Example 66 with TestResource
use of eu.bcvsolutions.idm.acc.entity.TestResource in project CzechIdMng by bcvsolutions.
the class IdentityAccountManagementTest method defaultAccountDisable.
@Test
public void defaultAccountDisable() {
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
Assert.assertEquals("Identity must be enabled!", Boolean.FALSE, identity.isDisabled());
TestResource resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
Assert.assertNotNull("Idenitity have to exists on target system (after account management)", resourceAccount);
Assert.assertEquals("Account on target system, must be enabled", "enabled", resourceAccount.getStatus());
identity.setState(IdentityState.DISABLED);
// This evokes Identity SAVE event. On this event will be start account
// management and provisioning
identityService.save(identity);
resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
Assert.assertNotNull("Idenitity have to exists on target system (after account management)", resourceAccount);
Assert.assertEquals("Account on target system, must be disabled!", "disabled", resourceAccount.getStatus());
}
Also used :
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 67 with TestResource
use of eu.bcvsolutions.idm.acc.entity.TestResource in project CzechIdMng by bcvsolutions.
the class IdentityPasswordProvisioningTest method twoAttributeMainPasswordDisabled.
@Test
public void twoAttributeMainPasswordDisabled() {
SysSystemDto system = initSystem();
IdmRoleDto role = initRole(system);
SysSystemAttributeMappingDto descriptionAttribute = initDescriptionAttribute(system);
changeAttributeToPasswordMapping(descriptionAttribute, null);
SysSystemAttributeMappingDto mainPasswordAttribute = getMainPasswordAttribute(system);
mainPasswordAttribute.setDisabledAttribute(true);
mainPasswordAttribute = systemAttributeMappingService.save(mainPasswordAttribute);
IdmIdentityDto identity = helper.createIdentity();
IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
checkIdentityAccount(identity, identityRole, 1);
TestResource findResource = helper.findResource(identity.getUsername());
assertNotNull(findResource);
assertNull(findResource.getPassword());
assertEquals(DEFAULT_PASSWORD, findResource.getDescrip());
String newPassword = "password" + System.currentTimeMillis();
// change password, but only for idm
List<OperationResult> results = changePassword(identity, null, newPassword);
assertEquals(2, results.size());
// check for results
for (OperationResult result : results) {
IdmAccountDto account = (IdmAccountDto) result.getModel().getParameters().get(IdmAccountDto.PARAMETER_NAME);
String statusEnum = result.getModel().getStatusEnum();
assertNotNull(statusEnum);
assertNotNull(account);
if (statusEnum.equals(CoreResultCode.PASSWORD_CHANGE_ACCOUNT_SUCCESS.name())) {
if (account.getSystemId() == null) {
// idm
assertNull(account.getSystemId());
assertNull(account.getSystemName());
} else {
assertEquals(system.getId(), account.getSystemId());
assertEquals(system.getName(), account.getSystemName());
}
continue;
}
fail("Different result!");
}
// password must be same as before
findResource = helper.findResource(identity.getUsername());
assertNotNull(findResource);
// main password are disabled
assertNull(findResource.getPassword());
assertEquals(newPassword, findResource.getDescrip());
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
ConfidentialString(eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 68 with TestResource
use of eu.bcvsolutions.idm.acc.entity.TestResource in project CzechIdMng by bcvsolutions.
the class AccountProtectionExpirationTaskExecutorIntegrationTest method testRemoveExpiredAccount.
@Test
public void testRemoveExpiredAccount() {
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmRoleDto role = getHelper().createRole();
SysSystemDto system = getHelper().createTestResourceSystem(true);
SysSystemMappingDto mapping = getHelper().getDefaultMapping(system);
mapping.setProtectionInterval(1);
mapping.setProtectionEnabled(true);
systemMappingService.save(mapping);
getHelper().createRoleSystem(role, system);
IdmIdentityRoleDto identityRole = getHelper().createIdentityRole(identity, role);
//
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = getHelper().findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// remove role
identityRoleService.deleteById(identityRole.getId());
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = getHelper().findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// test LRT - nothing to remove
AccountProtectionExpirationTaskExecutor taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = getHelper().findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// change account expiration
account.setEndOfProtection(ZonedDateTime.now().minusDays(1));
account = accountService.save(account);
taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
AccAccountDto removedAccount = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNull(removedAccount);
createdAccount = getHelper().findResource(account.getUid());
Assert.assertNull(createdAccount);
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccountProtectionExpirationTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.AccountProtectionExpirationTaskExecutor)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
Test(org.junit.Test)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Example 69 with TestResource
use of eu.bcvsolutions.idm.acc.entity.TestResource in project CzechIdMng by bcvsolutions.
the class AccountProtectionSystemTest method protectedAccountNoProvisioningTest.
/**
* When is account in protection mode, then cannot be provisioned.
*/
@Test
public void protectedAccountNoProvisioningTest() {
IdmIdentityDto identity = helper.createIdentity();
SysSystemDto system = initSystem();
IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
int intervalInDays = 10;
// Set system to protected mode
SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
mapping.setProtectionEnabled(Boolean.TRUE);
mapping.setProtectionInterval(intervalInDays);
systemMappingService.save(mapping);
String changedValue = "changed";
identity.setFirstName(changedValue);
identityService.save(identity);
IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, roleOne);
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(changedValue, createdAccount.getFirstname());
// Remove role from identity
identityRoleService.deleteById(identityRole.getId());
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
Assert.assertTrue(account.getEndOfProtection().toLocalDate().isEqual(LocalDate.now().plusDays(intervalInDays)));
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Change first name and emit provisioning (provisioning must be break)
identity.setFirstName(identity.getUsername());
identityService.save(identity);
createdAccount = helper.findResource(account.getUid());
Assert.assertNotEquals(identity.getFirstName(), createdAccount.getFirstname());
}
Also used :
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 70 with TestResource
use of eu.bcvsolutions.idm.acc.entity.TestResource in project CzechIdMng by bcvsolutions.
the class AccountProtectionSystemTest method protectedIdentityAccountDeleteTest.
/**
* When is account in protection mode, then cannot be identity account deleted.
*/
@Test(expected = ResultCodeException.class)
public void protectedIdentityAccountDeleteTest() {
IdmIdentityDto identity = helper.createIdentity();
SysSystemDto system = initSystem();
IdmRoleDto roleOne = roleService.getByCode(ROLE_ONE);
// Set system to protected mode
SysSystemMappingDto mapping = systemMappingService.findBySystem(system, SystemOperationType.PROVISIONING, SystemEntityType.IDENTITY).get(0);
mapping.setProtectionEnabled(Boolean.TRUE);
mapping.setProtectionInterval(null);
systemMappingService.save(mapping);
IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, roleOne);
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
// Remove role from identity
identityRoleService.deleteById(identityRole.getId());
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setAccountId(account.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(identityAccountFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
// Remove identity account again. Now must end on the exception (account is
// already in protection)
identityAccountService.delete(identityAccounts.get(0));
}
Also used :
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Aggregations
TestResource (eu.bcvsolutions.idm.acc.entity.TestResource)97
Test (org.junit.Test)83
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)81
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)69
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)51
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)50
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)36
AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)32
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)32
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)30
AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)27
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)26
ConfidentialString (eu.bcvsolutions.idm.core.security.api.domain.ConfidentialString)19
AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)17
SysSchemaAttributeFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)12
PasswordChangeDto (eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)12
OperationResult (eu.bcvsolutions.idm.core.api.entity.OperationResult)12
SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)11
SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)10
Transactional (org.springframework.transaction.annotation.Transactional)10
