Search in sources :

Example 11 with IdmEntityStateDto

use of eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmTreeNodeServiceIntegrationTest method testSkipAndAssignAutomaticRoleOnPositionAfterNodeIsMovedWithUpRecursion.

@Test
public void testSkipAndAssignAutomaticRoleOnPositionAfterNodeIsMovedWithUpRecursion() {
    IdmTreeNodeDto parentNode = getHelper().createTreeNode();
    IdmTreeNodeDto node = getHelper().createTreeNode();
    // define automatic role for parent
    IdmRoleDto role = getHelper().createRole();
    IdmRoleTreeNodeDto automaticRole = getHelper().createRoleTreeNode(role, node, RecursionType.UP, true);
    // create identity with contract on node
    IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
    getHelper().createContractPosition(getHelper().getPrimeContract(identity), parentNode);
    // no role should be assigned now
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertTrue(assignedRoles.isEmpty());
    // 
    node.setParent(parentNode.getId());
    EntityEvent<IdmTreeNodeDto> event = new TreeNodeEvent(TreeNodeEventType.UPDATE, node);
    event.getProperties().put(AutomaticRoleManager.SKIP_RECALCULATION, Boolean.TRUE);
    node = service.publish(event).getContent();
    IdmEntityStateFilter filter = new IdmEntityStateFilter();
    filter.setStates(Lists.newArrayList(OperationState.BLOCKED));
    filter.setResultCode(CoreResultCode.AUTOMATIC_ROLE_SKIPPED.getCode());
    filter.setOwnerType(entityStateManager.getOwnerType(IdmRoleTreeNodeDto.class));
    List<IdmEntityStateDto> skippedStates = entityStateManager.findStates(filter, null).getContent();
    Assert.assertTrue(skippedStates.stream().anyMatch(s -> s.getOwnerId().equals(automaticRole.getId())));
    // 
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertTrue(assignedRoles.isEmpty());
    // 
    // recount skipped automatic roles
    longRunningTaskManager.execute(new ProcessSkippedAutomaticRoleByTreeTaskExecutor());
    skippedStates = entityStateManager.findStates(filter, null).getContent();
    Assert.assertFalse(skippedStates.stream().anyMatch(s -> s.getOwnerId().equals(automaticRole.getId())));
    // 
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(1, assignedRoles.size());
    Assert.assertEquals(automaticRole.getId(), assignedRoles.get(0).getAutomaticRole());
    // 
    IdmTreeNodeDto otherNode = getHelper().createTreeNode(null, null, node);
    IdmRoleDto roleOther = getHelper().createRole();
    IdmRoleTreeNodeDto otherAutomaticRole = getHelper().createRoleTreeNode(roleOther, otherNode, RecursionType.UP, false);
    // 
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(2, assignedRoles.size());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> automaticRole.getId().equals(ir.getAutomaticRole())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> otherAutomaticRole.getId().equals(ir.getAutomaticRole())));
}
Also used : IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) Lists(org.testng.collections.Lists) ProcessAutomaticRoleByTreeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAutomaticRoleByTreeTaskExecutor) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) Autowired(org.springframework.beans.factory.annotation.Autowired) IdmTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmTreeNodeFilter) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) AutomaticRoleManager(eu.bcvsolutions.idm.core.api.service.AutomaticRoleManager) AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper) EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) ForestIndexService(eu.bcvsolutions.forest.index.service.api.ForestIndexService) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) IdmTreeNodeForestContentService(eu.bcvsolutions.idm.core.model.service.api.IdmTreeNodeForestContentService) Before(org.junit.Before) IdmForestIndexEntity(eu.bcvsolutions.idm.core.model.entity.IdmForestIndexEntity) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) RecursionType(eu.bcvsolutions.idm.core.api.domain.RecursionType) LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager) TreeNodeEvent(eu.bcvsolutions.idm.core.model.event.TreeNodeEvent) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) LongRunningFutureTask(eu.bcvsolutions.idm.core.scheduler.api.dto.LongRunningFutureTask) ProcessSkippedAutomaticRoleByTreeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessSkippedAutomaticRoleByTreeTaskExecutor) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) Test(org.junit.Test) IdmEntityStateFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityStateFilter) TreeNodeException(eu.bcvsolutions.idm.core.exception.TreeNodeException) UUID(java.util.UUID) ApplicationContext(org.springframework.context.ApplicationContext) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode) List(java.util.List) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) LocalDate(java.time.LocalDate) TreeNodeEventType(eu.bcvsolutions.idm.core.model.event.TreeNodeEvent.TreeNodeEventType) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) ProcessAllAutomaticRoleByTreeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessAllAutomaticRoleByTreeTaskExecutor) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Assert(org.junit.Assert) Transactional(org.springframework.transaction.annotation.Transactional) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) ProcessSkippedAutomaticRoleByTreeTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.ProcessSkippedAutomaticRoleByTreeTaskExecutor) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) TreeNodeEvent(eu.bcvsolutions.idm.core.model.event.TreeNodeEvent) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmEntityStateFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityStateFilter) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 12 with IdmEntityStateDto

