use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncUpdateRolesMembership.
@Test
public void testSyncUpdateRolesMembership() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERSHIP_ID_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setName(helper.createName());
roleIdAttribute = attributeMappingService.save(roleIdAttribute);
// Enable membership and use the user system.
roleConfigDto.setMembershipSwitch(true);
roleConfigDto.setMemberSystemMapping(userMappingDto.getId());
roleConfigDto.setMemberOfAttribute(userEmailAttribute.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
//
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
// Delete a log.
syncLogService.delete(log);
// Transformation will return new random value -> memberships should be updated.
String updatedScriptValue = getHelper().createName();
roleIdAttribute.setTransformFromResourceScript("return '" + updatedScriptValue + "';");
attributeMappingService.save(roleIdAttribute);
// Start sync again - for update.
helper.startSynchronization(syncConfigCustom);
//
logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(roleAccountDto.getRole());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
Assert.assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystem = roleSystemDtos.get(0);
// Check mapping attribute (should be email).
SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
List<SysRoleSystemAttributeDto> roleSystemAttributeDtos = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
Assert.assertEquals(1, roleSystemAttributeDtos.size());
Assert.assertEquals(userEmailAttribute.getId(), roleSystemAttributeDtos.get(0).getSystemAttributeMapping());
String transformScript = roleSystemAttributeDtos.get(0).getTransformScript();
Assert.assertTrue(transformScript.contains(updatedScriptValue));
});
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncRolesForwardAcm.
@Test
public void testSyncRolesForwardAcm() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID systemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(systemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(systemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(systemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERSHIP_ID_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setName(helper.createName());
attributeMappingService.save(roleIdAttribute);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto frorwardAcmAttribute = new SysSystemAttributeMappingDto();
frorwardAcmAttribute.setEntityAttribute(true);
frorwardAcmAttribute.setUid(false);
frorwardAcmAttribute.setSystemMapping(roleMappingDto.getId());
frorwardAcmAttribute.setExtendedAttribute(false);
frorwardAcmAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_FORWARD_ACM_FIELD);
frorwardAcmAttribute.setSchemaAttribute(schemaAttributeDto.getId());
frorwardAcmAttribute.setName(helper.createName());
frorwardAcmAttribute.setTransformFromResourceScript("return true");
attributeMappingService.save(frorwardAcmAttribute);
// Enable membership and use the user system.
roleConfigDto.setMembershipSwitch(true);
roleConfigDto.setMemberSystemMapping(userMappingDto.getId());
roleConfigDto.setMemberOfAttribute(userEmailAttribute.getId());
roleConfigDto.setForwardAcmSwitch(false);
roleConfigDto = (SysSyncRoleConfigDto) syncConfigService.save(roleConfigDto);
Assert.assertNotNull(roleConfigDto.getForwardAcmMappingAttribute());
// Start sync of roles.
helper.startSynchronization(roleConfigDto);
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(roleConfigDto.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(roleConfigDto, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(systemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(roleAccountDto.getRole());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
Assert.assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystem = roleSystemDtos.get(0);
// Forward ACM feature is disabled now -> value should be "false".
Assert.assertFalse(roleSystem.isForwardAccountManagemen());
});
// Activate forward ACM in sync.
roleConfigDto.setForwardAcmSwitch(true);
roleConfigDto = (SysSyncRoleConfigDto) syncConfigService.save(roleConfigDto);
// Start sync of roles.
helper.startSynchronization(roleConfigDto);
helper.checkSyncLog(roleConfigDto, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountFilter.setSystemId(systemId);
roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(roleAccountDto.getRole());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
Assert.assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystem = roleSystemDtos.get(0);
// Forward ACM feature is enabled now -> value should be "true".
Assert.assertTrue(roleSystem.isForwardAccountManagemen());
});
cleanAfterTest(syncConfigCustom, systemId, log, roleAccountDtos);
}
use of eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter in project CzechIdMng by bcvsolutions.
the class DefaultRoleSynchronizationExecutorTest method testSyncUpdateRolesMembershipDiffSync.
@Test
public void testSyncUpdateRolesMembershipDiffSync() {
AbstractSysSyncConfigDto syncConfigCustom = createSyncConfig();
// Enable a diff sync.
syncConfigCustom.setDifferentialSync(true);
syncConfigCustom = syncConfigService.save(syncConfigCustom);
SysSystemDto userSystem = helper.createTestResourceSystem(true);
List<SysSystemMappingDto> userSystemMappings = systemMappingService.findBySystem(userSystem, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY);
Assert.assertNotNull(userSystemMappings);
Assert.assertEquals(1, userSystemMappings.size());
SysSystemMappingDto userMappingDto = userSystemMappings.get(0);
// Switch to the sync.
