use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class IdmRoleController method getIncompatibleRoles.
@ResponseBody
@RequestMapping(value = "/{backendId}/incompatible-roles", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLE_READ + "')")
@ApiOperation(value = "Incompatible roles from sub roles", nickname = "getRoleIncompatibleRoles", tags = { IdmIdentityController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_READ, description = "") }) }, notes = "Incompatible roles are resolved from sub roles.")
public Resources<?> getIncompatibleRoles(@ApiParam(value = "Roles's uuid identifier or code.", required = true) @PathVariable String backendId) {
IdmRoleDto role = getDto(backendId);
if (role == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
//
// find all sub role composition
List<IdmRoleCompositionDto> subRoles = roleCompositionService.findAllSubRoles(role.getId(), IdmBasePermission.READ);
// extract all sub roles ids - role above is included thx to composition
Set<IdmRoleDto> distinctRoles = roleCompositionService.resolveDistinctRoles(subRoles);
// resolve incompatible roles defined by business role
Set<ResolvedIncompatibleRoleDto> incompatibleRoles = incompatibleRoleService.resolveIncompatibleRoles(Lists.newArrayList(distinctRoles));
//
return toResources(incompatibleRoles, ResolvedIncompatibleRoleDto.class);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionServiceIntegrationTest method testRemoveAssignedRolesAfterRemoveRoleComposition.
@Test
public void testRemoveAssignedRolesAfterRemoveRoleComposition() {
// prepare role composition
IdmRoleDto superior = getHelper().createRole();
IdmRoleDto subOne = getHelper().createRole();
IdmRoleDto subOneSub = getHelper().createRole();
getHelper().createRoleComposition(superior, subOne);
IdmRoleCompositionDto subOneSubRoleComposition = getHelper().createRoleComposition(subOne, subOneSub);
//
// assign superior role
IdmIdentityDto identity = getHelper().createIdentity();
getHelper().createIdentityRole(identity, superior);
//
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(3, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOneSub.getId())));
//
// remove role composition
service.delete(subOneSubRoleComposition);
//
assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(2, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionServiceIntegrationTest method testFindAllSubRoles.
@Test
@Transactional
public void testFindAllSubRoles() {
// prepare role composition
IdmRoleDto superior = getHelper().createRole();
IdmRoleDto subOne = getHelper().createRole();
IdmRoleDto subTwo = getHelper().createRole();
IdmRoleDto subOneSub = getHelper().createRole();
IdmRoleDto subOneSubSub = getHelper().createRole();
getHelper().createRoleComposition(superior, subOne);
getHelper().createRoleComposition(superior, subTwo);
getHelper().createRoleComposition(subOne, subOneSub);
getHelper().createRoleComposition(subOneSub, subOneSubSub);
//
List<IdmRoleCompositionDto> allSubRoles = service.findAllSubRoles(superior.getId());
Set<UUID> distinctRoles = service.getDistinctRoles(allSubRoles);
Assert.assertEquals(5, distinctRoles.size());
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(superior.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOne.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subTwo.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSub.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSubSub.getId())));
//
allSubRoles = service.findAllSubRoles(subOneSubSub.getId());
Assert.assertTrue(allSubRoles.isEmpty());
Assert.assertNotNull(cacheManager.getValue(IdmRoleCompositionService.ALL_SUB_ROLES_CACHE_NAME, subOneSubSub.getId()));
//
allSubRoles = service.findAllSubRoles(subOne.getId());
distinctRoles = service.getDistinctRoles(allSubRoles);
Assert.assertNotNull(cacheManager.getValue(IdmRoleCompositionService.ALL_SUB_ROLES_CACHE_NAME, subOne.getId()));
//
Assert.assertEquals(3, distinctRoles.size());
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOne.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSub.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSubSub.getId())));
//
// add role composition
IdmRoleDto subOneSubTwo = getHelper().createRole();
getHelper().createRoleComposition(subOneSub, subOneSubTwo);
Assert.assertNull(cacheManager.getValue(IdmRoleCompositionService.ALL_SUB_ROLES_CACHE_NAME, subOneSubSub.getId()));
Assert.assertNull(cacheManager.getValue(IdmRoleCompositionService.ALL_SUB_ROLES_CACHE_NAME, subOne.getId()));
//
allSubRoles = service.findAllSubRoles(subOne.getId());
distinctRoles = service.getDistinctRoles(allSubRoles);
Assert.assertNotNull(cacheManager.getValue(IdmRoleCompositionService.ALL_SUB_ROLES_CACHE_NAME, subOne.getId()));
//
Assert.assertEquals(4, distinctRoles.size());
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOne.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSub.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSubSub.getId())));
Assert.assertTrue(distinctRoles.stream().anyMatch(r -> r.equals(subOneSubTwo.getId())));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionServiceIntegrationTest method testAssignRolesDuplicates.
