use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class DefaultSynchronizationServiceTest method doStartSyncE_StrategyWriteIfNull.
@Test
public void doStartSyncE_StrategyWriteIfNull() {
SysSyncConfigFilter configFilter = new SysSyncConfigFilter();
configFilter.setName(SYNC_CONFIG_NAME);
List<AbstractSysSyncConfigDto> syncConfigs = syncConfigService.find(configFilter, null).getContent();
Assert.assertEquals(1, syncConfigs.size());
AbstractSysSyncConfigDto syncConfigCustom = syncConfigs.get(0);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
// Find email attribute and change strategy on WRITE_IF_NULL
SysSystemMappingFilter mappingFilter = new SysSystemMappingFilter();
mappingFilter.setEntityType(SystemEntityType.IDENTITY);
SysSystemMappingDto systemMapping = systemMappingService.get(syncConfigCustom.getSystemMapping());
SysSystemDto system = systemService.get(schemaObjectClassService.get(systemMapping.getObjectClass()).getSystem());
mappingFilter.setSystemId(system.getId());
mappingFilter.setOperationType(SystemOperationType.SYNCHRONIZATION);
List<SysSystemMappingDto> mappings = systemMappingService.find(mappingFilter, null).getContent();
Assert.assertEquals(1, mappings.size());
SysSystemMappingDto mapping = mappings.get(0);
SysSystemAttributeMappingFilter attributeMappingFilter = new SysSystemAttributeMappingFilter();
attributeMappingFilter.setSystemMappingId(mapping.getId());
List<SysSystemAttributeMappingDto> attributes = schemaAttributeMappingService.find(attributeMappingFilter, null).getContent();
SysSystemAttributeMappingDto emailAttribute = attributes.stream().filter(attribute -> {
return attribute.getName().equalsIgnoreCase(ATTRIBUTE_EMAIL);
}).findFirst().get();
emailAttribute.setStrategyType(AttributeMappingStrategyType.WRITE_IF_NULL);
schemaAttributeMappingService.save(emailAttribute);
//
// Set email on identity ONE to null
IdmIdentityDto one = identityService.getByUsername("x" + IDENTITY_USERNAME_ONE);
one.setEmail(null);
identityService.save(one);
// Prepare resource data
this.getBean().deleteAllResourceData();
this.getBean().initResourceData();
this.getBean().changeResourceData();
// Set sync config
syncConfigCustom.setLinkedAction(SynchronizationLinkedActionType.UPDATE_ENTITY);
syncConfigCustom.setUnlinkedAction(SynchronizationUnlinkedActionType.IGNORE);
syncConfigCustom.setMissingEntityAction(SynchronizationMissingEntityActionType.CREATE_ENTITY);
syncConfigCustom.setMissingAccountAction(ReconciliationMissingAccountActionType.IGNORE);
syncConfigCustom.setReconciliation(true);
syncConfigService.save(syncConfigCustom);
// Check state before sync
Assert.assertEquals(null, identityService.getByUsername("x" + IDENTITY_USERNAME_ONE).getEmail());
Assert.assertEquals(IDENTITY_EMAIL_CORRECT, identityService.getByUsername("x" + IDENTITY_USERNAME_TWO).getEmail());
// Start synchronization
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
SysSyncActionLogFilter actionLogFilter = new SysSyncActionLogFilter();
actionLogFilter.setSynchronizationLogId(log.getId());
List<SysSyncActionLogDto> actions = syncActionLogService.find(actionLogFilter, null).getContent();
Assert.assertEquals(1, actions.size());
SysSyncActionLogDto actionLog = actions.stream().filter(action -> {
return SynchronizationActionType.UPDATE_ENTITY == action.getSyncAction();
}).findFirst().get();
SysSyncItemLogFilter itemLogFilter = new SysSyncItemLogFilter();
itemLogFilter.setSyncActionLogId(actionLog.getId());
List<SysSyncItemLogDto> items = syncItemLogService.find(itemLogFilter, null).getContent();
Assert.assertEquals(2, items.size());
// Check state after sync
Assert.assertEquals(IDENTITY_EMAIL_CORRECT_CHANGED, identityService.getByUsername("x" + IDENTITY_USERNAME_ONE).getEmail());
Assert.assertEquals(IDENTITY_EMAIL_CORRECT, identityService.getByUsername("x" + IDENTITY_USERNAME_TWO).getEmail());
// Delete log
syncLogService.delete(log);
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class TreeSynchronizationExecutor method exportChildrenRecursively.
