Search in sources :

Example 11 with IdmRoleCompositionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleCompositionServiceIntegrationTest method testFindAllSuperiorRoles.

@Test
@Transactional
public void testFindAllSuperiorRoles() {
    // prepare role composition
    IdmRoleDto superior = getHelper().createRole();
    IdmRoleDto subOne = getHelper().createRole();
    IdmRoleDto subTwo = getHelper().createRole();
    IdmRoleDto subOneSub = getHelper().createRole();
    IdmRoleDto subOneSubSub = getHelper().createRole();
    getHelper().createRoleComposition(superior, subOne);
    getHelper().createRoleComposition(superior, subTwo);
    getHelper().createRoleComposition(subOne, subOneSub);
    getHelper().createRoleComposition(subOneSub, subOneSubSub);
    // 
    List<IdmRoleCompositionDto> allSuperiorRoles = service.findAllSuperiorRoles(superior.getId());
    Assert.assertTrue(allSuperiorRoles.isEmpty());
    // 
    allSuperiorRoles = service.findAllSuperiorRoles(subOne.getId());
    Assert.assertEquals(1, allSuperiorRoles.size());
    Assert.assertTrue(allSuperiorRoles.stream().anyMatch(s -> s.getSuperior().equals(superior.getId())));
    // 
    allSuperiorRoles = service.findAllSuperiorRoles(subOneSubSub.getId());
    Assert.assertEquals(3, allSuperiorRoles.size());
    // ordered
    Assert.assertEquals(subOneSub.getId(), allSuperiorRoles.get(0).getSuperior());
    Assert.assertEquals(subOne.getId(), allSuperiorRoles.get(1).getSuperior());
    Assert.assertEquals(superior.getId(), allSuperiorRoles.get(2).getSuperior());
}
Also used : IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) Autowired(org.springframework.beans.factory.annotation.Autowired) ArrayList(java.util.ArrayList) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Before(org.junit.Before) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) Set(java.util.Set) Test(org.junit.Test) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) ObserveRequestProcessor(eu.bcvsolutions.idm.core.model.event.processor.ObserveRequestProcessor) ApplicationContext(org.springframework.context.ApplicationContext) List(java.util.List) EventConfiguration(eu.bcvsolutions.idm.core.api.config.domain.EventConfiguration) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) Ignore(org.junit.Ignore) LocalDate(java.time.LocalDate) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) Assert(org.junit.Assert) Transactional(org.springframework.transaction.annotation.Transactional) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 12 with IdmRoleCompositionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.

the class AddNewRoleCompositionTaskExecutor method getItemsToProcess.

/**
 * Returns superior roles, which should be processed
 */
@Override
public Page<IdmRoleDto> getItemsToProcess(Pageable pageable) {
    IdmRoleCompositionDto roleComposition = roleCompositionService.get(roleCompositionId);
    Assert.notNull(roleComposition, "Role composition is required.");
    // 
    List<IdmRoleDto> superiorRoles = roleCompositionService.findAllSuperiorRoles(roleComposition.getSub()).stream().map(composition -> {
        return DtoUtils.getEmbedded(composition, IdmRoleComposition_.superior, IdmRoleDto.class);
    }).collect(Collectors.toList());
    return new PageImpl<>(superiorRoles);
}
Also used : DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter) Autowired(org.springframework.beans.factory.annotation.Autowired) PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType) IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService) Lists(com.google.common.collect.Lists) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) Map(java.util.Map) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter) Pageable(org.springframework.data.domain.Pageable) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmCheckConcurrentExecution(eu.bcvsolutions.idm.core.scheduler.api.domain.IdmCheckConcurrentExecution) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) ImmutableMap(com.google.common.collect.ImmutableMap) IdmRoleComposition_(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition_) AbstractSchedulableStatefulExecutor(eu.bcvsolutions.idm.core.scheduler.api.service.AbstractSchedulableStatefulExecutor) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) PageRequest(org.springframework.data.domain.PageRequest) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) Collectors(java.util.stream.Collectors) List(java.util.List) Component(org.springframework.stereotype.Component) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) Optional(java.util.Optional) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType) PageImpl(org.springframework.data.domain.PageImpl) ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation) Assert(org.springframework.util.Assert) PageImpl(org.springframework.data.domain.PageImpl) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)

Example 13 with IdmRoleCompositionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.

the class RemoveRoleCompositionTaskExecutorIntegrationTest method testRemoveAssignedRolesWithExceptionOnEnd.

