Search in sources :

Example 41 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionSystemTest method deleteAccountOnProtectionSystemTest.

@Test
public void deleteAccountOnProtectionSystemTest() {
    IdmIdentityDto identity = helper.createIdentity();
    SysSystemDto system = initSystem();
    IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
    // Set system to protected mode
    SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
    mapping.setProtectionEnabled(Boolean.TRUE);
    mapping.setProtectionInterval(null);
    systemMappingService.save(mapping);
    // Assign the role
    helper.createIdentityRole(identity, roleOne);
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setAccountId(account.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    // Identity account have relation on the role
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNotNull(identityAccounts.get(0).getIdentityRole());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Remove account directly. Account must be transformed to the protection state.
    accountService.delete(account);
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Identity account have not relation on the role now.
    identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNull(identityAccounts.get(0).getIdentityRole());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 42 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class CoreReferentialIntegrityIntegrationTest method testRoleReferentialIntegrity.

@Test
public void testRoleReferentialIntegrity() {
    IdmRoleDto role = helper.createRole();
    // role systems
    SysSystemDto system = new SysSystemDto();
    system.setName("system_" + System.currentTimeMillis());
    system = systemService.save(system);
    // schema
    SysSchemaObjectClassDto objectClass = new SysSchemaObjectClassDto();
    objectClass.setSystem(system.getId());
    objectClass.setObjectClassName("__ACCOUNT__");
    objectClass = schemaObjectClassService.save(objectClass);
    SysSystemMappingDto systemMapping = new SysSystemMappingDto();
    systemMapping.setName("default_" + System.currentTimeMillis());
    systemMapping.setObjectClass(objectClass.getId());
    systemMapping.setOperationType(SystemOperationType.PROVISIONING);
    systemMapping.setEntityType(SystemEntityType.IDENTITY);
    systemMapping = systemEntityHandlingService.save(systemMapping);
    SysRoleSystemDto roleSystem = new SysRoleSystemDto();
    roleSystem.setSystem(system.getId());
    roleSystem.setRole(role.getId());
    roleSystem.setSystemMapping(systemMapping.getId());
    roleSystemService.save(roleSystem);
    SysRoleSystemFilter filter = new SysRoleSystemFilter();
    filter.setRoleId(role.getId());
    assertNotNull(roleService.getByCode(role.getName()));
    assertEquals(1, roleSystemService.find(filter, null).getTotalElements());
    roleService.delete(role);
    assertNull(roleService.getByCode(role.getName()));
    assertEquals(0, roleSystemService.find(filter, null).getTotalElements());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 43 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceFilterTest method testSupportChangePassword.

@Test
public void testSupportChangePassword() {
    IdmIdentityDto identity = helper.createIdentity("test-" + System.currentTimeMillis());
    SysSystemDto system = helper.createTestResourceSystem(true);
    AccAccountDto account = createAccount(system.getId(), identity.getId(), identity.getUsername(), AccountType.PERSONAL, false);
    IdmIdentityDto identity2 = helper.createIdentity("test-" + System.currentTimeMillis());
    SysSystemDto system2 = helper.createTestResourceSystem(true);
    createAccount(system2.getId(), identity2.getId(), identity2.getUsername(), AccountType.PERSONAL, false);
    AccAccountFilter testFilter = new AccAccountFilter();
    testFilter.setUid(identity.getUsername());
    testFilter.setSupportChangePassword(true);
    Page<AccAccountDto> pages = accAccountService.find(testFilter, null);
    assertEquals(1, pages.getTotalElements());
    assertEquals(account.getId(), pages.getContent().get(0).getId());
    // 
    SysSystemMappingDto defaultMapping = helper.getDefaultMapping(system);
    List<SysSystemAttributeMappingDto> attributes = attributeMappingService.findBySystemMapping(defaultMapping);
    // 
    for (SysSystemAttributeMappingDto attr : attributes) {
        if (attr.getName().equals(IcConnectorFacade.PASSWORD_ATTRIBUTE_NAME)) {
            attributeMappingService.delete(attr);
        }
    }
    // 
    testFilter = new AccAccountFilter();
    testFilter.setUid(identity.getUsername());
    testFilter.setSupportChangePassword(true);
    pages = accAccountService.find(testFilter, null);
    assertEquals(0, pages.getTotalElements());
}
Also used : AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 44 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method prepareProvisioning.

