Example 1 with ProvisioningException
use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.
the class PrepareConnectorObjectProcessor method processUpdate.
@SuppressWarnings("unchecked")
private void processUpdate(SysProvisioningOperationDto provisioningOperation, IcConnectorConfiguration connectorConfig, IcConnectorObject existsConnectorObject) {
SysSystemDto system = systemService.get(provisioningOperation.getSystem());
String systemEntityUid = provisioningOperationService.getByProvisioningOperation(provisioningOperation).getUid();
ProvisioningContext provisioningContext = provisioningOperation.getProvisioningContext();
IcConnectorObject connectorObject = provisioningContext.getConnectorObject();
IcObjectClass objectClass = connectorObject.getObjectClass();
//
IcConnectorObject updateConnectorObject;
if (provisioningContext.getAccountObject() == null) {
updateConnectorObject = connectorObject;
} else {
Map<ProvisioningAttributeDto, Object> fullAccountObject = provisioningOperationService.getFullAccountObject(provisioningOperation);
updateConnectorObject = new IcConnectorObjectImpl(systemEntityUid, objectClass, null);
SysSystemMappingDto mapping = getMapping(system, provisioningOperation.getEntityType());
SysSchemaObjectClassDto schemaObjectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
List<SysSchemaAttributeDto> schemaAttributes = findSchemaAttributes(system, schemaObjectClassDto);
SysProvisioningOperationFilter filter = new SysProvisioningOperationFilter();
filter.setEntityIdentifier(provisioningOperation.getEntityIdentifier());
filter.setEntityType(provisioningOperation.getEntityType());
filter.setResultState(OperationState.EXECUTED);
SysProvisioningArchiveDto lastSuccessEntity = null;
for (Entry<ProvisioningAttributeDto, Object> entry : fullAccountObject.entrySet()) {
ProvisioningAttributeDto provisioningAttribute = entry.getKey();
Optional<SysSchemaAttributeDto> schemaAttributeOptional = schemaAttributes.stream().filter(schemaAttribute -> {
return provisioningAttribute.getSchemaAttributeName().equals(schemaAttribute.getName());
}).findFirst();
if (!schemaAttributeOptional.isPresent()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_SCHEMA_ATTRIBUTE_IS_FOUND, ImmutableMap.of("attribute", provisioningAttribute.getSchemaAttributeName()));
}
SysSchemaAttributeDto schemaAttribute = schemaAttributeOptional.get();
if (schemaAttribute.isUpdateable()) {
if (schemaAttribute.isReturnedByDefault()) {
Object idmValue = fullAccountObject.get(provisioningAttribute);
IcAttribute attribute = existsConnectorObject.getAttributeByName(schemaAttribute.getName());
Object connectorValue = attribute != null ? (attribute.isMultiValue() ? attribute.getValues() : attribute.getValue()) : null;
Object resultValue = idmValue;
if (AttributeMappingStrategyType.CREATE == provisioningAttribute.getStrategyType()) {
// We do update, attributes with create strategy will be skipped
continue;
}
if (provisioningAttribute.isSendOnlyIfNotNull()) {
if (this.isValueEmpty(idmValue)) {
// Skip this attribute (marked with flag sendOnlyIfNotNull), because idm value is null
continue;
}
}
if (AttributeMappingStrategyType.WRITE_IF_NULL == provisioningAttribute.getStrategyType()) {
boolean existSetAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.SET == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
boolean existMergeAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.MERGE == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
boolean existAuthMergeAttribute = fullAccountObject.keySet().stream().filter(provisioningAttributeKey -> {
return provisioningAttributeKey.getSchemaAttributeName().equals(schemaAttribute.getName()) && AttributeMappingStrategyType.AUTHORITATIVE_MERGE == provisioningAttributeKey.getStrategyType();
}).findFirst().isPresent();
if (AttributeMappingStrategyType.WRITE_IF_NULL == provisioningAttribute.getStrategyType()) {
List<IcAttribute> icAttributes = existsConnectorObject.getAttributes();
//
Optional<IcAttribute> icAttributeOptional = icAttributes.stream().filter(ica -> {
return schemaAttribute.getName().equals(ica.getName());
}).findFirst();
IcAttribute icAttribute = null;
if (icAttributeOptional.isPresent()) {
icAttribute = icAttributeOptional.get();
}
// We need do transform from resource first
Object transformedConnectorValue = this.transformValueFromResource(provisioningAttribute.getTransformValueFromResourceScript(), schemaAttribute, icAttribute, icAttributes, system);
if (transformedConnectorValue != null || existSetAttribute || existAuthMergeAttribute || existMergeAttribute) {