userMappingDto.setOperationType(SystemOperationType.SYNCHRONIZATION);
userMappingDto = systemMappingService.save(userMappingDto);
List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(userMappingDto);
SysSystemAttributeMappingDto userEmailAttribute = attributeMappingDtos.stream().filter(attribute -> attribute.getName().equalsIgnoreCase(TestHelper.ATTRIBUTE_MAPPING_EMAIL)).findFirst().orElse(null);
Assert.assertNotNull(userEmailAttribute);
Assert.assertFalse(syncConfigService.isRunning(syncConfigCustom));
Assert.assertTrue(syncConfigCustom instanceof SysSyncRoleConfigDto);
SysSyncRoleConfigDto roleConfigDto = (SysSyncRoleConfigDto) syncConfigCustom;
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(syncConfigCustom, SysSyncConfig_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto schemaObjectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
UUID roleSystemId = schemaObjectClassDto.getSystem();
Assert.assertNotNull(roleSystemId);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(roleSystemId);
schemaAttributeFilter.setObjectClassId(schemaObjectClassDto.getId());
SysSchemaAttributeDto schemaAttributeDto = schemaAttributeService.find(schemaAttributeFilter, null).getContent().stream().filter(attribute -> attribute.getName().equalsIgnoreCase("name")).findFirst().orElse(null);
Assert.assertNotNull(schemaAttributeDto);
SysSystemDto roleSystemDto = new SysSystemDto();
roleSystemDto.setId(roleSystemId);
List<SysSystemMappingDto> roleSystemMappings = systemMappingService.findBySystem(roleSystemDto, SystemOperationType.SYNCHRONIZATION, SystemEntityType.ROLE);
Assert.assertNotNull(roleSystemMappings);
Assert.assertEquals(1, roleSystemMappings.size());
SysSystemMappingDto roleMappingDto = roleSystemMappings.get(0);
// Create mapping attribute for get ID of role.
SysSystemAttributeMappingDto roleIdAttribute = new SysSystemAttributeMappingDto();
roleIdAttribute.setEntityAttribute(true);
roleIdAttribute.setUid(false);
roleIdAttribute.setSystemMapping(roleMappingDto.getId());
roleIdAttribute.setExtendedAttribute(false);
roleIdAttribute.setIdmPropertyName(RoleSynchronizationExecutor.ROLE_MEMBERSHIP_ID_FIELD);
roleIdAttribute.setSchemaAttribute(schemaAttributeDto.getId());
roleIdAttribute.setName(helper.createName());
roleIdAttribute = attributeMappingService.save(roleIdAttribute);
// Enable membership and use the user system.
roleConfigDto.setMembershipSwitch(true);
roleConfigDto.setMemberSystemMapping(userMappingDto.getId());
roleConfigDto.setMemberOfAttribute(userEmailAttribute.getId());
syncConfigCustom = syncConfigService.save(roleConfigDto);
//
helper.startSynchronization(syncConfigCustom);
//
SysSyncLogFilter logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
List<SysSyncLogDto> logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
SysSyncLogDto log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.CREATE_ENTITY, 5, OperationResultType.SUCCESS);
AccRoleAccountFilter roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
List<AccRoleAccountDto> roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
// Delete the log.
syncLogService.delete(log);
// Transformation will return new random value -> memberships should be updated.
String updatedScriptValue = getHelper().createName();
roleIdAttribute.setTransformFromResourceScript("return '" + updatedScriptValue + "';");
attributeMappingService.save(roleIdAttribute);
// Start sync again - for update.
helper.startSynchronization(syncConfigCustom);
//
logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.SUCCESS);
roleAccountFilter = new AccRoleAccountFilter();
roleAccountFilter.setSystemId(roleSystemId);
roleAccountDtos = roleAccountService.find(roleAccountFilter, null).getContent();
Assert.assertEquals(5, roleAccountDtos.size());
roleAccountDtos.forEach(roleAccountDto -> {
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(roleAccountDto.getRole());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
Assert.assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystem = roleSystemDtos.get(0);
// Check mapping attribute (should be email).
SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
List<SysRoleSystemAttributeDto> roleSystemAttributeDtos = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
Assert.assertEquals(1, roleSystemAttributeDtos.size());
Assert.assertEquals(userEmailAttribute.getId(), roleSystemAttributeDtos.get(0).getSystemAttributeMapping());
String transformScript = roleSystemAttributeDtos.get(0).getTransformScript();
Assert.assertTrue(transformScript.contains(updatedScriptValue));
});
// Delete old log.
syncLogService.delete(log);
// Run sync again. Sync has enabled diff feature -> all changes should be ignored.
helper.startSynchronization(syncConfigCustom);
//
logFilter = new SysSyncLogFilter();
logFilter.setSynchronizationConfigId(syncConfigCustom.getId());
logs = syncLogService.find(logFilter, null).getContent();
Assert.assertEquals(1, logs.size());
log = logs.get(0);
Assert.assertFalse(log.isRunning());
Assert.assertFalse(log.isContainsError());
helper.checkSyncLog(syncConfigCustom, SynchronizationActionType.UPDATE_ENTITY, 5, OperationResultType.IGNORE);
cleanAfterTest(syncConfigCustom, roleSystemId, log, roleAccountDtos);
}
Aggregations