Example 1 with SysSystemMapping
use of eu.bcvsolutions.idm.acc.entity.SysSystemMapping in project CzechIdMng by bcvsolutions.
the class DefaultAccAccountService method toPredicates.
@Override
protected List<Predicate> toPredicates(Root<AccAccount> root, CriteriaQuery<?> query, CriteriaBuilder builder, AccAccountFilter filter) {
List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
// full search
if (StringUtils.isNotEmpty(filter.getText())) {
predicates.add(//
builder.or(builder.like(builder.lower(root.get(AccAccount_.uid)), "%" + filter.getText().toLowerCase() + "%"), builder.like(builder.lower(root.get(AccAccount_.systemEntity).get(SysSystemEntity_.uid)), "%" + filter.getText().toLowerCase() + "%")));
}
if (filter.getSystemId() != null) {
predicates.add(builder.equal(root.get(AccAccount_.system).get(SysSystem_.id), filter.getSystemId()));
}
if (filter.getSystemEntityId() != null) {
predicates.add(builder.equal(root.get(AccAccount_.systemEntity).get(SysSystemEntity_.id), filter.getSystemEntityId()));
}
if (filter.getUid() != null) {
predicates.add(builder.equal(root.get(AccAccount_.uid), filter.getUid()));
}
if (filter.getIdentityId() != null || filter.getOwnership() != null) {
Subquery<AccIdentityAccount> identityAccountSubquery = query.subquery(AccIdentityAccount.class);
Root<AccIdentityAccount> subRootIdentityAccount = identityAccountSubquery.from(AccIdentityAccount.class);
identityAccountSubquery.select(subRootIdentityAccount);
Predicate predicate = builder.and(builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.account), root));
Predicate identityPredicate = builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.identity).get(IdmIdentity_.id), filter.getIdentityId());
Predicate ownerPredicate = builder.equal(subRootIdentityAccount.get(AccIdentityAccount_.ownership), filter.getOwnership());
if (filter.getIdentityId() != null && filter.getOwnership() == null) {
predicate = builder.and(predicate, identityPredicate);
} else if (filter.getOwnership() != null && filter.getIdentityId() == null) {
predicate = builder.and(predicate, ownerPredicate);
} else {
predicate = builder.and(predicate, identityPredicate, ownerPredicate);
}
identityAccountSubquery.where(predicate);
predicates.add(builder.exists(identityAccountSubquery));
}
if (filter.getAccountType() != null) {
predicates.add(builder.equal(root.get(AccAccount_.accountType), filter.getAccountType()));
}
if (filter.getSupportChangePassword() != null && filter.getSupportChangePassword()) {
Subquery<SysSystemAttributeMapping> systemAttributeMappingSubquery = query.subquery(SysSystemAttributeMapping.class);
Root<SysSystemAttributeMapping> subRootSystemAttributeMapping = systemAttributeMappingSubquery.from(SysSystemAttributeMapping.class);
systemAttributeMappingSubquery.select(subRootSystemAttributeMapping);
Path<SysSystem> systemPath = root.get(AccAccount_.system);
Predicate predicate = builder.and(builder.isFalse(systemPath.get(SysSystem_.disabledProvisioning)), builder.equal(//
subRootSystemAttributeMapping.get(//
SysSystemAttributeMapping_.schemaAttribute).get(//
SysSchemaAttribute_.objectClass).get(//
SysSchemaObjectClass_.system), systemPath), builder.equal(//
subRootSystemAttributeMapping.get(//
SysSystemAttributeMapping_.systemMapping).get(SysSystemMapping_.operationType), SystemOperationType.PROVISIONING), builder.equal(//
subRootSystemAttributeMapping.get(//
SysSystemAttributeMapping_.schemaAttribute).get(SysSchemaAttribute_.name), ProvisioningService.PASSWORD_SCHEMA_PROPERTY_NAME));
systemAttributeMappingSubquery.where(predicate);
predicates.add(builder.exists(systemAttributeMappingSubquery));
}
if (filter.getEntityType() != null) {
predicates.add(builder.equal(root.get(AccAccount_.entityType), filter.getEntityType()));
}
if (filter.getInProtection() != null) {
predicates.add(builder.equal(root.get(AccAccount_.inProtection), filter.getInProtection()));
}
if (filter.getUniformPasswordId() != null) {
Subquery<SysSystem> subquerySystem = query.subquery(SysSystem.class);
Root<SysSystem> subRootSystem = subquerySystem.from(SysSystem.class);
subquerySystem.select(subRootSystem);
Subquery<AccUniformPasswordSystem> subqueryUniformSystem = query.subquery(AccUniformPasswordSystem.class);