// or exists same attribute with SET/MERGE/AUTH_MERGE strategy (this strategies has higher priority)
continue;
}
}
}
if (AttributeMappingStrategyType.MERGE == provisioningAttribute.getStrategyType()) {
// Load last provisioning history
if (lastSuccessEntity == null) {
List<SysProvisioningArchiveDto> lastSuccessEntities = provisioningArchiveService.find(filter, new PageRequest(0, 1, new Sort(Direction.DESC, MODIFIED_FIELD_NAME))).getContent();
if (!lastSuccessEntities.isEmpty()) {
lastSuccessEntity = lastSuccessEntities.get(0);
}
}
// Merge IdM values with connector values
if (connectorValue instanceof List) {
List<Object> connectorValues = new ArrayList<>((List<Object>) connectorValue);
List<Object> idmValues = null;
if (idmValue instanceof List) {
idmValues = (List<Object>) idmValue;
}
if (idmValues != null) {
idmValues.stream().forEach(value -> {
if (!connectorValues.contains(value)) {
connectorValues.add(value);
}
});
}
resultValue = connectorValues;
}
// Delete missing values by last provisioning history
if (lastSuccessEntity != null && lastSuccessEntity.getProvisioningContext() != null && lastSuccessEntity.getProvisioningContext().getAccountObject() != null && lastSuccessEntity.getProvisioningContext().getAccountObject().containsKey(provisioningAttribute)) {
Object oldValue = lastSuccessEntity.getProvisioningContext().getAccountObject().get(provisioningAttribute);
if (oldValue instanceof List) {
if (!oldValue.equals(idmValue)) {
// Search all deleted values (managed by IdM) by founded last provisioning values
List<?> deletedValues = ((List<?>) oldValue).stream().filter(value -> {
List<?> idmValues = null;
if (idmValue instanceof List) {
idmValues = (List<?>) idmValue;
}
if (idmValues != null && idmValues.contains(value)) {
return false;
}
return true;
}).collect(Collectors.toList());
if (resultValue instanceof List) {
List<?> resultValues = new ArrayList<>((List<Object>) resultValue);
// Remove all deleted values (managed by IdM)
resultValues.removeAll(deletedValues);
resultValue = resultValues;
}
}
}
}
}
// Update attribute on resource by given mapping
// attribute and mapped value in entity
IcAttribute updatedAttribute = updateAttribute(systemEntityUid, resultValue, schemaAttribute, existsConnectorObject, system, provisioningAttribute);
if (updatedAttribute != null) {
updateConnectorObject.getAttributes().add(updatedAttribute);
}
} else {
// filled values only
if (fullAccountObject.get(provisioningAttribute) != null) {
IcAttribute createdAttribute = createAttribute(schemaAttribute, fullAccountObject.get(provisioningAttribute));
if (createdAttribute != null) {
updateConnectorObject.getAttributes().add(createdAttribute);
}
}
}
}
}
}
//
provisioningOperation.getProvisioningContext().setConnectorObject(updateConnectorObject);
provisioningOperation.setOperationType(ProvisioningEventType.UPDATE);
}
Also used :
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
NotificationManager(eu.bcvsolutions.idm.core.notification.api.service.NotificationManager)
Autowired(org.springframework.beans.factory.annotation.Autowired)
Enabled(eu.bcvsolutions.idm.core.security.api.domain.Enabled)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSchemaAttribute(eu.bcvsolutions.idm.acc.entity.SysSchemaAttribute)
SysProvisioningArchiveDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningArchiveDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
ProvisioningConfiguration(eu.bcvsolutions.idm.acc.config.domain.ProvisioningConfiguration)
Sort(org.springframework.data.domain.Sort)
AbstractEntityEventProcessor(eu.bcvsolutions.idm.core.api.event.AbstractEntityEventProcessor)
ImmutableMap(com.google.common.collect.ImmutableMap)
SysSchemaAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSchemaAttributeFilter)
Collection(java.util.Collection)
SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
PageRequest(org.springframework.data.domain.PageRequest)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
Collectors(java.util.stream.Collectors)
Objects(java.util.Objects)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
List(java.util.List)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
CollectionUtils(org.springframework.util.CollectionUtils)
Entry(java.util.Map.Entry)
Optional(java.util.Optional)
IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
Strings(com.google.common.base.Strings)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
IcUidAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcUidAttributeImpl)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
EventResult(eu.bcvsolutions.idm.core.api.event.EventResult)
Direction(org.springframework.data.domain.Sort.Direction)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Description(org.springframework.context.annotation.Description)
AccModuleDescriptor(eu.bcvsolutions.idm.acc.AccModuleDescriptor)
SysProvisioningArchiveService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningArchiveService)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
Component(org.springframework.stereotype.Component)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
IdmMessageDto(eu.bcvsolutions.idm.core.notification.api.dto.IdmMessageDto)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel)
Assert(org.springframework.util.Assert)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysProvisioningArchiveDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningArchiveDto)
ArrayList(java.util.ArrayList)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
PageRequest(org.springframework.data.domain.PageRequest)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
Sort(org.springframework.data.domain.Sort)
List(java.util.List)
ArrayList(java.util.ArrayList)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
Example 2 with ProvisioningException
use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.
the class TreeSynchronizationExecutor method findByAttribute.
@Override
protected IdmTreeNodeDto findByAttribute(String idmAttributeName, String value) {
CorrelationFilter filter = getEntityFilter();
filter.setProperty(idmAttributeName);
filter.setValue(value);
List<IdmTreeNodeDto> entities = treeNodeService.find((IdmTreeNodeFilter) filter, null).getContent();
if (CollectionUtils.isEmpty(entities)) {
return null;
}
if (entities.size() > 1) {
throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_CORRELATION_TO_MANY_RESULTS, ImmutableMap.of("correlationAttribute", idmAttributeName, "value", value));
}
if (entities.size() == 1) {
return entities.get(0);
}
return null;
}
Also used :
CorrelationFilter(eu.bcvsolutions.idm.core.api.dto.filter.CorrelationFilter)
IdmTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmTreeNodeFilter)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
Example 3 with ProvisioningException
use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.
the class AbstractProvisioningExecutor method prepareMappedAttributesValues.
/**
* Prepare all mapped attribute values (= account)
*
* @param dto
* @param operationType
* @param systemEntity
* @param attributes
* @return
*/
protected Map<ProvisioningAttributeDto, Object> prepareMappedAttributesValues(DTO dto, ProvisioningOperationType operationType, SysSystemEntityDto systemEntity, List<? extends AttributeMapping> attributes) {
AccAccountDto account = getAccountSystemEntity(systemEntity.getId());
String uid = systemEntity.getUid();
SysSystemDto system = DtoUtils.getEmbedded(systemEntity, SysSystemEntity_.system, SysSystemDto.class);
Map<ProvisioningAttributeDto, Object> accountAttributes = new HashMap<>();
// delete - account attributes is not needed
if (ProvisioningOperationType.DELETE == operationType) {
return accountAttributes;
}
// First we will resolve attribute without MERGE strategy
attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && AttributeMappingStrategyType.AUTHORITATIVE_MERGE != attribute.getStrategyType() && AttributeMappingStrategyType.MERGE != attribute.getStrategyType();
}).forEach(attribute -> {
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attribute);
if (attribute.isUid()) {
// TODO: now we set UID from SystemEntity, may be UID from
// AccAccount will be more correct
Object uidValue = getAttributeValue(uid, dto, attribute);
if (uidValue == null) {
throw new ProvisioningException(AccResultCode.PROVISIONING_GENERATED_UID_IS_NULL, ImmutableMap.of("system", system.getName()));
}
if (!(uidValue instanceof String)) {
throw new ProvisioningException(AccResultCode.PROVISIONING_ATTRIBUTE_UID_IS_NOT_STRING, ImmutableMap.of("uid", uidValue, "system", system.getName()));
}
updateAccountUid(account, uid, (String) uidValue);
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), uidValue);
} else {
accountAttributes.put(ProvisioningAttributeDto.createProvisioningAttributeKey(attribute, schemaAttributeDto.getName()), getAttributeValue(uid, dto, attribute));
}
});
// Second we will resolve MERGE attributes
List<? extends AttributeMapping> attributesMerge = attributes.stream().filter(attribute -> {
