Example 11 with IdmRequestIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method testAccessIsAddedForOwnerAndImplementerToSubprocesses.
@Test
public void testAccessIsAddedForOwnerAndImplementerToSubprocesses() {
// reset approvers
getHelper().setConfigurationValue(APPROVE_BY_USERMANAGER_ENABLE, false);
getHelper().setConfigurationValue(APPROVE_BY_SECURITY_ENABLE, false);
getHelper().setConfigurationValue(APPROVE_BY_MANAGER_ENABLE, false);
getHelper().setConfigurationValue(APPROVE_BY_HELPDESK_ENABLE, false);
// role with guarantees and critical 2 => approve by guarantee
IdmRoleDto role = new IdmRoleDto();
role.setCode(getHelper().createName());
// default by configuration
role.setPriority(2);
IdmRoleDto roleOne = roleService.save(role);
role = new IdmRoleDto();
role.setCode(getHelper().createName());
// default by configuration
role.setPriority(2);
IdmRoleDto roleTwo = roleService.save(role);
//
IdmIdentityDto implementer = getHelper().createIdentity();
IdmIdentityDto applicant = getHelper().createIdentity();
IdmIdentityContractDto applicantContract = getHelper().getPrimeContract(applicant);
IdmIdentityDto guaranteeOne = getHelper().createIdentity();
IdmIdentityDto guaranteeTwo = getHelper().createIdentity();
//
getHelper().createRoleGuarantee(roleOne, guaranteeOne);
getHelper().createRoleGuarantee(roleTwo, guaranteeTwo);
//
// login as implementer
loginAsAdmin(implementer.getUsername());
//
IdmRoleRequestDto request = createRoleRequest(applicant);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(roleOne, applicantContract, request);
conceptRoleRequestService.save(concept);
concept = createRoleConcept(roleTwo, applicantContract, request);
conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
Assert.assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
IdmRequestIdentityRoleFilter requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
requestIdentityRoleFilter.setIncludeCandidates(true);
requestIdentityRoleFilter.setRoleRequestId(request.getId());
requestIdentityRoleFilter.setIdentityId(applicant.getId());
List<IdmRequestIdentityRoleDto> requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
Assert.assertEquals(2, requestIdentityRoles.size());
Assert.assertTrue(requestIdentityRoles.stream().anyMatch(rir -> rir.getRole().equals(roleOne.getId()) && rir.getCandidates().size() == 1 && rir.getCandidates().iterator().next().getId().equals(guaranteeOne.getId())));
Assert.assertTrue(requestIdentityRoles.stream().anyMatch(rir -> rir.getRole().equals(roleTwo.getId()) && rir.getCandidates().size() == 1 && rir.getCandidates().iterator().next().getId().equals(guaranteeTwo.getId())));
//
// check applicant and implemented can read process instance
getHelper().login(implementer);
List<WorkflowProcessInstanceDto> processes = workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getContent();
Assert.assertEquals(3, processes.size());
getHelper().login(applicant);
Assert.assertEquals(3, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
getHelper().login(guaranteeOne);
Assert.assertEquals(1, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
getHelper().login(guaranteeTwo);
Assert.assertEquals(1, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
//
// test identity links are created (=> access added)
processes.forEach(process -> {
List<IdentityLink> links = runtimeService.getIdentityLinksForProcessInstance(process.getProcessInstanceId());
Assert.assertTrue(links.stream().anyMatch(l -> l.getUserId().equals(implementer.getId().toString()) && l.getType().equals(IdentityLinkType.STARTER)));
Assert.assertTrue(links.stream().anyMatch(l -> l.getUserId().equals(applicant.getId().toString()) && l.getType().equals(IdentityLinkType.OWNER)));
});
}
Also used :
RuntimeService(org.activiti.engine.RuntimeService)
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
ZonedDateTime(java.time.ZonedDateTime)
WorkflowProcessInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowProcessInstanceDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmRequestIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmRequestIdentityRoleService)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
After(org.junit.After)
WorkflowTaskInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowTaskInstanceService)
Assert.fail(org.junit.Assert.fail)
LoginService(eu.bcvsolutions.idm.core.security.api.service.LoginService)
IdentityLink(org.activiti.engine.task.IdentityLink)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
RoleConfiguration(eu.bcvsolutions.idm.core.api.config.domain.RoleConfiguration)
WorkflowHistoricProcessInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowHistoricProcessInstanceDto)
List(java.util.List)
Assert.assertFalse(org.junit.Assert.assertFalse)
