Examples with SysSyncRoleConfig_ eu.bcvsolutions.idm.acc.entity.SysSyncRoleConfig_ used on opensource projects

Search in sources :

Example 1 with SysSyncRoleConfig_

use of eu.bcvsolutions.idm.acc.entity.SysSyncRoleConfig_ in project CzechIdMng by bcvsolutions.

the class RoleSynchronizationExecutor method resolveAssignRole.

private boolean resolveAssignRole(boolean isNew, SynchronizationContext context, IdmRoleDto roleDto, SysSyncRoleConfigDto config, SysSyncItemLogDto logItem, IcConnectorObject connectorObject, SysSystemAttributeMappingDto memberOfAttributeDto, SysSchemaObjectClassDto schemaObjectClassDto) {
    // Find attribute for get members (DNs)
    SysSystemAttributeMappingDto roleMembersAttributeDto = context.getMappedAttributes().stream().filter(attribute -> !attribute.isDisabledAttribute() && attribute.isEntityAttribute() && ROLE_MEMBERS_FIELD.equals(attribute.getIdmPropertyName())).findFirst().orElse(null);
    Assert.notNull(roleMembersAttributeDto, "Mapped attribute with role's members was not found. Please create it!");
    if (!isNew && AttributeMappingStrategyType.CREATE == roleMembersAttributeDto.getStrategyType()) {
        addToItemLog(logItem, "The attribute with role's members has strategy set to 'Set only for new entity'. Role isn't new, so resolving controlling an assignment of roles to users by the external system will be skipped for this role.");
    } else {
        addToItemLog(logItem, "Controlling an assignment of roles to users by the external system is activated.");
        Object membersObj = this.getValueByMappedAttribute(roleMembersAttributeDto, connectorObject.getAttributes(), context);
        if (membersObj == null) {
            membersObj = Lists.newArrayList();
        }
        if (membersObj instanceof String) {
            membersObj = Lists.newArrayList(membersObj);
        }
        Assert.isInstanceOf(List.class, membersObj, "The value from attribute with role's members must be List of Strings!");
        @SuppressWarnings("unchecked") List<String> members = (List<String>) membersObj;
        SysRoleSystemDto roleSystemDto = findRoleSystemDto(roleDto, memberOfAttributeDto, schemaObjectClassDto);
        if (roleSystemDto == null) {
            addToItemLog(logItem, "Relation between this role and system was not found. Assigning of role to users will be skip for this role.");
            return false;
        }
        SysRoleSystemAttributeDto memberAttribute = findMemberAttribute(memberOfAttributeDto, schemaObjectClassDto, roleSystemDto);
        if (memberAttribute == null) {
            addToItemLog(logItem, "The member attribute between this role and system was not found. Assigning of role to users will be skip for this role.");
            return false;
        }
        // Find identities with this role.
        IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
        identityRoleFilter.setRoleId(roleDto.getId());
        List<IdmIdentityRoleDto> existsIdentityRoleDtos = identityRoleService.find(identityRoleFilter, null).getContent();
        // Get cache with users (DN vs UID).
        Map<String, String> usersUidCache = getUserUidCache();
        SysSchemaAttributeDto memberIdentifierAttribute = lookupService.lookupEmbeddedDto(config, SysSyncRoleConfig_.memberIdentifierAttribute);
        Assert.notNull(memberIdentifierAttribute, "User identifier attribute cannot be null!");
        Set<String> membersUid = Sets.newHashSet();
        Set<UUID> membersContractIds = Sets.newHashSet();
        // Call user system for every member (if isn't already in the cache).
        SysSystemDto userSystemDto = systemService.get(roleSystemDto.getSystem());
        IcConnectorConfiguration icConfig = systemService.getConnectorConfiguration(userSystemDto);
        IcConnectorInstance connectorInstance = systemService.getConnectorInstance(userSystemDto);
        IcObjectClass objectClass = new IcObjectClassImpl(schemaObjectClassDto.getObjectClassName());
        if (icConfig instanceof IcConnectorConfigurationImpl) {
            // Enable pooling - a performance reason.
            IcConnectorConfigurationImpl icConfigImpl = (IcConnectorConfigurationImpl) icConfig;
            icConfigImpl.setConnectorPoolingSupported(true);
        }
        final int[] count = { 0 };
        for (String member : members) {
            if (!transformDnToUid(config, usersUidCache, memberIdentifierAttribute, membersUid, icConfig, connectorInstance, objectClass, count, member)) {
                return false;
            }
        }
        count[0] = 0;
        membersUid.forEach(uid -> assignMissingIdentityRoles(roleDto, config, logItem, existsIdentityRoleDtos, membersContractIds, userSystemDto, count, uid, context));
        if (!checkForCancelAndFlush(config)) {
            return false;
        }
        // Remove redundant identity roles.
        List<IdmIdentityRoleDto> redundantIdentityRoles = existsIdentityRoleDtos.stream().filter(existsIdentityRole -> !membersContractIds.contains(existsIdentityRole.getIdentityContract())).collect(Collectors.toList());
        count[0] = 0;
        redundantIdentityRoles.forEach(redundantIdentityRole -> removeRedundantIdentityRoles(roleDto, config, logItem, count, redundantIdentityRole));
    }
    return true;
}
