Example 1 with IdmRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class InitDemoData method init.
protected void init() {
// we need to be ensured admin and and admin role exists.
initApplicationData.init();
//
securityService.setSystemAuthentication();
//
try {
IdmIdentityDto identityAdmin = this.identityService.getByUsername(InitApplicationData.ADMIN_USERNAME);
//
Page<IdmTreeNodeDto> rootsList = treeNodeService.findRoots((UUID) null, new PageRequest(0, 1));
IdmTreeNodeDto rootOrganization = null;
if (!rootsList.getContent().isEmpty()) {
rootOrganization = rootsList.getContent().get(0);
} else {
IdmTreeNodeDto organizationRoot = new IdmTreeNodeDto();
organizationRoot.setCode("root");
organizationRoot.setName("Organization ROOT");
organizationRoot.setTreeType(treeTypeService.getByCode(InitApplicationData.DEFAULT_TREE_TYPE).getId());
organizationRoot = this.treeNodeService.save(organizationRoot);
}
//
if (!configurationService.getBooleanValue(PARAMETER_DEMO_DATA_CREATED, false)) {
LOG.info("Creating demo data ...");
//
// create default password policy for validate
IdmPasswordPolicyDto passValidate = null;
try {
passValidate = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.VALIDATE);
} catch (ResultCodeException e) {
// nothing, password policy for validate not exist
}
// default password policy not exist, try to found by name
if (passValidate == null) {
passValidate = this.passwordPolicyService.findOneByName("DEFAULT_VALIDATE_POLICY");
}
// if password policy still not exist create default password policy
if (passValidate == null) {
passValidate = new IdmPasswordPolicyDto();
passValidate.setName("DEFAULT_VALIDATE_POLICY");
passValidate.setDefaultPolicy(true);
passValidate.setType(IdmPasswordPolicyType.VALIDATE);
passwordPolicyService.save(passValidate);
}
//
// create default password policy for generate
IdmPasswordPolicyDto passGenerate = null;
try {
passGenerate = this.passwordPolicyService.getDefaultPasswordPolicy(IdmPasswordPolicyType.GENERATE);
} catch (ResultCodeException e) {
// nothing, password policy for generate password not exist
}
// try to found password policy by name
if (passGenerate == null) {
passGenerate = this.passwordPolicyService.findOneByName("DEFAULT_GENERATE_POLICY");
}
// if still not exist create default generate password policy
if (passGenerate == null) {
passGenerate = new IdmPasswordPolicyDto();
passGenerate.setName("DEFAULT_GENERATE_POLICY");
passGenerate.setDefaultPolicy(true);
passGenerate.setType(IdmPasswordPolicyType.GENERATE);
passGenerate.setMinLowerChar(2);
passGenerate.setMinNumber(2);
passGenerate.setMinSpecialChar(2);
passGenerate.setMinUpperChar(2);
passGenerate.setMinPasswordLength(8);
passGenerate.setMaxPasswordLength(12);
passwordPolicyService.save(passGenerate);
}
//
// role may exists from another module initialization
IdmRoleDto role1 = this.roleService.getByCode(DEFAULT_ROLE_NAME);
if (role1 == null) {
role1 = new IdmRoleDto();
role1.setName(DEFAULT_ROLE_NAME);
role1 = this.roleService.save(role1);
}
// self policy
IdmAuthorizationPolicyDto selfPolicy = new IdmAuthorizationPolicyDto();
selfPolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE, IdmBasePermission.READ, IdentityBasePermission.PASSWORDCHANGE, IdentityBasePermission.CHANGEPERMISSION);
selfPolicy.setRole(role1.getId());
selfPolicy.setGroupPermission(CoreGroupPermission.IDENTITY.getName());
selfPolicy.setAuthorizableType(IdmIdentity.class.getCanonicalName());
selfPolicy.setEvaluator(SelfIdentityEvaluator.class);
authorizationPolicyService.save(selfPolicy);
// read identity roles by identity
IdmAuthorizationPolicyDto identityRolePolicy = new IdmAuthorizationPolicyDto();
identityRolePolicy.setRole(role1.getId());
identityRolePolicy.setGroupPermission(CoreGroupPermission.IDENTITYROLE.getName());
identityRolePolicy.setAuthorizableType(IdmIdentityRole.class.getCanonicalName());
