Search in sources :

Example 51 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method testEnableAutomaticRoleDuringSynchronization.

@Test
public void testEnableAutomaticRoleDuringSynchronization() {
    // default initialization of system and all necessary things
    SysSystemDto system = initData();
    SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
    IdmRoleDto defaultRole = helper.createRole();
    // Set default role to sync configuration
    config.setDefaultRole(defaultRole.getId());
    // we want start recalculation after synchronization
    config.setStartAutoRoleRec(true);
    config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
    this.getBean().deleteAllResourceData();
    String testLastName = "test-last-name-same-" + System.currentTimeMillis();
    String testFirstName = "test-first-name";
    String user1 = "test-1-" + System.currentTimeMillis();
    this.getBean().setTestData(user1, testFirstName, testLastName);
    String user2 = "test-2-" + System.currentTimeMillis();
    this.getBean().setTestData(user2, testFirstName, testLastName);
    String user3 = "test-3-" + System.currentTimeMillis();
    this.getBean().setTestData(user3, testFirstName, testLastName);
    IdmRoleDto role1 = helper.createRole();
    IdmAutomaticRoleAttributeDto automaticRole = helper.createAutomaticRole(role1.getId());
    helper.createAutomaticRoleRule(automaticRole.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.username.getName(), null, user1);
    synchornizationService.setSynchronizationConfigId(config.getId());
    synchornizationService.process();
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 3, OperationResultType.WARNING);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    IdmIdentityDto identity1 = identityService.getByUsername(user1);
    IdmIdentityDto identity2 = identityService.getByUsername(user2);
    IdmIdentityDto identity3 = identityService.getByUsername(user3);
    // we must change username, after create contract is also save identity (change state)
    identity1.setUsername(user1 + System.currentTimeMillis());
    identity1 = identityService.save(identity1);
    helper.createIdentityContact(identity1);
    helper.createIdentityContact(identity2);
    helper.createIdentityContact(identity3);
    List<IdmIdentityRoleDto> identityRoles1 = identityRoleService.findAllByIdentity(identity1.getId());
    List<IdmIdentityRoleDto> identityRoles2 = identityRoleService.findAllByIdentity(identity2.getId());
    List<IdmIdentityRoleDto> identityRoles3 = identityRoleService.findAllByIdentity(identity3.getId());
    assertEquals(0, identityRoles1.size());
    assertEquals(0, identityRoles2.size());
    assertEquals(0, identityRoles3.size());
    // enable test processor
    testIdentityProcessor.enable();
    synchornizationService.setSynchronizationConfigId(config.getId());
    synchornizationService.process();
    identityRoles1 = identityRoleService.findAllByIdentity(identity1.getId());
    identityRoles2 = identityRoleService.findAllByIdentity(identity2.getId());
    identityRoles3 = identityRoleService.findAllByIdentity(identity3.getId());
    assertEquals(1, identityRoles1.size());
    assertEquals(0, identityRoles2.size());
    assertEquals(0, identityRoles3.size());
    IdmIdentityRoleDto foundIdentityRole = identityRoles1.get(0);
    assertEquals(automaticRole.getId(), foundIdentityRole.getRoleTreeNode());
    // synchronization immediately recalculate is disabled
    int size = testIdentityProcessor.getRolesByUsername(user1).size();
    assertEquals(0, size);
    size = testIdentityProcessor.getRolesByUsername(user2).size();
    assertEquals(0, size);
    size = testIdentityProcessor.getRolesByUsername(user3).size();
    assertEquals(0, size);
}
Also used : SysSyncIdentityConfigDto(eu.bcvsolutions.idm.acc.dto.SysSyncIdentityConfigDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSyncLogDto(eu.bcvsolutions.idm.acc.dto.SysSyncLogDto) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) DefaultSynchronizationServiceTest(eu.bcvsolutions.idm.acc.service.impl.DefaultSynchronizationServiceTest)

Example 52 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityService method findAllGuaranteesByRoleId.