LocalDate(java.time.LocalDate)
IdmRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleRequestFilter)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
RoleRequestedByType(eu.bcvsolutions.idm.core.api.domain.RoleRequestedByType)
IdmConfigurationService(eu.bcvsolutions.idm.core.api.service.IdmConfigurationService)
IdentityLinkType(org.activiti.engine.task.IdentityLinkType)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
InitTestDataProcessor(eu.bcvsolutions.idm.core.model.event.processor.module.InitTestDataProcessor)
WorkflowProcessInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowProcessInstanceService)
WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
WorkflowHistoricTaskInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowHistoricTaskInstanceService)
Before(org.junit.Before)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
WorkflowHistoricProcessInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowHistoricProcessInstanceService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Assert.assertTrue(org.junit.Assert.assertTrue)
Test(org.junit.Test)
RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState)
IdmIncompatibleRoleService(eu.bcvsolutions.idm.core.api.service.IdmIncompatibleRoleService)
HttpStatus(org.springframework.http.HttpStatus)
Assert.assertNull(org.junit.Assert.assertNull)
ChronoUnit(java.time.temporal.ChronoUnit)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
WorkflowHistoricTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowHistoricTaskInstanceDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
ResolvedIncompatibleRoleDto(eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto)
IdmRequestIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)
IdmGroupPermission(eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)
Assert(org.junit.Assert)
IdmIncompatibleRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIncompatibleRoleDto)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
Assert.assertEquals(org.junit.Assert.assertEquals)
Transactional(org.springframework.transaction.annotation.Transactional)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdentityLink(org.activiti.engine.task.IdentityLink)
IdmRequestIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)
WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
WorkflowProcessInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowProcessInstanceDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)
Test(org.junit.Test)
Example 12 with IdmRequestIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRequestIdentityRoleService method compileIdentityRolesWithConcepts.
/**
* Find concepts for given identity-roles. If some exists (in given request),
* then will be altered for concept metadata (operation, EAVs)
*
* @param requestIdentityRoles
* @param identityRoles
* @param filter
* @param permission
*/
private void compileIdentityRolesWithConcepts(List<IdmRequestIdentityRoleDto> requestIdentityRoles, List<IdmIdentityRoleDto> identityRoles, IdmRequestIdentityRoleFilter filter, BasePermission... permission) {
// Convert identity-roles to Set of IDs.
Set<UUID> identityRoleIds = identityRoles.stream().map(IdmIdentityRoleDto::getId).collect(Collectors.toSet());
// Find concepts by identity-roles IDs.
IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
conceptFilter.setIdentityRoleIds(identityRoleIds);
conceptFilter.setRoleRequestId(filter.getRoleRequestId());
List<IdmConceptRoleRequestDto> conceptsForThisPage = conceptRoleService.find(conceptFilter, null, permission).getContent();
//
conceptsForThisPage.stream().filter(//
concept -> ConceptRoleRequestOperation.ADD != concept.getOperation()).forEach(concept -> {
//
IdmRequestIdentityRoleDto requestIdentityRoleWithConcept = //
requestIdentityRoles.stream().filter(requestIdentityRole -> requestIdentityRole.getIdentityRole() != null && requestIdentityRole.getIdentityRole().equals(concept.getIdentityRole()) && requestIdentityRole.getId().equals(requestIdentityRole.getIdentityRole())).findFirst().orElse(//
null);
if (requestIdentityRoleWithConcept != null) {
requestIdentityRoleWithConcept.setOperation(concept.getOperation());
requestIdentityRoleWithConcept.setId(concept.getId());
requestIdentityRoleWithConcept.setValidFrom(concept.getValidFrom());
requestIdentityRoleWithConcept.setValidTill(concept.getValidTill());
requestIdentityRoleWithConcept.setRoleRequest(concept.getRoleRequest());
IdmFormInstanceDto formInstanceDto;
// For updated identity-role replace EAVs from the concept
if (ConceptRoleRequestOperation.UPDATE == concept.getOperation()) {
// Check on change of values is made only on ended request! 'Original' value is current value and in audit it was confusing (only 'new' value is show now).
