Example 16 with IdmRoleCompositionDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class IdmIdentityRoleControllerRestTest method testFindByRoleComposition.
@Test
public void testFindByRoleComposition() {
IdmRoleDto roleOne = getHelper().createRole();
IdmRoleDto roleTwo = getHelper().createRole();
IdmRoleDto roleThree = getHelper().createRole();
//
IdmRoleCompositionDto roleCompositionOne = getHelper().createRoleComposition(roleOne, roleTwo);
getHelper().createRoleComposition(roleTwo, roleThree);
//
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmIdentityRoleDto directRole = getHelper().createIdentityRole(identity, roleOne);
//
IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
filter.setIdentityId(identity.getId());
filter.setRoleCompositionId(roleCompositionOne.getId());
List<IdmIdentityRoleDto> results = find(filter);
//
Assert.assertEquals(1, results.size());
Assert.assertTrue(results.stream().anyMatch(ir -> ir.getDirectRole().equals(directRole.getId()) && ir.getRole().equals(roleTwo.getId())));
}
Also used :
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdentityRoleByRoleEvaluator(eu.bcvsolutions.idm.core.security.evaluator.identity.IdentityRoleByRoleEvaluator)
AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
AbstractReadWriteDtoController(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoController)
IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole)
RoleBasePermission(eu.bcvsolutions.idm.core.security.api.domain.RoleBasePermission)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
RoleCanBeRequestedEvaluator(eu.bcvsolutions.idm.core.security.evaluator.role.RoleCanBeRequestedEvaluator)
IdmRoleCatalogueDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCatalogueDto)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Set(java.util.Set)
Test(org.junit.Test)
RoleConfiguration(eu.bcvsolutions.idm.core.api.config.domain.RoleConfiguration)
ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap)
IdmContractPositionDto(eu.bcvsolutions.idm.core.api.dto.IdmContractPositionDto)
List(java.util.List)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Ignore(org.junit.Ignore)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
LocalDate(java.time.LocalDate)
IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
Assert(org.junit.Assert)
IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
AbstractReadWriteDtoControllerRestTest(eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)
Test(org.junit.Test)
Example 17 with IdmRoleCompositionDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class CrossDomainAdUserConnectorTypeTest method testRoleInCrossDomainGroupProvisioningForBusinessRole.
@Test
public void testRoleInCrossDomainGroupProvisioningForBusinessRole() {
ConnectorType connectorType = connectorManager.getConnectorType(MockCrossDomainAdUserConnectorType.NAME);
SysSystemDto systemDto = initSystem(connectorType);
SysSystemAttributeMappingFilter filter = new SysSystemAttributeMappingFilter();
filter.setSystemId(systemDto.getId());
filter.setName(MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE);
List<SysSystemAttributeMappingDto> attributes = attributeMappingService.find(filter, null).getContent();
assertEquals(1, attributes.size());
SysSystemAttributeMappingDto ldapGroupsAttribute = attributes.stream().findFirst().get();
// Creates cross-domain group.
SysSystemGroupDto groupSystemDto = new SysSystemGroupDto();
groupSystemDto.setCode(getHelper().createName());
groupSystemDto.setType(SystemGroupType.CROSS_DOMAIN);
groupSystemDto = systemGroupService.save(groupSystemDto);
SysSystemGroupSystemDto systemGroupSystemOne = new SysSystemGroupSystemDto();
systemGroupSystemOne.setSystemGroup(groupSystemDto.getId());
systemGroupSystemOne.setMergeAttribute(ldapGroupsAttribute.getId());
systemGroupSystemOne.setSystem(systemDto.getId());
systemGroupSystemService.save(systemGroupSystemOne);
// Creates the login role.
IdmRoleDto loginRole = helper.createRole();
helper.createRoleSystem(loginRole, systemDto);
IdmRoleDto parentNoLoginRole = helper.createRole();
// Creates no-login role.
