Example 1 with IdmDelegationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto in project CzechIdMng by bcvsolutions.
the class AbstractDelegationType method delegate.
@Override
public IdmDelegationDto delegate(BaseDto owner, IdmDelegationDefinitionDto definition) {
IdmDelegationFilter delegationFilter = new IdmDelegationFilter();
delegationFilter.setOwnerId(DtoUtils.toUuid(owner.getId()));
delegationFilter.setOwnerType(owner.getClass().getCanonicalName());
delegationFilter.setDelegationDefinitionId(definition.getId());
// Check if same delegation already exists.
IdmDelegationDto delegation = delegationService.find(delegationFilter, null).getContent().stream().findFirst().orElse(null);
if (delegation != null) {
LOG.debug("Delegation [{}] for definition [{}] and owner [{}],[{}] already exists.", delegation.getId(), definition.getId(), owner.getId(), owner.getClass().getSimpleName());
return delegation;
}
delegation = new IdmDelegationDto();
delegation.setOwnerState(new OperationResultDto(OperationState.RUNNING));
delegation.setDefinition(definition.getId());
delegation.setOwnerId(DtoUtils.toUuid(owner.getId()));
delegation.setOwnerType(owner.getClass().getCanonicalName());
return delegationService.save(delegation);
}
Also used :
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
IdmDelegationFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationFilter)
Example 2 with IdmDelegationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto in project CzechIdMng by bcvsolutions.
the class ManualTaskDelegationType method delegate.
@Override
public IdmDelegationDto delegate(BaseDto owner, IdmDelegationDefinitionDto definition) {
IdmDelegationFilter delegationFilter = new IdmDelegationFilter();
delegationFilter.setOwnerId(DtoUtils.toUuid(owner.getId()));
delegationFilter.setOwnerType(owner.getClass().getCanonicalName());
delegationFilter.setDelegationDefinitionId(definition.getId());
// Check if same delegation already exists is for manual delegatio disabled.
IdmDelegationDto delegation = new IdmDelegationDto();
delegation.setOwnerState(new OperationResultDto(OperationState.RUNNING));
delegation.setDefinition(definition.getId());
delegation.setOwnerId(DtoUtils.toUuid(owner.getId()));
delegation.setOwnerType(owner.getClass().getCanonicalName());
return delegationService.save(delegation);
}
Also used :
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
IdmDelegationFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationFilter)
Example 3 with IdmDelegationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto in project CzechIdMng by bcvsolutions.
the class DelegationByDelegationDefinitionEvaluatorTest method testRead.
@Test
public void testRead() {
IdmIdentityDto delegatorOne = getHelper().createIdentity();
IdmIdentityDto delegatorTwo = getHelper().createIdentity();
IdmIdentityContractDto primeContactDelegatorOne = getHelper().getPrimeContract(delegatorOne);
IdmIdentityDto delegateOne = getHelper().createIdentity();
IdmIdentityDto delegateTwo = getHelper().createIdentity();
// Create default delegation One.
IdmDelegationDefinitionDto delegationDefOne = new IdmDelegationDefinitionDto();
delegationDefOne.setType(DefaultDelegationType.NAME);
delegationDefOne.setDelegator(delegatorOne.getId());
delegationDefOne.setDelegate(delegateOne.getId());
delegationDefOne = delegationDefinitionService.save(delegationDefOne);
// Create default delegation Two.
