Example 1 with SysSystemGroupSystemFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter in project CzechIdMng by bcvsolutions.
the class DefaultSysRoleSystemService method toDto.
@Override
protected SysRoleSystemDto toDto(SysRoleSystem entity, SysRoleSystemDto dto, SysRoleSystemFilter context) {
SysRoleSystemDto roleSystemDto = super.toDto(entity, dto, context);
if (context != null && Boolean.TRUE.equals(context.getCheckIfIsInCrossDomainGroup()) && roleSystemDto != null && roleSystemDto.getId() != null) {
SysSystemGroupSystemFilter systemGroupSystemFilter = new SysSystemGroupSystemFilter();
systemGroupSystemFilter.setCrossDomainsGroupsForRoleSystemId(roleSystemDto.getId());
if (systemGroupSystemService.count(systemGroupSystemFilter) >= 1) {
// This role-system overriding a merge attribute which is using in
// active cross-domain group. -> We will set this information to the DTO.
roleSystemDto.setInCrossDomainGroup(true);
}
}
return roleSystemDto;
}
Also used :
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
Example 2 with SysSystemGroupSystemFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountManagementService method resolveIdentityAccountForDelete.
/**
* Resolve identity account to delete
*
* @param identityAccountList
* @param identityRoles
* @param identityAccountsToDelete
*/
private void resolveIdentityAccountForDelete(List<AccIdentityAccountDto> identityAccountList, List<IdmIdentityRoleDto> identityRoles, List<AccIdentityAccountDto> identityAccountsToDelete) {
// Search IdentityAccounts to delete
identityRoles.stream().filter(identityRole -> {
return !identityRole.isValid();
}).forEach(identityRole -> {
//
identityAccountList.stream().filter(//
identityAccount -> identityRole.getId().equals(identityAccount.getIdentityRole())).filter(identityAccount -> identityAccount.getRoleSystem() == null || !(((SysRoleSystemDto) DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.roleSystem)).isForwardAccountManagemen() && //
identityRole.isValidNowOrInFuture())).forEach(identityAccountsToDelete::add);
});
// Search IdentityAccounts to delete - we want to delete identity-account if
// identity-role is valid, but mapped system on the role does not longer exist.
identityRoles.stream().filter(identityRole -> {
return identityRole.isValid();
}).forEach(identityRole -> {
//
identityAccountList.stream().filter(identityAccount -> identityRole.getId().equals(identityAccount.getIdentityRole())).filter(identityAccount -> {
// Remove account if role-system is null.
if (identityAccount.getRoleSystem() == null) {
return true;
}
// Remove an account if role-system does not supports creation by default or if is in cross-domain group.
SysRoleSystemDto roleSystem = lookupService.lookupEmbeddedDto(identityAccount, AccIdentityAccount_.roleSystem);
if (roleSystem != null && !roleSystem.isCreateAccountByDefault()) {
return true;
} else if (roleSystem != null) {
SysSystemGroupSystemFilter systemGroupSystemFilter = new SysSystemGroupSystemFilter();
systemGroupSystemFilter.setCrossDomainsGroupsForRoleSystemId(roleSystem.getId());
if (systemGroupSystemService.count(systemGroupSystemFilter) >= 1) {
// active cross-domain group. -> Identity account should be deleted.
return true;
}
}
return false;
}).forEach(identityAccountsToDelete::add);
});
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
ImmutableMap(com.google.common.collect.ImmutableMap)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmEntityStateFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityStateFilter)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Serializable(java.io.Serializable)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttribute_(eu.bcvsolutions.idm.acc.entity.SysRoleSystemAttribute_)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService)
HashSet(java.util.HashSet)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
Lists(com.google.common.collect.Lists)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
Service(org.springframework.stereotype.Service)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
Example 3 with SysSystemGroupSystemFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountManagementService method resolveIdentityAccountForCreate.
/**
* Resolve Identity account - to create.
