Search in sources :

Example 21 with AccIdentityAccountFilter

use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningAndPasswordCheck.

@Test
public void doIdentityProvisioningAndPasswordCheck() {
    IdmIdentityDto existIdentity = identityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(existIdentity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
    TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertNotNull(createdAccount);
    // password must be exactly two 'a' characters, see setting for password
    // policy
    Assert.assertEquals("aa", createdAccount.getPassword());
}
Also used : AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 22 with AccIdentityAccountFilter

use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningStrategySendOnlyIfNotNull.

@Test
public void doIdentityProvisioningStrategySendOnlyIfNotNull() {
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
    // Init value check
    TestResource resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
    SysSystemAttributeMappingFilter filterSchemaAttr = new SysSystemAttributeMappingFilter();
    filterSchemaAttr.setIdmPropertyName("email");
    filterSchemaAttr.setSystemId(accountService.get(accountIdentityOne.getAccount()).getSystem());
    SysSystemAttributeMappingDto attributeHandling = systemAttributeMappingService.find(filterSchemaAttr, null).getContent().get(0);
    attributeHandling.setEntityAttribute(true);
    attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
    attributeHandling.setSendOnlyIfNotNull(true);
    attributeHandling.setTransformToResourceScript("return null");
    systemAttributeMappingService.save(attributeHandling);
    // Do provisioning
    provisioningService.doProvisioning(identity);
    // Email strategy is SendOnlyIfNotNull ... email in account must have old value
    resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
    attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
    attributeHandling.setTransformToResourceScript("return \"\";");
    systemAttributeMappingService.save(attributeHandling);
    // Do provisioning
    provisioningService.doProvisioning(identity);
    // Email strategy is SendOnlyIfNotNull (value is empty string) ... email in account must have old value
    resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertEquals(EMAIL_TWO, resourceAccoutn.getEmail());
    attributeHandling.setStrategyType(AttributeMappingStrategyType.SET);
    attributeHandling.setTransformToResourceScript("return \"" + EMAIL_ONE + "\";");
    systemAttributeMappingService.save(attributeHandling);
    // Do provisioning
    provisioningService.doProvisioning(identity);
    // Email strategy is SendOnlyIfNotNull  (value is not null and not empty)... email in account must have new value
    resourceAccoutn = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertEquals(EMAIL_ONE, resourceAccoutn.getEmail());
}
Also used : SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 23 with AccIdentityAccountFilter

use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method testPasswordChangeWithAdditionalAttributesInTwoOperations.

@Test
public void testPasswordChangeWithAdditionalAttributesInTwoOperations() {
    configurationService.setBooleanValue(ProvisioningConfiguration.PROPERTY_SEND_PASSWORD_ATTRIBUTES_TOGETHER, false);
    try {
        Assert.assertFalse(provisioningConfiguration.isSendPasswordAttributesTogether());
        // prepare account on target system
        SysSystemDto system = helper.createTestResourceSystem(true);
        SysSystemMappingDto systemMapping = helper.getDefaultMapping(system);
        SysSystemAttributeMappingDto firtstNameAttribute = systemAttributeMappingService.findBySystemMappingAndName(systemMapping.getId(), helper.getSchemaColumnName(TestHelper.ATTRIBUTE_MAPPING_FIRSTNAME));
        firtstNameAttribute.setSendOnPasswordChange(Boolean.TRUE);
        systemAttributeMappingService.save(firtstNameAttribute);
        IdmRoleDto role = helper.createRole();
        helper.createRoleSystem(role, system);
        IdmIdentityDto identity = helper.createIdentity();
        helper.createIdentityRole(identity, role);
        // 
        AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
        filter.setIdentityId(identity.getId());
        AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
        AccAccountDto account = accountService.get(accountIdentityOne.getAccount());
        // Create new password one
        PasswordChangeDto passwordChange = new PasswordChangeDto();
        passwordChange.setAccounts(ImmutableList.of(account.getId().toString()));
        passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_ONE));
        passwordChange.setIdm(true);
        // 
        // Do change of password for selected accounts
        String firstNameChange = "firstname-change";
        identity.setFirstName(firstNameChange);
        identityService.passwordChange(identity, passwordChange);
        // 
        // Check correct password One
        TestResource resource = helper.findResource(account.getRealUid());
        Assert.assertNotNull(resource);
        Assert.assertEquals(IDENTITY_PASSWORD_ONE, resource.getPassword());
        Assert.assertEquals(firstNameChange, resource.getFirstname());
    } finally {
        configurationService.setBooleanValue(ProvisioningConfiguration.PROPERTY_SEND_PASSWORD_ATTRIBUTES_TOGETHER, true);
        Assert.assertTrue(provisioningConfiguration.isSendPasswordAttributesTogether());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 24 with AccIdentityAccountFilter

use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningChangeAccount.

@Test
public void doIdentityProvisioningChangeAccount() {
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccountService.find(filter, null).getContent().get(0);
    TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    identity.setFirstName(IDENTITY_CHANGED_FIRST_NAME);
    identity = identityService.save(identity);
    Assert.assertNotEquals(identity.getFirstName(), createdAccount.getFirstname());
    provisioningService.doProvisioning(identity);
    TestResource changedAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertNotNull(changedAccount);
    Assert.assertEquals(identity.getFirstName(), changedAccount.getFirstname());
}
Also used : AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 25 with AccIdentityAccountFilter

use of eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter in project CzechIdMng by bcvsolutions.

the class AccountProtectionSystemTest method deleteAccountOnProtectionSystemTest.

@Test
public void deleteAccountOnProtectionSystemTest() {
    IdmIdentityDto identity = helper.createIdentity();
    SysSystemDto system = initSystem();
    IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
    // Set system to protected mode
    SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
    mapping.setProtectionEnabled(Boolean.TRUE);
    mapping.setProtectionInterval(null);
    systemMappingService.save(mapping);
    // Assign the role
    helper.createIdentityRole(identity, roleOne);
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setAccountId(account.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    // Identity account have relation on the role
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNotNull(identityAccounts.get(0).getIdentityRole());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Remove account directly. Account must be transformed to the protection state.
    accountService.delete(account);
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Identity account have not relation on the role now.
    identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    Assert.assertNull(identityAccounts.get(0).getIdentityRole());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)114 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)96 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)94 Test (org.junit.Test)86 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)85 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)67 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)55 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)44 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)40 TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)32 SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)31 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)30 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)29 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)26 SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)26 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)24 UUID (java.util.UUID)24 IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)22 AccIdentityAccountService (eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)18 Autowired (org.springframework.beans.factory.annotation.Autowired)18