Search in sources :

Example 51 with IdmAutomaticRoleAttributeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.

the class AutomaticRoleAttributeDeleteProcessor method process.

@Override
public EventResult<IdmAutomaticRoleAttributeDto> process(EntityEvent<IdmAutomaticRoleAttributeDto> event) {
    IdmAutomaticRoleAttributeDto content = event.getContent();
    // 
    // delete all assigned roles gained by this automatic role by long running task
    RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
    automaticRoleTask.setAutomaticRoleId(content.getId());
    longRunningTaskManager.executeSync(automaticRoleTask);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)

Example 52 with IdmAutomaticRoleAttributeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.

the class AutomaticRoleAttributeRuleDeleteProcessor method process.

@Override
public EventResult<IdmAutomaticRoleAttributeRuleDto> process(EntityEvent<IdmAutomaticRoleAttributeRuleDto> event) {
    IdmAutomaticRoleAttributeRuleDto dto = event.getContent();
    // 
    List<IdmAutomaticRoleAttributeRuleDto> allRules = automactiRoleAttributeRuleService.findAllRulesForAutomaticRole(dto.getAutomaticRoleAttribute());
    // by default is skip value null => false
    if (!this.getBooleanProperty(SKIP_CHECK_LAST_RULE, event.getProperties())) {
        // it's last rule, remove all identity role
        if (allRules.size() == 1 && dto.getId().equals(allRules.get(0).getId())) {
            // before we start delete identity role, we check how many identities has the auto role
            // if doesn't exist identities that has the role, skip remove
            IdmIdentityFilter identityFilter = new IdmIdentityFilter();
            long totalElements = identityService.find(identityFilter, new PageRequest(0, 1)).getTotalElements();
            if (totalElements > 0) {
                UUID automaticRoleAttributeId = dto.getAutomaticRoleAttribute();
                removeAllRoles(automaticRoleAttributeId);
                // 
                // we also set concept to false
                IdmAutomaticRoleAttributeDto roleAttributeDto = automaticRoleAttributeRuleService.get(automaticRoleAttributeId);
                roleAttributeDto.setConcept(false);
                roleAttributeDto = automaticRoleAttributeRuleService.save(roleAttributeDto);
            }
        }
    }
    UUID automaticRuleId = dto.getId();
    // Find all automatic role requests and remove relation on rule
    if (automaticRuleId != null) {
        IdmAutomaticRoleAttributeRuleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
        automaticRoleRequestFilter.setRuleId(automaticRuleId);
        ruleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
            request.setRule(null);
            ruleRequestService.save(request);
        });
    }
    // 
    automactiRoleAttributeRuleService.deleteInternal(dto);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter) PageRequest(org.springframework.data.domain.PageRequest) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) UUID(java.util.UUID) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)

Example 53 with IdmAutomaticRoleAttributeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.

the class DefaultAutomaticRoleManager method changeAutomaticRoleRules.