IdmRoleDto noLoginRole = helper.createRole();
SysRoleSystemDto roleSystem = helper.createRoleSystem(noLoginRole, systemDto);
roleSystem.setCreateAccountByDefault(true);
roleSystemService.save(roleSystem);
SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
roleSystemFilter.setIsInCrossDomainGroupRoleId(noLoginRole.getId());
roleSystemFilter.setCheckIfIsInCrossDomainGroup(Boolean.TRUE);
roleSystemFilter.setId(roleSystem.getId());
List<SysRoleSystemDto> roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(0, roleSystemDtos.size());
// Creates overridden ldapGroup merge attribute.
createOverriddenLdapGroupAttribute(ldapGroupsAttribute, roleSystem);
// Role-system should be in cross-domain group now.
roleSystemDtos = roleSystemService.find(roleSystemFilter, null).getContent();
assertEquals(1, roleSystemDtos.size());
SysRoleSystemDto roleSystemDto = roleSystemDtos.stream().findFirst().get();
assertTrue(roleSystemDto.isInCrossDomainGroup());
IdmRoleCompositionDto roleComposition = getHelper().createRoleComposition(parentNoLoginRole, noLoginRole);
IdmIdentityDto identity = getHelper().createIdentity();
IdmIdentityContractDto contract = getHelper().getPrimeContract(identity.getId());
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setIdentityId(identity.getId());
identityRoleFilter.setRoleId(noLoginRole.getId());
assertEquals(0, identityRoleService.count(identityRoleFilter));
AccIdentityAccountFilter identityAccountFilter = new AccIdentityAccountFilter();
identityAccountFilter.setIdentityId(identity.getId());
identityAccountFilter.setSystemId(systemDto.getId());
assertEquals(0, identityAccountService.find(identityAccountFilter, null).getContent().size());
IdmRoleRequestDto roleRequestDto = getHelper().assignRoles(contract, false, loginRole);
assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
assertNotNull(roleRequestDto.getSystemState());
assertEquals(1, identityAccountService.find(identityAccountFilter, null).getContent().size());
// Check if provisioning NOT contains ldapGroups attribute with value ('ONE') from the role.
SysProvisioningOperationFilter provisioningOperationFilter = new SysProvisioningOperationFilter();
provisioningOperationFilter.setSystemId(systemDto.getId());
provisioningOperationFilter.setEntityType(SystemEntityType.IDENTITY);
provisioningOperationFilter.setEntityIdentifier(identity.getId());
List<SysProvisioningOperationDto> provisioningOperationDtos = provisioningOperationService.find(provisioningOperationFilter, null).getContent();
assertEquals(1, provisioningOperationDtos.size());
SysProvisioningOperationDto provisioningOperationDto = provisioningOperationDtos.stream().findFirst().get();
ProvisioningAttributeDto provisioningAttributeLdapGroupsDto = provisioningOperationDto.getProvisioningContext().getAccountObject().keySet().stream().filter(provisioningAtt -> MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE.equals(provisioningAtt.getSchemaAttributeName())).findFirst().get();
assertNotNull(provisioningAttributeLdapGroupsDto);
Object ldapGroupsValue = provisioningOperationDto.getProvisioningContext().getAccountObject().get(provisioningAttributeLdapGroupsDto);
assertEquals(0, ((List<?>) ldapGroupsValue).size());
// Delete old provisioning.
provisioningOperationService.delete(provisioningOperationDto);
// Assign parent role.
roleRequestDto = getHelper().assignRoles(contract, false, parentNoLoginRole);
assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
assertNotNull(roleRequestDto.getSystemState());
// Check if provisioning contains ldapGroups attribute with value ('ONE') from the role.
