use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.
the class AutomaticRoleAttributeDeleteProcessor method process.
@Override
public EventResult<IdmAutomaticRoleAttributeDto> process(EntityEvent<IdmAutomaticRoleAttributeDto> event) {
IdmAutomaticRoleAttributeDto content = event.getContent();
//
// delete all assigned roles gained by this automatic role by long running task
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(content.getId());
longRunningTaskManager.executeSync(automaticRoleTask);
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.
the class AutomaticRoleAttributeRuleDeleteProcessor method process.
@Override
public EventResult<IdmAutomaticRoleAttributeRuleDto> process(EntityEvent<IdmAutomaticRoleAttributeRuleDto> event) {
IdmAutomaticRoleAttributeRuleDto dto = event.getContent();
//
List<IdmAutomaticRoleAttributeRuleDto> allRules = automactiRoleAttributeRuleService.findAllRulesForAutomaticRole(dto.getAutomaticRoleAttribute());
// by default is skip value null => false
if (!this.getBooleanProperty(SKIP_CHECK_LAST_RULE, event.getProperties())) {
// it's last rule, remove all identity role
if (allRules.size() == 1 && dto.getId().equals(allRules.get(0).getId())) {
// before we start delete identity role, we check how many identities has the auto role
// if doesn't exist identities that has the role, skip remove
IdmIdentityFilter identityFilter = new IdmIdentityFilter();
long totalElements = identityService.find(identityFilter, new PageRequest(0, 1)).getTotalElements();
if (totalElements > 0) {
UUID automaticRoleAttributeId = dto.getAutomaticRoleAttribute();
removeAllRoles(automaticRoleAttributeId);
//
// we also set concept to false
IdmAutomaticRoleAttributeDto roleAttributeDto = automaticRoleAttributeRuleService.get(automaticRoleAttributeId);
roleAttributeDto.setConcept(false);
roleAttributeDto = automaticRoleAttributeRuleService.save(roleAttributeDto);
}
}
}
UUID automaticRuleId = dto.getId();
// Find all automatic role requests and remove relation on rule
if (automaticRuleId != null) {
IdmAutomaticRoleAttributeRuleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
automaticRoleRequestFilter.setRuleId(automaticRuleId);
ruleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setRule(null);
ruleRequestService.save(request);
});
}
//
automactiRoleAttributeRuleService.deleteInternal(dto);
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.
the class DefaultAutomaticRoleManager method changeAutomaticRoleRules.
@Override
public IdmAutomaticRoleAttributeDto changeAutomaticRoleRules(IdmAutomaticRoleAttributeDto automaticRole, boolean executeImmediately, IdmAutomaticRoleAttributeRuleDto... newRules) {
Assert.notNull(automaticRole);
Assert.notNull(automaticRole.getId(), "Automatic role must exists!");
IdmAutomaticRoleRequestDto request = new IdmAutomaticRoleRequestDto();
request.setOperation(RequestOperationType.UPDATE);
request.setRequestType(AutomaticRoleRequestType.ATTRIBUTE);
request.setExecuteImmediately(executeImmediately);
request.setAutomaticRole(automaticRole.getId());
request.setName(automaticRole.getName());
request.setRole(automaticRole.getRole());
final IdmAutomaticRoleRequestDto createdRequest = roleRequestService.save(request);
ArrayList<IdmAutomaticRoleAttributeRuleDto> rules = Lists.newArrayList(newRules);
if (rules != null) {
// Creates request for change or add rule
rules.forEach(rule -> {
IdmAutomaticRoleAttributeRuleRequestDto ruleRequest = new IdmAutomaticRoleAttributeRuleRequestDto();
ruleRequest.setRequest(createdRequest.getId());
ruleRequest.setOperation(rule.getId() != null ? RequestOperationType.UPDATE : RequestOperationType.ADD);
ruleRequest.setAttributeName(rule.getAttributeName());
ruleRequest.setComparison(rule.getComparison());
ruleRequest.setType(rule.getType());
ruleRequest.setFormAttribute(rule.getFormAttribute());
ruleRequest.setValue(rule.getValue());
ruleRequest.setRule(rule.getId());
ruleRequest = ruleRequestService.save(ruleRequest);
});
}
IdmAutomaticRoleAttributeRuleFilter ruleFilter = new IdmAutomaticRoleAttributeRuleFilter();
ruleFilter.setAutomaticRoleAttributeId(automaticRole.getId());
List<IdmAutomaticRoleAttributeRuleDto> currentRules = ruleService.find(ruleFilter, null).getContent();
currentRules.stream().filter(currentRule -> {
return rules == null || !rules.contains(currentRule);
}).forEach(ruleToDelete -> {
// Creates request for remove rule
IdmAutomaticRoleAttributeRuleRequestDto ruleRequest = new IdmAutomaticRoleAttributeRuleRequestDto();
ruleRequest.setRequest(createdRequest.getId());
ruleRequest.setOperation(RequestOperationType.REMOVE);
ruleRequest.setAttributeName(ruleToDelete.getAttributeName());
ruleRequest.setComparison(ruleToDelete.getComparison());
ruleRequest.setType(ruleToDelete.getType());
ruleRequest.setFormAttribute(ruleToDelete.getFormAttribute());
ruleRequest.setValue(ruleToDelete.getValue());
ruleRequest.setRule(ruleToDelete.getId());
ruleRequest = ruleRequestService.save(ruleRequest);
});
IdmAutomaticRoleRequestDto executedRequest = roleRequestService.startRequestInternal(createdRequest.getId(), true);
if (RequestState.EXECUTED == executedRequest.getState()) {
UUID createdAutomaticRoleId = executedRequest.getAutomaticRole();
Assert.notNull(createdAutomaticRoleId);
return automaticRoleAttributeService.get(executedRequest.getAutomaticRole());
}
if (RequestState.IN_PROGRESS == executedRequest.getState()) {
throw new AcceptedException(executedRequest.getId().toString());
}
if (RequestState.EXCEPTION == executedRequest.getState()) {
throw new CoreException(executedRequest.getResult().getCause());
}
return null;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeService method delete.
