Examples with IdmAuthorizationPolicyDto eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto used on opensource projects

Search in sources :

Example 26 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method createSpecificPolicy.

@Override
public IdmAuthorizationPolicyDto createSpecificPolicy(UUID role, GroupPermission groupPermission, Class<?> authorizableType, String evaluatorType, BasePermission... permission) {
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role);
    dto.setEvaluatorType(evaluatorType);
    dto.setGroupPermission(groupPermission == null ? null : groupPermission.getName());
    dto.setAuthorizableType(authorizableType == null ? null : authorizableType.getCanonicalName());
    dto.setPermissions(permission);
    return authorizationPolicyService.save(dto);
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)

Example 27 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method createAuthorizationPolicy.

@Override
public IdmAuthorizationPolicyDto createAuthorizationPolicy(UUID role, GroupPermission groupPermission, Class<? extends AbstractEntity> authorizableType, Class<? extends AuthorizationEvaluator<? extends AbstractEntity>> evaluator, BasePermission... permission) {
    IdmAuthorizationPolicyDto dto = new IdmAuthorizationPolicyDto();
    dto.setRole(role);
    dto.setEvaluator(evaluator);
    dto.setGroupPermission(groupPermission == null ? null : groupPermission.getName());
    dto.setAuthorizableType(authorizableType == null ? null : authorizableType.getCanonicalName());
    dto.setPermissions(permission);
    // 
    return authorizationPolicyService.save(dto);
}
Also used : IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)

Example 28 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class InitAccApplicationData method init.

/**
 * Initialize data for acc module
 */
protected void init() {
    securityService.setSystemAuthentication();
    // 
    try {
        if (!configurationService.getBooleanValue(InitDemoData.PARAMETER_DEMO_DATA_CREATED, false)) {
            LOG.info("Creating demo data for [{}] module...", AccModuleDescriptor.MODULE_ID);
            // check if exist user role
            IdmRoleDto defaultRole = createDefaultRole();
            // 
            // create default evaluators for acc module
            // 
            LOG.info("Crea authorization [{}] for default user role.", IdentityAccountByAccountEvaluator.class.getSimpleName());
            IdmAuthorizationPolicyDto identityAccountByAccount = new IdmAuthorizationPolicyDto();
            identityAccountByAccount.setAuthorizableType(AccIdentityAccount.class.getCanonicalName());
            identityAccountByAccount.setEvaluator(IdentityAccountByAccountEvaluator.class);
            identityAccountByAccount.setGroupPermission(AccGroupPermission.IDENTITYACCOUNT.getName());
            identityAccountByAccount.setRole(defaultRole.getId());
            identityAccountByAccount = authorizationPolicyService.save(identityAccountByAccount);
            // 
            LOG.info("Create authorization [{}] for default user role.", ReadAccountByIdentityEvaluator.class.getSimpleName());
            IdmAuthorizationPolicyDto accountByIdentity = new IdmAuthorizationPolicyDto();
            accountByIdentity.setAuthorizableType(AccAccount.class.getCanonicalName());
            accountByIdentity.setEvaluator(ReadAccountByIdentityEvaluator.class);
            accountByIdentity.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
            accountByIdentity.setRole(defaultRole.getId());
            accountByIdentity = authorizationPolicyService.save(accountByIdentity);
        // 
        // 
        }
        // 
        // Cancels all previously ran tasks
        synchronizationService.init();
    } catch (Exception ex) {
        LOG.warn("Init data for ACC module, was not created!", ex);
    } finally {
        SecurityContextHolder.clearContext();
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) AccIdentityAccount(eu.bcvsolutions.idm.acc.entity.AccIdentityAccount) ReadAccountByIdentityEvaluator(eu.bcvsolutions.idm.acc.security.evaluator.ReadAccountByIdentityEvaluator) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdentityAccountByAccountEvaluator(eu.bcvsolutions.idm.acc.security.evaluator.IdentityAccountByAccountEvaluator)

Example 29 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class RoleAccountByRoleEvaluatorIntegrationTest method createIdentityWithRole.

private IdmIdentityDto createIdentityWithRole(boolean transitive) {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmRoleDto role = helper.createRole();
    TEST_ROLE_ID = role.getId();
    // self policy
    IdmAuthorizationPolicyDto readRolePolicy = new IdmAuthorizationPolicyDto();
    readRolePolicy.setPermissions(IdmBasePermission.READ);
    readRolePolicy.setRole(role.getId());
    readRolePolicy.setGroupPermission(CoreGroupPermission.ROLE.getName());
    readRolePolicy.setAuthorizableType(IdmRole.class.getCanonicalName());
    readRolePolicy.setEvaluator(CodeableEvaluator.class);
    readRolePolicy.getEvaluatorProperties().put(CodeableEvaluator.PARAMETER_IDENTIFIER, role.getId());
    authorizationPolicyService.save(readRolePolicy);
    if (transitive) {
        // create transitive policies
        IdmAuthorizationPolicyDto readAuthoritiesPolicy = new IdmAuthorizationPolicyDto();
        readAuthoritiesPolicy.setRole(role.getId());
        readAuthoritiesPolicy.setGroupPermission(CoreGroupPermission.AUTHORIZATIONPOLICY.getName());
        readAuthoritiesPolicy.setAuthorizableType(IdmAuthorizationPolicy.class.getCanonicalName());
        readAuthoritiesPolicy.setEvaluator(AuthorizationPolicyByRoleEvaluator.class);
        authorizationPolicyService.save(readAuthoritiesPolicy);
        IdmAuthorizationPolicyDto readRoleAccountPolicy = new IdmAuthorizationPolicyDto();
        readRoleAccountPolicy.setRole(role.getId());
        readRoleAccountPolicy.setGroupPermission(AccGroupPermission.ROLEACCOUNT.getName());
        readRoleAccountPolicy.setAuthorizableType(AccRoleAccount.class.getCanonicalName());
        readRoleAccountPolicy.setEvaluator(RoleAccountByRoleEvaluator.class);
        authorizationPolicyService.save(readRoleAccountPolicy);
    }
    // prepare identity
    IdmIdentityDto identity = helper.createIdentity();
    identity.setPassword(new GuardedString("heslo"));
    identity = identityService.save(identity);
    // assign role
    helper.createIdentityRole(identity, role);
    logout();
    // 
    return identity;
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmAuthorizationPolicy(eu.bcvsolutions.idm.core.model.entity.IdmAuthorizationPolicy) AccRoleAccount(eu.bcvsolutions.idm.acc.entity.AccRoleAccount)

Example 30 with IdmAuthorizationPolicyDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto in project CzechIdMng by bcvsolutions.

the class DefaultAccAccountServiceTest method getConnectorObjectTest.

@Test
public void getConnectorObjectTest() {
    String userOneName = "UserOne";
    String eavAttributeName = "EAV_ATTRIBUTE";
    SysSystemDto system = initData();
    Assert.assertNotNull(system);
    IdmIdentityDto identity = helper.createIdentity();
    // Create role with evaluator
    IdmRoleDto role = helper.createRole();
    IdmAuthorizationPolicyDto policyAccount = new IdmAuthorizationPolicyDto();
    policyAccount.setRole(role.getId());
    policyAccount.setGroupPermission(AccGroupPermission.ACCOUNT.getName());
    policyAccount.setAuthorizableType(AccAccount.class.getCanonicalName());
    policyAccount.setEvaluator(ReadAccountByIdentityEvaluator.class);
    authorizationPolicyService.save(policyAccount);
    // Change resources (set state on exclude) .. must be call in transaction
    this.getBean().persistResource(createResource(userOneName, new LocalDateTime()));
    AccAccountDto account = new AccAccountDto();
    account.setEntityType(SystemEntityType.IDENTITY);
    account.setSystem(system.getId());
    account.setAccountType(AccountType.PERSONAL);
    account.setUid(userOneName);
    account = accountService.save(account);
    AccIdentityAccountDto accountIdentityOne = new AccIdentityAccountDto();
    accountIdentityOne.setIdentity(identity.getId());
    accountIdentityOne.setOwnership(true);
    accountIdentityOne.setAccount(account.getId());
    accountIdentityOne = identityAccountService.save(accountIdentityOne);
    // Assign role with evaluator
    helper.createIdentityRole(identity, role);
    logout();
    loginService.login(new LoginDto(identity.getUsername(), identity.getPassword()));
    IcConnectorObject connectorObject = accountService.getConnectorObject(account, IdmBasePermission.READ);
    Assert.assertNotNull(connectorObject);
    Assert.assertEquals(userOneName, connectorObject.getUidValue());
    Assert.assertNotNull(connectorObject.getAttributeByName(eavAttributeName));
    Assert.assertEquals(userOneName, connectorObject.getAttributeByName(eavAttributeName).getValue());
}
Also used : LocalDateTime(org.joda.time.LocalDateTime) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccAccount(eu.bcvsolutions.idm.acc.entity.AccAccount) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LoginDto(eu.bcvsolutions.idm.core.security.api.dto.LoginDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)41 Test (org.junit.Test)25 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)23 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)22 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)18 IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)16 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)14 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)11 AbstractUnitTest (eu.bcvsolutions.idm.test.api.AbstractUnitTest)7 AccAccount (eu.bcvsolutions.idm.acc.entity.AccAccount)6 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)5 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)5 UUID (java.util.UUID)5 Transactional (org.springframework.transaction.annotation.Transactional)5 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)4 IdmConfiguration (eu.bcvsolutions.idm.core.model.entity.IdmConfiguration)4 IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)4 IcConnectorObject (eu.bcvsolutions.idm.ic.api.IcConnectorObject)4 LocalDateTime (org.joda.time.LocalDateTime)4 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial