Example 66 with SysSystemAttributeMappingFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter in project CzechIdMng by bcvsolutions.
the class VsProvisioningMergeTest method testSwitchControlledValue.
@Test
public void testSwitchControlledValue() {
VsSystemDto config = new VsSystemDto();
config.setName(helper.createName());
config.setCreateDefaultRole(false);
SysSystemDto system = helper.createVirtualSystem(config);
IdmRoleDto roleOne = helper.createRole();
IdmRoleDto roleTwo = helper.createRole();
SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
SysSystemMappingDto mapping = mappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
SysSystemAttributeMappingFilter attributeFilter = new SysSystemAttributeMappingFilter();
attributeFilter.setSystemMappingId(mapping.getId());
attributeFilter.setSchemaAttributeName(RIGHTS_ATTRIBUTE);
List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(attributeFilter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto rightsAttribute = attributes.get(0);
SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
roleAttributeOne.setRoleSystem(roleSystemOne.getId());
roleAttributeOne.setEntityAttribute(false);
roleAttributeOne.setExtendedAttribute(false);
roleAttributeOne.setUid(false);
roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
roleAttributeTwo.setEntityAttribute(false);
roleAttributeTwo.setExtendedAttribute(false);
roleAttributeTwo.setUid(false);
roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
IdmIdentityDto identity = helper.createIdentity();
helper.createIdentityRole(identity, roleOne);
helper.createIdentityRole(identity, roleTwo);
AccAccountFilter accountFilter = new AccAccountFilter();
accountFilter.setSystemId(system.getId());
List<AccAccountDto> accounts = accountService.find(accountFilter, null).getContent();
assertEquals(1, accounts.size());
AccAccountDto account = accounts.get(0);
IcConnectorObject connectorObject = accountService.getConnectorObject(account);
IcAttribute rightsAttributeFromSystem = connectorObject.getAttributeByName(RIGHTS_ATTRIBUTE);
List<Object> rightsValues = rightsAttributeFromSystem.getValues();
assertEquals(2, rightsValues.size());
assertTrue(rightsValues.contains(ONE_VALUE));
assertTrue(rightsValues.contains(TWO_VALUE));
// Change controlled value
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "_changed';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
SysAttributeControlledValueFilter controlledValueFilter = new SysAttributeControlledValueFilter();
controlledValueFilter.setHistoricValue(Boolean.TRUE);
controlledValueFilter.setAttributeMappingId(rightsAttribute.getId());
List<SysAttributeControlledValueDto> attributeControlledValues = controlledValueService.find(controlledValueFilter, null).getContent();
// One historic value should be exists
assertEquals(1, attributeControlledValues.size());
assertEquals(ONE_VALUE, attributeControlledValues.get(0).getValue());
// Deleting of old value ... we don't want controlled it from now
controlledValueService.delete(attributeControlledValues.get(0));
// Do provisioning
identityService.save(identity);
// Check values on target system
accounts = accountService.find(accountFilter, null).getContent();
assertEquals(1, accounts.size());
account = accounts.get(0);
connectorObject = accountService.getConnectorObject(account);
rightsAttributeFromSystem = connectorObject.getAttributeByName(RIGHTS_ATTRIBUTE);
rightsValues = rightsAttributeFromSystem.getValues();
assertEquals(3, rightsValues.size());
assertTrue(rightsValues.contains(ONE_VALUE));
assertTrue(rightsValues.contains(TWO_VALUE));
assertTrue(rightsValues.contains(ONE_VALUE + "_changed"));
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
VsSystemDto(eu.bcvsolutions.idm.vs.dto.VsSystemDto)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysAttributeControlledValueDto(eu.bcvsolutions.idm.acc.dto.SysAttributeControlledValueDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
SysAttributeControlledValueFilter(eu.bcvsolutions.idm.acc.dto.filter.SysAttributeControlledValueFilter)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 67 with SysSystemAttributeMappingFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter in project CzechIdMng by bcvsolutions.
the class VsProvisioningMergeTest method testChangeControlledValue.