@Test
public void testRemoveAssignedRolesWithExceptionOnEnd() {
    // prepare role composition
    IdmRoleDto superior = getHelper().createRole();
    IdmRoleDto subOne = getHelper().createRole();
    IdmRoleDto subOneSub = getHelper().createRole();
    getHelper().createRoleComposition(superior, subOne);
    IdmRoleCompositionDto subOneSubRoleComposition = getHelper().createRoleComposition(subOne, subOneSub);
    // 
    // assign superior role
    IdmIdentityDto identity = getHelper().createIdentity();
    getHelper().createIdentityRole(identity, superior);
    // 
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(3, assignedRoles.size());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOneSub.getId())));
    // 
    // remove role composition by task with mock service => we want to throw exception
    Mockito.when(mockIdentityRoleService.count(ArgumentMatchers.any(IdmIdentityRoleFilter.class))).thenReturn(1L);
    Mockito.when(mockIdentityRoleService.find(ArgumentMatchers.any(IdmIdentityRoleFilter.class), ArgumentMatchers.isNull())).then(new AssignedRolesAnswer(subOneSubRoleComposition.getId()));
    RemoveRoleCompositionTaskExecutor taskExecutor = new RemoveRoleCompositionTaskExecutor();
    AutowireHelper.autowire(taskExecutor);
    IdmLongRunningTaskDto lrt = longRunningTaskManager.resolveLongRunningTask(taskExecutor, null, OperationState.RUNNING);
    UUID taskId = lrt.getId();
    taskExecutor.setIdentityRoleService(mockIdentityRoleService);
    taskExecutor.setRoleCompositionId(subOneSubRoleComposition.getId());
    // 
    try {
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, true);
        taskExecutor.call();
        getHelper().waitForResult(res -> {
            return longRunningTaskManager.getLongRunningTask(taskId).getResultState().isRunnable();
        });
    } finally {
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, false);
    }
    // 
    // long running task has a proper state with exception
    lrt = longRunningTaskManager.getLongRunningTask(lrt.getId());
    Assert.assertEquals(OperationState.EXCEPTION, lrt.getResultState());
    Assert.assertEquals(CoreResultCode.ROLE_COMPOSITION_REMOVE_HAS_ASSIGNED_ROLES.name(), lrt.getResult().getCode());
    // 
    // start event is ended
    IdmEntityEventFilter eventFilter = new IdmEntityEventFilter();
    eventFilter.setTransactionId(lrt.getTransactionId());
    eventFilter.setEventType(LongRunningTaskEventType.START.name());
    List<IdmEntityEventDto> startEvents = entityEventManager.findEvents(eventFilter, null).getContent();
    Assert.assertEquals(1, startEvents.size());
    Assert.assertEquals(OperationState.EXECUTED, startEvents.get(0).getResult().getState());
    // 
    // business role still exists
    Assert.assertNotNull(roleCompositionService.get(subOneSubRoleComposition));
    // 
    // but assigned roles should be removed
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(2, assignedRoles.size());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
}
Also used : ArgumentMatchers(org.mockito.ArgumentMatchers) IdmEntityEventDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityEventDto) Mock(org.mockito.Mock) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper) Answer(org.mockito.stubbing.Answer) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Lists(com.google.common.collect.Lists) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) LongRunningTaskEventType(eu.bcvsolutions.idm.core.scheduler.api.event.LongRunningTaskEvent.LongRunningTaskEventType) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmEntityEventFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityEventFilter) PageRequest(org.springframework.data.domain.PageRequest) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) Test(org.junit.Test) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) Mockito(org.mockito.Mockito) List(java.util.List) EventConfiguration(eu.bcvsolutions.idm.core.api.config.domain.EventConfiguration) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) Assert(org.junit.Assert) PageImpl(org.springframework.data.domain.PageImpl) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) UUID(java.util.UUID) IdmEntityEventFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityEventFilter) IdmEntityEventDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityEventDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 14 with IdmRoleCompositionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.

the class RemoveRoleCompositionTaskExecutorIntegrationTest method testRemoveAssignedRoles.

