Search in sources :

Example 36 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AccountManagementTest method initIdentityData.

private SysSystemDto initIdentityData() {
    // create test system
    SysSystemDto system = helper.createSystem(TestResource.TABLE_NAME);
    Assert.assertNotNull(system);
    // generate schema for system
    List<SysSchemaObjectClassDto> objectClasses = systemService.generateSchema(system);
    // Create mapping
    SysSystemMappingDto syncSystemMapping = new SysSystemMappingDto();
    syncSystemMapping.setName("default_" + System.currentTimeMillis());
    syncSystemMapping.setEntityType(SystemEntityType.IDENTITY);
    syncSystemMapping.setOperationType(SystemOperationType.PROVISIONING);
    syncSystemMapping.setObjectClass(objectClasses.get(0).getId());
    final SysSystemMappingDto syncMapping = systemMappingService.save(syncSystemMapping);
    createIdentityMapping(system, syncMapping);
    return system;
}
Also used : SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)

Example 37 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionExpirationTaskExecutorIntegrationTest method testRemoveExpiredAccount.

@Test
public void testRemoveExpiredAccount() {
    IdmIdentityDto identity = helper.createIdentity();
    IdmRoleDto role = helper.createRole();
    SysSystemDto system = helper.createTestResourceSystem(true);
    SysSystemMappingDto mapping = helper.getDefaultMapping(system);
    mapping.setProtectionInterval(1);
    mapping.setProtectionEnabled(true);
    systemMappingService.save(mapping);
    helper.createRoleSystem(role, system);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
    // 
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // 
    // remove role
    identityRoleService.deleteById(identityRole.getId());
    // 
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNotNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // 
    // test LRT - nothing to remove
    AccountProtectionExpirationTaskExecutor taskExecutor = new AccountProtectionExpirationTaskExecutor();
    longRunningTaskManager.execute(taskExecutor);
    // 
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNotNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // change account expiration
    account.setEndOfProtection(new DateTime().minusDays(1));
    account = accountService.save(account);
    taskExecutor = new AccountProtectionExpirationTaskExecutor();
    longRunningTaskManager.execute(taskExecutor);
    AccAccountDto removedAccount = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNull(removedAccount);
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNull(createdAccount);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccountProtectionExpirationTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.AccountProtectionExpirationTaskExecutor) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) DateTime(org.joda.time.DateTime) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 38 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAuthenticatorTest method initData.

