)) {
        SysSyncActionLog persistEntity = null;
        if (dto.getId() != null) {
            persistEntity = this.getEntity(dto.getId());
            if (persistEntity != null) {
                // check access on previous entity - update is needed
                checkAccess(persistEntity, IdmBasePermission.UPDATE);
            }
        }
        // TODO: remove one checkAccess?
        checkAccess(toEntity(dto, persistEntity), permission);
    }
    // 
    // save
    SysSyncActionLogDto newDto = saveInternal(dto);
    // iterate over all log items
    for (SysSyncItemLogDto item : dto.getLogItems()) {
        item.setSyncActionLog(newDto.getId());
        item = syncItemLogService.save(item);
        newDto.addLogItems(item);
    }
    return newDto;
}
Also used : SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) SysSyncActionLog(eu.bcvsolutions.idm.acc.entity.SysSyncActionLog) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)

Example 10 with SysSyncItemLogDto

use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.

the class AbstractSynchronizationExecutor method handleIcObject.

/**
 * Handle IC connector object
 *
 * @param itemContext
 * @return
 */
protected boolean handleIcObject(SynchronizationContext itemContext) {
    Assert.notNull(itemContext, "Item context is required.");
    IcConnectorObject icObject = itemContext.getIcObject();
    AbstractSysSyncConfigDto config = itemContext.getConfig();
    SysSyncLogDto log = itemContext.getLog();
    AttributeMapping tokenAttribute = itemContext.getTokenAttribute();
    SysSyncItemLogDto itemLog = new SysSyncItemLogDto();
    // Synchronization by custom filter not supported DELETE
    // event
    IcSyncDeltaTypeEnum type = IcSyncDeltaTypeEnum.CREATE_OR_UPDATE;
    itemContext.addLogItem(itemLog).addType(type);
    // Find token by token attribute
    // For Reconciliation can be token attribute null
    Object tokenObj = null;
    if (tokenAttribute != null) {
        tokenObj = getValueByMappedAttribute(tokenAttribute, icObject.getAttributes(), itemContext);
    }
    // Token is saved in Sync as String, therefore we transform token (from
    // IcObject) to String too.
    String token = tokenObj != null ? tokenObj.toString() : null;
    // grater token to config and log.
    if (token != null && config.getToken() != null && token.compareTo(config.getToken()) <= -1) {
        token = config.getToken();
    }
    // Save token
    log.setToken(token);
    if (!config.isReconciliation()) {
        config.setToken(token);
    }
    boolean result = startItemSynchronization(itemContext);
    // sync or LRT)
    return updateAndCheckState(result, log);
}
Also used : AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) IcSyncDeltaTypeEnum(eu.bcvsolutions.idm.ic.impl.IcSyncDeltaTypeEnum) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)

Aggregations

SysSyncItemLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)60 SysSyncActionLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto)43 SysSyncLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncLogDto)43 AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)38 SysSyncActionLogFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncActionLogFilter)29 SysSyncItemLogFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncItemLogFilter)27 SysSyncLogFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncLogFilter)26 SysSyncConfigFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter)24 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)24 Test (org.junit.Test)24 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)20 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)19 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)17 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)16 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)13 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)12 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)11 UUID (java.util.UUID)11 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)10 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)10