Example 36 with IdmIdentityContractDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto in project CzechIdMng by bcvsolutions.
the class HrEndContractProcessIntegrationTest method testExclusion1.
@Test
public void testExclusion1() {
IdmIdentityContractDto dto = prepareTestData1();
assertNotEquals(0, identityRoleService.findAllByContract(dto.getId()).size());
//
process(lrt, dto);
//
Page<IdmProcessedTaskItemDto> queueItems = itemService.findQueueItems(scheduledTask, null);
Page<IdmProcessedTaskItemDto> logItems = itemService.findLogItems(lrt, null);
//
assertEquals(true, identityService.get(dto.getIdentity()).isDisabled());
assertEquals(1, queueItems.getTotalElements());
assertEquals(1, logItems.getTotalElements());
SchedulerTestUtils.checkLogItems(lrt, IdmIdentityContractDto.class, logItems);
SchedulerTestUtils.checkQueueItems(scheduledTask, IdmIdentityContractDto.class, queueItems);
assertEquals(0, identityRoleService.findAllByContract(dto.getId()).size());
}
Also used :
IdmProcessedTaskItemDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmProcessedTaskItemDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Test(org.junit.Test)
Example 37 with IdmIdentityContractDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto in project CzechIdMng by bcvsolutions.
the class HrEndContractProcessIntegrationTest method prepareTestData2.
// two non-default and contracts, one is valid-> must NOT disable identity
private IdmIdentityContractDto prepareTestData2() {
IdmIdentityDto identity = createTestIdentity(UUID.randomUUID().toString());
createTestContract(identity, false);
IdmIdentityContractDto contract = getTestContract(identity, false);
contract.setValidTill(LocalDate.now().minusDays(1));
contract = identityContractService.save(contract);
addRolesToContract(contract);
return contract;
}
Also used :
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Example 38 with IdmIdentityContractDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto in project CzechIdMng by bcvsolutions.
the class DefaultAuthorizationManagerIntegrationTest method testFindValidPoliciesWithInvalidIdentityContractByDisabled.
@Test
public void testFindValidPoliciesWithInvalidIdentityContractByDisabled() {
try {
loginAsAdmin(InitTestData.TEST_USER_1);
// prepare role
IdmRoleDto role = helper.createRole();
IdmRoleDto role2 = helper.createRole();
helper.createUuidPolicy(role.getId(), role.getId(), IdmBasePermission.READ);
helper.createBasePolicy(role2.getId(), IdmBasePermission.AUTOCOMPLETE);
// prepare identity
IdmIdentityDto identity = helper.createIdentity();
// assign role
helper.createIdentityRole(identity, role);
IdmIdentityContractDto contract = helper.createIdentityContact(identity);
contract.setState(ContractState.DISABLED);
identityContractService.save(contract);
helper.createIdentityRole(contract, role2);
//
List<IdmAuthorizationPolicyDto> policies = service.getEnabledPolicies(identity.getId(), IdmRole.class);
assertEquals(1, policies.size());
assertEquals(role.getId(), policies.get(0).getRole());
} finally {
logout();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 39 with IdmIdentityContractDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto in project CzechIdMng by bcvsolutions.
the class DefaultGrantedAuthoritiesFactoryTest method testGroupAdmin.
/**
* Group admin has all group authorities
*/
@Test
public void testGroupAdmin() {
IdmRoleDto role = new IdmRoleDto();
role.setName("role");
role.setId(UUID.randomUUID());
IdmIdentityDto identity = new IdmIdentityDto();
identity.setId(UUID.randomUUID());
identity.setUsername("identityAdmin");
IdmIdentityContractDto contract = new IdmIdentityContractDto();
contract.setId(UUID.randomUUID());
contract.setIdentity(identity.getId());
IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
identityRole.setIdentityContractDto(contract);
identityRole.setRole(role.getId());
List<IdmIdentityRoleDto> roles = Lists.newArrayList(identityRole);
when(moduleService.getAvailablePermissions()).thenReturn(groupPermissions);
when(identityService.getByUsername(identity.getUsername())).thenReturn(identity);
when(roleService.get(role.getId())).thenReturn(role);
when(identityRoleService.findValidRole(identity.getId(), null)).thenReturn(new PageImpl<>(new ArrayList<>(roles)));
when(roleService.getSubroles(any(UUID.class))).thenReturn(Lists.newArrayList());
when(authorizationPolicyService.getDefaultAuthorities(any())).thenReturn(Sets.newHashSet(new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.ADMIN), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.READ), new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.DELETE)));
// returns trimmed authorities
List<GrantedAuthority> grantedAuthorities = defaultGrantedAuthoritiesFactory.getGrantedAuthorities(identity.getUsername());
//
assertEquals(1, grantedAuthorities.size());
assertEquals(new DefaultGrantedAuthority(CoreGroupPermission.IDENTITY, IdmBasePermission.ADMIN), grantedAuthorities.iterator().next());
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
GrantedAuthority(org.springframework.security.core.GrantedAuthority)
ArrayList(java.util.ArrayList)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
UUID(java.util.UUID)
DefaultGrantedAuthority(eu.bcvsolutions.idm.core.security.api.domain.DefaultGrantedAuthority)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Test(org.junit.Test)
AbstractUnitTest(eu.bcvsolutions.idm.test.api.AbstractUnitTest)
Example 40 with IdmIdentityContractDto
use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto in project CzechIdMng by bcvsolutions.