private void exportChildrenRecursively(IdmTreeNodeDto treeNode, SynchronizationContext itemBuilder, SysSystemAttributeMappingDto uidAttribute) {
SysSyncItemLogDto logItem = itemBuilder.getLogItem();
List<IdmTreeNodeDto> children = treeNodeService.findChildrenByParent(treeNode.getId(), null).getContent();
if (children.isEmpty()) {
this.exportEntity(itemBuilder, uidAttribute, treeNode);
} else {
addToItemLog(logItem, MessageFormat.format("Tree node [{0}] has children [count={1}].", treeNode.getName(), children.size()));
this.exportEntity(itemBuilder, uidAttribute, treeNode);
children.forEach(child -> {
exportChildrenRecursively(child, itemBuilder, uidAttribute);
});
}
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class DefaultSynchronizationService method resolveUnlinkedSituation.
@Override
public SysSyncItemLogDto resolveUnlinkedSituation(String uid, SystemEntityType entityType, UUID entityId, UUID configId, String actionType) {
Assert.notNull(uid);
Assert.notNull(entityType);
Assert.notNull(configId);
Assert.notNull(actionType);
Assert.notNull(entityId);
AbstractSysSyncConfigDto config = synchronizationConfigService.get(configId);
SysSystemMappingDto mapping = systemMappingService.get(config.getSystemMapping());
SysSchemaObjectClassDto sysSchemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
SysSystemDto system = DtoUtils.getEmbedded(sysSchemaObjectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
SysSystemEntityDto systemEntity = findSystemEntity(uid, system, entityType);
SysSyncItemLogDto itemLog = new SysSyncItemLogDto();
SynchronizationContext context = new SynchronizationContext();
context.addUid(uid).addSystem(system).addConfig(config).addEntityType(entityType).addEntityId(entityId).addSystemEntity(systemEntity);
getSyncExecutor(entityType).resolveUnlinkedSituation(SynchronizationUnlinkedActionType.valueOf(actionType), context);
return itemLog;
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class IdentitySynchronizationExecutor method doUpdateEntity.
/**
* Fill data from IC attributes to entity (EAV and confidential storage too)
*
* @param account
* @param entityType
* @param uid
* @param icAttributes
* @param mappedAttributes
* @param log
* @param logItem
* @param actionLogs
*/
protected void doUpdateEntity(SynchronizationContext context) {
String uid = context.getUid();
SysSyncLogDto log = context.getLog();
SysSyncItemLogDto logItem = context.getLogItem();
List<SysSyncActionLogDto> actionLogs = context.getActionLogs();
List<SysSystemAttributeMappingDto> mappedAttributes = context.getMappedAttributes();
AccAccountDto account = context.getAccount();
List<IcAttribute> icAttributes = context.getIcObject().getAttributes();
SystemEntityType entityType = context.getEntityType();
UUID entityId = getEntityByAccount(account.getId());
IdmIdentityDto identity = null;
if (entityId != null) {
identity = identityService.get(entityId);
}
if (identity != null) {
// Update identity
identity = fillEntity(mappedAttributes, uid, icAttributes, identity, false, context);
identity = this.save(identity, true);
// Update extended attribute (entity must be persisted first)
updateExtendedAttributes(mappedAttributes, uid, icAttributes, identity, false, context);
// Update confidential attribute (entity must be persisted
// first)
updateConfidentialAttributes(mappedAttributes, uid, icAttributes, identity, false, context);
// Identity Updated
addToItemLog(logItem, MessageFormat.format("Identity with id {0} was updated", identity.getId()));
if (logItem != null) {
logItem.setDisplayName(identity.getUsername());
}
// Call provisioning for entity
this.callProvisioningForEntity(identity, entityType, logItem);
return;
} else {
addToItemLog(logItem, "Identity account relation (with ownership = true) was not found!");
initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
return;
}
}
use of eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto in project CzechIdMng by bcvsolutions.
the class RoleSynchronizationExecutor method resolveAssignRole.
