Examples with IdmIdentityRoleDto eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto used on opensource projects

Example 11 with IdmIdentityRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.

the class IdentitySyncTest method testEnableAutomaticRoleDuringSynchronization.

@Test
public void testEnableAutomaticRoleDuringSynchronization() {
    // default initialization of system and all necessary things
    SysSystemDto system = initData();
    SysSyncIdentityConfigDto config = doCreateSyncConfig(system);
    IdmRoleDto defaultRole = helper.createRole();
    // Set default role to sync configuration
    config.setDefaultRole(defaultRole.getId());
    // we want start recalculation after synchronization
    config.setStartAutoRoleRec(true);
    config = (SysSyncIdentityConfigDto) syncConfigService.save(config);
    this.getBean().deleteAllResourceData();
    String testLastName = "test-last-name-same-" + System.currentTimeMillis();
    String testFirstName = "test-first-name";
    String user1 = "test-1-" + System.currentTimeMillis();
    this.getBean().setTestData(user1, testFirstName, testLastName);
    String user2 = "test-2-" + System.currentTimeMillis();
    this.getBean().setTestData(user2, testFirstName, testLastName);
    String user3 = "test-3-" + System.currentTimeMillis();
    this.getBean().setTestData(user3, testFirstName, testLastName);
    IdmRoleDto role1 = helper.createRole();
    IdmAutomaticRoleAttributeDto automaticRole = helper.createAutomaticRole(role1.getId());
    helper.createAutomaticRoleRule(automaticRole.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.username.getName(), null, user1);
    synchornizationService.setSynchronizationConfigId(config.getId());
    synchornizationService.process();
    SysSyncLogDto log = checkSyncLog(config, SynchronizationActionType.CREATE_ENTITY, 3, OperationResultType.WARNING);
    Assert.assertFalse(log.isRunning());
    Assert.assertFalse(log.isContainsError());
    IdmIdentityDto identity1 = identityService.getByUsername(user1);
    IdmIdentityDto identity2 = identityService.getByUsername(user2);
    IdmIdentityDto identity3 = identityService.getByUsername(user3);
    // we must change username, after create contract is also save identity (change state)
    identity1.setUsername(user1 + System.currentTimeMillis());
    identity1 = identityService.save(identity1);
    helper.createIdentityContact(identity1);
    helper.createIdentityContact(identity2);
    helper.createIdentityContact(identity3);
    List<IdmIdentityRoleDto> identityRoles1 = identityRoleService.findAllByIdentity(identity1.getId());
    List<IdmIdentityRoleDto> identityRoles2 = identityRoleService.findAllByIdentity(identity2.getId());
    List<IdmIdentityRoleDto> identityRoles3 = identityRoleService.findAllByIdentity(identity3.getId());
    assertEquals(0, identityRoles1.size());
    assertEquals(0, identityRoles2.size());
    assertEquals(0, identityRoles3.size());
    // enable test processor
    testIdentityProcessor.enable();
    synchornizationService.setSynchronizationConfigId(config.getId());
    synchornizationService.process();
    identityRoles1 = identityRoleService.findAllByIdentity(identity1.getId());
    identityRoles2 = identityRoleService.findAllByIdentity(identity2.getId());
    identityRoles3 = identityRoleService.findAllByIdentity(identity3.getId());
    assertEquals(1, identityRoles1.size());
    assertEquals(0, identityRoles2.size());
    assertEquals(0, identityRoles3.size());
    IdmIdentityRoleDto foundIdentityRole = identityRoles1.get(0);
    assertEquals(automaticRole.getId(), foundIdentityRole.getRoleTreeNode());
    // synchronization immediately recalculate is disabled
    int size = testIdentityProcessor.getRolesByUsername(user1).size();
    assertEquals(0, size);
    size = testIdentityProcessor.getRolesByUsername(user2).size();
    assertEquals(0, size);
    size = testIdentityProcessor.getRolesByUsername(user3).size();
    assertEquals(0, size);
}

Example 12 with IdmIdentityRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleTreeNodeService method addAutomaticRoles.

@Override
@Transactional
public void addAutomaticRoles(IdmIdentityContractDto contract, Set<IdmRoleTreeNodeDto> automaticRoles) {
    // original method assignAutomaticRoles has also only @Transactional without reguired new
    for (AbstractIdmAutomaticRoleDto autoRole : automaticRoles) {
        // create identity role directly
        IdmIdentityRoleDto identityRole = new IdmIdentityRoleDto();
        identityRole.setRoleTreeNode(autoRole.getId());
        identityRole.setIdentityContract(contract.getId());
        identityRole.setRole(autoRole.getRole());
        identityRole.setValidFrom(contract.getValidFrom());
        identityRole.setValidTill(contract.getValidTill());
        // 
        // start event with skip check authorities
        IdentityRoleEvent event = new IdentityRoleEvent(IdentityRoleEventType.CREATE, identityRole);
        event.getProperties().put(IdmIdentityRoleService.SKIP_CHECK_AUTHORITIES, Boolean.TRUE);
        identityRoleService.publish(event);
    }
}

Example 13 with IdmIdentityRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.

the class AsynchronousAccountManagementIntegrationTest method testAsynchronousAccountManagementError.

