use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method removeSystemEntityWishIfPossible.
/**
* Removes the flag "wish" from system entity, if the flag is true and removing
* the flag is possible and safe = it won't lead to any unwanted linking: A) The
* system entity wasn't linked to any IdM entity before this synchronization.
* It's just some relic of previous operations in IdM. The entity on the system
* exists, so we will correct the information that it is only Wish (because it
* really exists). B) The system entity is linked to IdM entity and automapping
* existing accounts is allowed. This can happen when identity had been assigned
* a role, but provisioning hadn't been executed yet for some reason (read-only
* system, error,...). Since automapping is enabled, we can remove the flag, so
* following provisioning will be Update and not Create.
*
* @param systemEntity The system entity which will be processed
* @param existingLink If the link (AccAccount) already exists for this system
* entity
* @param context
* @return Updated system entity
*/
private SysSystemEntityDto removeSystemEntityWishIfPossible(SysSystemEntityDto systemEntity, boolean existingLink, SynchronizationContext context) {
if (systemEntity == null || !systemEntity.isWish()) {
return systemEntity;
}
SysSyncItemLogDto logItem = context.getLogItem();
if (existingLink && !provisioningConfiguration.isAllowedAutoMappingOnExistingAccount()) {
addToItemLog(logItem, MessageFormat.format("WARNING: Existing system entity ({0}) has the flag Wish, which means it was neither created by IdM nor linked by synchronization. " + "But account for this entity already exists and it is linked to IdM entity [{1}]." + "Auto mapping of existing accounts is not allowed by property [{2}]. " + "We will not remove the flag Wish, because that would effectively complete the auto mapping.", systemEntity.getUid(), context.getEntityId(), ProvisioningConfiguration.PROPERTY_ALLOW_AUTO_MAPPING_ON_EXISTING_ACCOUNT));
initSyncActionLog(context.getActionType(), OperationResultType.WARNING, logItem, context.getLog(), context.getActionLogs());
return systemEntity;
}
addToItemLog(logItem, MessageFormat.format("Existing system entity [{0}] has the flag Wish, we can safely remove it (the system entity really exists).", systemEntity.getUid()));
systemEntity.setWish(false);
return systemEntityService.save(systemEntity);
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method doUpdateEntity.
/**
* Fill data from IC attributes to entity (EAV and confidential storage too)
*
* @param context
*/
protected void doUpdateEntity(SynchronizationContext context) {
String uid = context.getUid();
SysSyncLogDto log = context.getLog();
SysSyncItemLogDto logItem = context.getLogItem();
if (context.isSkipEntityUpdate()) {
addToItemLog(logItem, MessageFormat.format("Update of entity for account with uid [{0}] is skipped", uid));
return;
}
List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
AccAccountDto account = context.getAccount();
List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
// Find entity ID, first try entity ID in the context then load by account
UUID entityId = context.getEntityId();
if (entityId == null && account != null) {
entityId = getEntityByAccount(account.getId());
}
DTO entity = null;
if (entityId != null) {
entity = this.getService().get(entityId);
}
if (entity != null) {
// Fill entity
entity = fillEntity(mappedAttributes, uid, icAttributes, entity, false, context);
// Fill extended attributes to the entity. EAV attributes will be saved within entity.
if (entity instanceof FormableDto) {
FormableDto formableDto = (FormableDto) entity;
formableDto.getEavs().clear();
IdmFormInstanceDto formInstanceDto = fillExtendedAttributes(mappedAttributes, uid, icAttributes, entity, false, context);
formableDto.getEavs().add(formInstanceDto);
}
// Update entity
if (context.isEntityDifferent()) {
entity = this.save(entity, true, context);
}
// Entity updated
addToItemLog(logItem, MessageFormat.format("Entity with id [{0}] was updated", entity.getId()));
if (logItem != null) {
logItem.setDisplayName(this.getDisplayNameForEntity(entity));
}
SystemEntityType entityType = context.getEntityType();
if (context.isEntityDifferent() && this.isProvisioningImplemented(entityType, logItem) && !context.isSkipProvisioning()) {
// Call provisioning for this entity
callProvisioningForEntity(entity, entityType, logItem);
}
// Add updated entity to the context
context.addEntityDto(entity);
} else {
addToItemLog(logItem, "Warning! - Entity-account relation (with ownership = true) was not found!");
initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
}
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method resolveMissingEntitySituation.