*/
private void resolveIdentityAccountForCreate(IdmIdentityDto identity, List<AccIdentityAccountDto> identityAccountList, List<IdmIdentityRoleDto> identityRoles, List<AccIdentityAccountDto> identityAccountsToCreate, List<AccIdentityAccountDto> identityAccountsToDelete, boolean onlyCreateNew, List<UUID> additionalAccountsForProvisioning) {
identityRoles.forEach(identityRole -> {
UUID role = identityRole.getRole();
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(role);
List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
// Is role valid in this moment or
// role-system has enabled forward account management (identity-role have to be
// valid in the future)
roleSystems.stream().filter(roleSystem -> (identityRole.isValid() || (roleSystem.isForwardAccountManagemen() && identityRole.isValidNowOrInFuture()))).filter(roleSystem -> {
boolean canBeCreated = roleSystem.isCreateAccountByDefault();
if (canBeCreated) {
SysSystemGroupSystemFilter systemGroupSystemFilter = new SysSystemGroupSystemFilter();
systemGroupSystemFilter.setCrossDomainsGroupsForRoleSystemId(roleSystem.getId());
if (systemGroupSystemService.count(systemGroupSystemFilter) >= 1) {
// This role-system overriding a merge attribute which is using in
// active cross-domain group. -> Account will be not created.
canBeCreated = false;
}
}
if (!canBeCreated) {
// We need to made provisioning for skipped identity-role/accounts (because Cross-domains).
// We have to find all identity-accounts for identity and system.
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setSystemId(roleSystem.getSystem());
identityAccountFilter.setIdentityId(identity.getId());
AccIdentityAccountDto identityAccountDto = identityAccountService.find(identityAccountFilter, null).getContent().stream().filter(identityAccount -> {
SysRoleSystemDto roleSystemFromIdentityAccount = lookupService.lookupEmbeddedDto(identityAccount, AccIdentityAccount_.roleSystem);
return roleSystemFromIdentityAccount != null && roleSystem.getSystemMapping().equals(roleSystemFromIdentityAccount.getSystemMapping());
}).findFirst().orElse(null);
if (identityAccountDto != null && additionalAccountsForProvisioning != null) {
additionalAccountsForProvisioning.add(identityAccountDto.getAccount());
}
}
return canBeCreated;
}).forEach(roleSystem -> {
String uid = generateUID(identity, roleSystem);
// Check on change of UID is not executed if all given identity-roles are new
if (!onlyCreateNew) {
// Check identity-account for that role-system on change the definition of UID
checkOnChangeUID(uid, roleSystem, identityAccountList, identityAccountsToDelete);
}
// Try to find identity-account for this identity-role. If exists and doesn't in
// list of identity-account to delete, then we are done.
AccIdentityAccountDto existsIdentityAccount = findAlreadyExistsIdentityAccount(identityAccountList, identityAccountsToDelete, identityRole, roleSystem);
if (existsIdentityAccount != null) {
if (existsIdentityAccount.getRoleSystem() == null) {
// IdentityAccount already exist, but doesn't have relation on RoleSystem. This
// could happen if system mapping was deleted and recreated or if was role use
// as sync default role, but without mapping on this system.
// We have to create missing relation, so we will set and save RoleSystem.
existsIdentityAccount.setRoleSystem(roleSystem.getId());
identityAccountService.save(existsIdentityAccount);
}
return;
}
// For this system we need to create new (or found exists) account
AccAccountDto account = createAccountByRoleSystem(uid, identity, roleSystem, identityAccountsToCreate);
if (account == null) {
return;
}
// Prevent to create the same identity account
if (identityAccountList.stream().filter(identityAccount -> {
return identityAccount.getAccount().equals(account.getId()) && identityRole.getId().equals(identityAccount.getIdentityRole()) && roleSystem.getId().equals(identityAccount.getRoleSystem());
}).count() == 0) {
AccIdentityAccountDto identityAccount = new AccIdentityAccountDto();
identityAccount.setAccount(account.getId());
identityAccount.setIdentity(identity.getId());
identityAccount.setIdentityRole(identityRole.getId());
identityAccount.setRoleSystem(roleSystem.getId());
identityAccount.setOwnership(true);
identityAccount.getEmbedded().put(AccIdentityAccount_.account.getName(), account);
identityAccountsToCreate.add(identityAccount);
}
});
});
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
ImmutableMap(com.google.common.collect.ImmutableMap)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmEntityStateFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityStateFilter)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Serializable(java.io.Serializable)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttribute_(eu.bcvsolutions.idm.acc.entity.SysRoleSystemAttribute_)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService)
HashSet(java.util.HashSet)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
Lists(com.google.common.collect.Lists)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
Service(org.springframework.stereotype.Service)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
UUID(java.util.UUID)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
Example 4 with SysSystemGroupSystemFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter in project CzechIdMng by bcvsolutions.
