use of eu.bcvsolutions.idm.acc.dto.filter.SysAttributeControlledValueFilter in project CzechIdMng by bcvsolutions.
the class ProvisioningMergeTest method testDisableAttribteControlledValues.
@Test
public void testDisableAttribteControlledValues() {
SysSystemDto system = helper.createSystem("test_resource");
SysSystemMappingDto mapping = helper.createMapping(system);
IdmRoleDto roleOne = helper.createRole();
IdmRoleDto roleTwo = helper.createRole();
SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
rightsSchemaAttribute.setObjectClass(mapping.getObjectClass());
rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
rightsSchemaAttribute.setMultivalued(true);
rightsSchemaAttribute.setClassType(String.class.getName());
rightsSchemaAttribute.setReadable(true);
rightsSchemaAttribute.setUpdateable(true);
rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
rightsAttribute.setSystemMapping(mapping.getId());
rightsAttribute.setName(RIGHTS_ATTRIBUTE);
rightsAttribute.setStrategyType(AttributeMappingStrategyType.MERGE);
rightsAttribute = attributeMappingService.save(rightsAttribute);
SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
roleAttributeOne.setRoleSystem(roleSystemOne.getId());
roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
List<Serializable> controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
assertNotNull(controlledAttributeValues);
assertEquals(2, controlledAttributeValues.size());
assertTrue(controlledAttributeValues.contains(ONE_VALUE));
assertTrue(controlledAttributeValues.contains(TWO_VALUE));
SysAttributeControlledValueFilter attributeControlledValueFilter = new SysAttributeControlledValueFilter();
attributeControlledValueFilter.setAttributeMappingId(rightsAttribute.getId());
attributeControlledValueFilter.setHistoricValue(Boolean.TRUE);
List<Serializable> historicControlledValues = //
attributeControlledValueService.find(attributeControlledValueFilter, //
null).getContent().stream().map(//
SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
assertNotNull(historicControlledValues);
assertEquals(0, historicControlledValues.size());
// Set attribute TWO as disabled (should be disappears from controlled values
// and appears in the history)
roleAttributeTwo.setDisabledAttribute(true);
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
assertNotNull(controlledAttributeValues);
assertEquals(1, controlledAttributeValues.size());
assertTrue(controlledAttributeValues.contains(ONE_VALUE));
// Search historic controlled values for that attribute
historicControlledValues = //
attributeControlledValueService.find(attributeControlledValueFilter, //
null).getContent().stream().map(//
SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
assertNotNull(historicControlledValues);
assertEquals(1, historicControlledValues.size());
assertTrue(historicControlledValues.contains(TWO_VALUE));
// Set attribute TWO as enabled (should be appears in controlled values
// and disappears from the history)
roleAttributeTwo.setDisabledAttribute(false);
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
assertNotNull(controlledAttributeValues);
assertEquals(2, controlledAttributeValues.size());
assertTrue(controlledAttributeValues.contains(ONE_VALUE));
assertTrue(controlledAttributeValues.contains(TWO_VALUE));
// Recalculation
attributeMappingService.getCachedControlledAndHistoricAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
// Search historic controlled values for that attribute
historicControlledValues = //
attributeControlledValueService.find(attributeControlledValueFilter, //
null).getContent().stream().map(//
SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
assertNotNull(historicControlledValues);
assertEquals(0, historicControlledValues.size());
}
use of eu.bcvsolutions.idm.acc.dto.filter.SysAttributeControlledValueFilter in project CzechIdMng by bcvsolutions.
the class ProvisioningMergeTest method testChangeValueDefinition.