@Override
@Transactional(readOnly = true)
public List<IdmIdentityDto> findAllGuaranteesByRoleId(UUID roleId) {
    IdmRoleDto role = roleService.get(roleId);
    Assert.notNull(role, "Role is required. Role by name [" + roleId + "] not found.");
    return role.getGuarantees().stream().map(guarantee -> {
        return get(guarantee.getGuarantee());
    }).collect(Collectors.toList());
}
Also used : IdmAuthorityChange(eu.bcvsolutions.idm.core.model.entity.IdmAuthorityChange) IdmIdentityContract(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract) Autowired(org.springframework.beans.factory.annotation.Autowired) IdmIdentityRepository(eu.bcvsolutions.idm.core.model.repository.IdmIdentityRepository) FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService) StringUtils(org.apache.commons.lang3.StringUtils) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) Predicate(javax.persistence.criteria.Predicate) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) Map(java.util.Map) BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) IdentityEventType(eu.bcvsolutions.idm.core.model.event.IdentityEvent.IdentityEventType) Sort(org.springframework.data.domain.Sort) Path(javax.persistence.criteria.Path) RepositoryUtils(eu.bcvsolutions.idm.core.api.utils.RepositoryUtils) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity) IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService) ImmutableMap(com.google.common.collect.ImmutableMap) ContractState(eu.bcvsolutions.idm.core.api.domain.ContractState) Collection(java.util.Collection) PageRequest(org.springframework.data.domain.PageRequest) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) RoleConfiguration(eu.bcvsolutions.idm.core.api.config.domain.RoleConfiguration) Collectors(java.util.stream.Collectors) IdentityState(eu.bcvsolutions.idm.core.api.domain.IdentityState) List(java.util.List) IdmAuthorityChangeRepository(eu.bcvsolutions.idm.core.model.repository.IdmAuthorityChangeRepository) Specification(org.springframework.data.jpa.domain.Specification) IdentityEvent(eu.bcvsolutions.idm.core.model.event.IdentityEvent) IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService) IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_) IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto) HashMap(java.util.HashMap) IdmTreeType_(eu.bcvsolutions.idm.core.model.entity.IdmTreeType_) PasswordChangeEvent(eu.bcvsolutions.idm.core.model.event.PasswordChangeEvent) IdmTreeNode_(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode_) ArrayList(java.util.ArrayList) PasswordChangeEventType(eu.bcvsolutions.idm.core.model.event.PasswordChangeEvent.PasswordChangeEventType) Lists(com.google.common.collect.Lists) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdentityProcessor(eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor) Root(javax.persistence.criteria.Root) IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_) IdentityPasswordProcessor(eu.bcvsolutions.idm.core.model.event.processor.identity.IdentityPasswordProcessor) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) DateTime(org.joda.time.DateTime) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) EventContext(eu.bcvsolutions.idm.core.api.event.EventContext) IdmIdentityContract_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract_) IdmForestIndexEntity_(eu.bcvsolutions.idm.core.model.entity.IdmForestIndexEntity_) IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) AbstractFormableService(eu.bcvsolutions.idm.core.eav.api.service.AbstractFormableService) IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_) Subquery(javax.persistence.criteria.Subquery) PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType) Transactional(org.springframework.transaction.annotation.Transactional) Assert(org.springframework.util.Assert) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) Transactional(org.springframework.transaction.annotation.Transactional)

Example 53 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityService method evaluateState.

@Override
@Transactional(readOnly = true)
public IdentityState evaluateState(UUID identityId) {
    Assert.notNull(identityId);
    IdmIdentityDto identity = get(identityId);
    if (identity == null) {
        throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", identityId.toString()));
    }
    // manually disabled - cannot be enable automatically
    if (identity.getState() == IdentityState.DISABLED_MANUALLY) {
        return IdentityState.DISABLED_MANUALLY;
    }
    // 
    return evaluateState(identity);
}
Also used : ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Transactional(org.springframework.transaction.annotation.Transactional)

Example 54 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityService method findAllManagers.

/**
 * Method finds all identity's managers by identity contract (guarantee or by assigned tree structure).
 *
 * @param forIdentity
 * @param byTreeType If optional tree type is given, then only managers defined with this type is returned
 * @return
 */
@Override
@Transactional(readOnly = true)
public List<IdmIdentityDto> findAllManagers(UUID forIdentity, UUID byTreeType) {
    Assert.notNull(forIdentity, "Identity id is required.");
    // 
    IdmIdentityFilter filter = new IdmIdentityFilter();
    filter.setManagersFor(forIdentity);
    filter.setManagersByTreeType(byTreeType);
    // 
    List<IdmIdentityDto> results = new ArrayList<>();
    Page<IdmIdentityDto> managers = find(filter, new PageRequest(0, 50, Sort.Direction.ASC, IdmIdentity_.username.getName()));
    results.addAll(managers.getContent());
    while (managers.hasNext()) {
        managers = find(filter, managers.nextPageable());
        results.addAll(managers.getContent());
    }
    // 
    if (!results.isEmpty()) {
        return results;
    }
    // return all valid identities with admin role
    return this.findValidByRole(roleConfiguration.getAdminRoleId());
}
Also used : PageRequest(org.springframework.data.domain.PageRequest) IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter) ArrayList(java.util.ArrayList) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) Transactional(org.springframework.transaction.annotation.Transactional)

Example 55 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmIdentityService method disable.

@Override
public IdmIdentityDto disable(UUID identityId, BasePermission... permission) {
    Assert.notNull(identityId);
    IdmIdentityDto identity = get(identityId);
    if (identity == null) {
        throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", identityId.toString()));
    }
    // 
    if (identity.getState() == IdentityState.DISABLED_MANUALLY) {
        // already disabled
        throw new ResultCodeException(CoreResultCode.IDENTITY_ALREADY_DISABLED_MANUALLY, ImmutableMap.of(IdmIdentity_.username.getName(), identity.getUsername()));
    }
    identity.setState(IdentityState.DISABLED_MANUALLY);
    return save(identity, permission);
}
Also used : ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Aggregations

IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)568 Test (org.junit.Test)433 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)328 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)206 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)157 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)99 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)95 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)69 ArrayList (java.util.ArrayList)63 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)61 UUID (java.util.UUID)59 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)58 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)55 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)54 IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)54 Transactional (org.springframework.transaction.annotation.Transactional)53 IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)51 AccIdentityAccountFilter (eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)50 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)49 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)48