use of eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto in project CzechIdMng by bcvsolutions.

the class DefaultUniformPasswordManagerIntegrationTest method testCreateEntityState.

@Test
public void testCreateEntityState() {
    try {
        // Turn on an async execution.
        getHelper().enableAsynchronousProcessing();
        SysSystemDto system = initData();
        Assert.assertNotNull(system);
        AbstractSysSyncConfigDto config = doCreateSyncConfig(system, null);
        Assert.assertTrue(config instanceof SysSyncContractConfigDto);
        IdmIdentityDto ownerOne = helper.createIdentity();
        IdmIdentityDto ownerTwo = helper.createIdentity();
        List<TestContractResource> contractResources = Lists.newArrayList(this.createContract("1", ownerOne.getUsername(), null, "true", null, null, null, null), this.createContract("2", ownerTwo.getUsername(), null, "false", null, null, null, null));
        this.getBean().initContractData(contractResources);
        IdmIdentityContractFilter contractFilter = new IdmIdentityContractFilter();
        contractFilter.setIdentity(ownerOne.getId());
        contractService.find(contractFilter, null).getContent().forEach(contract -> contractService.delete(contract));
        Assert.assertEquals(0, contractService.find(contractFilter, null).getTotalElements());
        contractFilter.setIdentity(ownerTwo.getId());
        contractService.find(contractFilter, null).getContent().forEach(contract -> contractService.delete(contract));
        Assert.assertEquals(0, contractService.find(contractFilter, null).getTotalElements());
        ownerOne = identityService.get(ownerOne.getId());
        ownerTwo = identityService.get(ownerTwo.getId());
        // Identities should be in the CREATED state.
        Assert.assertEquals(IdentityState.NO_CONTRACT, ownerOne.getState());
        Assert.assertEquals(IdentityState.NO_CONTRACT, ownerTwo.getState());
        SynchronizationSchedulableTaskExecutor lrt = new SynchronizationSchedulableTaskExecutor(config.getId());
        LongRunningFutureTask<Boolean> longRunningFutureTask = longRunningTaskManager.execute(lrt);
        UUID transactionIdLrt = longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getTransactionId();
        // Waiting for the LRT will be running.
        getHelper().waitForResult(res -> {
            return !longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).isRunning();
        }, 50, 40);
        // Waiting for the LRT will be EXECUTED.
        getHelper().waitForResult(res -> {
            return longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState() != OperationState.EXECUTED;
        }, 250, 100);
        Assert.assertEquals(OperationState.EXECUTED, longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState());
        SysSyncLogDto log = helper.checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 2, OperationResultType.SUCCESS);
        Assert.assertFalse(log.isRunning());
        Assert.assertFalse(log.isContainsError());
        UUID transactionId = log.getTransactionId();
        Assert.assertNotNull(transactionId);
        Assert.assertEquals(transactionIdLrt, transactionId);
        contractFilter.setIdentity(ownerOne.getId());
        Assert.assertEquals(1, contractService.count(contractFilter));
        contractFilter.setIdentity(ownerTwo.getId());
        Assert.assertEquals(1, contractService.count(contractFilter));
        ownerOne = identityService.get(ownerOne.getId());
        ownerTwo = identityService.get(ownerTwo.getId());
        // Identities should have a valid state.
        Assert.assertEquals(IdentityState.VALID, ownerOne.getState());
        Assert.assertEquals(IdentityState.VALID, ownerTwo.getState());
        // LRT ended, entityStates must be removed.
        IdmEntityStateDto entityStateDtoOwnerOne = uniformPasswordManager.getEntityState(ownerOne.getId(), IdmIdentityDto.class, transactionId);
        Assert.assertNull(entityStateDtoOwnerOne);
        IdmEntityStateDto entityStateDtoOwnerTwo = uniformPasswordManager.getEntityState(ownerTwo.getId(), IdmIdentityDto.class, transactionId);
        Assert.assertNull(entityStateDtoOwnerTwo);
        contractFilter.setValue("1");
        Assert.assertEquals(1, contractService.find(contractFilter, null).getTotalElements());
        contractFilter.setValue("2");
        List<IdmIdentityContractDto> contractsTwo = contractService.find(contractFilter, null).getContent();
        Assert.assertEquals(1, contractsTwo.size());
        // Delete log
        syncLogService.delete(log);
        // Delete identities.
        identityService.delete(ownerOne);
        identityService.delete(ownerTwo);
    } finally {
        // Turn off an async execution.
        getHelper().disableAsynchronousProcessing();
    }
}
Also used : IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) TestContractResource(eu.bcvsolutions.idm.acc.entity.TestContractResource) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) SysSyncContractConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncContractConfigDto) IdmIdentityContractFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityContractFilter) SynchronizationSchedulableTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.SynchronizationSchedulableTaskExecutor) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 13 with IdmEntityStateDto