formInstanceDto = conceptRoleService.getRoleAttributeValues(concept, !concept.getState().isTerminatedState());
this.addEav(requestIdentityRoleWithConcept, formInstanceDto);
}
}
});
}
Also used :
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
AbstractReadDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
RoleBasePermission(eu.bcvsolutions.idm.core.security.api.domain.RoleBasePermission)
IdmRequestIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmRequestIdentityRoleService)
IdmConceptRoleRequest_(eu.bcvsolutions.idm.core.model.entity.IdmConceptRoleRequest_)
AbstractBaseDtoService(eu.bcvsolutions.idm.core.rest.AbstractBaseDtoService)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
Pageable(org.springframework.data.domain.Pageable)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
PageRequest(org.springframework.data.domain.PageRequest)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
List(java.util.List)
ContractBasePermission(eu.bcvsolutions.idm.core.security.api.domain.ContractBasePermission)
PermissionUtils(eu.bcvsolutions.idm.core.security.api.utils.PermissionUtils)
LocalDate(java.time.LocalDate)
PageImpl(org.springframework.data.domain.PageImpl)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
RoleRequestedByType(eu.bcvsolutions.idm.core.api.domain.RoleRequestedByType)
IdmRoleSystemService(eu.bcvsolutions.idm.core.api.service.IdmRoleSystemService)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
ModelMapper(org.modelmapper.ModelMapper)
Lists(com.google.common.collect.Lists)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
Service(org.springframework.stereotype.Service)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
WorkflowProcessInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowProcessInstanceService)
IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
IdmRoleSystemFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleSystemFilter)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRequestIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
InvalidFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.InvalidFormAttributeDto)
IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
UUID(java.util.UUID)
Example 13 with IdmRequestIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRequestIdentityRoleService method find.
@Override
public Page<IdmRequestIdentityRoleDto> find(IdmRequestIdentityRoleFilter filter, Pageable pageable, BasePermission... permission) {
LOG.debug(MessageFormat.format("Find idm-request-identity-roles by filter [{0}] ", filter));
Assert.notNull(filter, "Filter is required.");
if (pageable == null) {
// Page is null, so we set page to max value
pageable = PageRequest.of(0, Integer.MAX_VALUE);
}
// If is true, then we want to return only concepts (not assigned roles)
boolean returnOnlyChanges = filter.isOnlyChanges();
List<IdmRequestIdentityRoleDto> results = new ArrayList<>();
long total = 0;
int countConcepts = 0;
if (filter.getRoleRequestId() != null) {
if (!returnOnlyChanges) {
// We want to load only new added roles
filter.setOperation(ConceptRoleRequestOperation.ADD);
// We don`t want load ADD concepts with filled identityRoleId (such concepts were already executed )
filter.setIdentityRoleIsNull(true);
}
Page<IdmConceptRoleRequestDto> conceptsPage = conceptRoleService.find(filter, pageable, permission);
results.addAll(this.conceptsToRequestIdentityRoles(conceptsPage.getContent(), filter));
total = conceptsPage.getTotalElements();
countConcepts = results.size();
}
int pageSizeForAssignedRoles = pageable.getPageSize() - countConcepts;
long numberOfPagesWithConcepts = total / pageable.getPageSize();
int pageNumberForAssignedRoles = pageable.getPageNumber() - ((int) numberOfPagesWithConcepts);
if (!returnOnlyChanges && filter.getIdentityId() != null && pageSizeForAssignedRoles > 0 && pageNumberForAssignedRoles >= 0) {
IdmIdentityRoleFilter identityRoleFilter = toIdentityRoleFilter(filter);
PageRequest pageableForAssignedRoles = PageRequest.of(pageNumberForAssignedRoles, pageable.getPageSize(), pageable.getSort());
// TODO: On a task detail approver must have permission to read identity-roles. If don't have it, then no concept are show.
// Maybe identity-roles should be load without permission here (permission by request).
