use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningServiceTest method doIdentityProvisioningAndPasswordCheck.
@Test
public void doIdentityProvisioningAndPasswordCheck() {
IdmIdentityDto existIdentity = identityService.getByUsername(IDENTITY_USERNAME);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(existIdentity.getId());
AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertNotNull(createdAccount);
// password must be exactly two 'a' characters, see setting for password
// policy
Assert.assertEquals("aa", createdAccount.getPassword());
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningServiceTest method doIdentityProvisioningStrategySendOnlyIfNotNull.
@Test
public void doIdentityProvisioningStrategySendOnlyIfNotNull() {
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
// Init value check
TestResource resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
SysSystemAttributeMappingFilter filterSchemaAttr = new SysSystemAttributeMappingFilter();
filterSchemaAttr.setIdmPropertyName("email");
filterSchemaAttr.setSystemId(accountService.get(accountIdentityOne.getAccount()).getSystem());
SysSystemAttributeMappingDto attributeHandling = systemAttributeMappingService.find(filterSchemaAttr, null).getContent().get(0);
attributeHandling.setEntityAttribute(true);
attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
attributeHandling.setSendOnlyIfNotNull(true);
attributeHandling.setTransformToResourceScript("return null");
systemAttributeMappingService.save(attributeHandling);
// Do provisioning
provisioningService.doProvisioning(identity);
// Email strategy is SendOnlyIfNotNull ... email in account must have old value
resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
attributeHandling.setTransformToResourceScript("return \"\";");
systemAttributeMappingService.save(attributeHandling);
// Do provisioning
provisioningService.doProvisioning(identity);
// Email strategy is SendOnlyIfNotNull (value is empty string) ... email in account must have old value
resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
attributeHandling.setTransformToResourceScript("return \"" + EMAIL_ONE + "\";");
systemAttributeMappingService.save(attributeHandling);
// Do provisioning
provisioningService.doProvisioning(identity);
// Email strategy is SendOnlyIfNotNull (value is not null and not empty)... email in account must have new value
resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertEquals(EMAIL_ONE, resourceAccoutn.getEmail());
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningServiceTest method testPasswordChangeWithAdditionalAttributesInTwoOperations.
@Test
public void testPasswordChangeWithAdditionalAttributesInTwoOperations() {
configurationService.setBooleanValue(ProvisioningConfiguration.PROPERTY_SEND_PASSWORD_ATTRIBUTES_TOGETHER, false);
try {
Assert.assertFalse(provisioningConfiguration.isSendPasswordAttributesTogether());
// prepare account on target system
SysSystemDto system = helper.createTestResourceSystem(true);
SysSystemMappingDto systemMapping = helper.getDefaultMapping(system);
SysSystemAttributeMappingDto firtstNameAttribute = systemAttributeMappingService.findBySystemMappingAndName(systemMapping.getId(), helper.getSchemaColumnName(TestHelper.ATTRIBUTE_MAPPING_FIRSTNAME));
firtstNameAttribute.setSendOnPasswordChange(Boolean.TRUE);
systemAttributeMappingService.save(firtstNameAttribute);
IdmRoleDto role = helper.createRole();
helper.createRoleSystem(role, system);
IdmIdentityDto identity = helper.createIdentity();
helper.createIdentityRole(identity, role);
//
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
AccAccountDto account = accountService.get(accountIdentityOne.getAccount());
// Create new password one
PasswordChangeDto passwordChange = new PasswordChangeDto();
passwordChange.setAccounts(ImmutableList.of(account.getId().toString()));
passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_ONE));
passwordChange.setIdm(true);
//
// Do change of password for selected accounts
String firstNameChange = "firstname-change";
identity.setFirstName(firstNameChange);
identityService.passwordChange(identity, passwordChange);
//
// Check correct password One
TestResource resource = helper.findResource(account.getRealUid());
Assert.assertNotNull(resource);
Assert.assertEquals(IDENTITY_PASSWORD_ONE, resource.getPassword());
Assert.assertEquals(firstNameChange, resource.getFirstname());
} finally {
configurationService.setBooleanValue(ProvisioningConfiguration.PROPERTY_SEND_PASSWORD_ATTRIBUTES_TOGETHER, true);
Assert.assertTrue(provisioningConfiguration.isSendPasswordAttributesTogether());
}
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysProvisioningServiceTest method doIdentityProvisioningChangeAccount.
@Test
public void doIdentityProvisioningChangeAccount() {
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
identity.setFirstName(IDENTITY_CHANGED_FIRST_NAME);
identity = identityService.save(identity);
Assert.assertNotEquals(identity.getFirstName(), createdAccount.getFirstname());
provisioningService.doProvisioning(identity);
TestResource changedAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
Assert.assertNotNull(changedAccount);
Assert.assertEquals(identity.getFirstName(), changedAccount.getFirstname());
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.
the class AccountProtectionSystemTest method deleteAccountOnProtectionSystemTest.
@Test
public void deleteAccountOnProtectionSystemTest() {
IdmIdentityDto identity = helper.createIdentity();
SysSystemDto system = initSystem();
IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
// Set system to protected mode
SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
mapping.setProtectionEnabled(Boolean.TRUE);
mapping.setProtectionInterval(null);
systemMappingService.save(mapping);
// Assign the role
helper.createIdentityRole(identity, roleOne);
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setAccountId(account.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
// Identity account have relation on the role
Assert.assertEquals(1, identityAccounts.size());
Assert.assertNotNull(identityAccounts.get(0).getIdentityRole());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Remove account directly. Account must be transformed to the protection state.
accountService.delete(account);
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Identity account have not relation on the role now.
identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
Assert.assertNull(identityAccounts.get(0).getIdentityRole());
}
Aggregations