@Test
public void testChangeValueDefinition() {
SysSystemDto system = helper.createSystem("test_resource");
SysSystemMappingDto mapping = helper.createMapping(system);
IdmRoleDto roleOne = helper.createRole();
IdmRoleDto roleTwo = helper.createRole();
SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
SysSchemaAttributeDto rightsSchemaAttribute = new SysSchemaAttributeDto();
rightsSchemaAttribute.setObjectClass(mapping.getObjectClass());
rightsSchemaAttribute.setName(RIGHTS_ATTRIBUTE);
rightsSchemaAttribute.setMultivalued(true);
rightsSchemaAttribute.setClassType(String.class.getName());
rightsSchemaAttribute.setReadable(true);
rightsSchemaAttribute.setUpdateable(true);
rightsSchemaAttribute = schemaAttributeService.save(rightsSchemaAttribute);
SysSystemAttributeMappingDto rightsAttribute = new SysSystemAttributeMappingDto();
rightsAttribute.setSchemaAttribute(rightsSchemaAttribute.getId());
rightsAttribute.setSystemMapping(mapping.getId());
rightsAttribute.setName(RIGHTS_ATTRIBUTE);
rightsAttribute.setStrategyType(AttributeMappingStrategyType.MERGE);
rightsAttribute = attributeMappingService.save(rightsAttribute);
SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
roleAttributeOne.setRoleSystem(roleSystemOne.getId());
roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
List<Serializable> controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
assertNotNull(controlledAttributeValues);
assertEquals(2, controlledAttributeValues.size());
assertTrue(controlledAttributeValues.contains(ONE_VALUE));
assertTrue(controlledAttributeValues.contains(TWO_VALUE));
SysAttributeControlledValueFilter attributeControlledValueFilter = new SysAttributeControlledValueFilter();
attributeControlledValueFilter.setAttributeMappingId(rightsAttribute.getId());
attributeControlledValueFilter.setHistoricValue(Boolean.TRUE);
List<Serializable> historicControlledValues = //
attributeControlledValueService.find(attributeControlledValueFilter, //
null).getContent().stream().map(//
SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
assertNotNull(historicControlledValues);
assertEquals(0, historicControlledValues.size());
// Change value definition on attribute TWO (should be changed in controlled
// values
// and old value appears in the history)
roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "Changed';");
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
controlledAttributeValues = attributeMappingService.getControlledAttributeValues(system.getId(), mapping.getEntityType(), RIGHTS_ATTRIBUTE);
assertNotNull(controlledAttributeValues);
assertEquals(2, controlledAttributeValues.size());
assertTrue(controlledAttributeValues.contains(ONE_VALUE));
assertTrue(controlledAttributeValues.contains(TWO_VALUE + "Changed"));
// Search historic controlled values for that attribute
historicControlledValues = //
attributeControlledValueService.find(attributeControlledValueFilter, //
null).getContent().stream().map(//
SysAttributeControlledValueDto::getValue).collect(Collectors.toList());
assertNotNull(historicControlledValues);
assertEquals(1, historicControlledValues.size());
assertTrue(historicControlledValues.contains(TWO_VALUE));
}
use of eu.bcvsolutions.idm.acc.dto.filter.SysAttributeControlledValueFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysRoleSystemAttributeServiceTest method testArchiveControledValuesAfterRoleIsDeleted.
@Test
public void testArchiveControledValuesAfterRoleIsDeleted() {
// prepare mapped attribute with controled value
IdmRoleDto role = helper.createRole();
SysSystemDto system = helper.createTestResourceSystem(true);
systemService.generateSchema(system);
//
// create eav attribute
String attributeName = helper.getSchemaColumnName("EAV_ATTRIBUTE");
SysSchemaAttributeFilter schemaAttFilter = new SysSchemaAttributeFilter();
schemaAttFilter.setSystemId(system.getId());
schemaAttFilter.setName(attributeName);
List<SysSchemaAttributeDto> schemaAttrs = schemaAttributeService.find(schemaAttFilter, null).getContent();
Assert.assertEquals(1, schemaAttrs.size());
SysSchemaAttributeDto schemaAttributeDto = schemaAttrs.get(0);
schemaAttributeDto.setMultivalued(true);
schemaAttributeDto = schemaAttributeService.save(schemaAttributeDto);
SysSystemMappingDto systemMapping = helper.getDefaultMapping(system);
SysSchemaAttributeFilter schemaAttributeFilter = new SysSchemaAttributeFilter();
schemaAttributeFilter.setSystemId(system.getId());
schemaAttributeFilter.setName(attributeName);
List<SysSchemaAttributeDto> atts = schemaAttributeService.find(schemaAttributeFilter, null).getContent();
Assert.assertEquals(1, atts.size());
SysSchemaAttributeDto sysSchemaAttributeEav = atts.get(0);
//
// create eav attribute mapping with merge
SysSystemAttributeMappingDto attributeMapping = new SysSystemAttributeMappingDto();