Page<IdmIdentityRoleDto> identityRolesPage = identityRoleService.find(identityRoleFilter, pageableForAssignedRoles, permission);
List<IdmIdentityRoleDto> identityRoles = identityRolesPage.getContent();
// Transform identity-roles to request-identity-roles
results.addAll(this.identityRolesToRequestIdentityRoles(identityRoles, filter));
total = total + identityRolesPage.getTotalElements();
if (filter.getRoleRequestId() != null && !identityRoles.isEmpty()) {
compileIdentityRolesWithConcepts(results, identityRoles, filter, permission);
}
}
PageRequest pageableRequest = PageRequest.of(pageable.getPageNumber(), Math.max(results.size(), pageable.getPageSize()), pageable.getSort());
return new PageImpl<>(results, pageableRequest, total);
}
Also used :
PageImpl(org.springframework.data.domain.PageImpl)
ArrayList(java.util.ArrayList)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
PageRequest(org.springframework.data.domain.PageRequest)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Example 14 with IdmRequestIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method testFindCandidatesWithSubprocess.
@Test
public void testFindCandidatesWithSubprocess() {
ZonedDateTime now = ZonedDateTime.now().truncatedTo(ChronoUnit.MILLIS);
getHelper().waitForResult(null, 1, 1);
// approve only by help desk
configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
loginAsAdmin();
// helpdesk role and identity
IdmRoleDto helpdeskRole = getHelper().createRole();
IdmIdentityDto helpdeskIdentity = getHelper().createIdentity();
// add role directly
getHelper().createIdentityRole(helpdeskIdentity, helpdeskRole);
configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
IdmIdentityDto identity = identityService.getByUsername(InitTestDataProcessor.TEST_USER_1);
IdmIdentityDto guarantee = identityService.getByUsername(InitTestDataProcessor.TEST_USER_2);
// Guarantee
int priority = 500;
IdmRoleDto adminRole = roleConfiguration.getAdminRole();
adminRole.setPriority(priority);
getHelper().createRoleGuarantee(adminRole, guarantee);
adminRole = roleService.save(adminRole);
configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_MANAGER_KEY);
IdmIdentityContractDto contract = getHelper().getPrimeContract(identity.getId());
IdmRoleRequestDto request = createRoleRequest(identity);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
IdmRequestIdentityRoleFilter requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
requestIdentityRoleFilter.setIncludeCandidates(true);
requestIdentityRoleFilter.setRoleRequestId(request.getId());
requestIdentityRoleFilter.setIdentityId(identity.getId());
List<IdmRequestIdentityRoleDto> requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
assertEquals(1, requestIdentityRoles.size());
IdmRequestIdentityRoleDto requestIdentityRoleDto = requestIdentityRoles.get(0);
assertNull(requestIdentityRoleDto.getCandidates());
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCreatedAfter(now);
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
Set<IdmIdentityDto> candidates = workflowProcessInstanceService.getApproversForProcess(request.getWfProcessId());
assertEquals(1, candidates.size());
candidates = workflowProcessInstanceService.getApproversForSubprocess(request.getWfProcessId());
assertEquals(0, candidates.size());
requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
requestIdentityRoleFilter.setIncludeCandidates(true);
requestIdentityRoleFilter.setRoleRequestId(request.getId());
requestIdentityRoleFilter.setIdentityId(identity.getId());
requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
assertEquals(1, requestIdentityRoles.size());
requestIdentityRoleDto = requestIdentityRoles.get(0);
assertNull(requestIdentityRoleDto.getCandidates());
IdmRoleRequestFilter filter = new IdmRoleRequestFilter();
filter.setIncludeApprovers(true);
IdmRoleRequestDto requestDto = roleRequestService.get(request.getId(), filter);
assertEquals(1, requestDto.getApprovers().size());
// HELPDESK
loginAsAdmin(helpdeskIdentity.getUsername());
taskFilter.setCandidateOrAssigned(helpdeskIdentity.getUsername());
checkAndCompleteOneTask(taskFilter, InitTestDataProcessor.TEST_USER_1, "approve");