@Test
public void testRemoveAssignedRoles() {
    // prepare role composition
    IdmRoleDto superior = getHelper().createRole();
    IdmRoleDto subOne = getHelper().createRole();
    IdmRoleDto subOneSub = getHelper().createRole();
    getHelper().createRoleComposition(superior, subOne);
    IdmRoleCompositionDto subOneSubRoleComposition = getHelper().createRoleComposition(subOne, subOneSub);
    // 
    // assign superior role
    IdmIdentityDto identity = getHelper().createIdentity();
    getHelper().createIdentityRole(identity, superior);
    // 
    List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(3, assignedRoles.size());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOneSub.getId())));
    // 
    // remove role composition by task
    RemoveRoleCompositionTaskExecutor taskExecutor = new RemoveRoleCompositionTaskExecutor();
    taskExecutor.setRoleCompositionId(subOneSubRoleComposition.getId());
    longRunningTaskManager.executeSync(taskExecutor);
    // 
    assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(2, assignedRoles.size());
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(superior.getId())));
    Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> ir.getRole().equals(subOne.getId())));
}
Also used : ArgumentMatchers(org.mockito.ArgumentMatchers) IdmEntityEventDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityEventDto) Mock(org.mockito.Mock) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) Autowired(org.springframework.beans.factory.annotation.Autowired) AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper) Answer(org.mockito.stubbing.Answer) InvocationOnMock(org.mockito.invocation.InvocationOnMock) Lists(com.google.common.collect.Lists) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) LongRunningTaskEventType(eu.bcvsolutions.idm.core.scheduler.api.event.LongRunningTaskEvent.LongRunningTaskEventType) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmEntityEventFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmEntityEventFilter) PageRequest(org.springframework.data.domain.PageRequest) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) Test(org.junit.Test) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) Mockito(org.mockito.Mockito) List(java.util.List) EventConfiguration(eu.bcvsolutions.idm.core.api.config.domain.EventConfiguration) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) Assert(org.junit.Assert) PageImpl(org.springframework.data.domain.PageImpl) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 15 with IdmRoleCompositionDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.

the class CrossDomainAdUserConnectorTypeTest method testRoleInCrossDomainGroupCannotCreateAccountForBusinessRole.

