Search in sources :

Example 16 with DefaultResultModel

use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.

the class RemoteServerDeleteBulkAction method prevalidate.

@Override
public ResultModels prevalidate() {
    IdmBulkActionDto action = getAction();
    List<UUID> entities = getEntities(action, new StringBuilder());
    ResultModels result = new ResultModels();
    Map<ResultModel, Long> models = new HashMap<>();
    entities.forEach(remoteServerId -> {
        SysSystemFilter systemFilter = new SysSystemFilter();
        systemFilter.setRemoteServerId(remoteServerId);
        long count = systemService.count(systemFilter);
        if (count > 0) {
            SysConnectorServerDto remoteServer = getService().get(remoteServerId);
            models.put(new DefaultResultModel(AccResultCode.REMOTE_SYSTEM_DELETE_FAILED_HAS_SYSTEMS, ImmutableMap.of("remoteServer", remoteServer.getFullServerName(), "count", count)), count);
        }
    });
    // 
    // Sort by count
    List<Entry<ResultModel, Long>> collect = models.entrySet().stream().sorted(Collections.reverseOrder(Map.Entry.comparingByValue())).collect(Collectors.toList());
    collect.forEach(entry -> {
        result.addInfo(entry.getKey());
    });
    // 
    return result;
}
Also used : IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto) SysSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemFilter) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) HashMap(java.util.HashMap) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) ResultModel(eu.bcvsolutions.idm.core.api.dto.ResultModel) ResultModels(eu.bcvsolutions.idm.core.api.dto.ResultModels) Entry(java.util.Map.Entry) UUID(java.util.UUID) SysConnectorServerDto(eu.bcvsolutions.idm.acc.dto.SysConnectorServerDto)

Example 17 with DefaultResultModel

use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.

the class AbstractAssignRoleBulkAction method assignRoles.

protected void assignRoles(List<UUID> identityIds, List<UUID> roleIds) {
    for (UUID identityId : identityIds) {
        List<IdmIdentityContractDto> contracts = new ArrayList<>();
        // 
        if (isPrimeContract()) {
            IdmIdentityContractDto contract = identityContractService.getPrimeValidContract(identityId);
            // 
            if (contract != null) {
                contracts.add(contract);
            }
        } else {
            IdmIdentityContractFilter filter = new IdmIdentityContractFilter();
            filter.setIdentity(identityId);
            filter.setValidNowOrInFuture(Boolean.TRUE);
            // 
            contracts.addAll(identityContractService.find(filter, null).getContent());
        }
        // nothing to process
        if (contracts.isEmpty()) {
            continue;
        }
        // 
        boolean approve = isApprove();
        LocalDate validFrom = this.getValidFrom();
        LocalDate validTill = this.getValidTill();
        // 
        List<IdmConceptRoleRequestDto> concepts = new ArrayList<>(contracts.size() + roleIds.size());
        for (IdmIdentityContractDto contract : contracts) {
            if (!checkPermissionForContract(contract)) {
                LOG.warn("Insufficient permissions for asign role for contract [{}]", contract.getId());
                // 
                logItemProcessed(contract, new OperationResult.Builder(OperationState.NOT_EXECUTED).setModel(new DefaultResultModel(CoreResultCode.BULK_ACTION_NOT_AUTHORIZED_ASSING_ROLE_FOR_CONTRACT, ImmutableMap.of("contractId", contract.getId()))).build());
                // 
                continue;
            }
            // 
            for (UUID roleId : roleIds) {
                IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
                concept.setRole(roleId);
                concept.setIdentityContract(contract.getId());
                concept.getEmbedded().put(IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT, contract);
                concept.setOperation(ConceptRoleRequestOperation.ADD);
                // filled automatically - prevent to provision future valid roles by default
                concept.setValidFrom(validFrom == null ? contract.getValidFrom() : validFrom);
                // #1887: its not filled automatically from contract (validity will be controlled by contract validity dynamically)
                concept.setValidTill(validTill);
                concepts.add(concept);
            }
        }
        // nothing to assign
        if (concepts.isEmpty()) {
            continue;
        }
        // create request, if exists at least one concept create and starts request
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setApplicant(identityId);
        roleRequest.setRequestedByType(RoleRequestedByType.MANUALLY);
        roleRequest.setLog("Request was created by bulk action.");
        // if set approve, don't execute immediately
        roleRequest.setExecuteImmediately(!approve);
        roleRequest = roleRequestService.save(roleRequest, IdmBasePermission.CREATE);
        // 
        List<IdmIdentityContractDto> processedContracts = new ArrayList<>(concepts.size());
        for (IdmConceptRoleRequestDto concept : concepts) {
            processedContracts.add(DtoUtils.getEmbedded(concept, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT));
            concept.setRoleRequest(roleRequest.getId());
            concept = conceptRoleRequestService.save(concept, IdmBasePermission.CREATE);
        }
        // 
        Map<String, Serializable> properties = new HashMap<>();
        properties.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.TRUE);
        RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest, properties);
        event.setPriority(PriorityType.HIGH);
        IdmRoleRequestDto request = roleRequestService.startRequestInternal(event);
        processedContracts.forEach(contract -> {
            logItemProcessed(contract, new OperationResult.Builder(request.getState() == RoleRequestState.EXECUTED ? OperationState.EXECUTED : OperationState.CREATED).build());
        });
    }
}
Also used : Serializable(java.io.Serializable) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) LocalDate(java.time.LocalDate) IdmIdentityContractFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityContractFilter) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) UUID(java.util.UUID) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 18 with DefaultResultModel

use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.

the class RoleRequestDeleteBulkAction method processDto.