private void initData() {
    SysSystemDto system = createTestSystem();
    List<SysSchemaObjectClassDto> objectClasses = sysSystemService.generateSchema(system);
    IdmIdentityDto identity = new IdmIdentityDto();
    identity.setUsername(USERNAME);
    identity.setLastName(USERNAME);
    identity.setPassword(new GuardedString(PASSWORD));
    identity = identityService.save(identity);
    // Create mapped attributes to schema
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setObjectClass(objectClasses.get(0).getId());
    final SysSystemMappingDto entityHandlingResult = systemEntityHandlingService.save(systemMapping);
    SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
    schemaAttributeFilter.setSystemId(system.getId());
    SysSystemAttributeMappingDto attributeHandlingLastName = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingPassword = new SysSystemAttributeMappingDto();
    SysSystemAttributeMappingDto attributeHandlingUsername = new SysSystemAttributeMappingDto();
    Page<SysSchemaAttributeDto> schemaAttributesPage = schemaAttributeService.find(schemaAttributeFilter, null);
    for (SysSchemaAttributeDto schemaAttr : schemaAttributesPage) {
        if ("__NAME__".equals(schemaAttr.getName())) {
            attributeHandlingUsername.setUid(true);
            attributeHandlingUsername.setEntityAttribute(true);
            attributeHandlingUsername.setAuthenticationAttribute(true);
            attributeHandlingUsername.setIdmPropertyName("username");
            attributeHandlingUsername.setTransformToResourceScript("if(attributeValue){return \"x\"+ attributeValue;}");
            attributeHandlingUsername.setName(schemaAttr.getName());
            attributeHandlingUsername.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingUsername.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingUsername = schemaAttributeHandlingService.save(attributeHandlingUsername);
        } else if ("lastname".equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingLastName.setIdmPropertyName("lastName");
            attributeHandlingLastName.setName(schemaAttr.getName());
            attributeHandlingLastName.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingLastName.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingLastName = schemaAttributeHandlingService.save(attributeHandlingLastName);
        } else if (IcConnectorFacade.PASSWORD_ATTRIBUTE_NAME.equalsIgnoreCase(schemaAttr.getName())) {
            attributeHandlingPassword.setIdmPropertyName("password");
            attributeHandlingPassword.setSchemaAttribute(schemaAttr.getId());
            attributeHandlingPassword.setName(schemaAttr.getName());
            attributeHandlingPassword.setSystemMapping(entityHandlingResult.getId());
            attributeHandlingPassword = schemaAttributeHandlingService.save(attributeHandlingPassword);
        }
    }
    // create two roles with same system and different override username
    IdmRoleDto role1 = new IdmRoleDto();
    role1.setName(ROLE_NAME);
    role1 = roleService.save(role1);
    SysRoleSystemDto role1System = new SysRoleSystemDto();
    role1System.setRole(role1.getId());
    role1System.setSystem(system.getId());
    role1System.setSystemMapping(entityHandlingResult.getId());
    role1System = roleSystemService.save(role1System);
    IdmRoleDto role2 = new IdmRoleDto();
    role2.setName(ROLE_NAME + "2");
    role2 = roleService.save(role2);
    SysRoleSystemDto roleSystem2 = new SysRoleSystemDto();
    roleSystem2.setSystem(system.getId());
    roleSystem2.setSystemMapping(entityHandlingResult.getId());
    roleSystem2.setRole(role2.getId());
    roleSystem2 = roleSystemService.save(roleSystem2);
    SysRoleSystemAttributeDto overloadedRole2 = new SysRoleSystemAttributeDto();
    overloadedRole2.setSystemAttributeMapping(attributeHandlingUsername.getId());
    overloadedRole2.setUid(true);
    overloadedRole2.setEntityAttribute(true);
    overloadedRole2.setTransformScript("return \"z" + USERNAME + "\";");
    overloadedRole2.setIdmPropertyName("username");
    overloadedRole2.setName("username");
    overloadedRole2.setRoleSystem(roleSystem2.getId());
    overloadedRole2 = roleSystemAttributeService.save(overloadedRole2);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 39 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionSystemTest method accountWithProtectionAndIntervalTest.

@Test
public void accountWithProtectionAndIntervalTest() {
    IdmIdentityDto identity = helper.createIdentity();
    SysSystemDto system = initSystem();
    IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
    int intervalInDays = 10;
    // Set system to protected mode
    SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
    mapping.setProtectionEnabled(Boolean.TRUE);
    mapping.setProtectionInterval(intervalInDays);
    mapping = systemMappingService.save(mapping);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, roleOne);
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Remove role from identity
    identityRoleService.deleteById(identityRole.getId());
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNotNull(account.getEndOfProtection());
    Assert.assertTrue(account.getEndOfProtection().toLocalDate().isEqual(LocalDate.now().plusDays(intervalInDays)));
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 40 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionSystemTest method accountWithProtectionTest.

@Test
public void accountWithProtectionTest() {
    IdmIdentityDto identity = helper.createIdentity();
    SysSystemDto system = initSystem();
    IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
    // Set system to protected mode
    SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
    mapping.setProtectionEnabled(Boolean.TRUE);
    mapping.setProtectionInterval(null);
    systemMappingService.save(mapping);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, roleOne);
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Remove role from identity
    identityRoleService.deleteById(identityRole.getId());
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)112 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)78 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)50 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)50 Test (org.junit.Test)50 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)44 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)28 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)28 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)27 SysSystemMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)24 AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)23 SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)23 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)22 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)21 SysSyncConfigFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter)15 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)14 SysSchemaAttributeFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)14 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)13 IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)13 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)12