the class AdUserConnectorType method getConnectorValuesByAttribute.
/**
* Search connector values for given attribute.
* If is system in cross-domain system group, then is will be call this method for all systems in a group.
* For searching in other systems will be used SID, GROUPS and 'foreignSecurityPrincipals' container.
*/
@Override
public List<Object> getConnectorValuesByAttribute(String uid, IcObjectClass objectClass, String schemaAttributeName, SysSystemDto system, IcConnectorObject connectorObject, SysSystemGroupSystemDto systemGroupSystem) {
List<Object> connectorValues = super.getConnectorValuesByAttribute(uid, objectClass, schemaAttributeName, system, connectorObject, systemGroupSystem);
if (systemGroupSystem == null) {
// Find if the system is in a group with cross-domain type and for given schema attribute.
SysSystemGroupSystemFilter systemGroupSystemFilter = new SysSystemGroupSystemFilter();
systemGroupSystemFilter.setGroupType(SystemGroupType.CROSS_DOMAIN);
systemGroupSystemFilter.setDisabled(Boolean.FALSE);
systemGroupSystemFilter.setSystemId(system.getId());
systemGroupSystemFilter.setMergeAttributeCode(schemaAttributeName);
UUID systemGroupId = systemGroupSystemService.find(systemGroupSystemFilter, null).getContent().stream().findFirst().map(SysSystemGroupSystemDto::getSystemGroup).orElse(null);
if (systemGroupId == null) {
// System is not in a cross-domain group -> we have all connector values.
return connectorValues;
}
// Found all group-systems for this group (without given system).
systemGroupSystemFilter.setSystemGroupId(systemGroupId);
systemGroupSystemFilter.setSystemId(null);
List<SysSystemGroupSystemDto> groupSystems = systemGroupSystemService.find(systemGroupSystemFilter, null).getContent().stream().filter(groupSystem -> !system.getId().equals(groupSystem.getSystem())).collect(Collectors.toList());
// Call connector type for every system and load values for given attribute.
groupSystems.forEach(groupSystem -> {
SysSystemDto systemInGroup = DtoUtils.getEmbedded(groupSystem, SysSystemGroupSystem_.system, SysSystemDto.class);
ConnectorType connectorType = getConnectorManager().findConnectorTypeBySystem(systemInGroup);
if (connectorType != null) {
List<Object> connectorValuesForSystemInGroup = connectorType.getConnectorValuesByAttribute(uid, objectClass, schemaAttributeName, systemInGroup, connectorObject, groupSystem);
if (connectorValuesForSystemInGroup != null) {
connectorValuesForSystemInGroup.forEach(value -> {
if (!connectorValues.contains(value)) {
connectorValues.add(value);
}
});
}
}
});
} else {
// System group is not null, so this is sub system in group. We need to get groups by SID.
Assert.notNull(connectorObject, "The parent connector object cannot be null!");
IcAttribute sid = connectorObject.getAttributeByName(SID_ATTRIBUTE_KEY);
Assert.notNull(sid, "SID attribute cannot be null!");
Object sidValue = sid.getValue();
Assert.notNull(sidValue, "SID value cannot be null!");
IdmFormDefinitionDto operationOptionsFormDefinition = this.getSystemService().getOperationOptionsConnectorFormDefinition(system);
Assert.notNull(operationOptionsFormDefinition, "Operation options form-definition cannot be null!");
// Find attribute with container with existed users.