@Test
public void testChangeControlledValue() {
VsSystemDto config = new VsSystemDto();
config.setName(helper.createName());
config.setCreateDefaultRole(false);
SysSystemDto system = helper.createVirtualSystem(config);
IdmRoleDto roleOne = helper.createRole();
IdmRoleDto roleTwo = helper.createRole();
SysRoleSystemDto roleSystemOne = helper.createRoleSystem(roleOne, system);
SysRoleSystemDto roleSystemTwo = helper.createRoleSystem(roleTwo, system);
SysSystemMappingDto mapping = mappingService.findProvisioningMapping(system.getId(), SystemEntityType.IDENTITY);
SysSystemAttributeMappingFilter attributeFilter = new SysSystemAttributeMappingFilter();
attributeFilter.setSystemMappingId(mapping.getId());
attributeFilter.setSchemaAttributeName(RIGHTS_ATTRIBUTE);
List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(attributeFilter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto rightsAttribute = attributes.get(0);
SysRoleSystemAttributeDto roleAttributeOne = new SysRoleSystemAttributeDto();
roleAttributeOne.setName(RIGHTS_ATTRIBUTE);
roleAttributeOne.setRoleSystem(roleSystemOne.getId());
roleAttributeOne.setEntityAttribute(false);
roleAttributeOne.setExtendedAttribute(false);
roleAttributeOne.setUid(false);
roleAttributeOne.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeOne.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
SysRoleSystemAttributeDto roleAttributeTwo = new SysRoleSystemAttributeDto();
roleAttributeTwo.setName(RIGHTS_ATTRIBUTE);
roleAttributeTwo.setRoleSystem(roleSystemTwo.getId());
roleAttributeTwo.setEntityAttribute(false);
roleAttributeTwo.setExtendedAttribute(false);
roleAttributeTwo.setUid(false);
roleAttributeTwo.setStrategyType(AttributeMappingStrategyType.MERGE);
roleAttributeTwo.setSystemAttributeMapping(rightsAttribute.getId());
roleAttributeTwo.setTransformToResourceScript("return '" + TWO_VALUE + "';");
roleAttributeTwo = roleSystemAttributeService.saveInternal(roleAttributeTwo);
IdmIdentityDto identity = helper.createIdentity();
helper.createIdentityRole(identity, roleOne);
helper.createIdentityRole(identity, roleTwo);
// Change controlled value
roleAttributeOne.setTransformToResourceScript("return '" + ONE_VALUE + "_changed';");
roleAttributeOne = roleSystemAttributeService.saveInternal(roleAttributeOne);
// Do provisioning
identityService.save(identity);
// Check values on target system
AccAccountFilter accountFilter = new AccAccountFilter();
accountFilter.setSystemId(system.getId());
List<AccAccountDto> accounts = accountService.find(accountFilter, null).getContent();
assertEquals(1, accounts.size());
AccAccountDto account = accounts.get(0);
IcConnectorObject connectorObject = accountService.getConnectorObject(account);
IcAttribute rightsAttributeFromSystem = connectorObject.getAttributeByName(RIGHTS_ATTRIBUTE);
List<Object> rightsValues = rightsAttributeFromSystem.getValues();
assertEquals(2, rightsValues.size());
assertTrue(rightsValues.contains(TWO_VALUE));
assertTrue(rightsValues.contains(ONE_VALUE + "_changed"));
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
VsSystemDto(eu.bcvsolutions.idm.vs.dto.VsSystemDto)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 68 with SysSystemAttributeMappingFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter in project CzechIdMng by bcvsolutions.
the class RoleSynchronizationExecutor method validate.