attributeMapping.setExtendedAttribute(true);
attributeMapping.setName(attributeName);
attributeMapping.setIdmPropertyName(attributeName);
attributeMapping.setStrategyType(AttributeMappingStrategyType.MERGE);
attributeMapping.setSchemaAttribute(sysSchemaAttributeEav.getId());
attributeMapping.setSystemMapping(systemMapping.getId());
attributeMapping = systemAttributeMappingService.save(attributeMapping);
//
// role system mapping with merge value
SysRoleSystemDto roleSystem = helper.createRoleSystem(role, system);
SysRoleSystemAttributeDto overloadedRoleOne = new SysRoleSystemAttributeDto();
overloadedRoleOne.setSystemAttributeMapping(attributeMapping.getId());
overloadedRoleOne.setEntityAttribute(false);
overloadedRoleOne.setExtendedAttribute(true);
overloadedRoleOne.setStrategyType(AttributeMappingStrategyType.MERGE);
overloadedRoleOne.setName(attributeMapping.getName());
overloadedRoleOne.setDisabledDefaultAttribute(false);
overloadedRoleOne.setIdmPropertyName(attributeName);
overloadedRoleOne.setRoleSystem(roleSystem.getId());
String valueOne = helper.createName();
overloadedRoleOne.setTransformToResourceScript("return '" + valueOne + "';");
overloadedRoleOne = roleSystemAttributeService.save(overloadedRoleOne);
//
// assign role to identity
IdmIdentityDto identity = helper.createIdentity();
attributeMapping = systemAttributeMappingService.get(attributeMapping.getId());
Assert.assertTrue(attributeMapping.isEvictControlledValuesCache());
IdmRoleRequestDto request = helper.createRoleRequest(identity, role);
request = helper.executeRequest(request, false, true);
UUID identityRoleId = request.getConceptRoles().get(0).getIdentityRole();
IdmIdentityRoleDto identityRole = identityRoleService.get(identityRoleId);
List<AccAccountDto> accounts = accountService.getAccounts(system.getId(), identity.getId());
Assert.assertEquals(1, accounts.size());
// Account was created, provisioning was finished, but attribute was still not
// recalculated, because provisioning for create of account doesn't need a
// controlled values, so attribute is not recalculated now.
attributeMapping = systemAttributeMappingService.get(attributeMapping.getId());
Assert.assertTrue(attributeMapping.isEvictControlledValuesCache());
// Execute update provisioning -> executes recalculation of the attribute
identityService.save(identity);
attributeMapping = systemAttributeMappingService.get(attributeMapping.getId());
Assert.assertFalse(attributeMapping.isEvictControlledValuesCache());
//
// find controlled values
SysAttributeControlledValueFilter valueFilter = new SysAttributeControlledValueFilter();
valueFilter.setAttributeMappingId(attributeMapping.getId());
List<SysAttributeControlledValueDto> controlledValues = attributeControlledValueService.find(valueFilter, null).getContent();
Assert.assertEquals(1, controlledValues.size());
Assert.assertEquals(valueOne, controlledValues.get(0).getValue());
// try to delete role => role is still assigned
try {
roleService.delete(role);
} catch (ResultCodeException ex) {
Assert.assertEquals(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED.getCode(), ((ResultCodeException) ex).getError().getError().getStatusEnum());
}
//
controlledValues = attributeControlledValueService.find(valueFilter, null).getContent();
Assert.assertEquals(1, controlledValues.size());
Assert.assertEquals(valueOne, controlledValues.get(0).getValue());
Assert.assertTrue(controlledValues.stream().allMatch(v -> !v.isHistoricValue()));
//
// remove assigned role and remove role with controller values
identityRoleService.delete(identityRole);
roleService.delete(role);
attributeMapping = systemAttributeMappingService.get(attributeMapping.getId());
Assert.assertTrue(attributeMapping.isEvictControlledValuesCache());
// Manual recalculation of the attribute
systemAttributeMappingService.recalculateAttributeControlledValues(system.getId(), SystemEntityType.IDENTITY, attributeName, attributeMapping);
// Attribute must be recalculated now
attributeMapping = systemAttributeMappingService.get(attributeMapping.getId());
Assert.assertFalse(attributeMapping.isEvictControlledValuesCache());
//
controlledValues = attributeControlledValueService.find(valueFilter, null).getContent();
Assert.assertEquals(1, controlledValues.size());
Assert.assertEquals(valueOne, controlledValues.get(0).getValue());
Assert.assertTrue(controlledValues.stream().allMatch(v -> v.isHistoricValue()));
//
// delete system (referential integrity just for sure)
systemService.delete(system);
controlledValues = attributeControlledValueService.find(valueFilter, null).getContent();
Assert.assertTrue(controlledValues.isEmpty());
}
use of eu.bcvsolutions.idm.acc.dto.filter.SysAttributeControlledValueFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemAttributeMappingService method delete.