String userContainer = getValueFromConnectorInstance(USER_SEARCH_CONTAINER_KEY, system, operationOptionsFormDefinition);
Assert.notNull(userContainer, "User container cannot be null!");
// First we have to find root DN (only DCs).
String dcs = getRoot(userContainer);
String foreignSecurityPrincipalsDN = MessageFormat.format("CN={0},CN={1},{2}", convertSidToStr((byte[]) sidValue), FOREIGN_SECURITY_PRINCIPALS_CN, dcs);
IcConnectorConfiguration connectorConfiguration = getSystemService().getConnectorConfiguration(system);
IcConnectorInstance connectorInstance = getSystemService().getConnectorInstance(system);
Set<String> groups = searchGroups("member", connectorConfiguration, connectorInstance, foreignSecurityPrincipalsDN);
connectorValues.addAll(groups);
}
return connectorValues;
}
Also used :
ModificationItem(javax.naming.directory.ModificationItem)
SSLContext(javax.net.ssl.SSLContext)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemAttributeMapping_(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping_)
IcConnectorInstance(eu.bcvsolutions.idm.ic.api.IcConnectorInstance)
Map(java.util.Map)
SynchronizationUnlinkedActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationUnlinkedActionType)
AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)
IdmEntityStateService(eu.bcvsolutions.idm.core.api.service.IdmEntityStateService)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IcFilter(eu.bcvsolutions.idm.ic.filter.api.IcFilter)
SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
Set(java.util.Set)
KeyManagementException(java.security.KeyManagementException)
ReconciliationMissingAccountActionType(eu.bcvsolutions.idm.acc.domain.ReconciliationMissingAccountActionType)
SysSchemaObjectClassFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaObjectClassFilter)
ZoneId(java.time.ZoneId)
Serializable(java.io.Serializable)
SSLSocketFactory(javax.net.ssl.SSLSocketFactory)
ByteOrder(java.nio.ByteOrder)
SSLException(javax.net.ssl.SSLException)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Attributes(javax.naming.directory.Attributes)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
Strings(org.apache.logging.log4j.util.Strings)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
SearchResult(javax.naming.directory.SearchResult)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
SysSystemGroupSystem_(eu.bcvsolutions.idm.acc.entity.SysSystemGroupSystem_)
Pair(eu.bcvsolutions.idm.core.api.domain.Pair)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
IdmAttachmentDto(eu.bcvsolutions.idm.core.ecm.api.dto.IdmAttachmentDto)
SynchronizationInactiveOwnerBehaviorType(eu.bcvsolutions.idm.acc.domain.SynchronizationInactiveOwnerBehaviorType)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
InitialDirContext(javax.naming.directory.InitialDirContext)
BasicAttribute(javax.naming.directory.BasicAttribute)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
Lists(com.google.common.collect.Lists)
SSLSession(javax.net.ssl.SSLSession)
SynchronizationLinkedActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationLinkedActionType)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
ConnectorTypeDto(eu.bcvsolutions.idm.acc.dto.ConnectorTypeDto)
Context(javax.naming.Context)
IcAttributeInfo(eu.bcvsolutions.idm.ic.api.IcAttributeInfo)
IcFilterBuilder(eu.bcvsolutions.idm.ic.filter.impl.IcFilterBuilder)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
IcConnectorKey(eu.bcvsolutions.idm.ic.api.IcConnectorKey)
DirContext(javax.naming.directory.DirContext)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
NameAlreadyBoundException(javax.naming.NameAlreadyBoundException)
SystemMappingEvent(eu.bcvsolutions.idm.acc.event.SystemMappingEvent)
IOException(java.io.IOException)
FileUtils(org.apache.commons.io.FileUtils)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
UnknownHostException(java.net.UnknownHostException)
File(java.io.File)
IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)
IcConnectorConfigurationImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorConfigurationImpl)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Paths(java.nio.file.Paths)
X509TrustManager(javax.net.ssl.X509TrustManager)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
X509Certificate(java.security.cert.X509Certificate)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
Date(java.util.Date)
SysSyncConfigFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSyncConfigFilter)
SSLSocket(javax.net.ssl.SSLSocket)
TrustManager(javax.net.ssl.TrustManager)
NamingException(javax.naming.NamingException)
