Example 51 with SysSystemEntityDto
use of eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method changePassword.
@Override
public List<OperationResult> changePassword(DTO dto, PasswordChangeDto passwordChange) {
Assert.notNull(dto, "DTO is required.");
Assert.notNull(dto.getId(), "Password can be changed, when dto is already persisted.");
Assert.notNull(passwordChange, "Password change dto is required.");
List<SysProvisioningOperationDto> preparedOperations = new ArrayList<>();
//
EntityAccountFilter filter = this.createEntityAccountFilter();
filter.setEntityId(dto.getId());
List<? extends EntityAccountDto> entityAccountList = getEntityAccountService().find(filter, null).getContent();
if (entityAccountList == null) {
return Collections.<OperationResult>emptyList();
}
// Distinct by accounts
List<UUID> accountIds = new ArrayList<>();
entityAccountList.stream().filter(entityAccount -> {
if (!entityAccount.isOwnership()) {
return false;
}
if (passwordChange.isAll()) {
// Add all account supports change password
if (entityAccount.getAccount() == null) {
return false;
}
// Check if system for this account support change password
AccAccountFilter accountFilter = new AccAccountFilter();
accountFilter.setSupportChangePassword(Boolean.TRUE);
accountFilter.setId(entityAccount.getAccount());
List<AccAccountDto> accountsChecked = accountService.find(accountFilter, null).getContent();
if (accountsChecked.size() == 1) {
return true;
}
return false;
} else {
return passwordChange.getAccounts().contains(entityAccount.getAccount().toString());
}
}).forEach(entityAccount -> {
if (!accountIds.contains(entityAccount.getAccount())) {
accountIds.add(entityAccount.getAccount());
}
});
//
// Is possible that some account has disabled password attributes
List<OperationResult> notExecutedPasswordChanged = new ArrayList<>();
//
List<AccAccountDto> accounts = new ArrayList<>();
accountIds.forEach(accountId -> {
AccAccountDto account = accountService.get(accountId);
// Skip account in protection
if (account.isInProtection()) {
// Skip this iteration
return;
}
//
accounts.add(account);
// find UID from system entity or from account
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system);
if (account.getSystemEntity() == null) {
throw new SystemEntityNotFoundException(AccResultCode.PROVISIONING_PASSWORD_SYSTEM_ENTITY_NOT_FOUND, String.valueOf(account.getUid()), system.getCode());
}
SysSystemEntityDto systemEntity = systemEntityService.get(account.getSystemEntity());
//
// Find mapped attributes (include overloaded attributes)
List<AttributeMapping> finalAttributes = resolveMappedAttributes(account, dto, system, systemEntity.getEntityType());
if (CollectionUtils.isEmpty(finalAttributes)) {
return;
}
// We try find __PASSWORD__ attribute in mapped attributes
AttributeMapping mappedAttribute = finalAttributes.stream().filter((attribute) -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
return ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME.equals(schemaAttributeDto.getName());
}).findFirst().orElse(null);
//
// get all another passwords, list with all passwords (included primary password marked as __PASSWORD__)
SysSystemMappingDto systemMappingDto = getMapping(system, systemEntity.getEntityType());
List<SysSystemAttributeMappingDto> passwordAttributes = attributeMappingService.getAllPasswordAttributes(system.getId(), systemMappingDto.getId());
//
// create account object with all another password
Map<ProvisioningAttributeDto, Object> accountObjectWithAnotherPassword = new HashMap<>(passwordAttributes.size());
for (AttributeMapping passwordAttribute : passwordAttributes) {
// all password attributes contains also main __PASSWORD__ the attribute must be skipped
if (mappedAttribute != null && mappedAttribute.equals(passwordAttribute)) {
continue;
}
GuardedString transformPassword = transformPassword(passwordChange.getNewPassword(), passwordAttribute, systemEntity.getUid(), dto);
SysSchemaAttributeDto schemaAttribute = schemaAttributeService.get(passwordAttribute.getSchemaAttribute());
ProvisioningAttributeDto passwordProvisiongAttributeDto = ProvisioningAttributeDto.createProvisioningAttributeKey(passwordAttribute, schemaAttribute.getName(), schemaAttribute.getClassType());
accountObjectWithAnotherPassword.put(passwordProvisiongAttributeDto, transformPassword);
}
// for this account doesn't exist mapped attribute as password
if (accountObjectWithAnotherPassword.isEmpty() && mappedAttribute == null) {
// Beware we cant use AccAccountDto from acc module, in core is checked by this
notExecutedPasswordChanged.add(new OperationResult.Builder(OperationState.NOT_EXECUTED).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_FAILED, ImmutableMap.of(IdmAccountDto.PARAMETER_NAME, createResultAccount(account, system)))).build());