provisioningOperationFilter = new SysProvisioningOperationFilter();
provisioningOperationFilter.setSystemId(systemDto.getId());
provisioningOperationFilter.setEntityType(SystemEntityType.IDENTITY);
provisioningOperationFilter.setEntityIdentifier(identity.getId());
provisioningOperationDtos = provisioningOperationService.find(provisioningOperationFilter, null).getContent();
assertEquals(1, provisioningOperationDtos.size());
provisioningOperationDto = provisioningOperationDtos.stream().findFirst().get();
provisioningAttributeLdapGroupsDto = provisioningOperationDto.getProvisioningContext().getAccountObject().keySet().stream().filter(provisioningAtt -> MockCrossDomainAdUserConnectorType.LDAP_GROUPS_ATTRIBUTE.equals(provisioningAtt.getSchemaAttributeName())).findFirst().get();
assertNotNull(provisioningAttributeLdapGroupsDto);
ldapGroupsValue = provisioningOperationDto.getProvisioningContext().getAccountObject().get(provisioningAttributeLdapGroupsDto);
assertEquals("ONE", ((List<?>) ldapGroupsValue).get(0));
assertEquals(1, identityRoleService.count(identityRoleFilter));
// Clean
provisioningOperationService.deleteOperations(systemDto.getId());
getHelper().deleteIdentity(identity.getId());
roleCompositionService.delete(roleComposition);
getHelper().deleteRole(noLoginRole.getId());
getHelper().deleteRole(parentNoLoginRole.getId());
}
Also used :
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
SysSchemaAttributeDto(eu.bcvsolutions.idm.acc.dto.SysSchemaAttributeDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
GuardedString(org.identityconnectors.common.security.GuardedString)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
SysRoleSystemService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemService)
After(org.junit.After)
SecurityUtil(org.identityconnectors.common.security.SecurityUtil)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
SysProvisioningOperationService(eu.bcvsolutions.idm.acc.service.api.SysProvisioningOperationService)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
SysSchemaObjectClassDto(eu.bcvsolutions.idm.acc.dto.SysSchemaObjectClassDto)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
StandardCharsets(java.nio.charset.StandardCharsets)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
List(java.util.List)
AccAccountService(eu.bcvsolutions.idm.acc.service.api.AccAccountService)
ConnectorManager(eu.bcvsolutions.idm.acc.service.api.ConnectorManager)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
Assert.assertFalse(org.junit.Assert.assertFalse)
AccIdentityAccountService(eu.bcvsolutions.idm.acc.service.api.AccIdentityAccountService)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
SysSchemaObjectClassService(eu.bcvsolutions.idm.acc.service.api.SysSchemaObjectClassService)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IcConnectorConfiguration(eu.bcvsolutions.idm.ic.api.IcConnectorConfiguration)
ProvisioningEventType(eu.bcvsolutions.idm.acc.domain.ProvisioningEventType)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
MessageFormat(java.text.MessageFormat)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
IcObjectClassInfo(eu.bcvsolutions.idm.ic.api.IcObjectClassInfo)
SystemEntityType(eu.bcvsolutions.idm.acc.domain.SystemEntityType)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IcConfigurationProperty(eu.bcvsolutions.idm.ic.api.IcConfigurationProperty)
IcConnectorObjectImpl(eu.bcvsolutions.idm.ic.impl.IcConnectorObjectImpl)
IcObjectClass(eu.bcvsolutions.idm.ic.api.IcObjectClass)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
ConnectorTypeDto(eu.bcvsolutions.idm.acc.dto.ConnectorTypeDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IcAttributeImpl(eu.bcvsolutions.idm.ic.impl.IcAttributeImpl)
SysSystemGroupSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupSystemService)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
IcAttributeInfo(eu.bcvsolutions.idm.ic.api.IcAttributeInfo)
Before(org.junit.Before)
SysRoleSystemAttributeService(eu.bcvsolutions.idm.acc.service.api.SysRoleSystemAttributeService)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
Assert.assertNotNull(org.junit.Assert.assertNotNull)
SysSystemService(eu.bcvsolutions.idm.acc.service.api.SysSystemService)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
Assert.assertTrue(org.junit.Assert.assertTrue)
RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState)
Test(org.junit.Test)
IcAttribute(eu.bcvsolutions.idm.ic.api.IcAttribute)
SysSystemGroupService(eu.bcvsolutions.idm.acc.service.api.SysSystemGroupService)
SysRoleSystemAttributeDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemAttributeDto)
SysSchemaAttributeService(eu.bcvsolutions.idm.acc.service.api.SysSchemaAttributeService)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SystemGroupType(eu.bcvsolutions.idm.acc.domain.SystemGroupType)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Assert.assertNull(org.junit.Assert.assertNull)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
TestHelper(eu.bcvsolutions.idm.acc.TestHelper)
Comparator(java.util.Comparator)
SysSystemAttributeMappingService(eu.bcvsolutions.idm.acc.service.api.SysSystemAttributeMappingService)
Assert.assertEquals(org.junit.Assert.assertEquals)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
MockCrossDomainAdUserConnectorType(eu.bcvsolutions.idm.acc.service.impl.mock.MockCrossDomainAdUserConnectorType)
ConnectorType(eu.bcvsolutions.idm.acc.service.api.ConnectorType)
SysSystemAttributeMappingFilter(eu.bcvsolutions.idm.acc.dto.filter.SysSystemAttributeMappingFilter)
SysSystemGroupDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupDto)
SysProvisioningOperationFilter(eu.bcvsolutions.idm.acc.dto.filter.SysProvisioningOperationFilter)
SysSystemAttributeMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemAttributeMappingDto)
ProvisioningAttributeDto(eu.bcvsolutions.idm.acc.dto.ProvisioningAttributeDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
SysSystemGroupSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemGroupSystemDto)
SysRoleSystemFilter(eu.bcvsolutions.idm.acc.dto.filter.SysRoleSystemFilter)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
SysRoleSystemDto(eu.bcvsolutions.idm.acc.dto.SysRoleSystemDto)
IcConnectorObject(eu.bcvsolutions.idm.ic.api.IcConnectorObject)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
SysProvisioningOperationDto(eu.bcvsolutions.idm.acc.dto.SysProvisioningOperationDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Example 18 with IdmRoleCompositionDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class RoleExportBulkAction method exportBusinessRoles.
/**
* Export business roles for given role.
*
* @param role
*/
private void exportBusinessRoles(IdmRoleDto role) {
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setRoleId(role.getId());
List<IdmRoleCompositionDto> compositions = roleCompositionService.find(compositionFilter, null).getContent();
if (compositions.isEmpty()) {
roleCompositionService.export(ExportManager.BLANK_UUID, this.getBatch());
}
compositions.forEach(composition -> {
roleCompositionService.export(composition.getId(), this.getBatch());
});
// Set parent fields -> set authoritative mode. Here are two parent fields!
Set<String> parents = new LinkedHashSet<>();
parents.add(IdmRoleComposition_.superior.getName());
parents.add(IdmRoleComposition_.sub.getName());
this.getExportManager().setAuthoritativeMode(parents, IdmRoleCompositionFilter.PARAMETER_ROLE_ID, IdmRoleCompositionDto.class, this.getBatch());
}
Also used :
LinkedHashSet(java.util.LinkedHashSet)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Example 19 with IdmRoleCompositionDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionService method findAllSubRoles.
@Override
@SuppressWarnings({ "unchecked", "rawtypes" })
public List<IdmRoleCompositionDto> findAllSubRoles(UUID superiorId, BasePermission... permission) {
Assert.notNull(superiorId, "Superior role identifier is required.");
//
ValueWrapper value = cacheManager.getValue(ALL_SUB_ROLES_CACHE_NAME, superiorId);
if (value != null) {
// never null
return (List) value.get();
}
//
List<IdmRoleCompositionDto> results = new ArrayList<>();
findAllSubRoles(results, new ArrayList<>(), superiorId, permission);
cacheManager.cacheValue(ALL_SUB_ROLES_CACHE_NAME, superiorId, results);
//
return results;
}
Also used :
ValueWrapper(eu.bcvsolutions.idm.core.api.config.cache.domain.ValueWrapper)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
Example 20 with IdmRoleCompositionDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionService method assignSubRoles.
/**
* @Transactional is not needed - (asynchronous) events is thrown for every sub role anyway ...