Root<AccUniformPasswordSystem> subRootUniformSystem = subqueryUniformSystem.from(AccUniformPasswordSystem.class);
subqueryUniformSystem.select(subRootUniformSystem);
predicates.add(builder.exists(subquerySystem.where(builder.and(// Correlation attribute - connection to system
builder.equal(root.get(AccAccount_.system), subRootSystem), // Exclude in protection accounts
builder.isFalse(root.get(AccAccount_.inProtection)), // builder.isFalse(subRootSystem.get(SysSystem_.disabledProvisioning)), // Exclude system with disabled provisioning
builder.exists(subqueryUniformSystem.where(builder.and(builder.equal(subRootUniformSystem.get(AccUniformPasswordSystem_.system), subRootSystem), builder.equal(subRootUniformSystem.get(AccUniformPasswordSystem_.uniformPassword).get(AbstractEntity_.id), filter.getUniformPasswordId()))))))));
}
if (filter.getSupportPasswordFilter() != null) {
Subquery<SysSystem> subquerySystem = query.subquery(SysSystem.class);
Root<SysSystem> subRootSystem = subquerySystem.from(SysSystem.class);
subquerySystem.select(subRootSystem);
Subquery<SysSchemaObjectClass> subquerySchema = query.subquery(SysSchemaObjectClass.class);
Root<SysSchemaObjectClass> subRootSchema = subquerySchema.from(SysSchemaObjectClass.class);
subquerySchema.select(subRootSchema);
Subquery<SysSystemMapping> subqueryMapping = query.subquery(SysSystemMapping.class);
Root<SysSystemMapping> subRootMapping = subqueryMapping.from(SysSystemMapping.class);
subqueryMapping.select(subRootMapping);
Subquery<SysSystemAttributeMapping> subqueryAttributeMapping = query.subquery(SysSystemAttributeMapping.class);
Root<SysSystemAttributeMapping> subRootAttributeMapping = subqueryAttributeMapping.from(SysSystemAttributeMapping.class);
subqueryAttributeMapping.select(subRootAttributeMapping);
Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
subquery.select(subRoot);
predicates.add(builder.exists(subquerySystem.where(builder.and(// Correlation attribute - connection to system
builder.equal(root.get(AccAccount_.system), subRootSystem), // Exclude in protection accounts
builder.isFalse(root.get(AccAccount_.inProtection)), // Disabled, readonly or without provisioning system are NOT excluded, because from these systems may be still receive password change requests
builder.exists(subquerySchema.where(builder.and(// Correlation attribute - connection to schem object class
builder.equal(subRootSchema.get(SysSchemaObjectClass_.system), subRootSystem), builder.exists(subqueryMapping.where(builder.and(// Correlation attribute - connection to mapping
builder.equal(subRootMapping.get(SysSystemMapping_.objectClass), subRootSchema), // System mapping must be provisioning
builder.equal(subRootMapping.get(SysSystemMapping_.operationType), SystemOperationType.PROVISIONING), // Password change is now allowed only for identities
builder.equal(subRootMapping.get(SysSystemMapping_.entityType), SystemEntityType.IDENTITY), builder.exists(subqueryAttributeMapping.where(builder.and(// Correlation attribute - connection to attribute mapping
builder.equal(subRootAttributeMapping.get(SysSystemAttributeMapping_.systemMapping), subRootMapping), // Only password attribute
builder.isTrue(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordAttribute)), // Exclude disabled attribute
builder.isFalse(subRootAttributeMapping.get(SysSystemAttributeMapping_.disabledAttribute)), BooleanUtils.isTrue(filter.getSupportPasswordFilter()) ? builder.isTrue(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordFilter)) : builder.isFalse(subRootAttributeMapping.get(SysSystemAttributeMapping_.passwordFilter)))))))))))))));
}
//
return predicates;
}
Also used :
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
SysSystemMapping(eu.bcvsolutions.idm.acc.entity.SysSystemMapping)
Predicate(javax.persistence.criteria.Predicate)
SysSystem(eu.bcvsolutions.idm.acc.entity.SysSystem)
AccUniformPasswordSystem(eu.bcvsolutions.idm.acc.entity.AccUniformPasswordSystem)
AccIdentityAccount(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount)
SysSchemaObjectClass(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass)
Example 2 with SysSystemMapping
use of eu.bcvsolutions.idm.acc.entity.SysSystemMapping in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemAttributeMappingService method toPredicates.