return !attribute.isDisabledAttribute() && (AttributeMappingStrategyType.AUTHORITATIVE_MERGE == attribute.getStrategyType() || AttributeMappingStrategyType.MERGE == attribute.getStrategyType());
}).collect(Collectors.toList());
for (AttributeMapping attributeParent : attributesMerge) {
SysSchemaAttributeDto schemaAttributeParent = getSchemaAttribute(attributeParent);
ProvisioningAttributeDto attributeParentKey = ProvisioningAttributeDto.createProvisioningAttributeKey(attributeParent, schemaAttributeParent.getName());
if (!schemaAttributeParent.isMultivalued()) {
throw new ProvisioningException(AccResultCode.PROVISIONING_MERGE_ATTRIBUTE_IS_NOT_MULTIVALUE, ImmutableMap.of("object", uid, "attribute", schemaAttributeParent.getName(), "system", system.getName()));
}
// we use SET collection because we want collection of merged values without duplicates
Set<Object> mergedValues = new LinkedHashSet<>();
attributes.stream().filter(attribute -> {
SysSchemaAttributeDto schemaAttribute = getSchemaAttribute(attribute);
return !accountAttributes.containsKey(attributeParentKey) && schemaAttributeParent.equals(schemaAttribute) && attributeParent.getStrategyType() == attribute.getStrategyType();
}).forEach(attribute -> {
Object value = getAttributeValue(uid, dto, attribute);
// provisioning in IC)
if (value != null) {
// main list!
if (value instanceof Collection) {
Collection<?> collectionNotNull = ((Collection<?>) value).stream().filter(item -> {
return item != null;
}).collect(Collectors.toList());
mergedValues.addAll(collectionNotNull);
} else {
mergedValues.add(value);
}
}
});
if (!accountAttributes.containsKey(attributeParentKey)) {
// we must put merged values as array list
accountAttributes.put(attributeParentKey, new ArrayList<>(mergedValues));
}
}
return accountAttributes;
}
Also used :
ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
SysSystemEntityDto(eu.bcvsolutions.idm.acc.dto.SysSystemEntityDto)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
SysSystemEntity_(eu.bcvsolutions.idm.acc.entity.SysSystemEntity_)
Map(java.util.Map)
ProvisioningEntityExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningEntityExecutor)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
Set(java.util.Set)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
List(java.util.List)
EntityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.EntityAccountFilter)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
CollectionUtils(org.springframework.util.CollectionUtils)
AccountType(eu.bcvsolutions.idm.acc.domain.AccountType)
Optional(java.util.Optional)
IcUidAttribute(eu.bcvsolutions.idm.ic.api.IcUidAttribute)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
AccAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccAccountFilter)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
ProvisioningEvent(eu.bcvsolutions.idm.acc.event.ProvisioningEvent)
AttributeMappingStrategyType(eu.bcvsolutions.idm.acc.domain.AttributeMappingStrategyType)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
HashMap(java.util.HashMap)
IcObjectClassImpl(eu.bcvsolutions.idm.ic.impl.IcObjectClassImpl)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ImmutableList(com.google.common.collect.ImmutableList)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
ProvisioningOperationType(eu.bcvsolutions.idm.acc.domain.ProvisioningOperationType)
LinkedHashSet(java.util.LinkedHashSet)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
ProvisioningContext(eu.bcvsolutions.idm.acc.domain.ProvisioningContext)
Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable)
SysSystemMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemMappingFilter)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
IcConnectorKey(eu.bcvsolutions.idm.ic.api.IcConnectorKey)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
AccAccount_(eu.bcvsolutions.idm.acc.entity.AccAccount_)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
ProvisioningService(eu.bcvsolutions.idm.acc.service.api.ProvisioningService)
Collections(java.util.Collections)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Assert(org.springframework.util.Assert)
LinkedHashSet(java.util.LinkedHashSet)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
Collection(java.util.Collection)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Example 4 with ProvisioningException
use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.
the class DefaultSysSystemAttributeMappingService method getAttributeValue.