filter.setIncludeApprovers(false);
requestDto = roleRequestService.get(request.getId(), filter);
assertNull(requestDto.getApprovers());
// Subprocess - approve by Manager
request = roleRequestService.get(request.getId());
loginAsAdmin(guarantee.getUsername());
taskFilter.setCandidateOrAssigned(InitTestDataProcessor.TEST_USER_2);
tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(1, tasks.size());
concept = conceptRoleRequestService.get(concept.getId());
String conceptWf = concept.getWfProcessId();
assertNotNull(conceptWf);
assertNotNull(workflowProcessInstanceService.get(conceptWf));
candidates = workflowProcessInstanceService.getApproversForProcess(request.getWfProcessId());
assertEquals(1, candidates.size());
IdmIdentityDto approversFromProcess = candidates.stream().findFirst().get();
candidates = workflowProcessInstanceService.getApproversForSubprocess(request.getWfProcessId());
assertEquals(1, candidates.size());
IdmIdentityDto approversFromSubProcess = candidates.stream().findFirst().get();
assertEquals(approversFromProcess.getId(), approversFromSubProcess.getId());
requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
requestIdentityRoleFilter.setIncludeCandidates(true);
requestIdentityRoleFilter.setRoleRequestId(request.getId());
requestIdentityRoleFilter.setIdentityId(identity.getId());
requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
assertEquals(1, requestIdentityRoles.size());
requestIdentityRoleDto = requestIdentityRoles.get(0);
assertEquals(1, requestIdentityRoleDto.getCandidates().size());
requestIdentityRoleFilter.setIncludeCandidates(false);
requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
assertEquals(1, requestIdentityRoles.size());
requestIdentityRoleDto = requestIdentityRoles.get(0);
assertNull(requestIdentityRoleDto.getCandidates());
filter = new IdmRoleRequestFilter();
filter.setIncludeApprovers(true);
requestDto = roleRequestService.get(request.getId(), filter);
assertEquals(1, requestDto.getApprovers().size());
filter.setIncludeApprovers(false);
requestDto = roleRequestService.get(request.getId(), filter);
assertNull(requestDto.getApprovers());
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmRequestIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)
ZonedDateTime(java.time.ZonedDateTime)
WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IdmRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleRequestFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)
Test(org.junit.Test)
Example 15 with IdmRequestIdentityRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRequestIdentityRoleService method save.
@Override
@Transactional
public IdmRequestIdentityRoleDto save(IdmRequestIdentityRoleDto dto, BasePermission... permission) {
LOG.debug(MessageFormat.format("Save idm-request-identity-role [{0}] ", dto));
Assert.notNull(dto, "DTO is required.");
// We don`t know if is given DTO identity-role or role-concept.
if (dto.getId() != null && dto.getId().equals(dto.getIdentityRole())) {
// Given DTO is identity-role -> create UPDATE concept
IdmIdentityRoleDto identityRole = identityRoleService.get(dto.getId());
Assert.notNull(identityRole, "Identity role is required.");
IdmIdentityContractDto identityContractDto = DtoUtils.getEmbedded(identityRole, IdmIdentityRole_.identityContract.getName(), IdmIdentityContractDto.class);
UUID requestId = dto.getRoleRequest();
IdmRoleRequestDto request = null;
if (requestId == null) {
request = this.createRequest(identityContractDto.getIdentity());
requestId = request.getId();
}
IdmConceptRoleRequestDto conceptRoleRequest = createConcept(identityRole, identityContractDto, requestId, identityRole.getRole(), identityContractDto.getValidFrom(), identityContractDto.getValidTill(), ConceptRoleRequestOperation.UPDATE);
conceptRoleRequest.setValidFrom(dto.getValidFrom());
conceptRoleRequest.setValidTill(dto.getValidTill());
conceptRoleRequest.setRoleSystem(dto.getRoleSystem());
conceptRoleRequest.setEavs(dto.getEavs());
// Create concept with EAVs
conceptRoleRequest = conceptRoleService.save(conceptRoleRequest, permission);
if (request != null) {
// Add request to concept. Will be used on the FE (prevent loading of request).
