Search in sources :

Example 1 with SysSchemaObjectClass

use of eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountService method toPredicates.

@Override
protected List<Predicate> toPredicates(Root<AccAccount> root, CriteriaQuery<?> query, CriteriaBuilder builder, AccAccountFilter filter) {
    List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
    // full search
    if (StringUtils.isNotEmpty(filter.getText())) {
        predicates.add(// 
        builder.or(builder.like(builder.lower(root.get(AccAccount_.uid)), "%" + filter.getText().toLowerCase() + "%"), builder.like(builder.lower(root.get(AccAccount_.systemEntity).get(SysSystemEntity_.uid)), "%" + filter.getText().toLowerCase() + "%")));
    }
    if (filter.getSystemId() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.system).get(SysSystem_.id), filter.getSystemId()));
    }
    if (filter.getSystemEntityId() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.systemEntity).get(SysSystemEntity_.id), filter.getSystemEntityId()));
    }
    if (filter.getUid() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.uid), filter.getUid()));
    }
    if (filter.getIdentityId() != null || filter.getOwnership() != null) {
        Subquery<AccIdentityAccount> identityAccountSubquery = query.subquery(AccIdentityAccount.class);
        Root<AccIdentityAccount> subRootIdentityAccount = identityAccountSubquery.from(AccIdentityAccount.class);
        identityAccountSubquery.select(subRootIdentityAccount);
        Predicate predicate = builder.and(builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.account), root));
        Predicate identityPredicate = builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.identity).get(IdmIdentity_.id), filter.getIdentityId());
        Predicate ownerPredicate = builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.ownership), filter.getOwnership());
        if (filter.getIdentityId() != null && filter.getOwnership() == null) {
            predicate = builder.and(predicate, identityPredicate);
        } else if (filter.getOwnership() != null && filter.getIdentityId() == null) {
            predicate = builder.and(predicate, ownerPredicate);
        } else {
            predicate = builder.and(predicate, identityPredicate, ownerPredicate);
        }
        identityAccountSubquery.where(predicate);
        predicates.add(builder.exists(identityAccountSubquery));
    }
    if (filter.getAccountType() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.accountType), filter.getAccountType()));
    }
    if (filter.getSupportChangePassword() != null && filter.getSupportChangePassword()) {
        Subquery<SysSystemAttributeMapping> systemAttributeMappingSubquery = query.subquery(SysSystemAttributeMapping.class);
        Root<SysSystemAttributeMapping> subRootSystemAttributeMapping = systemAttributeMappingSubquery.from(SysSystemAttributeMapping.class);
        systemAttributeMappingSubquery.select(subRootSystemAttributeMapping);
        Path<SysSystem> systemPath = root.get(AccAccount_.system);
        Predicate predicate = builder.and(builder.isFalse(systemPath.get(SysSystem_.disabledProvisioning)), builder.equal(// 
        subRootSystemAttributeMapping.get(// 
        SysSystemAttributeMapping_.schemaAttribute).get(// 
        SysSchemaAttribute_.objectClass).get(// 
        SysSchemaObjectClass_.system), systemPath), builder.equal(// 
        subRootSystemAttributeMapping.get(// 
        SysSystemAttributeMapping_.systemMapping).get(SysSystemMapping_.operationType), SystemOperationType.PROVISIONING), builder.equal(// 
        subRootSystemAttributeMapping.get(// 
        SysSystemAttributeMapping_.schemaAttribute).get(SysSchemaAttribute_.name), ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME));
        systemAttributeMappingSubquery.where(predicate);
        predicates.add(builder.exists(systemAttributeMappingSubquery));
    }
    if (filter.getEntityType() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.entityType), filter.getEntityType()));
    }
    if (filter.getInProtection() != null) {
        predicates.add(builder.equal(root.get(AccAccount_.inProtection), filter.getInProtection()));
    }
    if (filter.getUniformPasswordId() != null) {
        Subquery<SysSystem> subquerySystem = query.subquery(SysSystem.class);
        Root<SysSystem> subRootSystem = subquerySystem.from(SysSystem.class);
        subquerySystem.select(subRootSystem);