IdmDelegationDefinitionDto delegationDefTwo = new IdmDelegationDefinitionDto();
delegationDefTwo.setType(DefaultDelegationType.NAME);
delegationDefTwo.setDelegator(delegatorTwo.getId());
delegationDefTwo.setDelegate(delegateTwo.getId());
delegationDefTwo = delegationDefinitionService.save(delegationDefTwo);
IdmDelegationDto delegationOne = new IdmDelegationDto();
delegationOne.setDefinition(delegationDefOne.getId());
delegationOne.setOwnerId(UUID.randomUUID());
delegationOne.setOwnerType(WorkflowTaskInstanceDto.class.getCanonicalName());
delegationOne = delegationService.save(delegationOne);
IdmDelegationDto delegationTwo = new IdmDelegationDto();
delegationTwo.setDefinition(delegationDefTwo.getId());
delegationTwo.setOwnerId(UUID.randomUUID());
delegationTwo.setOwnerType(WorkflowTaskInstanceDto.class.getCanonicalName());
delegationService.save(delegationTwo);
List<IdmIdentityDto> identities;
List<IdmIdentityContractDto> contracts;
List<IdmDelegationDefinitionDto> delegationDefinitions;
List<IdmDelegationDto> delegations;
IdmRoleDto roleWithPermissions = getHelper().createRole();
getHelper().createIdentityRole(delegatorOne, roleWithPermissions);
getHelper().createIdentityRole(delegatorTwo, roleWithPermissions);
getHelper().createIdentityRole(delegateOne, roleWithPermissions);
getHelper().createIdentityRole(delegateTwo, roleWithPermissions);
// check - read without policy
try {
getHelper().login(delegateOne.getUsername(), delegateOne.getPassword());
//
identities = identityService.find(null, IdmBasePermission.READ).getContent();
Assert.assertTrue(identities.isEmpty());
contracts = contractService.find(null, IdmBasePermission.READ).getContent();
Assert.assertTrue(contracts.isEmpty());
delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.READ).getContent();
Assert.assertTrue(delegationDefinitions.isEmpty());
delegations = delegationService.find(null, IdmBasePermission.READ).getContent();
Assert.assertTrue(delegations.isEmpty());
} finally {
logout();
}
// create authorization policy - assign to role
// identity
getHelper().createAuthorizationPolicy(roleWithPermissions.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, SelfIdentityEvaluator.class, IdmBasePermission.READ);
// delegation definitions transitively
getHelper().createAuthorizationPolicy(roleWithPermissions.getId(), CoreGroupPermission.DELEGATIONDEFINITION, IdmDelegationDefinition.class, DelegationDefinitionByDelegateEvaluator.class);
// delegation transitively
getHelper().createAuthorizationPolicy(roleWithPermissions.getId(), CoreGroupPermission.DELEGATIONDEFINITION, IdmDelegation.class, DelegationByDelegationDefinitionEvaluator.class);
//
try {
getHelper().login(delegateOne.getUsername(), delegateOne.getPassword());
//
// without update permission
identities = identityService.find(null, IdmBasePermission.UPDATE).getContent();
Assert.assertTrue(identities.isEmpty());
contracts = contractService.find(null, IdmBasePermission.UPDATE).getContent();
Assert.assertTrue(contracts.isEmpty());
delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.UPDATE).getContent();
Assert.assertTrue(delegationDefinitions.isEmpty());
//
// evaluate access
identities = identityService.find(null, IdmBasePermission.READ).getContent();
Assert.assertEquals(1, identities.size());
Assert.assertEquals(delegateOne.getId(), identities.get(0).getId());
contracts = contractService.find(null, IdmBasePermission.READ).getContent();
Assert.assertEquals(0, contracts.size());
delegationDefinitions = delegationDefinitionService.find(null, IdmBasePermission.READ).getContent();
Assert.assertEquals(1, delegationDefinitions.size());
Assert.assertEquals(delegationDefOne.getId(), delegationDefinitions.get(0).getId());
delegations = delegationService.find(null, IdmBasePermission.READ).getContent();
Assert.assertEquals(1, delegations.size());
Assert.assertEquals(delegationOne.getId(), delegations.get(0).getId());
//
Set<String> permissions = identityService.getPermissions(delegateOne);
Assert.assertEquals(1, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.name())));
permissions = contractService.getPermissions(primeContactDelegatorOne);
Assert.assertEquals(0, permissions.size());
permissions = delegationDefinitionService.getPermissions(delegationDefOne);
Assert.assertEquals(1, permissions.size());
Assert.assertTrue(permissions.stream().anyMatch(p -> p.equals(IdmBasePermission.READ.name())));
} finally {
logout();
}
}
Also used :
DefaultDelegationType(eu.bcvsolutions.idm.core.model.delegation.type.DefaultDelegationType)
IdmDelegation(eu.bcvsolutions.idm.core.model.entity.IdmDelegation)
Autowired(org.springframework.beans.factory.annotation.Autowired)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