/**
* Find value for this mapped attribute by property name. Returned value can be list of objects. Returns transformed value.
*
* @param uid - Account identifier
* @param entity
* @param attributeHandling
* @param idmValue
* @return
* @throws IntrospectionException
* @throws IllegalAccessException
* @throws InvocationTargetException
*/
@Override
public Object getAttributeValue(String uid, AbstractDto entity, AttributeMapping attributeHandling) {
Object idmValue = null;
//
SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attributeHandling);
//
if (attributeHandling.isExtendedAttribute() && entity != null && formService.isFormable(entity.getClass())) {
List<IdmFormValueDto> formValues = formService.getValues(entity, attributeHandling.getIdmPropertyName());
if (formValues.isEmpty()) {
idmValue = null;
} else if (schemaAttributeDto.isMultivalued()) {
// Multiple value extended attribute
List<Object> values = new ArrayList<>();
formValues.stream().forEachOrdered(formValue -> {
values.add(formValue.getValue());
});
idmValue = values;
} else {
// Single value extended attribute
IdmFormValueDto formValue = formValues.get(0);
if (formValue.isConfidential()) {
Object confidentialValue = formService.getConfidentialPersistentValue(formValue);
// If is confidential value String and schema attribute is GuardedString type, then convert to GuardedString will be did.
if (confidentialValue instanceof String && schemaAttributeDto.getClassType().equals(GuardedString.class.getName())) {
idmValue = new GuardedString((String) confidentialValue);
} else {
idmValue = confidentialValue;
}
} else {
idmValue = formValue.getValue();
}
}
} else // Find value from entity
if (attributeHandling.isEntityAttribute()) {
if (attributeHandling.isConfidentialAttribute()) {
// If is attribute isConfidential, then we will find value in
// secured storage
idmValue = confidentialStorage.getGuardedString(entity.getId(), entity.getClass(), attributeHandling.getIdmPropertyName());
} else {
try {
// We will search value directly in entity by property name
idmValue = EntityUtils.getEntityValue(entity, attributeHandling.getIdmPropertyName());
} catch (IntrospectionException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | ProvisioningException o_O) {
throw new ProvisioningException(AccResultCode.PROVISIONING_IDM_FIELD_NOT_FOUND, ImmutableMap.of("property", attributeHandling.getIdmPropertyName(), "entityType", entity.getClass()), o_O);
}
}
} else {
// If Attribute value is not in entity nor in extended attribute, then idmValue is null.
// It means attribute is static ... we will call transformation to resource.
}
return this.transformValueToResource(uid, idmValue, attributeHandling, entity);
}
Also used :
IdmScriptCategory(eu.bcvsolutions.idm.core.api.domain.IdmScriptCategory)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysSystemAttributeMappingRepository(eu.bcvsolutions.idm.acc.repository.SysSystemAttributeMappingRepository)
FormPropertyManager(eu.bcvsolutions.idm.acc.service.api.FormPropertyManager)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
PluginRegistry(org.springframework.plugin.core.PluginRegistry)
Autowired(org.springframework.beans.factory.annotation.Autowired)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
GroovyScriptService(eu.bcvsolutions.idm.core.api.service.GroovyScriptService)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
Pageable(org.springframework.data.domain.Pageable)
SysSystemAttributeMapping(eu.bcvsolutions.idm.acc.entity.SysSystemAttributeMapping)
ImmutableMap(com.google.common.collect.ImmutableMap)
SystemOperationType(eu.bcvsolutions.idm.acc.domain.SystemOperationType)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
Collectors(java.util.stream.Collectors)
IntrospectionException(java.beans.IntrospectionException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
AttributeMapping(eu.bcvsolutions.idm.acc.domain.AttributeMapping)
SysSyncConfigRepository(eu.bcvsolutions.idm.acc.repository.SysSyncConfigRepository)
List(java.util.List)
SysRoleSystemAttributeRepository(eu.bcvsolutions.idm.acc.repository.SysRoleSystemAttributeRepository)
Optional(java.util.Optional)
Identifiable(eu.bcvsolutions.idm.core.api.domain.Identifiable)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
OrderAwarePluginRegistry(org.springframework.plugin.core.OrderAwarePluginRegistry)
IcPasswordAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcPasswordAttributeImpl)
HashMap(java.util.HashMap)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ConfidentialStorage(eu.bcvsolutions.idm.core.api.service.ConfidentialStorage)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
Service(org.springframework.stereotype.Service)
EntityUtils(eu.bcvsolutions.idm.core.api.utils.EntityUtils)
AbstractReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadWriteDtoService)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSchemaObjectClass_(eu.bcvsolutions.idm.acc.entity.SysSchemaObjectClass_)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
AbstractScriptEvaluator(eu.bcvsolutions.idm.core.script.evaluator.AbstractScriptEvaluator)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
StringUtils(org.springframework.util.StringUtils)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
List(java.util.List)
ArrayList(java.util.ArrayList)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
Example 5 with ProvisioningException
use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.