// for this account is this failed password change
return;
}
//
// add all account attributes => standard provisioning
SysProvisioningOperationDto additionalProvisioningOperation = null;
// resolve another attributes that must be sent together with password
List<AttributeMapping> additionalPasswordChangeAttributes = resolveAdditionalPasswordChangeAttributes(account, dto, system, systemEntity.getEntityType());
if (!additionalPasswordChangeAttributes.isEmpty()) {
additionalProvisioningOperation = prepareProvisioning(systemEntity, dto, dto.getId(), ProvisioningOperationType.UPDATE, additionalPasswordChangeAttributes);
}
// add another password
if (!accountObjectWithAnotherPassword.isEmpty()) {
if (additionalProvisioningOperation == null) {
// if additional operation is null create one
additionalProvisioningOperation = prepareProvisioningOperationForAdditionalPassword(systemEntity, dto, dto.getId(), ProvisioningOperationType.UPDATE, systemMappingDto, accountObjectWithAnotherPassword);
} else {
// if additional operation exists just add all account object with additional passwords
additionalProvisioningOperation.getProvisioningContext().getAccountObject().putAll(accountObjectWithAnotherPassword);
}
}
//
// password change operation
SysProvisioningOperationDto operation;
if (provisioningExecutor.getConfiguration().isSendPasswordAttributesTogether() && additionalProvisioningOperation != null) {
// all attributes including another password attributes will be sent with password one provisioning operation
operation = additionalProvisioningOperation;
//
if (mappedAttribute != null) {
// Main password attribute isn't mapped
// transform password value trough transformation
GuardedString transformPassword = transformPassword(passwordChange.getNewPassword(), mappedAttribute, systemEntity.getUid(), dto);
//
// add wish for password
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.get(mappedAttribute.getSchemaAttribute());
ProvisioningAttributeDto passwordAttribute = ProvisioningAttributeDto.createProvisioningAttributeKey(mappedAttribute, schemaAttributeDto.getName(), schemaAttributeDto.getClassType());
//
// newly isn't needed check if password is constant or etc.
//
operation.getProvisioningContext().getAccountObject().put(passwordAttribute, transformPassword);
}
//
// do provisioning for additional attributes and password
// together
preparedOperations.add(operation);
} else {
//
if (mappedAttribute != null) {
// Main password attribute isn't mapped
// transform password value trough transformation
GuardedString transformPassword = transformPassword(passwordChange.getNewPassword(), mappedAttribute, systemEntity.getUid(), dto);
//
operation = prepareProvisioningForAttribute(systemEntity, mappedAttribute, transformPassword, ProvisioningOperationType.UPDATE, dto);
preparedOperations.add(operation);
}
// do provisioning for additional attributes and passwords in second
if (additionalProvisioningOperation != null) {
preparedOperations.add(additionalProvisioningOperation);
}
}
});
//
// execute prepared operations
List<OperationResult> results = preparedOperations.stream().map(operation -> {
SysProvisioningOperationDto result = provisioningExecutor.executeSync(operation);
Map<String, Object> parameters = new LinkedHashMap<String, Object>();
AccAccountDto account = accounts.stream().filter(a -> {
return a.getRealUid().equals(result.getSystemEntityUid()) && a.getSystem().equals(operation.getSystem());
}).findFirst().get();
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system);
//
parameters.put(IdmAccountDto.PARAMETER_NAME, createResultAccount(account, system));
//
if (result.getResult().getState() == OperationState.EXECUTED) {
// Add success changed password account
return new OperationResult.Builder(OperationState.EXECUTED).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_SUCCESS, parameters)).build();
}
OperationResult changeResult = new OperationResult.Builder(result.getResult().getState()).setModel(new DefaultResultModel(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_FAILED, parameters)).build();
changeResult.setCause(result.getResult().getCause());
changeResult.setCode(result.getResult().getCode());
return changeResult;
}).collect(Collectors.toList());
//
// add not executed changed from prepare stage
results.addAll(notExecutedPasswordChanged);
return results;
}
Also used :
ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
StringUtils(org.apache.commons.lang3.StringUtils)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemAttributeMapping_(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping_)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemEntity_(eu.bcvsolutions.idm.acc.entity.SysSystemEntity_)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
ProvisioningEntityExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningEntityExecutor)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
Set(java.util.Set)
PageRequest(org.springframework.data.domain.PageRequest)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Serializable(java.io.Serializable)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
List(java.util.List)
EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
Optional(java.util.Optional)
IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
MappingContext(eu.bcvsolutions.idm.acc.domain.MappingContext)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent)
AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)
SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
HashMap(java.util.HashMap)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttribute_(eu.bcvsolutions.idm.acc.entity.SysRoleSystemAttribute_)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
SystemEntityNotFoundException(eu.bcvsolutions.idm.acc.exception.SystemEntityNotFoundException)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ImmutableList(com.google.common.collect.ImmutableList)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
ProvisioningOperationType(eu.bcvsolutions.idm.acc.domain.ProvisioningOperationType)
LinkedHashSet(java.util.LinkedHashSet)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable)
SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
EventContext(eu.bcvsolutions.idm.core.api.event.EventContext)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
Contextable(eu.bcvsolutions.idm.core.api.domain.Contextable)
AccAccount_(eu.bcvsolutions.idm.acc.entity.AccAccount_)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService)
Collections(java.util.Collections)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Assert(org.springframework.util.Assert)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
ArrayList(java.util.ArrayList)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
List(java.util.List)
ArrayList(java.util.ArrayList)
ImmutableList(com.google.common.collect.ImmutableList)
UUID(java.util.UUID)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SystemEntityNotFoundException(eu.bcvsolutions.idm.acc.exception.SystemEntityNotFoundException)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Map(java.util.Map)
ImmutableMap(com.google.common.collect.ImmutableMap)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Example 52 with SysSystemEntityDto
use of eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method doInternalProvisioning.
@Override
public SysProvisioningOperationDto doInternalProvisioning(AccAccountDto account, DTO dto, boolean isDryRun) {
Assert.notNull(account, "Account is required.");
Assert.notNull(dto, "DTO is required.");
//
ProvisioningOperationType operationType;
SysSystemDto system = DtoUtils.getEmbedded(account, AccAccount_.system);
SysSystemEntityDto systemEntity = getSystemEntity(account);
SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
String uid = account.getUid();
//
if (systemEntity == null) {
// prepare system entity - uid could be changed by provisioning, but
// we need to link her with account
// First we try find system entity with same uid.
systemEntity = systemEntityService.getBySystemAndEntityTypeAndUid(system, entityType, uid);
if (systemEntity == null) {
systemEntity = new SysSystemEntityDto();
systemEntity.setEntityType(entityType);
systemEntity.setSystem(system.getId());
systemEntity.setUid(uid);
systemEntity.setWish(true);
systemEntity = systemEntityService.save(systemEntity);
}
account.setSystemEntity(systemEntity.getId());
account = accountService.save(account);
// we wont create account, but after target system call can be
// switched to UPDATE
operationType = ProvisioningOperationType.CREATE;
} else {
// we wont update account, but after target system call can be
// switched to CREATE
operationType = ProvisioningOperationType.UPDATE;
}
List<AttributeMapping> finalAttributes = resolveMappedAttributes(account, dto, system, systemEntity.getEntityType());
if (CollectionUtils.isEmpty(finalAttributes)) {
// nothing to do - mapping is empty
return null;
}
return doProvisioning(systemEntity, dto, dto.getId(), operationType, finalAttributes, isDryRun);
}
Also used :
ProvisioningOperationType(eu.bcvsolutions.idm.acc.domain.ProvisioningOperationType)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
Example 53 with SysSystemEntityDto
use of eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method prepareMappedAttributesValues.