* Can be called repetitively for given identity role => checks or creates missing sub roles by composition.
*/
@Override
@SuppressWarnings("unchecked")
public void assignSubRoles(EntityEvent<IdmIdentityRoleDto> event, UUID roleCompositionId, BasePermission... permission) {
Assert.notNull(event, "Event is required.");
IdmIdentityRoleDto identityRole = event.getContent();
Assert.notNull(identityRole, "Identity role identifier is required.");
// find direct sub roles
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSuperiorId(identityRole.getRole());
compositionFilter.setId(roleCompositionId);
//
List<IdmRoleCompositionDto> directSubRoles = find(compositionFilter, null, permission).getContent();
LOG.debug("Assign sub roles [{}] for identity role [{}], role [{}]", directSubRoles.size(), identityRole.getId(), identityRole.getRole());
//
Map<String, Serializable> props = resolveProperties(event);
Set<UUID> processedRoles = (Set<UUID>) props.get(IdentityRoleEvent.PROPERTY_PROCESSED_ROLES);
processedRoles.add(identityRole.getRole());
//
directSubRoles.forEach(subRoleComposition -> {
IdmRoleDto subRole = DtoUtils.getEmbedded(subRoleComposition, IdmRoleComposition_.sub);
if (processedRoles.contains(subRole.getId())) {
LOG.debug("Role [{}] was already processed by other business role composition - cycle, skipping", subRole.getCode());
} else {
// try to find currently assigned subrole by this configuration (return operation)
IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
filter.setRoleCompositionId(subRoleComposition.getId());
filter.setDirectRoleId(identityRole.getDirectRole() == null ? identityRole.getId() : identityRole.getDirectRole());
if (identityRoleService.find(filter, null).getTotalElements() > 0) {
LOG.debug("Role [{}] was already processed by other business role composition - cycle, skipping", subRole.getCode());
} else {
//
IdmIdentityRoleDto subIdentityRole = new IdmIdentityRoleDto();
subIdentityRole.setRole(subRole.getId());
subIdentityRole.getEmbedded().put(IdmIdentityRoleDto.PROPERTY_ROLE, subRole);
subIdentityRole.setIdentityContract(identityRole.getIdentityContract());
subIdentityRole.setContractPosition(identityRole.getContractPosition());
subIdentityRole.getEmbedded().put(IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT, identityRole.getEmbedded().get(IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT));
subIdentityRole.setValidFrom(identityRole.getValidFrom());
subIdentityRole.setValidTill(identityRole.getValidTill());
subIdentityRole.setDirectRole(identityRole.getDirectRole() == null ? identityRole.getId() : identityRole.getDirectRole());
subIdentityRole.setRoleComposition(subRoleComposition.getId());
//
processedRoles.add(subRole.getId());
IdentityRoleEvent subEvent = new IdentityRoleEvent(IdentityRoleEventType.CREATE, subIdentityRole, props);
//
identityRoleService.publish(subEvent, event, permission);
// Notes new created assigned role to parent event
IdmIdentityRoleDto subContent = subEvent.getContent();
notingAssignedRole(event, subEvent, subContent, IdentityRoleEvent.PROPERTY_ASSIGNED_NEW_ROLES);
}
}
});
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent)
Serializable(java.io.Serializable)
HashSet(java.util.HashSet)
Set(java.util.Set)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
UUID(java.util.UUID)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Aggregations
IdmRoleCompositionDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)47
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)35
Test (org.junit.Test)24
UUID (java.util.UUID)23
List (java.util.List)22
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)21
Autowired (org.springframework.beans.factory.annotation.Autowired)21
IdmRoleCompositionService (eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)20
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)19
IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)18
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)16
Set (java.util.Set)16
IdmRoleService (eu.bcvsolutions.idm.core.api.service.IdmRoleService)15
Assert (org.junit.Assert)15
Transactional (org.springframework.transaction.annotation.Transactional)15
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)14
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)13
IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)13
ArrayList (java.util.ArrayList)13
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)12