Also used : IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) Autowired(org.springframework.beans.factory.annotation.Autowired) SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto) EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto) SysSystemAttributeMapping_(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping_) IcConnectorInstance(eu.bcvsolutions.idm.ic.api.IcConnectorInstance) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) EntityAccountService(eu.bcvsolutions.idm.acc.service.api.EntityAccountService) Map(java.util.Map) IdmRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFilter) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AccRoleAccountDto(eu.bcvsolutions.idm.acc.dto.AccRoleAccountDto) IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService) IcFilter(eu.bcvsolutions.idm.ic.filter.api.IcFilter) Set(java.util.Set) Serializable(java.io.Serializable) AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping) IdmRoleCatalogueService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueService) SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode) IdmRoleRequest_(eu.bcvsolutions.idm.core.model.entity.IdmRoleRequest_) IdmRoleCatalogueRole_(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogueRole_) RoleEvent(eu.bcvsolutions.idm.core.model.event.RoleEvent) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto) Lists(com.google.common.collect.Lists) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) SysSystemEntityFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemEntityFilter) IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass) RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType) SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService) SysSyncActionLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto) IcFilterBuilder(eu.bcvsolutions.idm.ic.filter.impl.IcFilterBuilder) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState) IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute) AccRoleAccountService(eu.bcvsolutions.idm.acc.service.api.AccRoleAccountService) IdmIdentityContract_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract_) SysSyncRoleConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncRoleConfigDto) IcConnectorConfigurationImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorConfigurationImpl) SynchronizationContext(eu.bcvsolutions.idm.acc.domain.SynchronizationContext) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SynchronizationEntityExecutor(eu.bcvsolutions.idm.acc.service.api.SynchronizationEntityExecutor) ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation) OperationResultType(eu.bcvsolutions.idm.acc.domain.OperationResultType) RoleType(eu.bcvsolutions.idm.core.api.domain.RoleType) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) AccRoleAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccRoleAccountFilter) IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService) SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService) SysSchemaAttribute_(eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute_) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter) ImmutableMap(com.google.common.collect.ImmutableMap) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) IdmRoleCatalogue_(eu.bcvsolutions.idm.core.model.entity.IdmRoleCatalogue_) SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto) UUID(java.util.UUID) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) List(java.util.List) EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter) IdmRoleCatalogueFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueFilter) AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) RoleRequestApprovalProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.RoleRequestApprovalProcessor) IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration) IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_) AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType) HashMap(java.util.HashMap) IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AtomicReference(java.util.concurrent.atomic.AtomicReference) MessageFormat(java.text.MessageFormat) SynchronizationActionType(eu.bcvsolutions.idm.acc.domain.SynchronizationActionType) SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) CorrelationFilter(eu.bcvsolutions.idm.core.api.dto.filter.CorrelationFilter) IdmRoleCatalogueRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCatalogueRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) IdmRoleCatalogueDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCatalogueDto) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) SysSyncRoleConfig_(eu.bcvsolutions.idm.acc.entity.SysSyncRoleConfig_) IdmRoleCatalogueRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueRoleService) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) Component(org.springframework.stereotype.Component) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService) SysSyncItemLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto) Assert(org.springframework.util.Assert) IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl) IcConnectorConfigurationImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorConfigurationImpl) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass) IcConnectorInstance(eu.bcvsolutions.idm.ic.api.IcConnectorInstance) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) List(java.util.List) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) UUID(java.util.UUID)

Aggregations

ImmutableMap (com.google.common.collect.ImmutableMap)1 Lists (com.google.common.collect.Lists)1 Sets (com.google.common.collect.Sets)1 AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)1 AttributeMapping (eu.bcvsolutions.idm.acc.domain.AttributeMapping)1 AttributeMappingStrategyType (eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)1 OperationResultType (eu.bcvsolutions.idm.acc.domain.OperationResultType)1 SynchronizationActionType (eu.bcvsolutions.idm.acc.domain.SynchronizationActionType)1 SynchronizationContext (eu.bcvsolutions.idm.acc.domain.SynchronizationContext)1 SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)1 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)1 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)1 AccRoleAccountDto (eu.bcvsolutions.idm.acc.dto.AccRoleAccountDto)1 EntityAccountDto (eu.bcvsolutions.idm.acc.dto.EntityAccountDto)1 SysRoleSystemAttributeDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)1 SysRoleSystemDto (eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)1 SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)1 SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)1 SysSyncActionLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncActionLogDto)1 SysSyncItemLogDto (eu.bcvsolutions.idm.acc.dto.SysSyncItemLogDto)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial