Examples with ProvisioningException eu.bcvsolutions.idm.acc.exception.ProvisioningException used on opensource projects

Example 16 with ProvisioningException

use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.

the class ContractSynchronizationExecutor method validate.

@Override
protected SynchronizationContext validate(UUID synchronizationConfigId) {
    AbstractSysSyncConfigDto config = synchronizationConfigService.get(synchronizationConfigId);
    SysSystemMappingDto mapping = systemMappingService.get(config.getSystemMapping());
    Assert.notNull(mapping);
    SysSystemAttributeMappingFilter attributeHandlingFilter = new SysSystemAttributeMappingFilter();
    attributeHandlingFilter.setSystemMappingId(mapping.getId());
    List<SysSystemAttributeMappingDto> mappedAttributes = systemAttributeMappingService.find(attributeHandlingFilter, null).getContent();
    SysSystemAttributeMappingDto ownerAttribute = mappedAttributes.stream().filter(attribute -> {
        return CONTRACT_IDENTITY_FIELD.equals(attribute.getIdmPropertyName());
    }).findFirst().orElse(null);
    if (ownerAttribute == null) {
        throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_MAPPED_ATTR_MUST_EXIST, ImmutableMap.of("property", CONTRACT_IDENTITY_FIELD));
    }
    return super.validate(synchronizationConfigId);
}

Example 17 with ProvisioningException

use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountManagementService method generateUID.

/**
 * Return UID for this identity and roleSystem. First will be find and use
 * transform script from roleSystem attribute. If isn't UID attribute for
 * roleSystem defined, then will be use default UID attribute handling.
 *
 * @param entity
 * @param roleSystem
 * @return
 */
@Override
public String generateUID(AbstractDto entity, SysRoleSystemDto roleSystem) {
    // Find attributes for this roleSystem
    SysRoleSystemAttributeFilter roleSystemAttrFilter = new SysRoleSystemAttributeFilter();
    roleSystemAttrFilter.setRoleSystemId(roleSystem.getId());
    List<SysRoleSystemAttributeDto> attributes = roleSystemAttributeService.find(roleSystemAttrFilter, null).getContent();
    List<SysRoleSystemAttributeDto> attributesUid = attributes.stream().filter(attribute -> {
        return attribute.isUid();
    }).collect(Collectors.toList());
    if (attributesUid.size() > 1) {
        IdmRoleDto roleDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.role, IdmRoleDto.class);
        DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
        SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
        throw new ProvisioningException(AccResultCode.PROVISIONING_ROLE_ATTRIBUTE_MORE_UID, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName()));
    }
    SysRoleSystemAttributeDto uidRoleAttribute = !attributesUid.isEmpty() ? attributesUid.get(0) : null;
    // script.
    if (uidRoleAttribute != null) {
        // Default values (values from schema attribute handling)
        SysSystemAttributeMappingDto systemAttributeMapping = systemAttributeMappingService.get(uidRoleAttribute.getSystemAttributeMapping());
        uidRoleAttribute.setSchemaAttribute(systemAttributeMapping.getSchemaAttribute());
        uidRoleAttribute.setTransformFromResourceScript(systemAttributeMapping.getTransformFromResourceScript());
        Object uid = systemAttributeMappingService.getAttributeValue(null, entity, uidRoleAttribute);
        if (uid == null) {
            SysSystemDto systemEntity = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_GENERATED_UID_IS_NULL, ImmutableMap.of("system", systemEntity.getName()));
        }
        if (!(uid instanceof String)) {
            throw new ProvisioningException(AccResultCode.PROVISIONING_ATTRIBUTE_UID_IS_NOT_STRING, ImmutableMap.of("uid", uid));
        }
        return (String) uid;
    }
    SysSystemMappingDto mapping = systemMappingService.get(roleSystem.getSystemMapping());
    // If roleSystem UID was not found, then we use default UID schema
    // attribute handling
    SysSchemaObjectClassDto objectClassDto = schemaObjectClassService.get(mapping.getObjectClass());
    SysSystemDto system = DtoUtils.getEmbedded(objectClassDto, SysSchemaObjectClass_.system, SysSystemDto.class);
    SysSystemAttributeMappingFilter systeAttributeMappingFilter = new SysSystemAttributeMappingFilter();
    systeAttributeMappingFilter.setSystemMappingId(mapping.getId());
    List<SysSystemAttributeMappingDto> schemaHandlingAttributes = systemAttributeMappingService.find(systeAttributeMappingFilter, null).getContent();
    SysSystemAttributeMappingDto uidAttribute = systemAttributeMappingService.getUidAttribute(schemaHandlingAttributes, system);
    return systemAttributeMappingService.generateUid(entity, uidAttribute);
}

Example 18 with ProvisioningException

use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.

the class DefaultSynchronizationService method findSystemEntity.

private SysSystemEntityDto findSystemEntity(String uid, SysSystemDto system, SystemEntityType entityType) {
    SysSystemEntityFilter systemEntityFilter = new SysSystemEntityFilter();
    systemEntityFilter.setEntityType(entityType);
    systemEntityFilter.setSystemId(system.getId());
    systemEntityFilter.setUid(uid);
    List<SysSystemEntityDto> systemEntities = systemEntityService.find(systemEntityFilter, null).getContent();
    SysSystemEntityDto systemEntity = null;
    if (systemEntities.size() == 1) {
        systemEntity = systemEntities.get(0);
    } else if (systemEntities.size() > 1) {
        throw new ProvisioningException(AccResultCode.SYNCHRONIZATION_TO_MANY_SYSTEM_ENTITY, uid);
    }
    return systemEntity;
}

Example 19 with ProvisioningException

use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.

the class DefaultSysRoleSystemAttributeService method save.