identityRolePolicy.setEvaluator(IdentityRoleByIdentityEvaluator.class);
authorizationPolicyService.save(identityRolePolicy);
// read identity contracts by identity
IdmAuthorizationPolicyDto identityContractPolicy = new IdmAuthorizationPolicyDto();
identityContractPolicy.setRole(role1.getId());
identityContractPolicy.setGroupPermission(CoreGroupPermission.IDENTITYCONTRACT.getName());
identityContractPolicy.setAuthorizableType(IdmIdentityContract.class.getCanonicalName());
identityContractPolicy.setEvaluator(IdentityContractByIdentityEvaluator.class);
authorizationPolicyService.save(identityContractPolicy);
// read contract guarantees by identity contract
IdmAuthorizationPolicyDto contractGuaranteePolicy = new IdmAuthorizationPolicyDto();
contractGuaranteePolicy.setRole(role1.getId());
contractGuaranteePolicy.setGroupPermission(CoreGroupPermission.CONTRACTGUARANTEE.getName());
contractGuaranteePolicy.setAuthorizableType(IdmContractGuarantee.class.getCanonicalName());
contractGuaranteePolicy.setEvaluator(ContractGuaranteeByIdentityContractEvaluator.class);
authorizationPolicyService.save(contractGuaranteePolicy);
// only autocomplete roles that can be requested
IdmAuthorizationPolicyDto applyForPolicy = new IdmAuthorizationPolicyDto();
applyForPolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
applyForPolicy.setRole(role1.getId());
applyForPolicy.setGroupPermission(CoreGroupPermission.ROLE.getName());
applyForPolicy.setAuthorizableType(IdmRole.class.getCanonicalName());
applyForPolicy.setEvaluator(RoleCanBeRequestedEvaluator.class);
authorizationPolicyService.save(applyForPolicy);
// role requests by identity
IdmAuthorizationPolicyDto roleRequestByIdentityPolicy = new IdmAuthorizationPolicyDto();
roleRequestByIdentityPolicy.setRole(role1.getId());
roleRequestByIdentityPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
roleRequestByIdentityPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
roleRequestByIdentityPolicy.setEvaluator(RoleRequestByIdentityEvaluator.class);
authorizationPolicyService.save(roleRequestByIdentityPolicy);
// self role requests
IdmAuthorizationPolicyDto selfRoleRequestPolicy = new IdmAuthorizationPolicyDto();
selfRoleRequestPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE, IdmBasePermission.CREATE, IdmBasePermission.DELETE);
selfRoleRequestPolicy.setRole(role1.getId());
selfRoleRequestPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
selfRoleRequestPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
selfRoleRequestPolicy.setEvaluator(SelfRoleRequestEvaluator.class);
authorizationPolicyService.save(selfRoleRequestPolicy);
// role rerquests in approval
IdmAuthorizationPolicyDto roleRequestByWfPolicy = new IdmAuthorizationPolicyDto();
roleRequestByWfPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.UPDATE);
roleRequestByWfPolicy.setRole(role1.getId());
roleRequestByWfPolicy.setGroupPermission(CoreGroupPermission.ROLEREQUEST.getName());
roleRequestByWfPolicy.setAuthorizableType(IdmRoleRequest.class.getCanonicalName());
roleRequestByWfPolicy.setEvaluator(RoleRequestByWfInvolvedIdentityEvaluator.class);
authorizationPolicyService.save(roleRequestByWfPolicy);
// tree node - autocomplete
IdmAuthorizationPolicyDto treeNodePolicy = new IdmAuthorizationPolicyDto();
treeNodePolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
treeNodePolicy.setRole(role1.getId());
treeNodePolicy.setGroupPermission(CoreGroupPermission.TREENODE.getName());
treeNodePolicy.setAuthorizableType(IdmTreeNode.class.getCanonicalName());
treeNodePolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(treeNodePolicy);
// tree type - autocomplete all
IdmAuthorizationPolicyDto treeTypePolicy = new IdmAuthorizationPolicyDto();
treeTypePolicy.setPermissions(IdmBasePermission.AUTOCOMPLETE);
treeTypePolicy.setRole(role1.getId());
