use of eu.bcvsolutions.idm.acc.dto.SysSystemDto in project CzechIdMng by bcvsolutions.
the class IdentityPasswordPreValidateDefinitionProcessor method validateDefinition.
public List<IdmPasswordPolicyDto> validateDefinition(PasswordChangeDto passwordChangeDto) {
List<IdmPasswordPolicyDto> passwordPolicyList = new ArrayList<>();
IdmPasswordPolicyDto defaultPasswordPolicy = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
if (defaultPasswordPolicy == null) {
defaultPasswordPolicy = new IdmPasswordPolicyDto();
}
for (String account : passwordChangeDto.getAccounts()) {
SysSystemDto system = DtoUtils.getEmbedded(accountService.get(UUID.fromString(account)), AccAccount_.system, SysSystemDto.class);
IdmPasswordPolicyDto passwordPolicy;
//
if (system.getPasswordPolicyValidate() == null) {
passwordPolicy = defaultPasswordPolicy;
} else {
passwordPolicy = passwordPolicyService.get(system.getPasswordPolicyValidate());
}
if (!passwordPolicyList.contains(passwordPolicy) && passwordPolicy != null) {
passwordPolicyList.add(passwordPolicy);
}
}
if (passwordChangeDto.isIdm() && !passwordPolicyList.contains(defaultPasswordPolicy)) {
passwordPolicyList.add(defaultPasswordPolicy);
}
return passwordPolicyList;
}
use of eu.bcvsolutions.idm.acc.dto.SysSystemDto in project CzechIdMng by bcvsolutions.
the class SystemSaveProcessor method process.
@Override
public EventResult<SysSystemDto> process(EntityEvent<SysSystemDto> event) {
SysSystemDto dto = event.getContent();
// create default connector server
if (dto.getConnectorServer() == null) {
dto.setConnectorServer(new SysConnectorServerDto());
}
// create default connector key
if (dto.getConnectorKey() == null) {
dto.setConnectorKey(new SysConnectorKeyDto());
}
// create default blocked operations
if (dto.getBlockedOperation() == null) {
dto.setBlockedOperation(new SysBlockedOperationDto());
}
if (!service.isNew(dto)) {
// Check if is connector changed
SysSystemDto oldSystem = service.get(dto.getId());
if (!dto.getConnectorKey().equals(oldSystem.getConnectorKey())) {
// If is connector changed, we set virtual to false. (Virtual
// connectors set this attribute on true by themselves)
dto.setVirtual(false);
}
// check blocked provisioning operation and clear provisioning break cache
clearProvisionignBreakCache(dto, oldSystem);
}
SysSystemDto newSystem = service.saveInternal(dto);
event.setContent(newSystem);
// save password from remote connector server to confidential storage
if (dto.getConnectorServer().getPassword() != null) {
// save for newSystem
confidentialStorage.save(newSystem.getId(), SysSystem.class, SysSystemService.REMOTE_SERVER_PASSWORD, dto.getConnectorServer().getPassword().asString());
//
// set asterix
newSystem.getConnectorServer().setPassword(new GuardedString(GuardedString.SECRED_PROXY_STRING));
}
// TODO: clone content - mutable previous event content :/
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.SysSystemDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningProcessor method process.
/**
* Prepare provisioning operation execution
*/
@Override
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
SysProvisioningOperationDto provisioningOperation = event.getContent();
SysSystemDto system = systemService.get(provisioningOperation.getSystem());
IcConnectorObject connectorObject = provisioningOperation.getProvisioningContext().getConnectorObject();
IcObjectClass objectClass = connectorObject.getObjectClass();
String uid = systemEntityService.getByProvisioningOperation(provisioningOperation).getUid();
LOG.debug("Start provisioning operation [{}] for object with uid [{}] and connector object [{}]", provisioningOperation.getOperationType(), uid, objectClass.getType());
// Find connector identification persisted in system
if (system.getConnectorKey() == null) {
throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
}
// load connector configuration
IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(systemService.get(provisioningOperation.getSystem()));
if (connectorConfig == null) {
throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
}
//
try {
provisioningOperation = provisioningOperationService.save(provisioningOperation);
// convert confidential string to guarded strings before provisioning realization
connectorObject = provisioningOperationService.getFullConnectorObject(provisioningOperation);
provisioningOperation.getProvisioningContext().setConnectorObject(connectorObject);
//
IcUidAttribute resultUid = processInternal(provisioningOperation, connectorConfig);
// update system entity, when identifier on target system differs
if (resultUid != null && resultUid.getUidValue() != null) {
SysSystemEntityDto systemEntity = systemEntityService.getByProvisioningOperation(provisioningOperation);
// If system entity was not found, we try found system entity by returned UID
if (systemEntity == null) {
systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, provisioningOperation.getEntityType(), resultUid.getUidValue());
}
Asserts.notNull(systemEntity, "Systeme entity cannot be null!");
if (!systemEntity.getUid().equals(resultUid.getUidValue()) || systemEntity.isWish()) {
systemEntity.setUid(resultUid.getUidValue());
systemEntity.setWish(false);
systemEntity = systemEntityService.save(systemEntity);
LOG.info("UID was changed. System entity with uid [{}] was updated", systemEntity.getUid());
}
}
provisioningOperationService.handleSuccessful(provisioningOperation);
} catch (Exception ex) {
provisioningOperationService.handleFailed(provisioningOperation, ex);
}
// set operation back to content
event.setContent(provisioningOperation);
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.SysSystemDto in project CzechIdMng by bcvsolutions.
the class DisabledSystemProcessor method process.