use of eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto in project CzechIdMng by bcvsolutions.

the class DefaultUniformPasswordManagerIntegrationTest method testUniformPasswordInIdM.

@Test
public void testUniformPasswordInIdM() {
    try {
        // Turn on an async execution.
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, true);
        getHelper().setConfigurationValue(SchedulerConfiguration.PROPERTY_TASK_ASYNCHRONOUS_ENABLED, true);
        SysSystemDto contractSystem = initData();
        Assert.assertNotNull(contractSystem);
        IdmTreeTypeDto treeType = helper.createTreeType();
        AbstractSysSyncConfigDto config = doCreateSyncConfig(contractSystem, treeType);
        Assert.assertTrue(config instanceof SysSyncContractConfigDto);
        SysSystemDto targetSystemOne = helper.createTestResourceSystem(true);
        // Create system two with account suffix "_targetSystemTwo".
        String targetSystemTwoSuffix = "_targetSystemTwo";
        SysSystemDto targetSystemTwo = helper.createTestResourceSystem(true);
        // Create uniform password definition.
        AccUniformPasswordDto uniformPasswordDef = createUniformPasswordDef(targetSystemOne, targetSystemTwo);
        // Enable change in the IdM.
        uniformPasswordDef.setChangeInIdm(true);
        uniformPasswordService.save(uniformPasswordDef);
        SysSystemMappingDto provisioningMapping = systemMappingService.findProvisioningMapping(targetSystemTwo.getId(), SystemEntityType.IDENTITY);
        List<SysSystemAttributeMappingDto> attributeMappingDtos = schemaAttributeMappingService.findBySystemMapping(provisioningMapping);
        SysSystemAttributeMappingDto uidAttribute = schemaAttributeMappingService.getUidAttribute(attributeMappingDtos, targetSystemTwo);
        uidAttribute.setTransformToResourceScript("return attributeValue + \"" + targetSystemTwoSuffix + "\"");
        schemaAttributeMappingService.save(uidAttribute);
        IdmRoleDto automaticRoleTreeOne = helper.createRole();
        helper.createRoleSystem(automaticRoleTreeOne, targetSystemOne);
        IdmTreeNodeDto treeNodeOne = helper.createTreeNode(treeType, null);
        helper.createAutomaticRole(automaticRoleTreeOne, treeNodeOne);
        IdmRoleDto automaticRoleTreeTwo = helper.createRole();
        helper.createRoleSystem(automaticRoleTreeTwo, targetSystemTwo);
        IdmTreeNodeDto treeNodeTwo = helper.createTreeNode(treeType, null);
        helper.createAutomaticRole(automaticRoleTreeTwo, treeNodeTwo);
        IdmIdentityDto ownerOne = helper.createIdentityOnly();
        List<TestContractResource> contractResources = Lists.newArrayList(this.createContract("1", ownerOne.getUsername(), null, "true", treeNodeOne.getCode(), null, null, null), this.createContract("2", ownerOne.getUsername(), null, "false", treeNodeTwo.getCode(), null, null, null));
        this.getBean().initContractData(contractResources);
        IdmIdentityContractFilter contractFilter = new IdmIdentityContractFilter();
        contractFilter.setIdentity(ownerOne.getId());
        contractService.find(contractFilter, null).getContent().forEach(contract -> contractService.delete(contract));
        Assert.assertEquals(0, contractService.find(contractFilter, null).getTotalElements());
        IdmIdentityFilter identityFilter = new IdmIdentityFilter();
        identityFilter.setAddPasswordMetadata(true);
        ownerOne = identityService.get(ownerOne.getId(), identityFilter);
        // Identities should be in the CREATED state.
        Assert.assertEquals(IdentityState.CREATED, ownerOne.getState());
        Assert.assertNull(ownerOne.getPassword());
        Assert.assertNull(ownerOne.getPasswordMetadata());
        SynchronizationSchedulableTaskExecutor lrt = new SynchronizationSchedulableTaskExecutor(config.getId());
        LongRunningFutureTask<Boolean> longRunningFutureTask = longRunningTaskManager.execute(lrt);
        UUID transactionIdLrt = longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getTransactionId();
        // Waiting for the LRT will be running.
        getHelper().waitForResult(res -> {
            return !longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).isRunning();
        }, 50, 40);
        // Waiting for the LRT will be EXECUTED.
        getHelper().waitForResult(res -> {
            return longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState() != OperationState.EXECUTED;
        }, 250, 100);