@Test
public void testAssignRolesDuplicates() {
IdmRoleDto superior = getHelper().createRole();
IdmRoleDto subOne = getHelper().createRole();
IdmRoleDto subTwo = getHelper().createRole();
IdmRoleDto subOneOne = getHelper().createRole();
IdmRoleDto subSubOneOne = getHelper().createRole();
getHelper().createRoleComposition(superior, subOne);
getHelper().createRoleComposition(superior, subTwo);
getHelper().createRoleComposition(subOne, subOneOne);
IdmRoleCompositionDto cyclicComposition = getHelper().createRoleComposition(subTwo, subOneOne);
getHelper().createRoleComposition(subOneOne, subSubOneOne);
//
// find all sub roles
List<IdmRoleCompositionDto> allSubRoles = service.findAllSubRoles(superior.getId());
Assert.assertEquals(6, allSubRoles.size());
//
// assign superior role
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmRoleRequestDto roleRequest = getHelper().createRoleRequest(identity, superior);
//
getHelper().executeRequest(roleRequest, false);
//
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(7, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subTwo.getId())));
Assert.assertEquals(2, assignedRoles.stream().filter(ir -> ir.getRole().equals(subOneOne.getId())).count());
Assert.assertEquals(2, assignedRoles.stream().filter(ir -> ir.getRole().equals(subSubOneOne.getId())).count());
//
// remove role composition
service.delete(cyclicComposition);
//
assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(5, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subTwo.getId())));
Assert.assertEquals(1, assignedRoles.stream().filter(ir -> ir.getRole().equals(subOneOne.getId())).count());
Assert.assertEquals(1, assignedRoles.stream().filter(ir -> ir.getRole().equals(subSubOneOne.getId())).count());
//
// create again
cyclicComposition = getHelper().createRoleComposition(subTwo, subOneOne);
//
assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(7, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subTwo.getId())));
Assert.assertEquals(2, assignedRoles.stream().filter(ir -> ir.getRole().equals(subOneOne.getId())).count());
Assert.assertEquals(2, assignedRoles.stream().filter(ir -> ir.getRole().equals(subSubOneOne.getId())).count());
//
// remove again
service.delete(cyclicComposition);
//
assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(5, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subTwo.getId())));
Assert.assertEquals(1, assignedRoles.stream().filter(ir -> ir.getRole().equals(subOneOne.getId())).count());
Assert.assertEquals(1, assignedRoles.stream().filter(ir -> ir.getRole().equals(subSubOneOne.getId())).count());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionServiceIntegrationTest method testAssignRolesPreventCyclesSameSuperiorAsSubByRequest.
@Test
@Transactional
public void testAssignRolesPreventCyclesSameSuperiorAsSubByRequest() {
IdmRoleDto superior = getHelper().createRole();
getHelper().createRoleComposition(superior, superior);
//
List<IdmRoleCompositionDto> allSubRoles = service.findAllSubRoles(superior.getId());
Assert.assertTrue(allSubRoles.isEmpty());
//
// assign superior role
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmRoleRequestDto roleRequest = getHelper().createRoleRequest(identity, superior);
getHelper().executeRequest(roleRequest, false);
//
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertEquals(1, assignedRoles.size());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
}
Aggregations