treeTypePolicy.setGroupPermission(CoreGroupPermission.TREETYPE.getName());
treeTypePolicy.setAuthorizableType(IdmTreeType.class.getCanonicalName());
treeTypePolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(treeTypePolicy);
// workflow task read and execute
IdmAuthorizationPolicyDto workflowTaskPolicy = new IdmAuthorizationPolicyDto();
workflowTaskPolicy.setPermissions(IdmBasePermission.READ, IdmBasePermission.EXECUTE);
workflowTaskPolicy.setRole(role1.getId());
workflowTaskPolicy.setGroupPermission(CoreGroupPermission.WORKFLOWTASK.getName());
workflowTaskPolicy.setEvaluator(BasePermissionEvaluator.class);
authorizationPolicyService.save(workflowTaskPolicy);
//
LOG.info(MessageFormat.format("Role created [id: {0}]", role1.getId()));
//
IdmRoleDto role2 = new IdmRoleDto();
role2.setName("customRole");
// TODO: subroles are disabled for now
// List<IdmRoleComposition> subRoles = new ArrayList<>();
// subRoles.add(new IdmRoleComposition(role2, superAdminRole));
// role2.setSubRoles(subRoles);
role2 = this.roleService.save(role2);
LOG.info(MessageFormat.format("Role created [id: {0}]", role2.getId()));
//
IdmRoleDto roleManager = new IdmRoleDto();
roleManager.setName("manager");
roleManager = this.roleService.save(roleManager);
LOG.info(MessageFormat.format("Role created [id: {0}]", roleManager.getId()));
//
//
IdmIdentityDto identity = new IdmIdentityDto();
identity.setUsername("tomiska");
identity.setPassword(new GuardedString("heslo"));
identity.setFirstName("Radek");
identity.setLastName("Tomiška");
identity.setEmail("radek.tomiska@bcvsolutions.eu");
identity = this.identityService.save(identity);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity.getId()));
//
// create prime contract
IdmIdentityContractDto identityContract = identityContractService.getPrimeContract(identity.getId());
if (identityContract == null) {
identityContract = identityContractService.prepareMainContract(identity.getId());
identityContract = identityContractService.save(identityContract);
}
//
IdmIdentityRoleDto identityRole1 = new IdmIdentityRoleDto();
identityRole1.setIdentityContract(identityContract.getId());
identityRole1.setRole(role1.getId());
identityRole1 = identityRoleService.save(identityRole1);
//
IdmIdentityRoleDto identityRole2 = new IdmIdentityRoleDto();
identityRole2.setIdentityContract(identityContract.getId());
identityRole2.setRole(role2.getId());
identityRole2 = identityRoleService.save(identityRole2);
//
IdmIdentityDto identity2 = new IdmIdentityDto();
identity2.setUsername("svanda");
identity2.setFirstName("Vít");
identity2.setPassword(new GuardedString("heslo"));
identity2.setLastName("Švanda");
identity2.setEmail("vit.svanda@bcvsolutions.eu");
identity2 = this.identityService.save(identity2);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity2.getId()));
//
IdmIdentityDto identity3 = new IdmIdentityDto();
identity3.setUsername("kopr");
identity3.setFirstName("Ondrej");
identity3.setPassword(new GuardedString("heslo"));
identity3.setLastName("Kopr");
identity3.setEmail("ondrej.kopr@bcvsolutions.eu");
identity3 = this.identityService.save(identity3);
LOG.info(MessageFormat.format("Identity created [id: {0}]", identity3.getId()));
//
// get tree type for organization
IdmTreeTypeDto treeType = treeTypeService.getByCode(InitApplicationData.DEFAULT_TREE_TYPE);
//
IdmTreeNodeDto organization1 = new IdmTreeNodeDto();
organization1.setCode("one");
organization1.setName("Organization One");
organization1.setParent(rootOrganization.getId());
organization1.setTreeType(treeType.getId());
organization1 = this.treeNodeService.save(organization1);
//
IdmTreeNodeDto organization2 = new IdmTreeNodeDto();
organization2.setCode("two");
organization2.setName("Organization Two");
organization2.setCreator("ja");
organization2.setParent(rootOrganization.getId());
organization2.setTreeType(treeType.getId());