@Override
@Transactional
public void delete(SysSystemAttributeMappingDto dto, BasePermission... permission) {
Assert.notNull(dto, "DTO is required.");
SysSystemAttributeMapping entity = this.getEntity(dto.getId());
Assert.notNull(entity, "Entity is required.");
SysSystemMappingDto systemMappingDto = DtoUtils.getEmbedded(dto, SysSystemAttributeMapping_.systemMapping, SysSystemMappingDto.class);
SysSchemaObjectClassDto objectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
SysSystemDto systemDto = DtoUtils.getEmbedded(objectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
// Check if attribute is used in some systems group.
SysSystemGroupSystemFilter groupSystemFilter = new SysSystemGroupSystemFilter();
groupSystemFilter.setMergeMappingAttributeId(entity.getId());
long count = systemGroupSystemService.count(groupSystemFilter);
if (count > 0) {
throw new ResultCodeException(AccResultCode.SYSTEM_DELETE_FAILED_HAS_SYSTEM_GROUPS, ImmutableMap.of("attribute", dto.getName(), "count", count));
}
if (syncConfigRepository.countByCorrelationAttribute_Id(dto.getId()) > 0) {
throw new ResultCodeException(AccResultCode.ATTRIBUTE_MAPPING_DELETE_FAILED_USED_IN_SYNC, ImmutableMap.of("attribute", dto.getName(), "system", systemDto.getName()));
}
if (syncConfigRepository.countByFilterAttribute(entity) > 0) {
throw new ResultCodeException(AccResultCode.ATTRIBUTE_MAPPING_DELETE_FAILED_USED_IN_SYNC, ImmutableMap.of("attribute", dto.getName(), "system", systemDto.getName()));
}
if (syncConfigRepository.countByTokenAttribute(entity) > 0) {
throw new ResultCodeException(AccResultCode.ATTRIBUTE_MAPPING_DELETE_FAILED_USED_IN_SYNC, ImmutableMap.of("attribute", dto.getName(), "system", systemDto.getName()));
}
List<AbstractSysSyncConfigDto> syncConfigs = syncConfigService.findRoleConfigByMemberOfAttribute(entity.getId());
if (syncConfigs.size() > 0) {
systemMappingDto = DtoUtils.getEmbedded(syncConfigs.get(0), SysSyncRoleConfig_.systemMapping, SysSystemMappingDto.class);
objectClassDto = DtoUtils.getEmbedded(systemMappingDto, SysSystemMapping_.objectClass, SysSchemaObjectClassDto.class);
systemDto = DtoUtils.getEmbedded(objectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
throw new ResultCodeException(AccResultCode.ATTRIBUTE_MAPPING_DELETE_FAILED_USED_IN_SYNC, ImmutableMap.of("attribute", dto.getName(), "system", systemDto.getName()));
}
// Delete attributes
roleSystemAttributeRepository.deleteBySystemAttributeMapping(entity);
// Delete of controlled and historic values
if (dto.getId() != null) {
SysAttributeControlledValueFilter attributeControlledValueFilter = new SysAttributeControlledValueFilter();
attributeControlledValueFilter.setAttributeMappingId(dto.getId());
List<SysAttributeControlledValueDto> controlledAndHistoricValues = attributeControlledValueService.find(attributeControlledValueFilter, null).getContent();
controlledAndHistoricValues.forEach(value -> attributeControlledValueService.delete(value));
}
super.delete(dto, permission);
}
Aggregations