@Override
public SysRoleSystemAttributeDto save(SysRoleSystemAttributeDto dto, BasePermission... permission) {
    // identifier
    if (dto.isUid()) {
        SysRoleSystemAttributeFilter filter = new SysRoleSystemAttributeFilter();
        filter.setIsUid(Boolean.TRUE);
        filter.setRoleSystemId(dto.getRoleSystem());
        List<SysRoleSystemAttributeDto> list = this.find(filter, null).getContent();
        if (list.size() > 0 && !list.get(0).getId().equals(dto.getId())) {
            SysRoleSystemDto roleSystem = roleSystemService.get(dto.getRoleSystem());
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(dto, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_ROLE_ATTRIBUTE_MORE_UID, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName()));
        }
    }
    // We will check exists definition for extended attribute
    SysSystemAttributeMappingDto systemAttributeMapping = systemAttributeMappingService.get(dto.getSystemAttributeMapping());
    SysSystemMappingDto systemMapping = systemMappingService.get(systemAttributeMapping.getSystemMapping());
    Class<? extends Identifiable> entityType = systemMapping.getEntityType().getEntityType();
    if (dto.isExtendedAttribute() && formService.isFormable(entityType)) {
        systeAttributeMappingService.createExtendedAttributeDefinition(dto, entityType);
    }
    // We will do script validation (on compilation errors), before save
    if (dto.getTransformScript() != null) {
        groovyScriptService.validateScript(dto.getTransformScript());
    }
    SysRoleSystemAttributeDto roleSystemAttribute = super.save(dto, permission);
    // RoleSystemAttribute was changed. We need do ACC management for all
    // connected identities
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setRoleSystemId(dto.getRoleSystem());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // TODO: move to filter and use distinct
    List<IdmIdentityDto> identities = new ArrayList<>();
    identityAccounts.stream().forEach(identityAccount -> {
        if (!identities.contains(identityAccount.getIdentity())) {
            // TODO: embedded
            identities.add(identityService.get(identityAccount.getIdentity()));
        }
    });
    identities.stream().forEach(identity -> {
        LOG.debug("Call account management for identity [{}]", identity.getUsername());
        boolean provisioningRequired = getAccountManagementService().resolveIdentityAccounts(identity);
        if (provisioningRequired) {
            LOG.debug("Call provisioning for identity [{}]", identity.getUsername());
            getProvisioningService().doProvisioning(identity);
        }
    });
    return roleSystemAttribute;
}

Example 20 with ProvisioningException

use of eu.bcvsolutions.idm.acc.exception.ProvisioningException in project CzechIdMng by bcvsolutions.

the class DefaultSysSystemAttributeMappingService method getAttributeValue.

/**
 * Find value for this mapped attribute by property name. Returned value can be list of objects. Returns transformed value.
 *
 * @param uid - Account identifier
 * @param entity
 * @param attributeHandling
 * @param idmValue
 * @return
 * @throws IntrospectionException
 * @throws IllegalAccessException
 * @throws InvocationTargetException
 */
@Override
public Object getAttributeValue(String uid, AbstractDto entity, AttributeMapping attributeHandling) {
    Object idmValue = null;
    // 
    SysSchemaAttributeDto schemaAttributeDto = getSchemaAttribute(attributeHandling);
    // 
    if (attributeHandling.isExtendedAttribute() && entity != null && formService.isFormable(entity.getClass())) {
        List<IdmFormValueDto> formValues = formService.getValues(entity, attributeHandling.getIdmPropertyName());
        if (formValues.isEmpty()) {
            idmValue = null;
        } else if (schemaAttributeDto.isMultivalued()) {
            // Multiple value extended attribute
            List<Object> values = new ArrayList<>();
            formValues.stream().forEachOrdered(formValue -> {
                values.add(formValue.getValue());
            });
            idmValue = values;
        } else {
            // Single value extended attribute
            IdmFormValueDto formValue = formValues.get(0);
            if (formValue.isConfidential()) {
                Object confidentialValue = formService.getConfidentialPersistentValue(formValue);
                // If is confidential value String and schema attribute is GuardedString type, then convert to GuardedString will be did.
                if (confidentialValue instanceof String && schemaAttributeDto.getClassType().equals(GuardedString.class.getName())) {
                    idmValue = new GuardedString((String) confidentialValue);
                } else {
                    idmValue = confidentialValue;
                }
            } else {
                idmValue = formValue.getValue();
            }
        }
    } else // Find value from entity
    if (attributeHandling.isEntityAttribute()) {
        if (attributeHandling.isConfidentialAttribute()) {
            // If is attribute isConfidential, then we will find value in
            // secured storage
            idmValue = confidentialStorage.getGuardedString(entity.getId(), entity.getClass(), attributeHandling.getIdmPropertyName());
        } else {
            try {
                // We will search value directly in entity by property name
                idmValue = EntityUtils.getEntityValue(entity, attributeHandling.getIdmPropertyName());
            } catch (IntrospectionException | IllegalAccessException | IllegalArgumentException | InvocationTargetException | ProvisioningException o_O) {
                throw new ProvisioningException(AccResultCode.PROVISIONING_IDM_FIELD_NOT_FOUND, ImmutableMap.of("property", attributeHandling.getIdmPropertyName(), "entityType", entity.getClass()), o_O);
            }
        }
    } else {
    // If Attribute value is not in entity nor in extended attribute, then idmValue is null.
    // It means attribute is static ... we will call transformation to resource.
    }
    return this.transformValueToResource(uid, idmValue, attributeHandling, entity);
}