        Assert.assertEquals(longRunningTaskService.get(longRunningFutureTask.getExecutor().getLongRunningTaskId()).getResultState(), OperationState.EXECUTED);
        SysSyncLogDto log = helper.checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 2, OperationResultType.SUCCESS);
        Assert.assertFalse(log.isRunning());
        Assert.assertFalse(log.isContainsError());
        UUID transactionId = log.getTransactionId();
        Assert.assertNotNull(transactionId);
        Assert.assertEquals(transactionIdLrt, transactionId);
        contractFilter.setIdentity(ownerOne.getId());
        Assert.assertEquals(2, contractService.count(contractFilter));
        ownerOne = identityService.get(ownerOne.getId());
        // Identities should have a valid state.
        Assert.assertEquals(IdentityState.VALID, ownerOne.getState());
        // Waiting for removing entity state.
        IdmIdentityDto finalOwnerOne = ownerOne;
        getHelper().waitForResult(res -> {
            return uniformPasswordManager.getEntityState(finalOwnerOne.getId(), IdmIdentityDto.class, transactionId) != null;
        }, 50, 100);
        // LRT ended, entityStates must be removed.
        IdmEntityStateDto entityStateDtoOwnerOne = uniformPasswordManager.getEntityState(ownerOne.getId(), IdmIdentityDto.class, transactionId);
        Assert.assertNull(entityStateDtoOwnerOne);
        TestResource resourceOwnerOne = helper.findResource(ownerOne.getUsername());
        Assert.assertNotNull(resourceOwnerOne);
        TestResource resourceOwnerTwo = helper.findResource(ownerOne.getUsername() + targetSystemTwoSuffix);
        Assert.assertNotNull(resourceOwnerTwo);
        String passwordOwnerOne = resourceOwnerOne.getPassword();
        String passwordOwnerTwo = resourceOwnerTwo.getPassword();
        Assert.assertNotNull(passwordOwnerOne);
        Assert.assertNotNull(passwordOwnerTwo);
        Assert.assertEquals(passwordOwnerOne, passwordOwnerTwo);
        // Change in the IdM is enabled.
        ownerOne = identityService.get(ownerOne.getId(), identityFilter);
        Assert.assertNotNull(ownerOne.getPasswordMetadata());
        // One uniform password notification was send.
        IdmNotificationFilter notificationFilter = new IdmNotificationFilter();
        notificationFilter.setRecipient(ownerOne.getUsername());
        notificationFilter.setNotificationType(IdmEmailLog.class);
        notificationFilter.setTopic(CoreModule.TOPIC_UNIFORM_PASSWORD_SET);
        List<IdmNotificationLogDto> notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(1, notificationLogDtos.size());
        // None a new password notification was send.
        notificationFilter.setTopic(AccModuleDescriptor.TOPIC_NEW_PASSWORD);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // None password set notification was send.
        notificationFilter.setTopic(CoreModule.TOPIC_PASSWORD_SET);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // None password change notification was send.
        notificationFilter.setTopic(CoreModule.TOPIC_PASSWORD_CHANGED);
        notificationLogDtos = notificationLogService.find(notificationFilter, null).getContent();
        Assert.assertEquals(0, notificationLogDtos.size());
        // Delete log
        syncLogService.delete(log);
        // Delete identities.
        identityService.delete(ownerOne);
        // Delete uniform password def.
        uniformPasswordService.delete(uniformPasswordDef);
    } finally {
        // Turn off an async execution.
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, false);
        getHelper().setConfigurationValue(SchedulerConfiguration.PROPERTY_TASK_ASYNCHRONOUS_ENABLED, false);
    }
}
Also used : IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccUniformPasswordDto(eu.bcvsolutions.idm.acc.dto.AccUniformPasswordDto) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) TestContractResource(eu.bcvsolutions.idm.acc.entity.TestContractResource) SysSyncContractConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncContractConfigDto) SynchronizationSchedulableTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.SynchronizationSchedulableTaskExecutor) IdmNotificationLogDto(eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) IdmNotificationFilter(eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) AbstractSysSyncConfigDto(eu.bcvsolutions.idm.acc.dto.AbstractSysSyncConfigDto) IdmIdentityContractFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityContractFilter) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 14 with IdmEntityStateDto