DelegationDefinitionByDelegateEvaluator(eu.bcvsolutions.idm.core.security.evaluator.delegation.DelegationDefinitionByDelegateEvaluator)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmDelegationDefinition(eu.bcvsolutions.idm.core.model.entity.IdmDelegationDefinition)
Set(java.util.Set)
Test(org.junit.Test)
IdmDelegationService(eu.bcvsolutions.idm.core.api.service.IdmDelegationService)
UUID(java.util.UUID)
List(java.util.List)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
SelfIdentityEvaluator(eu.bcvsolutions.idm.core.security.evaluator.identity.SelfIdentityEvaluator)
AbstractEvaluatorIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractEvaluatorIntegrationTest)
IdmDelegationDefinitionService(eu.bcvsolutions.idm.core.api.service.IdmDelegationDefinitionService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
Assert(org.junit.Assert)
IdmDelegationDefinitionDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto)
DelegationByDelegationDefinitionEvaluator(eu.bcvsolutions.idm.core.security.evaluator.delegation.DelegationByDelegationDefinitionEvaluator)
Transactional(org.springframework.transaction.annotation.Transactional)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmDelegationDefinitionDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Test(org.junit.Test)
AbstractEvaluatorIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractEvaluatorIntegrationTest)
Example 4 with IdmDelegationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto in project CzechIdMng by bcvsolutions.
the class WorkflowHistoricTaskInstanceController method addDelegationToTask.
/**
* Find and add definition of the delegation connected with this task.
*
* @param dto
*/
private void addDelegationToTask(WorkflowTaskInstanceDto dto, BasePermission... permission) {
if (dto != null && dto.getId() != null) {
// We need to create mock task, because DTO is instance of historic task here.
WorkflowTaskInstanceDto mockTask = new WorkflowTaskInstanceDto();
mockTask.setId(dto.getId());
List<IdmDelegationDto> delegations = delegationManager.findDelegationForOwner(mockTask, permission).stream().sorted(Comparator.comparing(IdmDelegationDto::getCreated, Comparator.nullsFirst(Comparator.naturalOrder()))).collect(Collectors.toList());
// TODO: ONLY first delegation definition is sets to the task!
if (!CollectionUtils.isEmpty(delegations)) {
Collections.reverse(delegations);
IdmDelegationDto delegation = delegations.get(0);
IdmDelegationDefinitionDto definition = DtoUtils.getEmbedded(delegation, IdmDelegation_.definition.getName(), IdmDelegationDefinitionDto.class);
dto.setDelegationDefinition(definition);
}
}
}
Also used :
IdmDelegationDefinitionDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
Example 5 with IdmDelegationDto
use of eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto in project CzechIdMng by bcvsolutions.
the class DelegationDeleteProcessor method process.
@Override
public EventResult<IdmDelegationDto> process(EntityEvent<IdmDelegationDto> event) {
IdmDelegationDto dto = event.getContent();
// Internal delete
service.deleteInternal(dto);
return new DefaultEventResult<>(event, this);
}
Also used :
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmDelegationDto(eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)
Aggregations
IdmDelegationDto (eu.bcvsolutions.idm.core.api.dto.IdmDelegationDto)10
IdmDelegationDefinitionDto (eu.bcvsolutions.idm.core.api.dto.IdmDelegationDefinitionDto)6
WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)5
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)3
OperationResultDto (eu.bcvsolutions.idm.core.api.dto.OperationResultDto)3
IdmDelegationFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationFilter)3
DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)3
UUID (java.util.UUID)3
CoreGroupPermission (eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)2
IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)2
BulkActionManager (eu.bcvsolutions.idm.core.api.bulk.action.BulkActionManager)1
IdmBulkActionDto (eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto)1
SwaggerConfig (eu.bcvsolutions.idm.core.api.config.swagger.SwaggerConfig)1
CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)1
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)1
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)1
ResultModels (eu.bcvsolutions.idm.core.api.dto.ResultModels)1
EntityNotFoundException (eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException)1
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)1
AbstractReadDtoController (eu.bcvsolutions.idm.core.api.rest.AbstractReadDtoController)1
