use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class AccountManagementTest method accountCanBeCreatedTest.
@Test
public /**
* Script on the mapping "Can be account created?" returns true (if priority is 1000).
*/
void accountCanBeCreatedTest() {
SysSystemDto system = initData();
Assert.assertNotNull(system);
SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.ROLE);
Assert.assertNotNull(mapping);
mapping.setCanBeAccountCreatedScript("return entity.getPriority() == 1000;");
mapping = systemMappingService.save(mapping);
IdmRoleDto defaultRole = helper.createRole();
defaultRole.setPriority(500);
roleService.save(defaultRole);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setEntityId(defaultRole.getId());
roleAccountFilter.setOwnership(Boolean.TRUE);
roleAccountFilter.setSystemId(system.getId());
List<AccRoleAccountDto> roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
// Priority is 500 -> account should not be created
Assert.assertEquals(0, roleAccounts.size());
// Set priority to 1000
defaultRole.setPriority(1000);
roleService.save(defaultRole);
roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
// Priority is 1000 -> account had to be created
Assert.assertEquals(1, roleAccounts.size());
// Delete role
roleService.delete(defaultRole);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class RoleProvisioningExecutor method doProvisioning.
public void doProvisioning(AccAccountDto account) {
Assert.notNull(account, "Account is required.");
AccRoleAccountFilter filter = new AccRoleAccountFilter();
filter.setAccountId(account.getId());
List<AccRoleAccountDto> entityAccoutnList = roleAccountService.find(filter, null).getContent();
if (entityAccoutnList == null) {
return;
}
entityAccoutnList.stream().filter(entityAccount -> {
return entityAccount.isOwnership();
}).forEach((roleAccount) -> {
doProvisioning(account, DtoUtils.getEmbedded(roleAccount, AccRoleAccount_.role, IdmRoleDto.class));
});
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class AccountManagementTest method testAccountCanBeCreated.
@Test
public /**
* Script on the mapping "Can be account created?" returns true (if priority is 1000).
*/
void testAccountCanBeCreated() {
SysSystemDto system = initData();
Assert.assertNotNull(system);
SysSystemMappingDto mapping = systemMappingService.findProvisioningMapping(system.getId(), SystemEntityType.ROLE);
Assert.assertNotNull(mapping);
mapping.setCanBeAccountCreatedScript("return entity.getPriority() == 1000;");
mapping = systemMappingService.save(mapping);
IdmRoleDto defaultRole = helper.createRole();
defaultRole.setPriority(500);
roleService.save(defaultRole);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setEntityId(defaultRole.getId());
roleAccountFilter.setOwnership(Boolean.TRUE);
roleAccountFilter.setSystemId(system.getId());
List<AccRoleAccountDto> roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
// Priority is 500 -> account should not be created
Assert.assertEquals(0, roleAccounts.size());
// Set priority to 1000
defaultRole.setPriority(1000);
roleService.save(defaultRole);
roleAccounts = roleAccountService.find(roleAccountFilter, null).getContent();
// Priority is 1000 -> account had to be created
Assert.assertEquals(1, roleAccounts.size());
// Delete role
roleService.delete(defaultRole);
// Delete role mapping
systemMappingService.delete(mapping);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
IdmRoleDto role = event.getContent();
//
if (role.getId() == null) {
return new DefaultEventResult<>(event, this);
}
//
// delete mapped roles
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(role.getId());
roleSystemService.find(roleSystemFilter, null).forEach(roleSystem -> {
// Identity-role clear relations to a role-system, but only on force-delete!
if (forceDelete) {
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleSystemId(roleSystem.getId());
identityRoleService.find(identityRoleFilter, null).stream().forEach(identityRole -> {
// Clear role-system. Identity-role will be removed in next processor.
identityRole.setRoleSystem(null);
identityRoleService.saveInternal(identityRole);
});
}
roleSystemService.delete(roleSystem);
});
//
// delete relations on account (includes delete of account )
AccRoleAccountFilter filter = new AccRoleAccountFilter();
filter.setRoleId(role.getId());
roleAccountService.find(filter, null).forEach(roleAccount -> {
roleAccountService.delete(roleAccount);
});
//
// remove all recipients from provisioning break
deleteProvisioningRecipient(event.getContent().getId());
//
// delete link to sync identity configuration
syncConfigRepository.findByDefaultRole(role.getId()).forEach(config -> {
SysSyncIdentityConfigDto configDto = (SysSyncIdentityConfigDto) syncConfigService.get(config.getId());
configDto.setDefaultRole(null);
syncConfigService.save(configDto);
});
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultAccRoleAccountService method getRoleId.
@Override
public UUID getRoleId(UUID account) {
AccRoleAccountFilter accountFilter = new AccRoleAccountFilter();
accountFilter.setAccountId(account);
accountFilter.setOwnership(Boolean.TRUE);
List<AccRoleAccountDto> roleAccounts = this.find(accountFilter, null).getContent();
if (roleAccounts.isEmpty()) {
throw new ResultCodeException(AccResultCode.ROLE_ACCOUNT_NOT_FOUND, ImmutableMap.of("account", account));
}
return roleAccounts.get(0).getRole();
}
Aggregations