Examples with IdmDelegationDefinitionDto eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto used on opensource projects

Example 11 with IdmDelegationDefinitionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto in project CzechIdMng by bcvsolutions.

the class DelegationDefinitionByDelegatorEvaluatorTest method testRead.

@Test
public void testRead() {
    IdmIdentityDto delegatorOne = getHelper().createIdentity();
    IdmIdentityDto delegatorTwo = getHelper().createIdentity();
    IdmIdentityContractDto primeContactDelegatorOne = getHelper().getPrimeContract(delegatorOne);
    IdmIdentityDto delegateOne = getHelper().createIdentity();
    IdmIdentityDto delegateTwo = getHelper().createIdentity();
    // Create default delegation One.
    IdmDelegationDefinitionDto definitionOne = new IdmDelegationDefinitionDto();
    definitionOne.setType(DefaultDelegationType.NAME);
    definitionOne.setDelegator(delegatorOne.getId());
    definitionOne.setDelegate(delegateOne.getId());
    definitionOne = delegationDefinitionService.save(definitionOne);
    // Create default delegation Two.
    IdmDelegationDefinitionDto definitionTwo = new IdmDelegationDefinitionDto();
    definitionTwo.setType(DefaultDelegationType.NAME);
    definitionTwo.setDelegator(delegatorTwo.getId());
    definitionTwo.setDelegate(delegateTwo.getId());
    delegationDefinitionService.save(definitionTwo);
    // 
    List<IdmIdentityDto> identities;
    List<IdmIdentityContractDto> contracts;
    List<IdmDelegationDefinitionDto> delegationDefinitions;
    IdmRoleDto roleWithPermissions = getHelper().createRole();
    // 
    getHelper().createIdentityRole(delegatorOne, roleWithPermissions);
    getHelper().createIdentityRole(delegatorTwo, roleWithPermissions);
    // check - read without policy
    try {
        getHelper().login(delegatorOne);
        // 
        identities = identityService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertTrue(identities.isEmpty());
        contracts = contractService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertTrue(contracts.isEmpty());
        delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertTrue(delegationDefinitions.isEmpty());
    } finally {
        logout();
    }
    // 
    // create authorization policy - assign to role
    // identity
    getHelper().createAuthorizationPolicy(roleWithPermissions.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, SelfIdentityEvaluator.class, IdmBasePermission.READ);
    // delegation transitively
    getHelper().createAuthorizationPolicy(roleWithPermissions.getId(), CoreGroupPermission.DELEGATIONDEFINITION, IdmDelegationDefinition.class, DelegationDefinitionByDelegatorEvaluator.class);
    // 
    try {
        getHelper().login(delegatorOne);
        // 
        // without update permission
        identities = identityService.find(null, IdmBasePermission.UPDATE).getContent();
        Assert.assertTrue(identities.isEmpty());
        contracts = contractService.find(null, IdmBasePermission.UPDATE).getContent();
        Assert.assertTrue(contracts.isEmpty());
        delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.UPDATE).getContent();
        Assert.assertTrue(delegationDefinitions.isEmpty());
        // 
        // evaluate	access
        identities = identityService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertEquals(1, identities.size());
        Assert.assertEquals(delegatorOne.getId(), identities.get(0).getId());
        contracts = contractService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertEquals(0, contracts.size());
        delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.READ).getContent();
        Assert.assertEquals(1, delegationDefinitions.size());
        Assert.assertEquals(definitionOne.getId(), delegationDefinitions.get(0).getId());
        // 
        Set<String> permissions = identityService.getPermissions(delegatorOne);
        Assert.assertEquals(1, permissions.size());
        Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.name())));
        permissions = contractService.getPermissions(primeContactDelegatorOne);
        Assert.assertEquals(0, permissions.size());
        permissions = delegationDefinitionService.getPermissions(definitionOne);
        Assert.assertEquals(1, permissions.size());
        Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.name())));
    } finally {
        logout();
    }
}

Example 12 with IdmDelegationDefinitionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto in project CzechIdMng by bcvsolutions.

the class ManualWorkflowTaskDelegationBulkAction method findDelegationDefinition.

/**
 * Find delegation definitions for delegator and delegate.
 *
 * @param delegateId
 * @param delegatorId
 * @return
 */
private IdmDelegationDefinitionDto findDelegationDefinition(UUID delegateId, UUID delegatorId) {
    IdmDelegationDefinitionFilter definitionFilter = new IdmDelegationDefinitionFilter();
    definitionFilter.setValid(Boolean.TRUE);
    definitionFilter.setType(ManualTaskDelegationType.NAME);
    definitionFilter.setDelegateId(delegateId);
    definitionFilter.setDelegatorId(delegatorId);
    List<IdmDelegationDefinitionDto> delegations = delegationDefinitionService.find(definitionFilter, null).getContent();
    IdmDelegationDefinitionDto delegationDefinition;
    if (CollectionUtils.isEmpty(delegations)) {
        delegationDefinition = new IdmDelegationDefinitionDto();
        delegationDefinition.setDelegate(delegateId);
        delegationDefinition.setDelegator(delegatorId);
        delegationDefinition.setType(ManualTaskDelegationType.NAME);
        delegationDefinition = delegationDefinitionService.save(delegationDefinition);
    } else {
        // Should be only one.
        delegationDefinition = delegations.get(0);
    }
    return delegationDefinition;
}

Example 13 with IdmDelegationDefinitionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto in project CzechIdMng by bcvsolutions.

the class ManualWorkflowTaskDelegationBulkAction method processDto.