organization2 = this.treeNodeService.save(organization2);
//
IdmIdentityContractDto identityWorkPosition = new IdmIdentityContractDto();
identityWorkPosition.setIdentity(identityAdmin.getId());
identityWorkPosition.setWorkPosition(organization2.getId());
identityWorkPosition = identityContractService.save(identityWorkPosition);
IdmContractGuaranteeDto contractGuarantee = new IdmContractGuaranteeDto();
contractGuarantee.setIdentityContract(identityWorkPosition.getId());
contractGuarantee.setGuarantee(identity2.getId());
contractGuaranteeService.save(contractGuarantee);
//
LOG.info("Demo data was created.");
//
configurationService.setBooleanValue(PARAMETER_DEMO_DATA_CREATED, true);
//
// demo eav identity form
IdmFormAttributeDto letter = new IdmFormAttributeDto();
letter.setCode("letter");
letter.setName("Favorite letter");
letter.setPlaceholder("Character");
letter.setDescription("Some favorite character");
letter.setPersistentType(PersistentType.CHAR);
letter.setRequired(true);
letter = formService.saveAttribute(IdmIdentity.class, letter);
IdmFormAttributeDto phone = new IdmFormAttributeDto();
phone.setCode(FORM_ATTRIBUTE_PHONE);
phone.setName("Phone");
phone.setDescription("Additional identitiy's phone");
phone.setPersistentType(PersistentType.TEXT);
phone = formService.saveAttribute(IdmIdentity.class, phone);
IdmFormAttributeDto description = new IdmFormAttributeDto();
description.setCode("description");
description.setName("Description");
description.setDescription("Some longer optional text (2000 characters)");
description.setPersistentType(PersistentType.TEXT);
description.setFaceType(BaseFaceType.TEXTAREA);
description = formService.saveAttribute(IdmIdentity.class, description);
IdmFormAttributeDto rich = new IdmFormAttributeDto();
rich.setCode("rich");
rich.setName("RichText");
rich.setDescription("Some rich text (2000 characters)");
rich.setPersistentType(PersistentType.TEXT);
description.setFaceType(BaseFaceType.RICHTEXTAREA);
rich = formService.saveAttribute(IdmIdentity.class, rich);
IdmFormAttributeDto sure = new IdmFormAttributeDto();
sure.setCode("sure");
sure.setName("Registration");
sure.setPersistentType(PersistentType.BOOLEAN);
sure.setDefaultValue(Boolean.TRUE.toString());
sure = formService.saveAttribute(IdmIdentity.class, sure);
IdmFormAttributeDto intNumber = new IdmFormAttributeDto();
intNumber.setCode("intNumber");
intNumber.setName("Int number");
intNumber.setPersistentType(PersistentType.INT);
intNumber = formService.saveAttribute(IdmIdentity.class, intNumber);
IdmFormAttributeDto longNumber = new IdmFormAttributeDto();
longNumber.setCode("longNumber");
longNumber.setName("Long number");
longNumber.setPersistentType(PersistentType.LONG);
longNumber = formService.saveAttribute(IdmIdentity.class, longNumber);
IdmFormAttributeDto doubleNumber = new IdmFormAttributeDto();
doubleNumber.setCode("doubleNumber");
doubleNumber.setName("Double number");
doubleNumber.setPersistentType(PersistentType.DOUBLE);
doubleNumber = formService.saveAttribute(IdmIdentity.class, doubleNumber);
IdmFormAttributeDto currency = new IdmFormAttributeDto();
currency.setCode("currency");
currency.setName("Price");
currency.setPersistentType(PersistentType.DOUBLE);
currency.setFaceType(BaseFaceType.CURRENCY);
currency = formService.saveAttribute(IdmIdentity.class, currency);
IdmFormAttributeDto date = new IdmFormAttributeDto();
date.setCode("date");
date.setName("Date");
date.setPersistentType(PersistentType.DATE);
date.setRequired(true);
date.setDescription("Important date");
date = formService.saveAttribute(IdmIdentity.class, date);
IdmFormAttributeDto datetime = new IdmFormAttributeDto();
datetime.setCode(FORM_ATTRIBUTE_DATETIME);
datetime.setName("Date and time");
datetime.setPersistentType(PersistentType.DATETIME);
datetime = formService.saveAttribute(IdmIdentity.class, datetime);