@Override
protected OperationResult processDto(IdmRoleRequestDto dto) {
    // Check delete permission.
    getService().checkAccess(dto, IdmBasePermission.DELETE);
    // Request in Executed state can not be delete or change
    OperationResultDto systemState = dto.getSystemState();
    if (RoleRequestState.EXECUTED == dto.getState() && systemState != null && OperationState.EXECUTED != systemState.getState() && OperationState.CANCELED != systemState.getState()) {
        // Request was executed in IdM, but system state is not canceled -> we will change the system state to CANCELED.
        OperationResultDto systemResult = new OperationResultDto.Builder(OperationState.CANCELED).setModel(new DefaultResultModel(CoreResultCode.ROLE_REQUEST_SYSTEM_STATE_CANCELED, ImmutableMap.of("state", systemState != null ? systemState.getState().name() : ""))).build();
        dto.setSystemState(systemResult);
        roleRequestService.save(dto);
        return new OperationResult.Builder(OperationState.EXECUTED).build();
    }
    // Request in Executed state can not be delete or change
    if (RoleRequestState.EXECUTED == dto.getState()) {
        throw new RoleRequestException(CoreResultCode.ROLE_REQUEST_EXECUTED_CANNOT_DELETE, ImmutableMap.of("request", dto));
    }
    // Request set to Canceled state and save.
    if (RoleRequestState.CONCEPT == dto.getState()) {
        roleRequestService.delete(dto);
    } else {
        roleRequestService.cancel(dto);
    }
    return new OperationResult.Builder(OperationState.EXECUTED).build();
}
Also used : RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)

Example 19 with DefaultResultModel

use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.

the class DuplicateRoleAutomaticByAttributeProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    IdmRoleDto cloned = event.getContent();
    IdmRoleDto originalSource = event.getOriginalSource();
    // 
    IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
    filter.setRoleId(cloned.getId());
    Set<UUID> usedAutomaticRoles = new HashSet<>();
    List<IdmAutomaticRoleAttributeDto> currentAutomaticRoles = automaticRoleAttributeService.find(filter, null).getContent();
    // 
    filter.setRoleId(originalSource.getId());
    automaticRoleAttributeService.find(filter, null).forEach(automaticRole -> {
        UUID exists = exists(currentAutomaticRoles, automaticRole);
        if (exists != null) {
            usedAutomaticRoles.add(exists);
        } else {
            // create new with all rules
            IdmAutomaticRoleAttributeDto clonedAutomaticRole = new IdmAutomaticRoleAttributeDto();
            clonedAutomaticRole.setName(automaticRole.getName());
            clonedAutomaticRole.setRole(cloned.getId());
            clonedAutomaticRole.setConcept(true);
            // 
            clonedAutomaticRole = automaticRoleAttributeService.save(clonedAutomaticRole);
            // 
            for (IdmAutomaticRoleAttributeRuleDto rule : automaticRoleAttributeRuleService.findAllRulesForAutomaticRole(automaticRole.getId())) {
                IdmAutomaticRoleAttributeRuleDto clonedRule = new IdmAutomaticRoleAttributeRuleDto();
                clonedRule.setAutomaticRoleAttribute(clonedAutomaticRole.getId());
                clonedRule.setAttributeName(rule.getAttributeName());
                clonedRule.setFormAttribute(rule.getFormAttribute());
                clonedRule.setType(rule.getType());
                clonedRule.setValue(rule.getValue());
                clonedRule.setComparison(rule.getComparison());
                // 
                automaticRoleAttributeRuleService.save(clonedRule);
            }
            AutomaticRoleAttributeEvent automaticRoleEvent = new AutomaticRoleAttributeEvent(AutomaticRoleAttributeEventType.UPDATE, clonedAutomaticRole);
            // execute sync
            automaticRoleEvent.setPriority(PriorityType.IMMEDIATE);
            // FIXME: event parent ...
            automaticRoleAttributeService.recalculate(automaticRoleEvent);
        }
    });
    // 
    // remove not used originals
    currentAutomaticRoles.stream().filter(automaticRole -> {
        return !usedAutomaticRoles.contains(automaticRole.getId());
    }).forEach(automaticRole -> {
        // dirty flag automatic role only - will be processed after parent action ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setSuperOwnerId(cloned.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(automaticRole, stateDeleted);
    });
    return new DefaultEventResult<>(event, this);
}
Also used : IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) Autowired(org.springframework.beans.factory.annotation.Autowired) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType) HashSet(java.util.HashSet) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager) Lists(com.google.common.collect.Lists) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) AutomaticRoleAttributeEvent(eu.bcvsolutions.idm.core.model.event.AutomaticRoleAttributeEvent) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) EqualsBuilder(org.apache.commons.lang3.builder.EqualsBuilder) Description(org.springframework.context.annotation.Description) RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor) AutomaticRoleAttributeEventType(eu.bcvsolutions.idm.core.model.event.AutomaticRoleAttributeEvent.AutomaticRoleAttributeEventType) Set(java.util.Set) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) UUID(java.util.UUID) PriorityType(eu.bcvsolutions.idm.core.api.domain.PriorityType) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) List(java.util.List) Component(org.springframework.stereotype.Component) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) UUID(java.util.UUID) AutomaticRoleAttributeEvent(eu.bcvsolutions.idm.core.model.event.AutomaticRoleAttributeEvent) HashSet(java.util.HashSet)

Example 20 with DefaultResultModel

use of eu.bcvsolutions.idm.core.api.dto.DefaultResultModel in project CzechIdMng by bcvsolutions.

the class TreeNodeAfterMoveAutomaticRoleProcessor method process.

@Override
public EventResult<IdmTreeNodeDto> process(EntityEvent<IdmTreeNodeDto> event) {
    IdmTreeNodeDto treeNode = event.getContent();
    // 
    // preserve order => new automatic roles first
    Set<UUID> automaticRoles = new LinkedHashSet<>();
    // find currently defined automatic roles
    Set<IdmRoleTreeNodeDto> newAutomaticRoles = getRoleTreeNodeService().getAutomaticRolesByTreeNode(treeNode.getId());
    if (CollectionUtils.isNotEmpty(newAutomaticRoles)) {
        automaticRoles.addAll(newAutomaticRoles.stream().map(IdmRoleTreeNodeDto::getId).collect(Collectors.toSet()));
    }
    // previously defined automatic roles
    Set<UUID> previousAutomaticRoles = event.getSetProperty(PROPERTY_PREVIOUS_AUTOMATIC_ROLES, UUID.class);
    if (CollectionUtils.isNotEmpty(previousAutomaticRoles)) {
        automaticRoles.addAll(previousAutomaticRoles);
    }
    // 
    if (CollectionUtils.isEmpty(automaticRoles)) {
        LOG.debug("Tree node [{}] was moved under new parent node [{}]. No automatic roles are affected.", treeNode.getId(), treeNode.getParent());
        // 
        return new DefaultEventResult<>(event, this);
    }
    // flag can be processed afterwards
    if (getBooleanProperty(AutomaticRoleManager.SKIP_RECALCULATION, event.getProperties())) {
        automaticRoles.forEach(automaticRole -> {
            LOG.debug("Automatic role [{}] recount is skipped after tree node [{}] was moved in tree structure. " + "State [AUTOMATIC_ROLE_SKIPPED] for automatic role will be created only.", automaticRole, treeNode.getId());
            // 
            IdmEntityStateDto state = new IdmEntityStateDto();
            state.setOwnerId(automaticRole);
            state.setOwnerType(entityStateManager.getOwnerType(IdmRoleTreeNodeDto.class));
            state.setResult(new OperationResultDto.Builder(OperationState.BLOCKED).setModel(new DefaultResultModel(CoreResultCode.AUTOMATIC_ROLE_SKIPPED)).build());
            entityStateManager.saveState(null, state);
        });
        // 
        return new DefaultEventResult<>(event, this);
    }
    // 
    // process all affected automatic roles
    ProcessAutomaticRoleByTreeTaskExecutor automaticRoleTask = AutowireHelper.createBean(ProcessAutomaticRoleByTreeTaskExecutor.class);
    automaticRoleTask.setAutomaticRoles(Lists.newArrayList(automaticRoles));
    executeTask(event, automaticRoleTask);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : LinkedHashSet(java.util.LinkedHashSet) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) ProcessAutomaticRoleByTreeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAutomaticRoleByTreeTaskExecutor) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) UUID(java.util.UUID)

Aggregations

DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)104 ResultModel (eu.bcvsolutions.idm.core.api.dto.ResultModel)52 UUID (java.util.UUID)48 OperationResultDto (eu.bcvsolutions.idm.core.api.dto.OperationResultDto)40 OperationResult (eu.bcvsolutions.idm.core.api.entity.OperationResult)35 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)25 IdmEntityStateDto (eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)24 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)21 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)19 HashMap (java.util.HashMap)19 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)18 OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)16 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)16 Autowired (org.springframework.beans.factory.annotation.Autowired)16 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)15 List (java.util.List)15 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)14 Set (java.util.Set)14 ImmutableMap (com.google.common.collect.ImmutableMap)13 CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)13