@Override
protected SynchronizationContext validate(UUID synchronizationConfigId) {
syncContext = super.validate(synchronizationConfigId);
SysSyncRoleConfigDto config = getConfig(syncContext);
SysSystemAttributeMappingFilter attributeMappingFilter = new SysSystemAttributeMappingFilter();
attributeMappingFilter.setSystemMappingId(config.getSystemMapping());
attributeMappingFilter.setDisabledAttribute(Boolean.FALSE);
// Check if exist mapping attribute for 'UID attribute'.
attributeMappingFilter.setIsUid(Boolean.TRUE);
SysSystemAttributeMappingDto attributeMappingDto = systemAttributeMappingService.find(attributeMappingFilter, null).getContent().stream().findFirst().orElse(null);
if (attributeMappingDto == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", "UID"));
}
if (config.isForwardAcmSwitch() && config.getForwardAcmMappingAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", ROLE_FORWARD_ACM_FIELD));
}
if (config.isSkipValueIfExcludedSwitch() && config.getSkipValueIfExcludedMappingAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", ROLE_SKIP_VALUE_IF_EXCLUDED_FIELD));
}
if (config.isMembershipSwitch()) {
if (config.getRoleIdentifiersMappingAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", ROLE_MEMBERSHIP_ID_FIELD));
}
if (config.getMemberSystemMapping() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", "System mapping from an identity system"));
}
if (config.getMemberOfAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", "Member of from an identity system"));
}
}
if (config.isAssignRoleSwitch()) {
if (config.getRoleMembersMappingAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", ROLE_MEMBERS_FIELD));
}
if (config.getMemberIdentifierAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", "Identity identifier from an identity system"));
}
}
if (config.isAssignCatalogueSwitch() && config.getAssignCatalogueMappingAttribute() == null) {
throw new ResultCodeException(AccResultCode.SYNC_OF_ROLES_MAPPING_ATTRIBUTE_MISSING, ImmutableMap.of("attribute", ROLE_CATALOGUE_FIELD));
}
return syncContext;
}
Also used :
SysSyncRoleConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncRoleConfigDto)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Example 69 with SysSystemAttributeMappingFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter in project CzechIdMng by bcvsolutions.
the class AbstractPasswordFilterIntegrationTest method createSystem.
protected SysSystemDto createSystem(boolean createPasswordFilter, boolean uidTransformation) {
SysSystemDto system = this.getHelper().createTestResourceSystem(true);
if (uidTransformation) {
PasswordGenerator g = new PasswordGenerator();
String uidSuffix = g.generateRandom(5, 5, 3, 2, 0, 0);
SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
filter.setSystemId(system.getId());
filter.setName(TestHelper.ATTRIBUTE_MAPPING_NAME);
List<SysSystemAttributeMappingDto> attributes = systemAttributeMappingService.find(filter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto uid = attributes.get(0);
uid.setTransformToResourceScript("return entity.getUsername() + '_" + uidSuffix + "';");
uid = systemAttributeMappingService.save(uid);
system.setDescription(uidSuffix);
system = systemService.save(system);
}
setPasswordFilter(system, createPasswordFilter);
return system;
}
Also used :
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
PasswordGenerator(eu.bcvsolutions.idm.core.api.utils.PasswordGenerator)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
Example 70 with SysSystemAttributeMappingFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter in project CzechIdMng by bcvsolutions.
the class AbstractPasswordFilterIntegrationTest method getPasswordAttribute.
protected SysSystemAttributeMappingDto getPasswordAttribute(SysSystemDto system) {
SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
filter.setSystemId(system.getId());
filter.setName(TestHelper.ATTRIBUTE_MAPPING_PASSWORD);
List<SysSystemAttributeMappingDto> attributes = systemAttributeMappingService.find(filter, null).getContent();
assertEquals(1, attributes.size());
return attributes.get(0);
}
Also used :
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
Aggregations
SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)138
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)125
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)93
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)86
Test (org.junit.Test)85
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)82
SysSystemMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)53
SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)37
SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)36
AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)34
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)32
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)27
AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)24
SysSyncConfigFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter)24
ConnectorType (eu.bcvsolutions.idm.acc.service.api.ConnectorType)23
SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)22
SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)22
UUID (java.util.UUID)22
AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)18
SysSystemAttributeMappingService (eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)18