use of eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto in project CzechIdMng by bcvsolutions.

the class IdentityDeleteProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    IdmIdentityDto identity = event.getContent();
    UUID identityId = identity.getId();
    Assert.notNull(identityId, "Identity ID is required!");
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    // delete contract slices
    IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
    sliceFilter.setIdentity(identityId);
    contractSliceService.find(sliceFilter, null).forEach(guarantee -> {
        contractSliceService.delete(guarantee);
    });
    // delete contract slice guarantees
    IdmContractSliceGuaranteeFilter sliceGuaranteeFilter = new IdmContractSliceGuaranteeFilter();
    sliceGuaranteeFilter.setGuaranteeId(identityId);
    contractSliceGuaranteeService.find(sliceGuaranteeFilter, null).forEach(guarantee -> {
        contractSliceGuaranteeService.delete(guarantee);
    });
    // 
    // contracts
    identityContractService.findAllByIdentity(identityId).forEach(identityContract -> {
        // when identity is deleted, then HR processes has to be skipped (prevent to update deleted identity, when contract is removed)
        Map<String, Serializable> properties = new HashMap<>();
        properties.put(IdmIdentityContractService.SKIP_HR_PROCESSES, Boolean.TRUE);
        // propagate force attribute
        properties.put(PROPERTY_FORCE_DELETE, forceDelete);
        // prepare event
        IdentityContractEvent contractEvent = new IdentityContractEvent(IdentityContractEventType.DELETE, identityContract, properties);
        contractEvent.setPriority(PriorityType.HIGH);
        // 
        identityContractService.publish(contractEvent);
    });
    // delete contract guarantees
    IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
    filter.setGuaranteeId(identityId);
    contractGuaranteeService.find(filter, null).forEach(guarantee -> {
        contractGuaranteeService.delete(guarantee);
    });
    // remove role guarantee
    IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
    roleGuaranteeFilter.setGuarantee(identityId);
    roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeService.delete(roleGuarantee);
    });
    // remove password
    passwordProcessor.deletePassword(identity);
    // delete password history for identity
    passwordHistoryService.deleteAllByIdentity(identityId);
    // disable related tokens - tokens has to be disabled to prevent their usage (when tokens are deleted, then token is recreated)
    tokenManager.disableTokens(identity);
    // 
    // delete all identity's profiles
    IdmProfileFilter profileFilter = new IdmProfileFilter();
    profileFilter.setIdentityId(identityId);
    profileService.find(profileFilter, null).forEach(profile -> {
        profileService.delete(profile);
    });
    // remove all IdentityRoleValidRequest for this identity
    List<IdmIdentityRoleValidRequestDto> validRequests = identityRoleValidRequestService.findAllValidRequestForIdentityId(identityId);
    identityRoleValidRequestService.deleteAll(validRequests);
    // 
    // delete all identity's delegations - delegate
    IdmDelegationDefinitionFilter delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegateId(identityId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // 
    // delete all identity's delegations - delegator
    delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegatorId(identityId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // deletes identity
    if (forceDelete) {
        LOG.debug("Identity [{}] should be deleted by caller after all asynchronus processes are completed.", identityId);
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(identity, stateDeleted);
        // 
        // set disabled (automatically)
        identity.setState(IdentityState.DISABLED);
        service.saveInternal(identity);
    } else {
        // delete all role requests where is this identity applicant
        IdmRoleRequestFilter roleRequestFilter = new IdmRoleRequestFilter();
        roleRequestFilter.setApplicantId(identityId);
        roleRequestService.find(roleRequestFilter, null).forEach(request -> {
            roleRequestService.delete(request);
        });
        // 
        service.deleteInternal(identity);
    }
    return new DefaultEventResult<>(event, this);
}
Also used : IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmContractSliceGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmContractSliceGuaranteeFilter) Serializable(java.io.Serializable) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) HashMap(java.util.HashMap) IdmProfileFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmProfileFilter) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) IdmContractSliceFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmContractSliceFilter) IdmDelegationDefinitionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter) IdentityContractEvent(eu.bcvsolutions.idm.core.model.event.IdentityContractEvent) IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleRequestFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) IdmContractGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmContractGuaranteeFilter) IdmIdentityRoleValidRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleValidRequestDto)