        Subquery<AccUniformPasswordSystem> subqueryUniformSystem = query.subquery(AccUniformPasswordSystem.class);
        Root<AccUniformPasswordSystem> subRootUniformSystem = subqueryUniformSystem.from(AccUniformPasswordSystem.class);
        subqueryUniformSystem.select(subRootUniformSystem);
        predicates.add(builder.exists(subquerySystem.where(builder.and(// Correlation attribute - connection to system
        builder.equal(root.get(AccAccount_.system), subRootSystem), // Exclude in protection accounts
        builder.isFalse(root.get(AccAccount_.inProtection)), // builder.isFalse(subRootSystem.get(SysSystem_.disabledProvisioning)), // Exclude system with disabled provisioning
        builder.exists(subqueryUniformSystem.where(builder.and(builder.equal(subRootUniformSystem.get(AccUniformPasswordSystem_.system), subRootSystem), builder.equal(subRootUniformSystem.get(AccUniformPasswordSystem_.uniformPassword).get(AbstractEntity_.id), filter.getUniformPasswordId()))))))));
    }
    if (filter.getSupportPasswordFilter() != null) {
        Subquery<SysSystem> subquerySystem = query.subquery(SysSystem.class);
        Root<SysSystem> subRootSystem = subquerySystem.from(SysSystem.class);
        subquerySystem.select(subRootSystem);
        Subquery<SysSchemaObjectClass> subquerySchema = query.subquery(SysSchemaObjectClass.class);
        Root<SysSchemaObjectClass> subRootSchema = subquerySchema.from(SysSchemaObjectClass.class);
        subquerySchema.select(subRootSchema);
        Subquery<SysSystemMapping> subqueryMapping = query.subquery(SysSystemMapping.class);
        Root<SysSystemMapping> subRootMapping = subqueryMapping.from(SysSystemMapping.class);
        subqueryMapping.select(subRootMapping);
        Subquery<SysSystemAttributeMapping> subqueryAttributeMapping = query.subquery(SysSystemAttributeMapping.class);
        Root<SysSystemAttributeMapping> subRootAttributeMapping = subqueryAttributeMapping.from(SysSystemAttributeMapping.class);
        subqueryAttributeMapping.select(subRootAttributeMapping);
        Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
        Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
        subquery.select(subRoot);
        predicates.add(builder.exists(subquerySystem.where(builder.and(// Correlation attribute - connection to system
        builder.equal(root.get(AccAccount_.system), subRootSystem), // Exclude in protection accounts
        builder.isFalse(root.get(AccAccount_.inProtection)), // Disabled, readonly or without provisioning system are NOT excluded, because from these systems may be still receive password change requests
        builder.exists(subquerySchema.where(builder.and(// Correlation attribute - connection to schem object class
        builder.equal(subRootSchema.get(SysSchemaObjectClass_.system), subRootSystem), builder.exists(subqueryMapping.where(builder.and(// Correlation attribute - connection to mapping
        builder.equal(subRootMapping.get(SysSystemMapping_.objectClass), subRootSchema), // System mapping must be provisioning
        builder.equal(subRootMapping.get(SysSystemMapping_.operationType), SystemOperationType.PROVISIONING), // Password change is now allowed only for identities
        builder.equal(subRootMapping.get(SysSystemMapping_.entityType), SystemEntityType.IDENTITY), builder.exists(subqueryAttributeMapping.where(builder.and(// Correlation attribute - connection to attribute mapping
        builder.equal(subRootAttributeMapping.get(SysSystemAttributeMapping_.systemMapping), subRootMapping), // Only password attribute
        builder.isTrue(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordAttribute)), // Exclude disabled attribute
        builder.isFalse(subRootAttributeMapping.get(SysSystemAttributeMapping_.disabledAttribute)), BooleanUtils.isTrue(filter.getSupportPasswordFilter()) ? builder.isTrue(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordFilter)) : builder.isFalse(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordFilter)))))))))))))));
    }
    // 
    return predicates;
}
Also used : SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping) SysSystemMapping(eu.bcvsolutions.idm.acc.entity.SysSystemMapping) Predicate(javax.persistence.criteria.Predicate) SysSystem(eu.bcvsolutions.idm.acc.entity.SysSystem) AccUniformPasswordSystem(eu.bcvsolutions.idm.acc.entity.AccUniformPasswordSystem) AccIdentityAccount(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount) SysSchemaObjectClass(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass)