/**
* Publish {@link AutomaticRoleAttributeEvent} only.
*
* @see {@link AutomaticRoleAttributeDeleteProcessor}
*/
@Override
@Transactional(noRollbackFor = AcceptedException.class)
public void delete(IdmAutomaticRoleAttributeDto dto, BasePermission... permission) {
Assert.notNull(dto);
checkAccess(this.getEntity(dto.getId()), permission);
//
LOG.debug("Deleting automatic role by attribute [{}]", dto.getRole());
//
EventContext<IdmAutomaticRoleAttributeDto> context = entityEventManager.process(new AutomaticRoleAttributeEvent(AutomaticRoleAttributeEventType.DELETE, dto));
//
if (context.isSuspended()) {
throw new AcceptedException();
}
}
use of eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestService method executeRequestInternal.
private IdmAutomaticRoleRequestDto executeRequestInternal(UUID requestId) {
Assert.notNull(requestId, "Role request ID is required!");
IdmAutomaticRoleRequestDto request = this.get(requestId);
Assert.notNull(request, "Role request is required!");
IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
ruleFilter.setRoleRequestId(requestId);
List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
UUID automaticRoleId = request.getAutomaticRole();
if (AutomaticRoleRequestType.ATTRIBUTE == request.getRequestType()) {
// Automatic role by attributes
if (RequestOperationType.REMOVE == request.getOperation()) {
// Remove automatic role by attributes
Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
automaticRoleAttributeService.delete(automaticRoleAttributeService.get(automaticRoleId));
request.setAutomaticRole(null);
} else {
// Add new or update (rules) for automatic role by attributes
IdmAutomaticRoleAttributeDto automaticRole = null;
if (automaticRoleId != null) {
automaticRole = automaticRoleAttributeService.get(automaticRoleId);
} else {
automaticRole = new IdmAutomaticRoleAttributeDto();
automaticRole = initAttributeAutomaticRole(request, automaticRole);
automaticRole = automaticRoleAttributeService.save(automaticRole);
request.setAutomaticRole(automaticRole.getId());
}
UUID roleId = automaticRole.getRole() != null ? automaticRole.getRole() : request.getRole();
Assert.notNull(roleId, "Id of role is required in the automatic role request!");
IdmRoleDto role = roleService.get(request.getRole());
Assert.notNull(role, "Role is required in the automatic role request!");
// Before we do any change, we have to sets the automatic role to concept state
automaticRole.setConcept(true);
automaticRoleAttributeService.save(automaticRole);
// Realize changes for rules
realizeAttributeRules(request, automaticRole, ruleConcepts);
// Sets automatic role as no concept -> execute recalculation this role
automaticRole.setConcept(false);
automaticRoleAttributeService.recalculate(automaticRoleAttributeService.save(automaticRole).getId());
}
} else if (AutomaticRoleRequestType.TREE == request.getRequestType()) {
// Automatic role by node in a tree
if (RequestOperationType.REMOVE == request.getOperation()) {
// Remove tree automatic role
Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
// Recount (remove) assigned roles ensures LRT during delete
automaticRoleTreeService.delete(automaticRoleTreeService.get(automaticRoleId));
request.setAutomaticRole(null);
} else if (RequestOperationType.ADD == request.getOperation()) {
// Create new tree automatic role
IdmRoleTreeNodeDto treeAutomaticRole = new IdmRoleTreeNodeDto();
treeAutomaticRole = initTreeAutomaticRole(request, treeAutomaticRole);
// Recount of assigned roles ensures LRT after save
treeAutomaticRole = automaticRoleTreeService.save(treeAutomaticRole);
request.setAutomaticRole(treeAutomaticRole.getId());
} else {
// Update is not supported
throw new ResultCodeException(CoreResultCode.METHOD_NOT_ALLOWED, "Tree automatic role update is not supported");
}
}
request.setState(RequestState.EXECUTED);
request.setResult(new OperationResultDto.Builder(OperationState.EXECUTED).build());
return this.save(request);
}
Aggregations