/**
* Method for resolve missing entity situation for one item.
*
* @param actionType
* @param context
*/
@Override
public void resolveMissingEntitySituation(SynchronizationMissingEntityActionType actionType, SynchronizationContext context) {
String uid = context.getUid();
SystemEntityType entityType = context.getEntityType();
SysSystemDto system = context.getSystem();
SysSyncLogDto log = context.getLog();
SysSyncItemLogDto logItem = context.getLogItem();
List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
addToItemLog(logItem, "Account and entity don't exist (missing entity).");
switch(actionType) {
case IGNORE:
// Ignore we will do nothing
addToItemLog(logItem, "Missing entity action is IGNORE, we will do nothing.");
initSyncActionLog(SynchronizationActionType.MISSING_ENTITY, OperationResultType.IGNORE, logItem, log, actionLogs);
return;
case CREATE_ENTITY:
// We don't want compute different in create entity situation.
context.setIsEntityDifferent(true);
// Generate UID value from mapped attribute marked as UID (Unique
// ID).
// UID mapped attribute must exist and returned value must be not
// null and must be String
String attributeUid = this.generateUID(context);
// Create idm account
AccAccountDto account = doCreateIdmAccount(attributeUid, system);
// Find and set SystemEntity (must exist)
account.setSystemEntity(this.findSystemEntity(uid, system, entityType).getId());
// Apply specific settings - check, if the account and the entity can be created
account = this.applySpecificSettingsBeforeLink(account, null, context);
if (account == null) {
return;
}
account = accountService.save(account);
// Create new entity
doCreateEntity(entityType, mappedAttributes, logItem, uid, icAttributes, account, context);
initSyncActionLog(SynchronizationActionType.CREATE_ENTITY, OperationResultType.SUCCESS, logItem, log, actionLogs);
}
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class DefaultSysSyncActionLogService method save.
@Override
public SysSyncActionLogDto save(SysSyncActionLogDto dto, BasePermission... permission) {
Assert.notNull(dto, "DTO is required.");
//
if (!ObjectUtils.isEmpty(permission)) {
SysSyncActionLog persistEntity = null;
if (dto.getId() != null) {
persistEntity = this.getEntity(dto.getId());
if (persistEntity != null) {
// check access on previous entity - update is needed
checkAccess(persistEntity, IdmBasePermission.UPDATE);
}
}
// TODO: remove one checkAccess?
checkAccess(toEntity(dto, persistEntity), permission);
}
//
// save
SysSyncActionLogDto newDto = saveInternal(dto);
// iterate over all log items
for (SysSyncItemLogDto item : dto.getLogItems()) {
item.setSyncActionLog(newDto.getId());
item = syncItemLogService.save(item);
newDto.addLogItems(item);
}
return newDto;
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method handleIcObject.
/**
* Handle IC connector object
*
* @param itemContext
* @return
*/
protected boolean handleIcObject(SynchronizationContext itemContext) {
Assert.notNull(itemContext, "Item context is required.");
IcConnectorObject icObject = itemContext.getIcObject();
AbstractSysSyncConfigDto config = itemContext.getConfig();
SysSyncLogDto log = itemContext.getLog();
AttributeMapping tokenAttribute = itemContext.getTokenAttribute();
SysSyncItemLogDto itemLog = new SysSyncItemLogDto();
// Synchronization by custom filter not supported DELETE
// event
IcSyncDeltaTypeEnum type = IcSyncDeltaTypeEnum.CREATE_OR_UPDATE;
itemContext.addLogItem(itemLog).addType(type);
// Find token by token attribute
// For Reconciliation can be token attribute null
Object tokenObj = null;
if (tokenAttribute != null) {
tokenObj = getValueByMappedAttribute(tokenAttribute, icObject.getAttributes(), itemContext);
}
// Token is saved in Sync as String, therefore we transform token (from
// IcObject) to String too.
String token = tokenObj != null ? tokenObj.toString() : null;
// grater token to config and log.
if (token != null && config.getToken() != null && token.compareTo(config.getToken()) <= -1) {
token = config.getToken();
}
// Save token
log.setToken(token);
if (!config.isReconciliation()) {
config.setToken(token);
}
boolean result = startItemSynchronization(itemContext);
// sync or LRT)
return updateAndCheckState(result, log);
}
Aggregations