@Override
protected List<Predicate> toPredicates(Root<SysSystemAttributeMapping> root, CriteriaQuery<?> query, CriteriaBuilder builder, SysSystemAttributeMappingFilter filter) {
List<Predicate> predicates = super.toPredicates(root, query, builder, filter);
// fulltext
String text = filter.getText();
if (!StringUtils.isEmpty(text)) {
predicates.add(builder.like(builder.lower(root.get(SysSystemAttributeMapping_.name)), "%" + text.toLowerCase() + "%"));
}
if (filter.getSystemMappingId() != null) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.systemMapping).get(AbstractEntity_.id), filter.getSystemMappingId()));
}
if (filter.getSchemaAttributeId() != null) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.schemaAttribute).get(AbstractEntity_.id), filter.getSchemaAttributeId()));
}
if (!StringUtils.isEmpty(filter.getSchemaAttributeName())) {
Subquery<SysSchemaAttribute> subquery = query.subquery(SysSchemaAttribute.class);
Root<SysSchemaAttribute> subRoot = subquery.from(SysSchemaAttribute.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(root.get(SysSystemAttributeMapping_.schemaAttribute), subRoot), builder.equal(subRoot.get(SysSchemaAttribute_.name), filter.getSchemaAttributeName())));
predicates.add(builder.exists(subquery));
}
if (filter.getSystemId() != null) {
Subquery<SysSystemMapping> subquerySystemMapping = query.subquery(SysSystemMapping.class);
Root<SysSystemMapping> subRootSystemMapping = subquerySystemMapping.from(SysSystemMapping.class);
subquerySystemMapping.select(subRootSystemMapping);
Subquery<SysSchemaObjectClass> subqueryObjectClass = query.subquery(SysSchemaObjectClass.class);
Root<SysSchemaObjectClass> subRootObjectClass = subqueryObjectClass.from(SysSchemaObjectClass.class);
subqueryObjectClass.select(subRootObjectClass);
subqueryObjectClass.where(builder.and(// correlation attr
builder.equal(subRootSystemMapping.get(SysSystemMapping_.objectClass), subRootObjectClass), builder.equal(subRootObjectClass.get(SysSchemaObjectClass_.system).get(AbstractEntity_.id), filter.getSystemId())));
Predicate predicate = builder.exists(subquerySystemMapping.where(builder.and(builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRootSystemMapping), builder.exists(subqueryObjectClass.where(builder.and(// correlation attr
builder.equal(subRootSystemMapping.get(SysSystemMapping_.objectClass), subRootObjectClass), builder.equal(subRootObjectClass.get(SysSchemaObjectClass_.system).get(AbstractEntity_.id), filter.getSystemId())))))));
predicates.add(predicate);
}
if (filter.getIsUid() != null) {
if (BooleanUtils.isFalse(filter.getIsUid())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.uid)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.uid)));
}
}
if (!StringUtils.isEmpty(filter.getIdmPropertyName())) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.idmPropertyName), filter.getIdmPropertyName()));
}
if (filter.getSendOnPasswordChange() != null) {
if (BooleanUtils.isFalse(filter.getSendOnPasswordChange())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.sendOnPasswordChange)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.sendOnPasswordChange)));
}
}
if (filter.getSendOnlyOnPasswordChange() != null) {
if (BooleanUtils.isFalse(filter.getSendOnlyOnPasswordChange())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.sendOnlyOnPasswordChange)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.sendOnlyOnPasswordChange)));
}
}
if (filter.getPasswordAttribute() != null) {
if (BooleanUtils.isFalse(filter.getPasswordAttribute())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.passwordAttribute)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.passwordAttribute)));
}
}
if (filter.getDisabledAttribute() != null) {
if (BooleanUtils.isFalse(filter.getDisabledAttribute())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.disabledAttribute)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.disabledAttribute)));
}
}
if (filter.getOperationType() != null) {
Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRoot), builder.equal(subRoot.get(SysSystemMapping_.operationType), filter.getOperationType())));
predicates.add(builder.exists(subquery));
}
if (filter.getEntityType() != null) {
Subquery<SysSystemMapping> subquery = query.subquery(SysSystemMapping.class);
Root<SysSystemMapping> subRoot = subquery.from(SysSystemMapping.class);
subquery.select(subRoot);
subquery.where(builder.and(// correlation attr
builder.equal(root.get(SysSystemAttributeMapping_.systemMapping), subRoot), builder.equal(subRoot.get(SysSystemMapping_.entityType), filter.getEntityType())));
predicates.add(builder.exists(subquery));
}
if (!StringUtils.isEmpty(filter.getName())) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.name), filter.getName()));
}
if (filter.getAuthenticationAttribute() != null) {
if (BooleanUtils.isFalse(filter.getAuthenticationAttribute())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.authenticationAttribute)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.authenticationAttribute)));
}
}
if (filter.getPasswordFilter() != null) {
if (BooleanUtils.isFalse(filter.getPasswordFilter())) {
predicates.add(builder.isFalse(root.get(SysSystemAttributeMapping_.passwordFilter)));
} else {
predicates.add(builder.isTrue(root.get(SysSystemAttributeMapping_.passwordFilter)));
}
}
if (filter.getStrategyType() != null) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.strategyType), filter.getStrategyType()));
}
if (filter.getId() != null) {
predicates.add(builder.equal(root.get(SysSystemAttributeMapping_.id), filter.getId()));
}
return predicates;
}
Also used :
SysSchemaObjectClass(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
SysSchemaAttribute(eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute)
SysSystemMapping(eu.bcvsolutions.idm.acc.entity.SysSystemMapping)
Predicate(javax.persistence.criteria.Predicate)
Aggregations
SysSchemaObjectClass (eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass)2
SysSystemMapping (eu.bcvsolutions.idm.acc.entity.SysSystemMapping)2
Predicate (javax.persistence.criteria.Predicate)2
AccIdentityAccount (eu.bcvsolutions.idm.acc.entity.AccIdentityAccount)1
AccUniformPasswordSystem (eu.bcvsolutions.idm.acc.entity.AccUniformPasswordSystem)1
SysSchemaAttribute (eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute)1
SysSystem (eu.bcvsolutions.idm.acc.entity.SysSystem)1
SysSystemAttributeMapping (eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)1
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)1