@Override
public IdmAutomaticRoleAttributeDto changeAutomaticRoleRules(IdmAutomaticRoleAttributeDto automaticRole, boolean executeImmediately, IdmAutomaticRoleAttributeRuleDto... newRules) {
    Assert.notNull(automaticRole);
    Assert.notNull(automaticRole.getId(), "Automatic role must exists!");
    IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
    request.setOperation(RequestOperationType.UPDATE);
    request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
    request.setExecuteImmediately(executeImmediately);
    request.setAutomaticRole(automaticRole.getId());
    request.setName(automaticRole.getName());
    request.setRole(automaticRole.getRole());
    final IdmAutomaticRoleRequestDto createdRequest = roleRequestService.save(request);
    ArrayList<IdmAutomaticRoleAttributeRuleDto> rules = Lists.newArrayList(newRules);
    if (rules != null) {
        // Creates request for change or add rule
        rules.forEach(rule -> {
            IdmAutomaticRoleAttributeRuleRequestDto ruleRequest = new IdmAutomaticRoleAttributeRuleRequestDto();
            ruleRequest.setRequest(createdRequest.getId());
            ruleRequest.setOperation(rule.getId() != null ? RequestOperationType.UPDATE : RequestOperationType.ADD);
            ruleRequest.setAttributeName(rule.getAttributeName());
            ruleRequest.setComparison(rule.getComparison());
            ruleRequest.setType(rule.getType());
            ruleRequest.setFormAttribute(rule.getFormAttribute());
            ruleRequest.setValue(rule.getValue());
            ruleRequest.setRule(rule.getId());
            ruleRequest = ruleRequestService.save(ruleRequest);
        });
    }
    IdmAutomaticRoleAttributeRuleFilter ruleFilter = new IdmAutomaticRoleAttributeRuleFilter();
    ruleFilter.setAutomaticRoleAttributeId(automaticRole.getId());
    List<IdmAutomaticRoleAttributeRuleDto> currentRules = ruleService.find(ruleFilter, null).getContent();
    currentRules.stream().filter(currentRule -> {
        return rules == null || !rules.contains(currentRule);
    }).forEach(ruleToDelete -> {
        // Creates request for remove rule
        IdmAutomaticRoleAttributeRuleRequestDto ruleRequest = new IdmAutomaticRoleAttributeRuleRequestDto();
        ruleRequest.setRequest(createdRequest.getId());
        ruleRequest.setOperation(RequestOperationType.REMOVE);
        ruleRequest.setAttributeName(ruleToDelete.getAttributeName());
        ruleRequest.setComparison(ruleToDelete.getComparison());
        ruleRequest.setType(ruleToDelete.getType());
        ruleRequest.setFormAttribute(ruleToDelete.getFormAttribute());
        ruleRequest.setValue(ruleToDelete.getValue());
        ruleRequest.setRule(ruleToDelete.getId());
        ruleRequest = ruleRequestService.save(ruleRequest);
    });
    IdmAutomaticRoleRequestDto executedRequest = roleRequestService.startRequestInternal(createdRequest.getId(), true);
    if (RequestState.EXECUTED == executedRequest.getState()) {
        UUID createdAutomaticRoleId = executedRequest.getAutomaticRole();
        Assert.notNull(createdAutomaticRoleId);
        return automaticRoleAttributeService.get(executedRequest.getAutomaticRole());
    }
    if (RequestState.IN_PROGRESS == executedRequest.getState()) {
        throw new AcceptedException(executedRequest.getId().toString());
    }
    if (RequestState.EXCEPTION == executedRequest.getState()) {
        throw new CoreException(executedRequest.getResult().getCause());
    }
    return null;
}
Also used : RequestOperationType(eu.bcvsolutions.idm.core.api.domain.RequestOperationType) AbstractIdmAutomaticRoleDto(eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto) RequestState(eu.bcvsolutions.idm.core.api.domain.RequestState) IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService) Autowired(org.springframework.beans.factory.annotation.Autowired) IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter) ArrayList(java.util.ArrayList) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) AutomaticRoleManager(eu.bcvsolutions.idm.core.api.service.AutomaticRoleManager) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) Lists(com.google.common.collect.Lists) IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) Service(org.springframework.stereotype.Service) AutomaticRoleRequestType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleRequestType) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) IdmAutomaticRoleAttributeRuleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleRequestService) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) UUID(java.util.UUID) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) List(java.util.List) IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) Assert(org.springframework.util.Assert) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter) UUID(java.util.UUID)

Example 54 with IdmAutomaticRoleAttributeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleAttributeService method delete.

/**
 * Publish {@link AutomaticRoleAttributeEvent} only.
 *
 * @see {@link AutomaticRoleAttributeDeleteProcessor}
 */
@Override
@Transactional(noRollbackFor = AcceptedException.class)
public void delete(IdmAutomaticRoleAttributeDto dto, BasePermission... permission) {
    Assert.notNull(dto);
    checkAccess(this.getEntity(dto.getId()), permission);
    // 
    LOG.debug("Deleting automatic role by attribute [{}]", dto.getRole());
    // 
    EventContext<IdmAutomaticRoleAttributeDto> context = entityEventManager.process(new AutomaticRoleAttributeEvent(AutomaticRoleAttributeEventType.DELETE, dto));
    // 
    if (context.isSuspended()) {
        throw new AcceptedException();
    }
}
Also used : AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) AutomaticRoleAttributeEvent(eu.bcvsolutions.idm.core.model.event.AutomaticRoleAttributeEvent) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) Transactional(org.springframework.transaction.annotation.Transactional)

Example 55 with IdmAutomaticRoleAttributeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestService method executeRequestInternal.

private IdmAutomaticRoleRequestDto executeRequestInternal(UUID requestId) {
    Assert.notNull(requestId, "Role request ID is required!");
    IdmAutomaticRoleRequestDto request = this.get(requestId);
    Assert.notNull(request, "Role request is required!");
    IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
    ruleFilter.setRoleRequestId(requestId);
    List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
    UUID automaticRoleId = request.getAutomaticRole();
    if (AutomaticRoleRequestType.ATTRIBUTE == request.getRequestType()) {
        // Automatic role by attributes
        if (RequestOperationType.REMOVE == request.getOperation()) {
            // Remove automatic role by attributes
            Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
            automaticRoleAttributeService.delete(automaticRoleAttributeService.get(automaticRoleId));
            request.setAutomaticRole(null);
        } else {
            // Add new or update (rules) for automatic role by attributes
            IdmAutomaticRoleAttributeDto automaticRole = null;
            if (automaticRoleId != null) {
                automaticRole = automaticRoleAttributeService.get(automaticRoleId);
            } else {
                automaticRole = new IdmAutomaticRoleAttributeDto();
                automaticRole = initAttributeAutomaticRole(request, automaticRole);
                automaticRole = automaticRoleAttributeService.save(automaticRole);
                request.setAutomaticRole(automaticRole.getId());
            }
            UUID roleId = automaticRole.getRole() != null ? automaticRole.getRole() : request.getRole();
            Assert.notNull(roleId, "Id of role is required in the automatic role request!");
            IdmRoleDto role = roleService.get(request.getRole());
            Assert.notNull(role, "Role is required in the automatic role request!");
            // Before we do any change, we have to sets the automatic role to concept state
            automaticRole.setConcept(true);
            automaticRoleAttributeService.save(automaticRole);
            // Realize changes for rules
            realizeAttributeRules(request, automaticRole, ruleConcepts);
            // Sets automatic role as no concept -> execute recalculation this role
            automaticRole.setConcept(false);
            automaticRoleAttributeService.recalculate(automaticRoleAttributeService.save(automaticRole).getId());
        }
    } else if (AutomaticRoleRequestType.TREE == request.getRequestType()) {
        // Automatic role by node in a tree
        if (RequestOperationType.REMOVE == request.getOperation()) {
            // Remove tree automatic role
            Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
            // Recount (remove) assigned roles ensures LRT during delete
            automaticRoleTreeService.delete(automaticRoleTreeService.get(automaticRoleId));
            request.setAutomaticRole(null);
        } else if (RequestOperationType.ADD == request.getOperation()) {
            // Create new tree automatic role
            IdmRoleTreeNodeDto treeAutomaticRole = new IdmRoleTreeNodeDto();
            treeAutomaticRole = initTreeAutomaticRole(request, treeAutomaticRole);
            // Recount of assigned roles ensures LRT after save
            treeAutomaticRole = automaticRoleTreeService.save(treeAutomaticRole);
            request.setAutomaticRole(treeAutomaticRole.getId());
        } else {
            // Update is not supported
            throw new ResultCodeException(CoreResultCode.METHOD_NOT_ALLOWED, "Tree automatic role update is not supported");
        }
    }
    request.setState(RequestState.EXECUTED);
    request.setResult(new OperationResultDto.Builder(OperationState.EXECUTED).build());
    return this.save(request);
}
Also used : IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto) IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) UUID(java.util.UUID) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)

Aggregations

IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)56 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)44 Test (org.junit.Test)41 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)37 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)34 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)30 IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)20 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)17 IdmFormAttributeDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)15 UUID (java.util.UUID)12 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)7 AcceptedException (eu.bcvsolutions.idm.core.api.exception.AcceptedException)7 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)7 IdmAutomaticRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)6 AbstractIdmAutomaticRoleDto (eu.bcvsolutions.idm.core.api.dto.AbstractIdmAutomaticRoleDto)5 IdmAutomaticRoleAttributeRuleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)5 LocalDate (org.joda.time.LocalDate)5 IdmRoleTreeNodeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)4 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)4 RoleRequestException (eu.bcvsolutions.idm.core.api.exception.RoleRequestException)4