/**
* Prepare all mapped attribute values (= account)
*
* @param dto
* @param operationType
* @param systemEntity
* @param attributes
* @return
*/
protected Map<ProvisioningAttributeDto, Object> prepareMappedAttributesValues(DTO dto, ProvisioningOperationType operationType, SysSystemEntityDto systemEntity, List<? extends AttributeMapping> attributes, MappingContext mappingContext) {
AccAccountDto account = getAccountSystemEntity(systemEntity.getId());
String uid = systemEntity.getUid();
SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system);
Map<ProvisioningAttributeDto, Object> accountAttributes = new HashMap<>();
// delete - account attributes is not needed
if (ProvisioningOperationType.DELETE == operationType) {
return accountAttributes;
}
// First we will resolve attribute without MERGE strategy
attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && !attribute.isPasswordAttribute() && AttributeMappingStrategyType.AUTHORITATIVE_MERGE != attribute.getStrategyType() && AttributeMappingStrategyType.MERGE != attribute.getStrategyType();
}).forEach(attribute -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
if (attribute.isUid()) {
// TODO: now we set UID from SystemEntity, may be UID from
// AccAccount will be more correct
Object uidValue = getAttributeValue(uid, dto, attribute, system, mappingContext);
if (uidValue == null) {
throw new ProvisioningException(AccResultCode.PROVISIONING_GENERATED_UID_IS_NULL, ImmutableMap.of("system", system.getName()));
}
if (!(uidValue instanceof String)) {
throw new ProvisioningException(AccResultCode.PROVISIONING_ATTRIBUTE_UID_IS_NOT_STRING, ImmutableMap.of("uid", uidValue, "system", system.getName()));
}
updateAccountUid(account, uid, (String) uidValue);
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName(), schemaAttributeDto.getClassType()), uidValue);
} else {
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName(), schemaAttributeDto.getClassType()), getAttributeValue(uid, dto, attribute, system, mappingContext));
}
});
// Second we will resolve MERGE attributes
List<? extends AttributeMapping> attributesMerge = attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && (AttributeMappingStrategyType.AUTHORITATIVE_MERGE == attribute.getStrategyType() || AttributeMappingStrategyType.MERGE == attribute.getStrategyType());
}).collect(Collectors.toList());
for (AttributeMapping attributeParent : attributesMerge) {
SysSchemaAttributeDto schemaAttributeParent = getSchemaAttribute(attributeParent);
ProvisioningAttributeDto attributeParentKey = ProvisioningAttributeDto.createProvisioningAttributeKey(attributeParent, schemaAttributeParent.getName(), schemaAttributeParent.getClassType());
if (!schemaAttributeParent.isMultivalued()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_MERGE_ATTRIBUTE_IS_NOT_MULTIVALUE, ImmutableMap.of("object", uid, "attribute", schemaAttributeParent.getName(), "system", system.getName()));
}
// We use SET collection because we want collection of merged values without duplicates
Set<Object> mergedValues = new LinkedHashSet<>();
//
attributesMerge.stream().filter(attribute -> {
//
SysSchemaAttributeDto schemaAttribute = getSchemaAttribute(attribute);
return !accountAttributes.containsKey(attributeParentKey) && schemaAttributeParent.equals(schemaAttribute) && attributeParent.getStrategyType() == attribute.getStrategyType();
}).forEach(attribute -> {
Object value = getAttributeValue(uid, dto, attribute, system, mappingContext);
// provisioning in IC)
if (value != null) {
// main list!
if (value instanceof Collection) {
Collection<?> collectionNotNull = ((Collection<?>) value).stream().filter(item -> {
return item != null;
}).collect(Collectors.toList());
mergedValues.addAll(collectionNotNull);
} else {
mergedValues.add(value);
}
}
});
if (!accountAttributes.containsKey(attributeParentKey)) {
// we must put merged values as array list
accountAttributes.put(attributeParentKey, new ArrayList<>(mergedValues));
}
}
return accountAttributes;
}
Also used :
ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
StringUtils(org.apache.commons.lang3.StringUtils)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemAttributeMapping_(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping_)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemEntity_(eu.bcvsolutions.idm.acc.entity.SysSystemEntity_)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
ProvisioningEntityExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningEntityExecutor)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
Set(java.util.Set)
PageRequest(org.springframework.data.domain.PageRequest)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Serializable(java.io.Serializable)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
List(java.util.List)
EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
Optional(java.util.Optional)
IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
MappingContext(eu.bcvsolutions.idm.acc.domain.MappingContext)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent)
AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)
SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
HashMap(java.util.HashMap)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttribute_(eu.bcvsolutions.idm.acc.entity.SysRoleSystemAttribute_)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
SystemEntityNotFoundException(eu.bcvsolutions.idm.acc.exception.SystemEntityNotFoundException)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ImmutableList(com.google.common.collect.ImmutableList)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
ProvisioningOperationType(eu.bcvsolutions.idm.acc.domain.ProvisioningOperationType)
LinkedHashSet(java.util.LinkedHashSet)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable)
SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
EventContext(eu.bcvsolutions.idm.core.api.event.EventContext)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
Contextable(eu.bcvsolutions.idm.core.api.domain.Contextable)
AccAccount_(eu.bcvsolutions.idm.acc.entity.AccAccount_)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService)
Collections(java.util.Collections)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Assert(org.springframework.util.Assert)
LinkedHashSet(java.util.LinkedHashSet)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
Collection(java.util.Collection)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Example 54 with SysSystemEntityDto
use of eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method findSystemEntity.
private SysSystemEntityDto findSystemEntity(String uid, SysSystemDto system, SystemEntityType entityType) {
SysSystemEntityFilter systemEntityFilter = new SysSystemEntityFilter();
systemEntityFilter.setEntityType(entityType);
systemEntityFilter.setSystemId(system.getId());
systemEntityFilter.setUid(uid);
List<SysSystemEntityDto> systemEntities = systemEntityService.find(systemEntityFilter, null).getContent();
SysSystemEntityDto systemEntity = null;
if (systemEntities.size() == 1) {
systemEntity = systemEntities.get(0);
} else if (systemEntities.size() > 1) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TO_MANY_SYSTEM_ENTITY, uid);
}
return systemEntity;
}
Also used :
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
SysSystemEntityFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemEntityFilter)
Example 55 with SysSystemEntityDto
use of eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto in project CzechIdMng by bcvsolutions.
the class AbstractSynchronizationExecutor method createSystemEntity.
private SysSystemEntityDto createSystemEntity(String uid, SystemEntityType entityType, SysSystemDto system) {
SysSystemEntityDto systemEntityNew = new SysSystemEntityDto();
systemEntityNew.setUid(uid);
systemEntityNew.setEntityType(entityType);
systemEntityNew.setSystem(system.getId());
systemEntityNew.setWish(false);
return systemEntityService.save(systemEntityNew);
}
Also used :
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
Aggregations
SysSystemEntityDto (eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)69
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)49
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)36
Test (org.junit.Test)36
SysProvisioningOperationDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)25
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)22
IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)19
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)15
AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)14
ProvisioningAttributeDto (eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)14
ProvisioningContext (eu.bcvsolutions.idm.acc.domain.ProvisioningContext)13
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)12
OperationResult (eu.bcvsolutions.idm.core.api.entity.OperationResult)12
SysProvisioningBatchDto (eu.bcvsolutions.idm.acc.dto.SysProvisioningBatchDto)11
SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)10
ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)10
IcObjectClass (eu.bcvsolutions.idm.ic.api.IcObjectClass)10
IcObjectClassImpl (eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)10
SysProvisioningOperationFilter (eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)8
SysSystemEntityFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemEntityFilter)8