the class IdentityProvisioningExecutor method findOverloadingAttributes.
/**
* Return list of all overloading attributes for given identity, system and
* uid
*
* @param identityAccount
* @param idenityAccoutnList
* @param operationType
* @param entityType
* @return
*/
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
idenityAccoutnList.stream().filter(ia -> {
AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
}).forEach((identityAccountInner) -> {
AbstractDto identityAccount = (AbstractDto) identityAccountInner;
// All identity account with same system and with filled
// identityRole
AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setRoleId(identityRole.getRole());
roleSystemFilter.setSystemId(account.getSystem());
List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
if (roleSystems.size() > 1) {
SysRoleSystemDto roleSystem = roleSystems.get(0);
IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
}
if (!roleSystems.isEmpty()) {
SysRoleSystemDto roleSystem = roleSystems.get(0);
SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
if (!CollectionUtils.isEmpty(roleAttributes)) {
roleSystemAttributesAll.addAll(roleAttributes);
}
}
});
return roleSystemAttributesAll;
}
Also used :
ProvisioningExecutor(eu.bcvsolutions.idm.acc.service.api.ProvisioningExecutor)
IcConnectorFacade(eu.bcvsolutions.idm.ic.service.api.IcConnectorFacade)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
SysRoleSystem_(eu.bcvsolutions.idm.acc.entity.SysRoleSystem_)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
SysSystemEntityService(eu.bcvsolutions.idm.acc.service.api.SysSystemEntityService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
AccIdentityAccount_(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount_)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
ArrayList(java.util.ArrayList)
AccAccountManagementService(eu.bcvsolutions.idm.acc.service.api.AccAccountManagementService)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
SysSystemMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemMappingService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
Service(org.springframework.stereotype.Service)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
ImmutableMap(com.google.common.collect.ImmutableMap)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter)
CollectionUtils(org.springframework.util.CollectionUtils)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
AccResultCode(eu.bcvsolutions.idm.acc.domain.AccResultCode)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Assert(org.springframework.util.Assert)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
ArrayList(java.util.ArrayList)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysRoleSystemAttributeFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemAttributeFilter)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
ProvisioningException(eu.bcvsolutions.idm.acc.exception.ProvisioningException)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Aggregations
ProvisioningException (eu.bcvsolutions.idm.acc.exception.ProvisioningException)60
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)27
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)24
UUID (java.util.UUID)24
IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)23
SystemEntityType (eu.bcvsolutions.idm.acc.domain.SystemEntityType)21
SysSchemaObjectClassDto (eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)20
ArrayList (java.util.ArrayList)20
SysSystemAttributeMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)19
IcAttribute (eu.bcvsolutions.idm.ic.api.IcAttribute)18
SysSchemaAttributeDto (eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)17
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)17
List (java.util.List)17
ImmutableMap (com.google.common.collect.ImmutableMap)16
AccResultCode (eu.bcvsolutions.idm.acc.domain.AccResultCode)16
SysSystemAttributeMappingFilter (eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)16
HashMap (java.util.HashMap)16
Autowired (org.springframework.beans.factory.annotation.Autowired)16
Assert (org.springframework.util.Assert)16
AbstractSysSyncConfigDto (eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto)15
