use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.
the class RemoteServerDeleteBulkAction method prevalidate.
@Override
public ResultModels prevalidate() {
IdmBulkActionDto action = getAction();
List<UUID> entities = getEntities(action, new StringBuilder());
ResultModels result = new ResultModels();
Map<ResultModel, Long> models = new HashMap<>();
entities.forEach(remoteServerId -> {
SysSystemFilter systemFilter = new SysSystemFilter();
systemFilter.setRemoteServerId(remoteServerId);
long count = systemService.count(systemFilter);
if (count > 0) {
SysConnectorServerDto remoteServer = getService().get(remoteServerId);
models.put(new DefaultResultModel(AccResultCode.REMOTE_SYSTEM_DELETE_FAILED_HAS_SYSTEMS, ImmutableMap.of("remoteServer", remoteServer.getFullServerName(), "count", count)), count);
}
});
//
// Sort by count
List<Entry<ResultModel, Long>> collect = models.entrySet().stream().sorted(Collections.reverseOrder(Map.Entry.comparingByValue())).collect(Collectors.toList());
collect.forEach(entry -> {
result.addInfo(entry.getKey());
});
//
return result;
}
use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.
the class AbstractAssignRoleBulkAction method assignRoles.
protected void assignRoles(List<UUID> identityIds, List<UUID> roleIds) {
for (UUID identityId : identityIds) {
List<IdmIdentityContractDto> contracts = new ArrayList<>();
//
if (isPrimeContract()) {
IdmIdentityContractDto contract = identityContractService.getPrimeValidContract(identityId);
//
if (contract != null) {
contracts.add(contract);
}
} else {
IdmIdentityContractFilter filter = new IdmIdentityContractFilter();
filter.setIdentity(identityId);
filter.setValidNowOrInFuture(Boolean.TRUE);
//
contracts.addAll(identityContractService.find(filter, null).getContent());
}
// nothing to process
if (contracts.isEmpty()) {
continue;
}
//
boolean approve = isApprove();
LocalDate validFrom = this.getValidFrom();
LocalDate validTill = this.getValidTill();
//
List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(contracts.size() + roleIds.size());
for (IdmIdentityContractDto contract : contracts) {
if (!checkPermissionForContract(contract)) {
LOG.warn("Insufficient permissions for asign role for contract [{}]", contract.getId());
//
logItemProcessed(contract, new OperationResult.Builder(OperationState.NOT_EXECUTED).setModel(new DefaultResultModel(CoreResultCode.BULK_ACTION_NOT_AUTHORIZED_ASSING_ROLE_FOR_CONTRACT, ImmutableMap.of("contractId", contract.getId()))).build());
//
continue;
}
//
for (UUID roleId : roleIds) {
IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
concept.setRole(roleId);
concept.setIdentityContract(contract.getId());
concept.getEmbedded().put(IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT, contract);
concept.setOperation(ConceptRoleRequestOperation.ADD);
// filled automatically - prevent to provision future valid roles by default
concept.setValidFrom(validFrom == null ? contract.getValidFrom() : validFrom);
// #1887: its not filled automatically from contract (validity will be controlled by contract validity dynamically)
concept.setValidTill(validTill);
concepts.add(concept);
}
}
// nothing to assign
if (concepts.isEmpty()) {
continue;
}
// create request, if exists at least one concept create and starts request
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setApplicant(identityId);
roleRequest.setRequestedByType(RoleRequestedByType.MANUALLY);
roleRequest.setLog("Request was created by bulk action.");
// if set approve, don't execute immediately
roleRequest.setExecuteImmediately(!approve);
roleRequest = roleRequestService.save(roleRequest, IdmBasePermission.CREATE);
//
List<IdmIdentityContractDto> processedContracts = new ArrayList<>(concepts.size());
for (IdmConceptRoleRequestDto concept : concepts) {
processedContracts.add(DtoUtils.getEmbedded(concept, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT));
concept.setRoleRequest(roleRequest.getId());
concept = conceptRoleRequestService.save(concept, IdmBasePermission.CREATE);
}
//
Map<String, Serializable> properties = new HashMap<>();
properties.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.TRUE);
RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest, properties);
event.setPriority(PriorityType.HIGH);
IdmRoleRequestDto request = roleRequestService.startRequestInternal(event);
processedContracts.forEach(contract -> {
logItemProcessed(contract, new OperationResult.Builder(request.getState() == RoleRequestState.EXECUTED ? OperationState.EXECUTED : OperationState.CREATED).build());
});
}
}
use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.
the class RoleRequestDeleteBulkAction method processDto.
@Override
protected OperationResult processDto(IdmRoleRequestDto dto) {
// Check delete permission.
getService().checkAccess(dto, IdmBasePermission.DELETE);
// Request in Executed state can not be delete or change
OperationResultDto systemState = dto.getSystemState();
if (RoleRequestState.EXECUTED == dto.getState() && systemState != null && OperationState.EXECUTED != systemState.getState() && OperationState.CANCELED != systemState.getState()) {
// Request was executed in IdM, but system state is not canceled -> we will change the system state to CANCELED.