@Test
public void testAsynchronousAccountManagementError() {
    // add error to some script
    SysSystemDto system = helper.createTestResourceSystem(true);
    SysSystemMappingDto mapping = helper.getDefaultMapping(system);
    SysSystemAttributeMappingDto attributeHandlingUserName = schemaAttributeHandlingService.findBySystemMappingAndName(mapping.getId(), TestHelper.ATTRIBUTE_MAPPING_NAME);
    // username is transformed with error
    attributeHandlingUserName.setTransformToResourceScript("returan \"" + "error" + "\";");
    attributeHandlingUserName = schemaAttributeHandlingService.save(attributeHandlingUserName);
    IdmIdentityDto identity = helper.createIdentity();
    IdmRoleDto role = helper.createRole();
    helper.createRoleSystem(role, system);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
    try {
        helper.waitForResult(res -> {
            return !(entityEventService.findByState(configurationService.getInstanceId(), OperationState.CREATED).isEmpty() && entityEventService.findByState(configurationService.getInstanceId(), OperationState.RUNNING).isEmpty());
        });
        AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
        Assert.assertNull(account);
        // 
        // find event result with exception
        IdmEntityEventFilter eventFilter = new IdmEntityEventFilter();
        eventFilter.setOwnerId(identityRole.getId());
        eventFilter.setStates(Lists.newArrayList(OperationState.EXCEPTION));
        List<IdmEntityEventDto> failedEvents = entityEventService.find(eventFilter, null).getContent();
        // 
        Assert.assertEquals(1, failedEvents.size());
        Assert.assertEquals(CoreResultCode.GROOVY_SCRIPT_EXCEPTION.getCode(), failedEvents.get(0).getResult().getCode());
    } finally {
        identityService.delete(identity);
        systemService.delete(system);
    }
}

Example 14 with IdmIdentityRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountManagementTest method overloadedAttributeAdd_C_AccountYrole.

@Test
public void overloadedAttributeAdd_C_AccountYrole() {
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    IdmRoleDto role = roleService.getByCode(ROLE_OVERLOADING_Y_ACCOUNT);
    Assert.assertNotNull("Account for this identity have to be found!", helper.findResource("x" + IDENTITY_USERNAME));
    IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
    irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
    irdto.setRole(role.getId());
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    identityRoleService.save(irdto);
    AccIdentityAccountFilter iaccFilter = new AccIdentityAccountFilter();
    iaccFilter.setIdentityId(identity.getId());
    // Now we have to identity roles (role_overloading_first_name and
    // role_overloading_last_name and role_overloading_y_account) and
    // identity accounts
    Assert.assertEquals("Idenitity accounts have to exists (three items) after account management was started!", 3, identityAccountService.find(iaccFilter, null).getContent().size());
    TestResource createdAccount = helper.findResource("y" + IDENTITY_USERNAME);
    Assert.assertNotNull("Idenitity have to exists on target system (after account management)", createdAccount);
    Assert.assertEquals("First name on target system must be equals with first name on identity", identity.getFirstName(), createdAccount.getFirstname());
    Assert.assertEquals("Last name on target system must be equals with first name on identity", identity.getLastName(), createdAccount.getLastname());
}

Example 15 with IdmIdentityRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountManagementTest method defaultAccountAddInvalid.

@Test
public /**
 * Add invalid identity role. Account cannot be created.
 */
void defaultAccountAddInvalid() {
    initData();
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    IdmRoleDto roleDefault = roleService.getByCode(ROLE_DEFAULT);
    Assert.assertNull("No account for this identity can be found, before account management start!", helper.findResource("x" + IDENTITY_USERNAME));
    IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
    irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
    irdto.setRole(roleDefault.getId());
    // Set valid from to future
    irdto.setValidFrom(LocalDate.now().plusDays(1));
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    irdto = identityRoleService.save(irdto);
    AccIdentityAccountFilter iaccFilter = new AccIdentityAccountFilter();
    iaccFilter.setIdentityId(identity.getId());
    iaccFilter.setIdentityRoleId(irdto.getId());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
    // Identity-account have to not exists after account management was started (INVALID identityRole was added)!
    Assert.assertEquals(0, identityAccounts.size());
    // Set valid from to null - Account must be created
    irdto.setValidFrom(null);
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    irdto = identityRoleService.save(irdto);
    identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
    Assert.assertEquals(1, identityAccounts.size());
    AccIdentityAccountDto identityAccount = identityAccounts.get(0);
    Assert.assertNotNull("Idenitity account have to exists after account management was started!", identityAccount);
    Assert.assertNotNull("Account have to exists after account management was started!", identityAccount.getAccount());
    Assert.assertEquals(accountService.get(identityAccount.getAccount()).getUid(), "x" + IDENTITY_USERNAME);
    TestResource createdAccount = helper.findResource("x" + IDENTITY_USERNAME);
    Assert.assertNotNull("Idenitity have to exists on target system (after account management)", createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // Set valid from to null - Account must be created
    irdto.setValidTill(LocalDate.now().minusDays(1));
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    irdto = identityRoleService.save(irdto);
    identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
    // Identity-account have to not exists after account management was started (INVALID identityRole was added)!
    Assert.assertEquals(0, identityAccounts.size());
    // Clean identity role
    identityRoleService.delete(irdto);
}