conceptRoleRequest.getEmbedded().put(IdmConceptRoleRequest_.roleRequest.getName(), request);
}
return this.conceptToRequestIdentityRole(conceptRoleRequest, null);
} else if (dto.getId() == null && dto.getIdentityRole() == null) {
// Given DTO does not have ID neither identity-role ID -> create ADD concept
Assert.notNull(dto.getIdentityContract(), "Contract is required.");
Set<UUID> roles = Sets.newHashSet();
if (dto.getRole() != null) {
roles.add(dto.getRole());
}
if (dto.getRoles() != null) {
roles.addAll(dto.getRoles());
}
Assert.notEmpty(roles, "Roles cannot be empty!");
IdmIdentityContractDto identityContractDto = identityContractService.get(dto.getIdentityContract());
UUID requestId = dto.getRoleRequest();
IdmRoleRequestDto request = null;
if (requestId == null) {
request = this.createRequest(identityContractDto.getIdentity());
requestId = request.getId();
}
List<IdmConceptRoleRequestDto> concepts = Lists.newArrayList();
UUID finalRequestId = requestId;
IdmRoleRequestDto finalRequest = request;
roles.forEach(role -> {
IdmConceptRoleRequestDto conceptRoleRequest = createConcept(null, identityContractDto, finalRequestId, role, dto.getValidFrom(), dto.getValidTill(), ConceptRoleRequestOperation.ADD);
conceptRoleRequest.setEavs(dto.getEavs());
conceptRoleRequest.setRoleSystem(dto.getRoleSystem());
// Create concept with EAVs
conceptRoleRequest = conceptRoleService.save(conceptRoleRequest);
if (finalRequest != null) {
// Add request to concept. Will be used on the FE (prevent loading of request).
conceptRoleRequest.getEmbedded().put(IdmConceptRoleRequest_.roleRequest.getName(), finalRequest);
}
concepts.add(conceptRoleRequest);
});
// Beware more then one concepts could be created, but only first will be returned!
return this.conceptToRequestIdentityRole(concepts.get(0), null);
} else {
// Try to find role-concept
IdmConceptRoleRequestDto roleConceptDto = conceptRoleService.get(dto.getId());
if (roleConceptDto != null) {
dto.setState(roleConceptDto.getState());
if (ConceptRoleRequestOperation.UPDATE == roleConceptDto.getOperation()) {
// Given DTO is concept -> update exists UPDATE concept
return this.conceptToRequestIdentityRole(conceptRoleService.save(dto, permission), null);
}
if (ConceptRoleRequestOperation.ADD == roleConceptDto.getOperation()) {
// Given DTO is concept -> update exists ADD concept
return this.conceptToRequestIdentityRole(conceptRoleService.save(dto, permission), null);
}
}
}
return null;
}
Also used :
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
AbstractReadDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
RoleBasePermission(eu.bcvsolutions.idm.core.security.api.domain.RoleBasePermission)
IdmRequestIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmRequestIdentityRoleService)
IdmConceptRoleRequest_(eu.bcvsolutions.idm.core.model.entity.IdmConceptRoleRequest_)
AbstractBaseDtoService(eu.bcvsolutions.idm.core.rest.AbstractBaseDtoService)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
Pageable(org.springframework.data.domain.Pageable)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
PageRequest(org.springframework.data.domain.PageRequest)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
List(java.util.List)
ContractBasePermission(eu.bcvsolutions.idm.core.security.api.domain.ContractBasePermission)
PermissionUtils(eu.bcvsolutions.idm.core.security.api.utils.PermissionUtils)
LocalDate(java.time.LocalDate)
PageImpl(org.springframework.data.domain.PageImpl)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
RoleRequestedByType(eu.bcvsolutions.idm.core.api.domain.RoleRequestedByType)
IdmRoleSystemService(eu.bcvsolutions.idm.core.api.service.IdmRoleSystemService)
MessageFormat(java.text.MessageFormat)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
ModelMapper(org.modelmapper.ModelMapper)
Lists(com.google.common.collect.Lists)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
Service(org.springframework.stereotype.Service)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
WorkflowProcessInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowProcessInstanceService)
IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
IdmRoleSystemFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleSystemFilter)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRequestIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
InvalidFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.InvalidFormAttributeDto)
Set(java.util.Set)
HashSet(java.util.HashSet)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
List(java.util.List)
ArrayList(java.util.ArrayList)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
UUID(java.util.UUID)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Aggregations
IdmRequestIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)23
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)20
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)20
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)17
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)17
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)16
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)16
Test (org.junit.Test)16
Transactional (org.springframework.transaction.annotation.Transactional)16
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)15
IdmRequestIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter)12
IdmRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleRequestFilter)12
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)12
IdmFormInstanceDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)9
IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)8
UUID (java.util.UUID)8
ConceptRoleRequestOperation (eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)7
IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)7
IdmRequestIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmRequestIdentityRoleService)7
IdmRoleRequestService (eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)7
