use of eu.bcvsolutions.idm.core.api.dto.IdmRequestDto in project CzechIdMng by bcvsolutions.
the class IdmRequestController method startRequest.
@ResponseBody
@RequestMapping(value = "/{backendId}/start", method = RequestMethod.PUT)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.REQUEST_UPDATE + "')")
@ApiOperation(value = "Start request", nickname = "startRequest", response = IdmRequestDto.class, tags = { IdmRequestController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.REQUEST_UPDATE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.REQUEST_UPDATE, description = "") }) })
public ResponseEntity<?> startRequest(@ApiParam(value = "Request's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
UUID requestId = UUID.fromString(backendId);
IdmRequestDto request = this.getService().get(requestId, IdmBasePermission.EXECUTE);
// Validate request
List<IdmRequestItemDto> items = requestManager.findRequestItems(request.getId(), null);
if (items.isEmpty()) {
throw new ResultCodeException(CoreResultCode.REQUEST_CANNOT_BE_EXECUTED_NONE_ITEMS, ImmutableMap.of("request", request.toString()));
}
requestManager.startRequest(requestId, true);
return this.get(backendId);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestDto in project CzechIdMng by bcvsolutions.
the class IdmRequestController method delete.
@Override
@ResponseBody
@RequestMapping(value = "/{backendId}", method = RequestMethod.DELETE)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.REQUEST_DELETE + "')")
@ApiOperation(value = "Delete request", nickname = "deleteRequest", tags = { IdmRequestController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.REQUEST_DELETE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.REQUEST_DELETE, description = "") }) })
public ResponseEntity<?> delete(@ApiParam(value = "Request's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
IdmRequestService service = ((IdmRequestService) this.getService());
IdmRequestDto dto = service.get(backendId);
//
checkAccess(dto, IdmBasePermission.DELETE);
// Request in Executed state can not be delete or change
if (RequestState.EXECUTED == dto.getState()) {
throw new ResultCodeException(CoreResultCode.REQUEST_EXECUTED_CANNOT_DELETE, ImmutableMap.of("request", dto));
}
// Only request in Concept state, can be deleted. In others states, will be request set to Canceled state and save.
if (RequestState.CONCEPT == dto.getState()) {
service.delete(dto);
} else {
requestManager.cancel(dto);
}
return new ResponseEntity<Object>(HttpStatus.NO_CONTENT);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestDto in project CzechIdMng by bcvsolutions.
the class AbstractRequestDtoController method createRequest.
@ApiOperation(value = "Create request for DTO", authorizations = { //
@Authorization(SwaggerConfig.AUTHENTICATION_BASIC), //
@Authorization(SwaggerConfig.AUTHENTICATION_CIDMST) })
public ResponseEntity<?> createRequest(@ApiParam(value = "Record (dto).", required = true) DTO dto) {
IdmRequestDto request = requestManager.createRequest(dto, IdmBasePermission.CREATE);
Link selfLink = ControllerLinkBuilder.linkTo(IdmRequestController.class).slash(request.getId()).withSelfRel();
Resource<IdmRequestDto> resource = new Resource<IdmRequestDto>(request, selfLink);
return new ResponseEntity<>(resource, HttpStatus.CREATED);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestDto in project CzechIdMng by bcvsolutions.
the class RequestByOwnerEvaluatorTest method testNotRightOnRequest.
@Test(expected = ForbiddenEntityException.class)
public void testNotRightOnRequest() {
IdmIdentityDto identity = getHelper().createIdentity();
IdmRoleDto roleForRequest = getHelper().createRole();
IdmRequestDto request = requestManager.createRequest(roleForRequest);
try {
getHelper().login(identity.getUsername(), identity.getPassword());
assertNull(requestService.get(request.getId(), IdmBasePermission.READ));
} finally {
logout();
}
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestDto in project CzechIdMng by bcvsolutions.
the class RequestByOwnerEvaluatorTest method testRightOnRequest.
@Test
public void testRightOnRequest() {
IdmIdentityDto identity = getHelper().createIdentity();
IdmRoleDto roleForRequest = getHelper().createRole();
IdmRequestDto requestWithOwneredRole = requestManager.createRequest(roleForRequest);
IdmRoleDto roleForRequestWithoutRight = getHelper().createRole();
IdmRequestDto requestWithoutOwneredRole = requestManager.createRequest(roleForRequestWithoutRight);
IdmRoleDto role = getHelper().createRole();
getHelper().createRoleGuaranteeRole(role, role);
getHelper().createIdentityRole(identity, role);
getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.REQUEST, IdmRequest.class, RequestByOwnerEvaluator.class, IdmBasePermission.READ);
// User will have rights on the roleForRequest
ConfigurationMap properties = new ConfigurationMap();
properties.put(UuidEvaluator.PARAMETER_UUID, roleForRequest.getId());
getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.ROLE, IdmRole.class, UuidEvaluator.class, properties, IdmBasePermission.READ);
try {
getHelper().login(identity.getUsername(), identity.getPassword());
try {
requestService.get(requestWithoutOwneredRole.getId(), IdmBasePermission.READ);
fail();
} catch (ForbiddenEntityException ex) {
// It is OK
}
assertNotNull(requestService.get(requestWithOwneredRole.getId(), IdmBasePermission.READ));
IdmRequestFilter requestFilter = new IdmRequestFilter();
// We do not have right to that request
requestFilter.setId(requestWithoutOwneredRole.getId());
assertEquals(0, requestService.find(requestFilter, null, IdmBasePermission.READ).getContent().size());
// We have right to that request
requestFilter.setId(requestWithOwneredRole.getId());
assertEquals(1, requestService.find(requestFilter, null, IdmBasePermission.READ).getContent().size());
} finally {
logout();
}
}
Aggregations