the class IdentitySynchronizationExecutor method createEntityAccount.
@Override
protected EntityAccountDto createEntityAccount(AccAccountDto account, IdmIdentityDto entity, SynchronizationContext context) {
Assert.notNull(account);
Assert.notNull(entity);
EntityAccountDto entityAccount = super.createEntityAccount(account, entity, context);
Assert.isInstanceOf(AccIdentityAccountDto.class, entityAccount, "For identity sync must be entity-account relation instance of AccIdentityAccountDto!");
AccIdentityAccountDto identityAccount = (AccIdentityAccountDto) entityAccount;
SysSyncIdentityConfigDto config = this.getConfig(context);
UUID defaultRoleId = config.getDefaultRole();
if (defaultRoleId == null) {
return identityAccount;
}
// Default role is defines
IdmRoleDto defaultRole = DtoUtils.getEmbedded(config, SysSyncIdentityConfig_.defaultRole, IdmRoleDto.class);
context.getLogItem().addToLog(MessageFormat.format("Default role [{1}] is defines and will be assigned to the identity [{0}].", entity.getCode(), defaultRole.getCode()));
Assert.notNull(defaultRole, "Default role must be found for this sync configuration!");
IdmIdentityContractDto primeContract = identityContractService.getPrimeValidContract(entity.getId());
if (primeContract == null) {
context.getLogItem().addToLog("Warning! - Default role is set, but could not be assigned to identity, because was not found any valid identity contract!");
this.initSyncActionLog(context.getActionType(), OperationResultType.WARNING, context.getLogItem(), context.getLog(), context.getActionLogs());
return identityAccount;
}
// Create role request for default role and primary contract
IdmRoleRequestDto roleRequest = roleRequestService.createRequest(primeContract, defaultRole);
roleRequest = roleRequestService.startRequestInternal(roleRequest.getId(), false);
// Load concept (can be only one)
IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
conceptFilter.setRoleRequestId(roleRequest.getId());
UUID identityRoleId = conceptRoleRequestService.find(conceptFilter, null).getContent().get(0).getIdentityRole();
Assert.notNull(identityRoleId, "Identity role relation had to been created!");
identityAccount.setIdentityRole(identityRoleId);
AccIdentityAccountDto duplicate = this.findDuplicate(identityAccount);
if (duplicate != null) {
// This IdentityAccount is new and duplicated, we do not want create duplicated
// relation.
// Same IdentityAccount had to be created by assigned default role!
context.getLogItem().addToLog(MessageFormat.format("This identity-account (identity-role id: {2}) is new and duplicated, " + "we do not want create duplicated relation! " + "We will reusing already persisted identity-account [{3}]. " + "Probable reason: Same identity-account had to be created by assigned default role!", identityAccount.getAccount(), identityAccount.getIdentity(), identityAccount.getIdentityRole(), duplicate.getId()));
// Reusing duplicate
return duplicate;
}
return identityAccount;
}
Also used :
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
EntityAccountDto(eu.bcvsolutions.idm.acc.dto.EntityAccountDto)
UUID(java.util.UUID)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Aggregations
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)220
Test (org.junit.Test)170
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)156
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)92
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)91
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)53
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)48
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)45
AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)44
WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)36
WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)35
LocalDate (org.joda.time.LocalDate)34
ArrayList (java.util.ArrayList)31
List (java.util.List)29
IdmTreeNodeDto (eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)28
IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)24
IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)24
Transactional (org.springframework.transaction.annotation.Transactional)24
UUID (java.util.UUID)19
IdmTreeTypeDto (eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto)18