AuthenticationException(javax.naming.AuthenticationException)
ByteBuffer(java.nio.ByteBuffer)
SysConnectorKeyDto(eu.bcvsolutions.idm.acc.dto.SysConnectorKeyDto)
Attribute(javax.naming.directory.Attribute)
ByteArrayInputStream(java.io.ByteArrayInputStream)
SysSchemaAttribute_(eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute_)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
SynchronizationMissingEntityActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationMissingEntityActionType)
IdmFormAttributeService(eu.bcvsolutions.idm.core.eav.api.service.IdmFormAttributeService)
SysSyncConfigService(eu.bcvsolutions.idm.acc.service.api.SysSyncConfigService)
ImmutableMap(com.google.common.collect.ImmutableMap)
BasicAttributes(javax.naming.directory.BasicAttributes)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmEntityStateFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityStateFilter)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
List(java.util.List)
Certificate(java.security.cert.Certificate)
NamingEnumeration(javax.naming.NamingEnumeration)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
CertificateUtils(eu.bcvsolutions.idm.core.api.utils.CertificateUtils)
HashMap(java.util.HashMap)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ConnectorException(org.identityconnectors.framework.common.exceptions.ConnectorException)
SearchControls(javax.naming.directory.SearchControls)
PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType)
MessageFormat(java.text.MessageFormat)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
IcObjectClassInfo(eu.bcvsolutions.idm.ic.api.IcObjectClassInfo)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
Hashtable(java.util.Hashtable)
SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)
AttachmentManager(eu.bcvsolutions.idm.core.ecm.api.service.AttachmentManager)
CertificateException(java.security.cert.CertificateException)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SpinalCase(eu.bcvsolutions.idm.core.api.utils.SpinalCase)
SystemGroupType(eu.bcvsolutions.idm.acc.domain.SystemGroupType)
Component(org.springframework.stereotype.Component)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
CommunicationException(javax.naming.CommunicationException)
Comparator(java.util.Comparator)
DigestUtils(org.apache.commons.codec.digest.DigestUtils)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorInstance(eu.bcvsolutions.idm.ic.api.IcConnectorInstance)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
UUID(java.util.UUID)
Example 5 with SysSystemGroupSystemFilter
use of eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter in project CzechIdMng by bcvsolutions.
the class SystemGroupDeleteProcessor method process.
@Override
public EventResult<SysSystemGroupDto> process(EntityEvent<SysSystemGroupDto> event) {
SysSystemGroupDto dto = event.getContent();
Assert.assertNotNull(dto.getId(), "Id cannot be null for delete!");
// Delete all connections with systems
SysSystemGroupSystemFilter systemGroupSystemFilter = new SysSystemGroupSystemFilter();
systemGroupSystemFilter.setSystemGroupId(dto.getId());
systemGroupSystemService.find(systemGroupSystemFilter, null).forEach(systemGroupSystem -> {
systemGroupSystemService.delete(systemGroupSystem);
});
systemGroupService.deleteInternal(dto);
return new DefaultEventResult<>(event, this);
}
Also used :
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
SysSystemGroupSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
Aggregations
SysSystemGroupSystemFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemGroupSystemFilter)12
SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)6
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)6
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)5
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)5
SysSystemGroupSystemService (eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)5
DtoUtils (eu.bcvsolutions.idm.core.api.utils.DtoUtils)5
Serializable (java.io.Serializable)5
List (java.util.List)5
UUID (java.util.UUID)5
Autowired (org.springframework.beans.factory.annotation.Autowired)5
Transactional (org.springframework.transaction.annotation.Transactional)5
ImmutableMap (com.google.common.collect.ImmutableMap)4
Lists (com.google.common.collect.Lists)4
AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)4
SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)4
AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)4
SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)4
AccAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)4
AccountType (eu.bcvsolutions.idm.acc.domain.AccountType)3