private boolean resolveAssignRole(boolean isNew, SynchronizationContext context, IdmRoleDto roleDto, SysSyncRoleConfigDto config, SysSyncItemLogDto logItem, IcConnectorObject connectorObject, SysSystemAttributeMappingDto memberOfAttributeDto, SysSchemaObjectClassDto schemaObjectClassDto) {
// Find attribute for get members (DNs)
SysSystemAttributeMappingDto roleMembersAttributeDto = context.getMappedAttributes().stream().filter(attribute -> !attribute.isDisabledAttribute() && attribute.isEntityAttribute() && ROLE_MEMBERS_FIELD.equals(attribute.getIdmPropertyName())).findFirst().orElse(null);
Assert.notNull(roleMembersAttributeDto, "Mapped attribute with role's members was not found. Please create it!");
if (!isNew && AttributeMappingStrategyType.CREATE == roleMembersAttributeDto.getStrategyType()) {
addToItemLog(logItem, "The attribute with role's members has strategy set to 'Set only for new entity'. Role isn't new, so resolving controlling an assignment of roles to users by the external system will be skipped for this role.");
} else {
addToItemLog(logItem, "Controlling an assignment of roles to users by the external system is activated.");
Object membersObj = this.getValueByMappedAttribute(roleMembersAttributeDto, connectorObject.getAttributes(), context);
if (membersObj == null) {
membersObj = Lists.newArrayList();
}
if (membersObj instanceof String) {
membersObj = Lists.newArrayList(membersObj);
}
Assert.isInstanceOf(List.class, membersObj, "The value from attribute with role's members must be List of Strings!");
@SuppressWarnings("unchecked") List<String> members = (List<String>) membersObj;
SysRoleSystemDto roleSystemDto = findRoleSystemDto(roleDto, memberOfAttributeDto, schemaObjectClassDto);
if (roleSystemDto == null) {
addToItemLog(logItem, "Relation between this role and system was not found. Assigning of role to users will be skip for this role.");
return false;
}
SysRoleSystemAttributeDto memberAttribute = findMemberAttribute(memberOfAttributeDto, schemaObjectClassDto, roleSystemDto);
if (memberAttribute == null) {
addToItemLog(logItem, "The member attribute between this role and system was not found. Assigning of role to users will be skip for this role.");
return false;
}
// Find identities with this role.
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleId(roleDto.getId());
List<IdmIdentityRoleDto> existsIdentityRoleDtos = identityRoleService.find(identityRoleFilter, null).getContent();
// Get cache with users (DN vs UID).
Map<String, String> usersUidCache = getUserUidCache();
SysSchemaAttributeDto memberIdentifierAttribute = lookupService.lookupEmbeddedDto(config, SysSyncRoleConfig_.memberIdentifierAttribute);
Assert.notNull(memberIdentifierAttribute, "User identifier attribute cannot be null!");
Set<String> membersUid = Sets.newHashSet();
Set<UUID> membersContractIds = Sets.newHashSet();
// Call user system for every member (if isn't already in the cache).
SysSystemDto userSystemDto = systemService.get(roleSystemDto.getSystem());
IcConnectorConfiguration icConfig = systemService.getConnectorConfiguration(userSystemDto);
IcConnectorInstance connectorInstance = systemService.getConnectorInstance(userSystemDto);
IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
if (icConfig instanceof IcConnectorConfigurationImpl) {
// Enable pooling - a performance reason.
IcConnectorConfigurationImpl icConfigImpl = (IcConnectorConfigurationImpl) icConfig;
icConfigImpl.setConnectorPoolingSupported(true);
}
final int[] count = { 0 };
for (String member : members) {
if (!transformDnToUid(config, usersUidCache, memberIdentifierAttribute, membersUid, icConfig, connectorInstance, objectClass, count, member)) {
return false;
}
}
count[0] = 0;
membersUid.forEach(uid -> assignMissingIdentityRoles(roleDto, config, logItem, existsIdentityRoleDtos, membersContractIds, userSystemDto, count, uid, context));
if (!checkForCancelAndFlush(config)) {
return false;
}
// Remove redundant identity roles.
List<IdmIdentityRoleDto> redundantIdentityRoles = existsIdentityRoleDtos.stream().filter(existsIdentityRole -> !membersContractIds.contains(existsIdentityRole.getIdentityContract())).collect(Collectors.toList());
count[0] = 0;
redundantIdentityRoles.forEach(redundantIdentityRole -> removeRedundantIdentityRoles(roleDto, config, logItem, count, redundantIdentityRole));
}
return true;
}
Aggregations