@Override
public EventResult<SysProvisioningOperationDto> process(EntityEvent<SysProvisioningOperationDto> event) {
SysProvisioningOperationDto provisioningOperation = event.getContent();
SysSystemDto system = systemService.get(provisioningOperation.getSystem());
String uid = provisioningOperationService.getByProvisioningOperation(provisioningOperation).getUid();
boolean closed = false;
if (system.isDisabled()) {
ResultModel resultModel = new DefaultResultModel(AccResultCode.PROVISIONING_SYSTEM_DISABLED, ImmutableMap.of("name", uid, "system", system.getName()));
provisioningOperation.setResult(new OperationResult.Builder(OperationState.NOT_EXECUTED).setModel(resultModel).build());
//
provisioningOperation = provisioningOperationService.save(provisioningOperation);
//
LOG.info(resultModel.toString());
notificationManager.send(AccModuleDescriptor.TOPIC_PROVISIONING, new IdmMessageDto.Builder().setModel(resultModel).build());
//
closed = true;
}
// set back to event content
event.setContent(provisioningOperation);
return new DefaultEventResult<>(event, this, closed);
}
use of eu.bcvsolutions.idm.acc.dto.SysSystemDto in project CzechIdMng by bcvsolutions.
the class PrepareConnectorObjectProcessor method processCreate.
/**
* Create object on target system
*
* @param provisioningOperation
* @param connectorConfig
*/
private void processCreate(SysProvisioningOperationDto provisioningOperation) {
SysSystemDto system = systemService.get(provisioningOperation.getSystem());
ProvisioningContext provisioningContext = provisioningOperation.getProvisioningContext();
IcConnectorObject connectorObject = provisioningContext.getConnectorObject();
//
// prepare provisioning attributes from account attributes
Map<ProvisioningAttributeDto, Object> fullAccountObject = provisioningOperationService.getFullAccountObject(provisioningOperation);
if (fullAccountObject != null) {
connectorObject.getAttributes().clear();
SysSystemMappingDto mapping = getMapping(system, provisioningOperation.getEntityType());
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
List<SysSchemaAttributeDto> schemaAttributes = findSchemaAttributes(system, schemaObjectClassDto);
for (Entry<ProvisioningAttributeDto, Object> entry : fullAccountObject.entrySet()) {
ProvisioningAttributeDto provisioningAttribute = entry.getKey();
Optional<SysSchemaAttributeDto> schemaAttributeOptional = schemaAttributes.stream().filter(schemaAttribute -> {
return provisioningAttribute.getSchemaAttributeName().equals(schemaAttribute.getName());
}).findFirst();
if (!schemaAttributeOptional.isPresent()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_SCHEMA_ATTRIBUTE_IS_FOUND, ImmutableMap.of("attribute", provisioningAttribute.getSchemaAttributeName()));
}
Object idmValue = fullAccountObject.get(provisioningAttribute);
SysSchemaAttributeDto schemaAttribute = schemaAttributeOptional.get();
if (provisioningAttribute.isSendOnlyIfNotNull()) {
if (this.isValueEmpty(idmValue)) {
// Skip this attribute (marked with flag sendOnlyIfNotNull), because IdM value is null
continue;
}
}
if (AttributeMappingStrategyType.CREATE == provisioningAttribute.getStrategyType() || AttributeMappingStrategyType.WRITE_IF_NULL == provisioningAttribute.getStrategyType()) {
boolean existSetAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.SET == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
boolean existIfResourceNulltAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.WRITE_IF_NULL == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
boolean existMergeAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.MERGE == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
boolean existAuthMergeAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.AUTHORITATIVE_MERGE == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
if (AttributeMappingStrategyType.CREATE == provisioningAttribute.getStrategyType()) {
if (existIfResourceNulltAttribute || existSetAttribute || existAuthMergeAttribute || existMergeAttribute) {
// (this strategies has higher priority)
continue;
}
}
if (AttributeMappingStrategyType.WRITE_IF_NULL == provisioningAttribute.getStrategyType()) {
if (existSetAttribute || existAuthMergeAttribute || existMergeAttribute) {
// (this strategies has higher priority)
continue;
}
}
}
IcAttribute createdAttribute = createAttribute(schemaAttribute, fullAccountObject.get(provisioningAttribute));
if (createdAttribute != null) {
connectorObject.getAttributes().add(createdAttribute);
}
}
provisioningContext.setConnectorObject(connectorObject);
}
provisioningOperation.setOperationType(ProvisioningEventType.CREATE);
}
Aggregations