IdmFormAttributeDto uuid = new IdmFormAttributeDto();
uuid.setCode(FORM_ATTRIBUTE_UUID);
uuid.setName("UUID");
uuid.setDescription("Some uuid value");
uuid.setPersistentType(PersistentType.UUID);
uuid = formService.saveAttribute(IdmIdentity.class, uuid);
IdmFormAttributeDto webPages = new IdmFormAttributeDto();
webPages.setCode(FORM_ATTRIBUTE_WWW);
webPages.setName("WWW");
webPages.setDescription("Favorite web pages (every line in new value)");
webPages.setPersistentType(PersistentType.TEXT);
webPages.setMultiple(true);
webPages = formService.saveAttribute(IdmIdentity.class, webPages);
IdmFormAttributeDto password = new IdmFormAttributeDto();
password.setCode(FORM_ATTRIBUTE_PASSWORD);
password.setName("Custom password");
password.setPersistentType(PersistentType.TEXT);
password.setConfidential(true);
password.setDescription("Test password");
password = formService.saveAttribute(IdmIdentity.class, password);
IdmFormAttributeDto byteArray = new IdmFormAttributeDto();
byteArray.setCode("byteArray");
byteArray.setName("Byte array");
byteArray.setPersistentType(PersistentType.BYTEARRAY);
byteArray.setConfidential(false);
byteArray.setDescription("Test byte array");
byteArray.setPlaceholder("or image :-)");
byteArray = formService.saveAttribute(IdmIdentity.class, byteArray);
List<IdmFormValueDto> values = new ArrayList<>();
IdmFormValueDto phoneValue = new IdmFormValueDto();
phoneValue.setFormAttribute(phone.getId());
phoneValue.setStringValue("12345679");
values.add(phoneValue);
formService.saveValues(identity.getId(), IdmIdentity.class, null, values);
//
// demo eav role form
IdmFormAttributeDto roleExt = new IdmFormAttributeDto();
roleExt.setCode("extAttr");
roleExt.setName("Ext.attr");
roleExt.setPersistentType(PersistentType.TEXT);
roleExt.setConfidential(false);
roleExt.setDescription("Role's custom extended attribute");
roleExt = formService.saveAttribute(IdmRole.class, roleExt);
//
// demo eav tree node form
IdmFormAttributeDto treeNodeExt = new IdmFormAttributeDto();
treeNodeExt.setCode("extAttr");
treeNodeExt.setName("Ext.attr");
treeNodeExt.setPersistentType(PersistentType.TEXT);
treeNodeExt.setConfidential(false);
treeNodeExt.setDescription("Tree node's custom extended attribute");
treeNodeExt = formService.saveAttribute(IdmTreeNode.class, treeNodeExt);
//
// demo eav identity contract's form
IdmFormAttributeDto identityContractExt = new IdmFormAttributeDto();
identityContractExt.setCode("extAttr");
identityContractExt.setName("Ext.attr");
identityContractExt.setPersistentType(PersistentType.TEXT);
identityContractExt.setConfidential(false);
identityContractExt.setDescription("Identity contract's custom extended attribute");
identityContractExt = formService.saveAttribute(IdmIdentityContract.class, identityContractExt);
}
} catch (Exception ex) {
LOG.warn("Demo data was not created", ex);
} finally {
SecurityContextHolder.clearContext();
}
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmContractGuarantee(eu.bcvsolutions.idm.core.model.entity.IdmContractGuarantee)
ArrayList(java.util.ArrayList)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto)
PageRequest(org.springframework.data.domain.PageRequest)
IdmPasswordPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmPasswordPolicyDto)
IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContract(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract)
IdmRoleRequest(eu.bcvsolutions.idm.core.model.entity.IdmRoleRequest)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
IdmTreeType(eu.bcvsolutions.idm.core.model.entity.IdmTreeType)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmContractGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmContractGuaranteeDto)
IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Example 2 with IdmRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmIdentityService method findAllGuaranteesByRoleId.
@Override
@Transactional(readOnly = true)
public List<IdmIdentityDto> findAllGuaranteesByRoleId(UUID roleId) {
IdmRoleDto role = roleService.get(roleId);
Assert.notNull(role, "Role is required. Role by name [" + roleId + "] not found.");
return role.getGuarantees().stream().map(guarantee -> {
return get(guarantee.getGuarantee());
}).collect(Collectors.toList());
}
Also used :
IdmAuthorityChange(eu.bcvsolutions.idm.core.model.entity.IdmAuthorityChange)
IdmIdentityContract(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract)
Autowired(org.springframework.beans.factory.annotation.Autowired)
IdmIdentityRepository(eu.bcvsolutions.idm.core.model.repository.IdmIdentityRepository)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
StringUtils(org.apache.commons.lang3.StringUtils)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
Predicate(javax.persistence.criteria.Predicate)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
IdentityEventType(eu.bcvsolutions.idm.core.model.event.IdentityEvent.IdentityEventType)
Sort(org.springframework.data.domain.Sort)
Path(javax.persistence.criteria.Path)
RepositoryUtils(eu.bcvsolutions.idm.core.api.utils.RepositoryUtils)
CriteriaQuery(javax.persistence.criteria.CriteriaQuery)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
ImmutableMap(com.google.common.collect.ImmutableMap)
ContractState(eu.bcvsolutions.idm.core.api.domain.ContractState)
Collection(java.util.Collection)
PageRequest(org.springframework.data.domain.PageRequest)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
RoleConfiguration(eu.bcvsolutions.idm.core.api.config.domain.RoleConfiguration)
Collectors(java.util.stream.Collectors)
IdentityState(eu.bcvsolutions.idm.core.api.domain.IdentityState)
List(java.util.List)
IdmAuthorityChangeRepository(eu.bcvsolutions.idm.core.model.repository.IdmAuthorityChangeRepository)
Specification(org.springframework.data.jpa.domain.Specification)
IdentityEvent(eu.bcvsolutions.idm.core.model.event.IdentityEvent)
IdmIdentityService(eu.bcvsolutions.idm.core.api.service.IdmIdentityService)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
HashMap(java.util.HashMap)
IdmTreeType_(eu.bcvsolutions.idm.core.model.entity.IdmTreeType_)
PasswordChangeEvent(eu.bcvsolutions.idm.core.model.event.PasswordChangeEvent)
IdmTreeNode_(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode_)
ArrayList(java.util.ArrayList)
PasswordChangeEventType(eu.bcvsolutions.idm.core.model.event.PasswordChangeEvent.PasswordChangeEventType)
Lists(com.google.common.collect.Lists)
IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole)
IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdentityProcessor(eu.bcvsolutions.idm.core.api.event.processor.IdentityProcessor)
Root(javax.persistence.criteria.Root)
IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_)
IdentityPasswordProcessor(eu.bcvsolutions.idm.core.model.event.processor.identity.IdentityPasswordProcessor)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
DateTime(org.joda.time.DateTime)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
EventContext(eu.bcvsolutions.idm.core.api.event.EventContext)
IdmIdentityContract_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityContract_)
IdmForestIndexEntity_(eu.bcvsolutions.idm.core.model.entity.IdmForestIndexEntity_)
IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
AbstractFormableService(eu.bcvsolutions.idm.core.eav.api.service.AbstractFormableService)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
Subquery(javax.persistence.criteria.Subquery)
PasswordChangeDto(eu.bcvsolutions.idm.core.api.dto.PasswordChangeDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 3 with IdmRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class RoleSynchronizationExecutor method doUpdateAccount.