OperationResultDto systemResult = new OperationResultDto.Builder(OperationState.CANCELED).setModel(new DefaultResultModel(CoreResultCode.ROLE_REQUEST_SYSTEM_STATE_CANCELED, ImmutableMap.of("state", systemState != null ? systemState.getState().name() : ""))).build();
dto.setSystemState(systemResult);
roleRequestService.save(dto);
return new OperationResult.Builder(OperationState.EXECUTED).build();
}
// Request in Executed state can not be delete or change
if (RoleRequestState.EXECUTED == dto.getState()) {
throw new RoleRequestException(CoreResultCode.ROLE_REQUEST_EXECUTED_CANNOT_DELETE, ImmutableMap.of("request", dto));
}
// Request set to Canceled state and save.
if (RoleRequestState.CONCEPT == dto.getState()) {
roleRequestService.delete(dto);
} else {
roleRequestService.cancel(dto);
}
return new OperationResult.Builder(OperationState.EXECUTED).build();
}
use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.
the class DuplicateRoleAutomaticByAttributeProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
IdmRoleDto cloned = event.getContent();
IdmRoleDto originalSource = event.getOriginalSource();
//
IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
filter.setRoleId(cloned.getId());
Set<UUID> usedAutomaticRoles = new HashSet<>();
List<IdmAutomaticRoleAttributeDto> currentAutomaticRoles = automaticRoleAttributeService.find(filter, null).getContent();
//
filter.setRoleId(originalSource.getId());
automaticRoleAttributeService.find(filter, null).forEach(automaticRole -> {
UUID exists = exists(currentAutomaticRoles, automaticRole);
if (exists != null) {
usedAutomaticRoles.add(exists);
} else {
// create new with all rules
IdmAutomaticRoleAttributeDto clonedAutomaticRole = new IdmAutomaticRoleAttributeDto();
clonedAutomaticRole.setName(automaticRole.getName());
clonedAutomaticRole.setRole(cloned.getId());
clonedAutomaticRole.setConcept(true);
//
clonedAutomaticRole = automaticRoleAttributeService.save(clonedAutomaticRole);
//
for (IdmAutomaticRoleAttributeRuleDto rule : automaticRoleAttributeRuleService.findAllRulesForAutomaticRole(automaticRole.getId())) {
IdmAutomaticRoleAttributeRuleDto clonedRule = new IdmAutomaticRoleAttributeRuleDto();
clonedRule.setAutomaticRoleAttribute(clonedAutomaticRole.getId());
clonedRule.setAttributeName(rule.getAttributeName());
clonedRule.setFormAttribute(rule.getFormAttribute());
clonedRule.setType(rule.getType());
clonedRule.setValue(rule.getValue());
clonedRule.setComparison(rule.getComparison());
//
automaticRoleAttributeRuleService.save(clonedRule);
}
AutomaticRoleAttributeEvent automaticRoleEvent = new AutomaticRoleAttributeEvent(AutomaticRoleAttributeEventType.UPDATE, clonedAutomaticRole);
// execute sync
automaticRoleEvent.setPriority(PriorityType.IMMEDIATE);
// FIXME: event parent ...
automaticRoleAttributeService.recalculate(automaticRoleEvent);
}
});
//
// remove not used originals
currentAutomaticRoles.stream().filter(automaticRole -> {
return !usedAutomaticRoles.contains(automaticRole.getId());
}).forEach(automaticRole -> {
// dirty flag automatic role only - will be processed after parent action ends
IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
stateDeleted.setEvent(event.getId());
stateDeleted.setSuperOwnerId(cloned.getId());
stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
entityStateManager.saveState(automaticRole, stateDeleted);
});
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.
the class TreeNodeAfterMoveAutomaticRoleProcessor method process.
@Override
public EventResult<IdmTreeNodeDto> process(EntityEvent<IdmTreeNodeDto> event) {
IdmTreeNodeDto treeNode = event.getContent();
//
// preserve order => new automatic roles first
Set<UUID> automaticRoles = new LinkedHashSet<>();
// find currently defined automatic roles
Set<IdmRoleTreeNodeDto> newAutomaticRoles = getRoleTreeNodeService().getAutomaticRolesByTreeNode(treeNode.getId());
if (CollectionUtils.isNotEmpty(newAutomaticRoles)) {
automaticRoles.addAll(newAutomaticRoles.stream().map(IdmRoleTreeNodeDto::getId).collect(Collectors.toSet()));
}
// previously defined automatic roles
Set<UUID> previousAutomaticRoles = event.getSetProperty(PROPERTY_PREVIOUS_AUTOMATIC_ROLES, UUID.class);
if (CollectionUtils.isNotEmpty(previousAutomaticRoles)) {
automaticRoles.addAll(previousAutomaticRoles);
}
//
if (CollectionUtils.isEmpty(automaticRoles)) {
LOG.debug("Tree node [{}] was moved under new parent node [{}]. No automatic roles are affected.", treeNode.getId(), treeNode.getParent());
//
return new DefaultEventResult<>(event, this);
}
// flag can be processed afterwards
if (getBooleanProperty(AutomaticRoleManager.SKIP_RECALCULATION, event.getProperties())) {
automaticRoles.forEach(automaticRole -> {
LOG.debug("Automatic role [{}] recount is skipped after tree node [{}] was moved in tree structure. " + "State [AUTOMATIC_ROLE_SKIPPED] for automatic role will be created only.", automaticRole, treeNode.getId());
//
IdmEntityStateDto state = new IdmEntityStateDto();
state.setOwnerId(automaticRole);
state.setOwnerType(entityStateManager.getOwnerType(IdmRoleTreeNodeDto.class));
state.setResult(new OperationResultDto.Builder(OperationState.BLOCKED).setModel(new DefaultResultModel(CoreResultCode.AUTOMATIC_ROLE_SKIPPED)).build());
entityStateManager.saveState(null, state);
});
//
return new DefaultEventResult<>(event, this);
}
//
// process all affected automatic roles
ProcessAutomaticRoleByTreeTaskExecutor automaticRoleTask = AutowireHelper.createBean(ProcessAutomaticRoleByTreeTaskExecutor.class);
automaticRoleTask.setAutomaticRoles(Lists.newArrayList(automaticRoles));
executeTask(event, automaticRoleTask);
//
return new DefaultEventResult<>(event, this);
}
Aggregations