Example 2 with SysSchemaObjectClass

use of eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemAttributeMappingService method toPredicates.

@Override
protected List<Predicate> toPredicates(Root<SysSystemAttributeMapping> root, CriteriaQuery<?> query, CriteriaBuilder builder, SysSystemAttributeMappingFilter filter) {
    List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
    // fulltext
    String text = filter.getText();
    if (!StringUtils.isEmpty(text)) {
        predicates.add(builder.like(builder.lower(root.get(SysSystemAttributeMapping_.name)), "%" + text.toLowerCase() + "%"));
    }
    if (filter.getSystemMappingId() != null) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.systemMapping).get(AbstractEntity_.id), filter.getSystemMappingId()));
    }
    if (filter.getSchemaAttributeId() != null) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.schemaAttribute).get(AbstractEntity_.id), filter.getSchemaAttributeId()));
    }
    if (!StringUtils.isEmpty(filter.getSchemaAttributeName())) {
        Subquery<SysSchemaAttribute> subquery = query.subquery(SysSchemaAttribute.class);
        Root<SysSchemaAttribute> subRoot = subquery.from(SysSchemaAttribute.class);
        subquery.select(subRoot);
        subquery.where(builder.and(// correlation attr
        builder.equal(root.get(SysSystemAttributeMapping_.schemaAttribute), subRoot), builder.equal(subRoot.get(SysSchemaAttribute_.name), filter.getSchemaAttributeName())));
        predicates.add(builder.exists(subquery));
    }
    if (filter.getSystemId() != null) {
        Subquery<SysSystemMapping> subquerySystemMapping = query.subquery(SysSystemMapping.class);
        Root<SysSystemMapping> subRootSystemMapping = subquerySystemMapping.from(SysSystemMapping.class);
        subquerySystemMapping.select(subRootSystemMapping);
        Subquery<SysSchemaObjectClass> subqueryObjectClass = query.subquery(SysSchemaObjectClass.class);
        Root<SysSchemaObjectClass> subRootObjectClass = subqueryObjectClass.from(SysSchemaObjectClass.class);
        subqueryObjectClass.select(subRootObjectClass);
        subqueryObjectClass.where(builder.and(// correlation attr
        builder.equal(subRootSystemMapping.get(SysSystemMapping_.objectClass), subRootObjectClass), builder.equal(subRootObjectClass.get(SysSchemaObjectClass_.system).get(AbstractEntity_.id), filter.getSystemId())));
        Predicate predicate = builder.exists(subquerySystemMapping.where(builder.and(builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRootSystemMapping), builder.exists(subqueryObjectClass.where(builder.and(// correlation attr
        builder.equal(subRootSystemMapping.get(SysSystemMapping_.objectClass), subRootObjectClass), builder.equal(subRootObjectClass.get(SysSchemaObjectClass_.system).get(AbstractEntity_.id), filter.getSystemId())))))));
        predicates.add(predicate);
    }
    if (filter.getIsUid() != null) {
        if (BooleanUtils.isFalse(filter.getIsUid())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.uid)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.uid)));
        }
    }
    if (!StringUtils.isEmpty(filter.getIdmPropertyName())) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.idmPropertyName), filter.getIdmPropertyName()));
    }
    if (filter.getSendOnPasswordChange() != null) {
        if (BooleanUtils.isFalse(filter.getSendOnPasswordChange())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.sendOnPasswordChange)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.sendOnPasswordChange)));
        }
    }
    if (filter.getSendOnlyOnPasswordChange() != null) {
        if (BooleanUtils.isFalse(filter.getSendOnlyOnPasswordChange())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.sendOnlyOnPasswordChange)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.sendOnlyOnPasswordChange)));
        }
    }
    if (filter.getPasswordAttribute() != null) {
        if (BooleanUtils.isFalse(filter.getPasswordAttribute())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.passwordAttribute)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.passwordAttribute)));
        }
    }
    if (filter.getDisabledAttribute() != null) {
        if (BooleanUtils.isFalse(filter.getDisabledAttribute())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.disabledAttribute)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.disabledAttribute)));
        }
    }
    if (filter.getOperationType() != null) {
        Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
        Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
        subquery.select(subRoot);
        subquery.where(builder.and(// correlation attr
        builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRoot), builder.equal(subRoot.get(SysSystemMapping_.operationType), filter.getOperationType())));
        predicates.add(builder.exists(subquery));
    }
    if (filter.getEntityType() != null) {
        Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
        Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
        subquery.select(subRoot);
        subquery.where(builder.and(// correlation attr
        builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRoot), builder.equal(subRoot.get(SysSystemMapping_.entityType), filter.getEntityType())));
        predicates.add(builder.exists(subquery));
    }
    if (!StringUtils.isEmpty(filter.getName())) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.name), filter.getName()));
    }
    if (filter.getAuthenticationAttribute() != null) {
        if (BooleanUtils.isFalse(filter.getAuthenticationAttribute())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.authenticationAttribute)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.authenticationAttribute)));
        }
    }
    if (filter.getPasswordFilter() != null) {
        if (BooleanUtils.isFalse(filter.getPasswordFilter())) {
            predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.passwordFilter)));
        } else {
            predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.passwordFilter)));
        }
    }
    if (filter.getStrategyType() != null) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.strategyType), filter.getStrategyType()));
    }
    if (filter.getId() != null) {
        predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.id), filter.getId()));
    }
    return predicates;
}
Also used : SysSchemaObjectClass(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) SysSchemaAttribute(eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute) SysSystemMapping(eu.bcvsolutions.idm.acc.entity.SysSystemMapping) Predicate(javax.persistence.criteria.Predicate)

Aggregations

SysSchemaObjectClass (eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass)2 SysSystemMapping (eu.bcvsolutions.idm.acc.entity.SysSystemMapping)2 Predicate (javax.persistence.criteria.Predicate)2 AccIdentityAccount (eu.bcvsolutions.idm.acc.entity.AccIdentityAccount)1 AccUniformPasswordSystem (eu.bcvsolutions.idm.acc.entity.AccUniformPasswordSystem)1 SysSchemaAttribute (eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute)1 SysSystem (eu.bcvsolutions.idm.acc.entity.SysSystem)1 SysSystemAttributeMapping (eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)1 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)1