@Override
protected OperationResult processDto(WorkflowTaskInstanceAbstractDto task) {
    IdmBulkActionDto action = this.getAction();
    Assert.notNull(action, "Bulk action is required.");
    IdmIdentityDto delegator = findDelegator();
    if (delegator == null) {
        throw new ResultCodeException(CoreResultCode.MANUAL_TASK_DELEGATION_DELEGATOR_MISSING);
    }
    UUID delegateId = this.getDelegateId();
    UUID delegatorId = delegator.getId();
    Assert.notNull(delegateId, "Delegate ID cannot be null!");
    IdmIdentityDto delegate = identityService.get(delegateId);
    Assert.notNull(delegate, "Delegate cannot be null!");
    boolean delegatorIsCandidate = task.getIdentityLinks().stream().filter(identityLink -> IdentityLinkType.CANDIDATE.equals(identityLink.getType()) || IdentityLinkType.ASSIGNEE.equals(identityLink.getType())).filter(identityLink -> UUID.fromString(identityLink.getUserId()).equals(delegatorId)).findFirst().isPresent();
    // Delegator have to be candidate or assigned task user!
    if (!delegatorIsCandidate) {
        throw new ResultCodeException(CoreResultCode.MANUAL_TASK_DELEGATION_DELEGATOR_IS_NOT_CANDIDATE, ImmutableMap.of("delegator", delegator.getUsername(), "task", task.getId()));
    }
    // Find delegation definitions for delegator and delegate.
    IdmDelegationDefinitionDto delegationDefinition = findDelegationDefinition(delegateId, delegatorId);
    WorkflowTaskInstanceDto mockTask = new WorkflowTaskInstanceDto();
    mockTask.setId(task.getId().toString());
    // Create delegation for this task.
    delegationManager.delegate(mockTask, delegationDefinition);
    // Add delegate as task candidat.
    taskService.addCandidateUser(mockTask.getId(), delegationDefinition.getDelegate().toString());
    // Delete delegator form the task's candidats.
    taskService.deleteCandidateUser(mockTask.getId(), delegationDefinition.getDelegator().toString());
    // Add delegator as participant to this task.
    taskService.addUserIdentityLink(mockTask.getId(), delegationDefinition.getDelegator().toString(), IdentityLinkType.PARTICIPANT);
    return new OperationResult.Builder(OperationState.EXECUTED).build();
}

Example 14 with IdmDelegationDefinitionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto in project CzechIdMng by bcvsolutions.

the class DelegationCreateNotificationProcessor method process.

@Override
public EventResult<IdmDelegationDto> process(EntityEvent<IdmDelegationDto> event) {
    IdmDelegationDto dto = event.getContent();
    IdmDelegationDefinitionDto definition = lookupService.lookupEmbeddedDto(dto, IdmDelegation_.definition);
    Assert.notNull(definition, "Delegate definition cannot be null!");
    Assert.notNull(definition.getType(), "Delegate type cannot be null!");
    Assert.notNull(definition.getDelegator(), "Delegator cannot be null!");
    Assert.notNull(definition.getDelegate(), "Delegate cannot be null!");
    IdmIdentityDto delegator = identityService.get(definition.getDelegator());
    IdmIdentityDto delegate = identityService.get(definition.getDelegate());
    // UUID currentUserId = securityService.getCurrentId();
    // Send notification to the delegate.
    sendNotification(CoreModuleDescriptor.TOPIC_DELEGATION_INSTANCE_CREATED_TO_DELEGATE, dto, definition, delegator, delegate, delegate);
    return new DefaultEventResult<>(event, this);
}

Example 15 with IdmDelegationDefinitionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto in project CzechIdMng by bcvsolutions.

the class WorkflowTaskInstanceController method addDelegationToTask.

/**
 * Find and add definition of the delegation connected with this task.
 *
 * @param dto
 */
private void addDelegationToTask(WorkflowTaskInstanceDto dto, BasePermission... permission) {
    if (dto != null && dto.getId() != null) {
        // We need to create mock task, because DTO can be instance of historic task here.
        WorkflowTaskInstanceDto mockTask = new WorkflowTaskInstanceDto();
        mockTask.setId(dto.getId());
        UUID currentUserId = securityService.getCurrentId();
        boolean currentUserIsCandidate = dto.getIdentityLinks().stream().filter(identityLink -> IdentityLinkType.CANDIDATE.equals(identityLink.getType()) || IdentityLinkType.ASSIGNEE.equals(identityLink.getType())).anyMatch(identityLink -> currentUserId != null && UUID.fromString(identityLink.getUserId()).equals(currentUserId));
        boolean filterOnlyForCurrentUser = currentUserIsCandidate && !workflowTaskInstanceService.canReadAllTask(permission);
        List<IdmDelegationDto> delegations = delegationManager.findDelegationForOwner(mockTask, permission).stream().filter(delegation -> {
            // Filter only delegation where delegator or delegate is logged user (and user is not admin).
            if (!filterOnlyForCurrentUser) {
                return true;
            }
            IdmDelegationDefinitionDto definition = DtoUtils.getEmbedded(delegation, IdmDelegation_.definition.getName(), IdmDelegationDefinitionDto.class);
            return definition.getDelegate().equals(currentUserId) || definition.getDelegator().equals(currentUserId);
        }).sorted(Comparator.comparing(IdmDelegationDto::getCreated)).collect(Collectors.toList());
        // TODO: ONLY first delegation definition is sets to the task!
        if (!CollectionUtils.isEmpty(delegations)) {
            Collections.reverse(delegations);
            IdmDelegationDto delegation = delegations.get(0);
            IdmDelegationDefinitionDto definition = DtoUtils.getEmbedded(delegation, IdmDelegation_.definition.getName(), IdmDelegationDefinitionDto.class);
            dto.setDelegationDefinition(definition);
        }
    }
}