Examples with IdmIdentityDto eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto used on opensource projects

Example 31 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningAddAccount.

@Test
public void doIdentityProvisioningAddAccount() {
    initData();
    IdmIdentityDto identity = idmIdentityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccoutnService.find(filter, null).getContent().get(0);
    provisioningService.doProvisioning(DtoUtils.getEmbedded(accountIdentityOne, AccIdentityAccount_.identity, IdmIdentityDto.class));
    TestResource createdAccount = entityManager.find(TestResource.class, accountService.get(accountIdentityOne.getAccount()).getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
}

Example 32 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class DefaultSysProvisioningServiceTest method doIdentityProvisioningZRemoveAccount.

@Test
public void doIdentityProvisioningZRemoveAccount() {
    IdmIdentityDto identity = idmIdentityService.getByUsername(IDENTITY_USERNAME);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentityOne = identityAccoutnService.find(filter, null).getContent().get(0);
    // Delete account
    accountService.deleteById(accountIdentityOne.getAccount());
    Assert.assertNull(accountService.get(accountIdentityOne.getAccount()));
}

Example 33 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordProvisioningProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    IdmIdentityDto identity = event.getContent();
    PasswordChangeDto passwordChangeDto = (PasswordChangeDto) event.getProperties().get(IdentityPasswordProcessor.PROPERTY_PASSWORD_CHANGE_DTO);
    Assert.notNull(passwordChangeDto);
    // 
    LOG.debug("Call provisioning for identity password [{}]", event.getContent().getUsername());
    List<OperationResult> results = provisioningService.changePassword(identity, passwordChangeDto);
    // 
    return new DefaultEventResult.Builder<>(event, this).setResults(results).build();
}

Example 34 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordValidateProcessor method validateDefinition.

/**
 * Method returns password policy list for accounts
 *
 * @param identity
 * @param passwordChangeDto
 * @return
 */
public List<IdmPasswordPolicyDto> validateDefinition(IdmIdentityDto identity, PasswordChangeDto passwordChangeDto) {
    List<IdmPasswordPolicyDto> passwordPolicyList = new ArrayList<>();
    // Find user accounts
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // 
    // get default password policy
    IdmPasswordPolicyDto defaultPasswordPolicy = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
    // 
    if (passwordChangeDto.isIdm() && defaultPasswordPolicy != null) {
        passwordPolicyList.add(defaultPasswordPolicy);
    }
    // 
    // get systems, only ownership
    identityAccounts.stream().filter(identityAccount -> {
        return identityAccount.isOwnership() && (passwordChangeDto.isAll() || passwordChangeDto.getAccounts().contains(identityAccount.getAccount().toString()));
    }).forEach(identityAccount -> {
        // get validate password policy from system
        // TODO: change to DTO after refactoring
        IdmPasswordPolicy passwordPolicyEntity = identityAccountRepository.findOne(identityAccount.getId()).getAccount().getSystem().getPasswordPolicyValidate();
        IdmPasswordPolicyDto passwordPolicy = null;
        if (passwordPolicyEntity != null) {
            passwordPolicy = passwordPolicyService.get(passwordPolicyEntity.getId());
        }
        // validate
        if (passwordPolicy == null) {
            passwordPolicy = defaultPasswordPolicy;
        }
        if (!passwordPolicyList.contains(passwordPolicy) && passwordPolicy != null) {
            passwordPolicyList.add(passwordPolicy);
        }
    });
    return passwordPolicyList;
}

Example 35 with IdmIdentityDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto in project CzechIdMng by bcvsolutions.

the class IdentityPasswordValidateProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    PasswordChangeDto passwordChangeDto = (PasswordChangeDto) event.getProperties().get(IdentityPasswordProcessor.PROPERTY_PASSWORD_CHANGE_DTO);
    IdmIdentityDto identity = event.getContent();
    // 
    Assert.notNull(passwordChangeDto);
    Assert.notNull(identity);
    // 
    LOG.debug("Call validate password for systems and default password policy for identity username [{}]", event.getContent().getUsername());
    // 
    List<IdmPasswordPolicyDto> passwordPolicyList = validateDefinition(identity, passwordChangeDto);
    // 
    // Find user accounts
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // 
    if (!securityService.isAdmin()) {
        // check accounts and property all_only
        PasswordChangeType passwordChangeType = identityConfiguration.getPasswordChangeType();
        if (passwordChangeType == PasswordChangeType.ALL_ONLY) {
            // get distinct account ids from identity accounts
            List<String> accountIds = identityAccounts.stream().filter(identityAccount -> {
                // filter by ownership
                return (identityAccount.isOwnership());
            }).map(AccIdentityAccountDto::getAccount).map(UUID::toString).collect(Collectors.toList());
            // 
            if (!accountIds.isEmpty() && !passwordChangeDto.getAccounts().isEmpty()) {
                // size of the found accounts must match the account size in the password change - ALL_ONLY
                boolean containsAll = accountIds.size() == passwordChangeDto.getAccounts().size();
                if (!containsAll) {
                    throw new ResultCodeException(CoreResultCode.PASSWORD_CHANGE_ALL_ONLY);
                }
            }
        }
    }
    // 
    // validate TODO: validate for admin?
    IdmPasswordValidationDto passwordValidationDto = new IdmPasswordValidationDto();
    // get old password for validation - til, from and password history
    IdmPasswordDto oldPassword = this.passwordService.findOneByIdentity(identity.getId());
    passwordValidationDto.setOldPassword(oldPassword == null ? null : oldPassword.getId());
    passwordValidationDto.setIdentity(identity);
    passwordValidationDto.setPassword(passwordChangeDto.getNewPassword());
    this.passwordPolicyService.validate(passwordValidationDto, passwordPolicyList);
    // 
    return new DefaultEventResult<>(event, this);
}