private SysProvisioningOperationDto prepareProvisioning(SysSystemEntityDto systemEntity, DTO dto, UUID entityId, ProvisioningOperationType operationType, List<? extends AttributeMapping> attributes) {
    Assert.notNull(systemEntity);
    Assert.notNull(systemEntity.getUid());
    Assert.notNull(systemEntity.getEntityType());
    SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
    Assert.notNull(system);
    // If are input attributes null, then we load default mapped attributes
    if (attributes == null) {
        attributes = findAttributeMappings(system, systemEntity.getEntityType());
    }
    if (attributes == null || attributes.isEmpty()) {
        return null;
    }
    // Find connector identification persisted in system
    IcConnectorKey connectorKey = system.getConnectorKey();
    if (connectorKey == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_KEY_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // Find connector configuration persisted in system
    IcConnectorConfiguration connectorConfig = systemService.getConnectorConfiguration(system);
    if (connectorConfig == null) {
        throw new ProvisioningException(AccResultCode.CONNECTOR_CONFIGURATION_FOR_SYSTEM_NOT_FOUND, ImmutableMap.of("system", system.getName()));
    }
    // One IDM object can be mapped to one connector object (= one connector
    // class).
    SysSystemMappingDto mapping = getMapping(system, systemEntity.getEntityType());
    if (mapping == null) {
        // TODO: delete operation?
        return null;
    }
    // 
    Map<ProvisioningAttributeDto, Object> accountAttributes = prepareMappedAttributesValues(dto, operationType, systemEntity, attributes);
    // public provisioning event
    SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
    IcConnectorObject connectorObject = new IcConnectorObjectImpl(systemEntity.getUid(), new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName()), null);
    SysProvisioningOperationDto.Builder operationBuilder = new SysProvisioningOperationDto.Builder().setOperationType(operationType).setSystemEntity(systemEntity).setEntityIdentifier(entityId).setProvisioningContext(new ProvisioningContext(accountAttributes, connectorObject));
    // 
    return operationBuilder.build();
}
Also used : IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) IcConnectorKey(eu.bcvsolutions.idm.ic.api.IcConnectorKey) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)

Example 45 with SysSystemMappingDto

use of eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto in project CzechIdMng by bcvsolutions.

the class AbstractProvisioningExecutor method createAccountsForAllSystems.

@Override
public void createAccountsForAllSystems(DTO dto) {
    SystemEntityType entityType = SystemEntityType.getByClass(dto.getClass());
    List<SysSystemMappingDto> systemMappings = findSystemMappingsForEntityType(dto, entityType);
    systemMappings.forEach(mapping -> {
        SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
        UUID systemId = schemaObjectClassDto.getSystem();
        UUID accountId = this.getAccountByEntity(dto.getId(), systemId);
        if (accountId != null) {
            // We already have account for this system -> next
            return;
        }
        SysSystemDto system = DtoUtils.getEmbedded(schemaObjectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
        List<SysSystemAttributeMappingDto> mappedAttributes = attributeMappingService.findBySystemMapping(mapping);
        SysSystemAttributeMappingDto uidAttribute = attributeMappingService.getUidAttribute(mappedAttributes, system);
        String uid = attributeMappingService.generateUid(dto, uidAttribute);
        // Account management - can be the account created? - execute the script on the system mapping
        if (!this.canBeAccountCreated(uid, dto, mapping, system)) {
            String entityStr = dto.toString();
            if (dto instanceof Codeable) {
                entityStr = ((Codeable) dto).getCode();
            }
            LOG.info(MessageFormat.format("For entity [{0}] and entity type [{1}] cannot be created the account (on system [{2}])," + " because script \"Can be account created\" on the mapping returned \"false\"!", entityStr, entityType, system.getName()));
            return;
        }
        // Create AccAccount and relation between account and entity
        createEntityAccount(uid, dto.getId(), systemId);
    });
}
Also used : Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) UUID(java.util.UUID) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)

Aggregations

SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)112 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)78 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)50 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)50 Test (org.junit.Test)50 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)44 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)28 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)28 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)27 SysSystemMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)24 AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)23 SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)23 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)22 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)21 SysSyncConfigFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter)15 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)14 SysSchemaAttributeFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)14 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)13 IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)13 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)12