Example 15 with IdmEntityStateDto

use of eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto in project CzechIdMng by bcvsolutions.

the class DuplicateRoleAutomaticByTreeProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    IdmRoleDto cloned = event.getContent();
    IdmRoleDto originalSource = event.getOriginalSource();
    IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
    filter.setRoleId(cloned.getId());
    Set<UUID> usedAutomaticRoles = new HashSet<>();
    List<IdmRoleTreeNodeDto> currentAutomaticRoles = roleTreeNodeService.find(filter, null).getContent();
    // 
    filter.setRoleId(originalSource.getId());
    roleTreeNodeService.find(filter, null).forEach(automaticRole -> {
        UUID exists = exists(currentAutomaticRoles, automaticRole);
        if (exists != null) {
            usedAutomaticRoles.add(exists);
        } else {
            IdmRoleTreeNodeDto clonedAutomaticRole = new IdmRoleTreeNodeDto();
            clonedAutomaticRole.setName(automaticRole.getName());
            clonedAutomaticRole.setRole(cloned.getId());
            clonedAutomaticRole.setTreeNode(automaticRole.getTreeNode());
            clonedAutomaticRole.setRecursionType(automaticRole.getRecursionType());
            // 
            RoleTreeNodeEvent automaticRoleEvent = new RoleTreeNodeEvent(RoleTreeNodeEventType.CREATE, clonedAutomaticRole);
            // execute sync
            automaticRoleEvent.setPriority(PriorityType.IMMEDIATE);
            roleTreeNodeService.publish(automaticRoleEvent, event);
        }
    });
    // 
    // remove not used originals
    currentAutomaticRoles.stream().filter(automaticRole -> {
        return !usedAutomaticRoles.contains(automaticRole.getId());
    }).forEach(automaticRole -> {
        // dirty flag automatic role only - will be processed after parent action ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setSuperOwnerId(cloned.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(automaticRole, stateDeleted);
    });
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) RoleTreeNodeEventType(eu.bcvsolutions.idm.core.model.event.RoleTreeNodeEvent.RoleTreeNodeEventType) Autowired(org.springframework.beans.factory.annotation.Autowired) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType) HashSet(java.util.HashSet) EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager) Lists(com.google.common.collect.Lists) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType) RoleTreeNodeEvent(eu.bcvsolutions.idm.core.model.event.RoleTreeNodeEvent) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) EqualsBuilder(org.apache.commons.lang3.builder.EqualsBuilder) Description(org.springframework.context.annotation.Description) RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor) Set(java.util.Set) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) UUID(java.util.UUID) PriorityType(eu.bcvsolutions.idm.core.api.domain.PriorityType) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) List(java.util.List) Component(org.springframework.stereotype.Component) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) RoleTreeNodeEvent(eu.bcvsolutions.idm.core.model.event.RoleTreeNodeEvent) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) UUID(java.util.UUID) HashSet(java.util.HashSet)

Aggregations

IdmEntityStateDto (eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)77 OperationResultDto (eu.bcvsolutions.idm.core.api.dto.OperationResultDto)43 Test (org.junit.Test)41 UUID (java.util.UUID)40 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)33 DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)30 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)30 OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)24 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)23 List (java.util.List)21 Autowired (org.springframework.beans.factory.annotation.Autowired)21 IdmEntityEventDto (eu.bcvsolutions.idm.core.api.dto.IdmEntityEventDto)20 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)19 Transactional (org.springframework.transaction.annotation.Transactional)19 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)18 Lists (com.google.common.collect.Lists)15 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)15 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)15 Assert (org.junit.Assert)14 CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)13