@Test
public void testRoleInCrossDomainGroupCannotCreateAccountForBusinessRole() {
    ConnectorType connectorType = connectorManager.getConnectorType(MockCrossDomainAdUserConnectorType.NAME);
    SysSystemDto systemDto = initSystem(connectorType);
    SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
    filter.setSystemId(systemDto.getId());
    filter.setName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
    List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(filter, null).getContent();
    assertEquals(1, attributes.size());
    SysSystemAttributeMappingDto ldapGroupsAttribute = attributes.stream().findFirst().get();
    // Creates cross-domain group.
    SysSystemGroupDto groupSystemDto = new SysSystemGroupDto();
    groupSystemDto.setCode(getHelper().createName());
    groupSystemDto.setType(SystemGroupType.CROSS_DOMAIN);
    groupSystemDto = systemGroupService.save(groupSystemDto);
    SysSystemGroupSystemDto systemGroupSystemOne = new SysSystemGroupSystemDto();
    systemGroupSystemOne.setSystemGroup(groupSystemDto.getId());
    systemGroupSystemOne.setMergeAttribute(ldapGroupsAttribute.getId());
    systemGroupSystemOne.setSystem(systemDto.getId());
    systemGroupSystemService.save(systemGroupSystemOne);
    // Creates the login role.
    IdmRoleDto loginRole = helper.createRole();
    helper.createRoleSystem(loginRole, systemDto);
    IdmRoleDto parentNoLoginRole = helper.createRole();
    // Creates no-login role.
    IdmRoleDto noLoginRole = helper.createRole();
    SysRoleSystemDto roleSystem = helper.createRoleSystem(noLoginRole, systemDto);
    roleSystem.setCreateAccountByDefault(true);
    roleSystemService.save(roleSystem);
    SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
    roleSystemFilter.setIsInCrossDomainGroupRoleId(noLoginRole.getId());
    roleSystemFilter.setCheckIfIsInCrossDomainGroup(Boolean.TRUE);
    roleSystemFilter.setId(roleSystem.getId());
    List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
    assertEquals(0, roleSystemDtos.size());
    // Creates overridden ldapGroup merge attribute.
    createOverriddenLdapGroupAttribute(ldapGroupsAttribute, roleSystem);
    // Role-system should be in cross-domain group now.
    roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
    assertEquals(1, roleSystemDtos.size());
    SysRoleSystemDto roleSystemDto = roleSystemDtos.stream().findFirst().get();
    assertTrue(roleSystemDto.isInCrossDomainGroup());
    IdmRoleCompositionDto roleComposition = getHelper().createRoleComposition(parentNoLoginRole, noLoginRole);
    IdmIdentityDto identity = getHelper().createIdentity();
    IdmIdentityContractDto contract = getHelper().getPrimeContract(identity.getId());
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setIdentityId(identity.getId());
    identityRoleFilter.setRoleId(noLoginRole.getId());
    assertEquals(0, identityRoleService.count(identityRoleFilter));
    // Assign parent role.
    IdmRoleRequestDto roleRequestDto = getHelper().assignRoles(contract, false, parentNoLoginRole);
    assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
    assertNull(roleRequestDto.getSystemState());
    assertEquals(1, identityRoleService.count(identityRoleFilter));
    AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
    identityAccountFilter.setIdentityId(identity.getId());
    identityAccountFilter.setSystemId(systemDto.getId());
    assertEquals(0, identityAccountService.find(identityAccountFilter, null).getContent().size());
    roleRequestDto = getHelper().assignRoles(contract, false, loginRole);
    assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
    assertNotNull(roleRequestDto.getSystemState());
    assertEquals(1, identityAccountService.find(identityAccountFilter, null).getContent().size());
    // Check if provisioning contains ldapGroups attribute with value ('ONE') from the role.
    SysProvisioningOperationFilter provisioningOperationFilter = new SysProvisioningOperationFilter();
    provisioningOperationFilter.setSystemId(systemDto.getId());
    provisioningOperationFilter.setEntityType(SystemEntityType.IDENTITY);
    provisioningOperationFilter.setEntityIdentifier(identity.getId());
    List<SysProvisioningOperationDto> provisioningOperationDtos = provisioningOperationService.find(provisioningOperationFilter, null).getContent();
    assertEquals(1, provisioningOperationDtos.size());
    SysProvisioningOperationDto provisioningOperationDto = provisioningOperationDtos.stream().findFirst().get();
    ProvisioningAttributeDto provisioningAttributeLdapGroupsDto = provisioningOperationDto.getProvisioningContext().getAccountObject().keySet().stream().filter(provisioningAtt -> MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE.equals(provisioningAtt.getSchemaAttributeName())).findFirst().get();
    assertNotNull(provisioningAttributeLdapGroupsDto);
    Object ldapGroupsValue = provisioningOperationDto.getProvisioningContext().getAccountObject().get(provisioningAttributeLdapGroupsDto);
    assertEquals("ONE", ((List<?>) ldapGroupsValue).get(0));
    // Clean
    provisioningOperationService.deleteOperations(systemDto.getId());
    getHelper().deleteIdentity(identity.getId());
    roleCompositionService.delete(roleComposition);
    getHelper().deleteRole(noLoginRole.getId());
    getHelper().deleteRole(parentNoLoginRole.getId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType) ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType) SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter) SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto) SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter) SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto) ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto) SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto) IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

IdmRoleCompositionDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)47 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)35 Test (org.junit.Test)24 UUID (java.util.UUID)23 List (java.util.List)22 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)21 Autowired (org.springframework.beans.factory.annotation.Autowired)21 IdmRoleCompositionService (eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)20 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)19 IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)18 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)16 Set (java.util.Set)16 IdmRoleService (eu.bcvsolutions.idm.core.api.service.IdmRoleService)15 Assert (org.junit.Assert)15 Transactional (org.springframework.transaction.annotation.Transactional)15 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)14 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)13 IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)13 ArrayList (java.util.ArrayList)13 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)12