/**
* Call provisioning for given account
*
* @param account
* @param entityType
* @param log
* @param logItem
* @param actionLogs
*/
protected void doUpdateAccount(AccAccountDto account, SystemEntityType entityType, SysSyncLogDto log, SysSyncItemLogDto logItem, List<SysSyncActionLogDto> actionLogs) {
UUID entityId = getEntityByAccount(account.getId());
IdmRoleDto entity = null;
if (entityId != null) {
entity = roleService.get(entityId);
}
if (entity == null) {
addToItemLog(logItem, "Entity account relation (with ownership = true) was not found!");
initSyncActionLog(SynchronizationActionType.UPDATE_ENTITY, OperationResultType.WARNING, logItem, log, actionLogs);
return;
}
// Call provisioning for this entity
callProvisioningForEntity(entity, entityType, logItem);
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
UUID(java.util.UUID)
Example 4 with IdmRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class AccountProtectionExpirationTaskExecutorIntegrationTest method testRemoveExpiredAccount.
@Test
public void testRemoveExpiredAccount() {
IdmIdentityDto identity = helper.createIdentity();
IdmRoleDto role = helper.createRole();
SysSystemDto system = helper.createTestResourceSystem(true);
SysSystemMappingDto mapping = helper.getDefaultMapping(system);
mapping.setProtectionInterval(1);
mapping.setProtectionEnabled(true);
systemMappingService.save(mapping);
helper.createRoleSystem(role, system);
IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
//
AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertFalse(account.isInProtection());
TestResource createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// remove role
identityRoleService.deleteById(identityRole.getId());
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
//
// test LRT - nothing to remove
AccountProtectionExpirationTaskExecutor taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
//
account = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNotNull(account);
Assert.assertTrue(account.isInProtection());
Assert.assertNotNull(account.getEndOfProtection());
createdAccount = helper.findResource(account.getUid());
Assert.assertNotNull(createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// change account expiration
account.setEndOfProtection(new DateTime().minusDays(1));
account = accountService.save(account);
taskExecutor = new AccountProtectionExpirationTaskExecutor();
longRunningTaskManager.execute(taskExecutor);
AccAccountDto removedAccount = accountService.getAccount(identity.getUsername(), system.getId());
Assert.assertNull(removedAccount);
createdAccount = helper.findResource(account.getUid());
Assert.assertNull(createdAccount);
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccountProtectionExpirationTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.AccountProtectionExpirationTaskExecutor)
SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)
AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto)
TestResource(eu.bcvsolutions.idm.acc.entity.TestResource)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto)
DateTime(org.joda.time.DateTime)
Test(org.junit.Test)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Example 5 with IdmRoleDto
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityRoleValidRequestSchedulerTest method createValidRole.
@Test
public void createValidRole() {
IdmIdentityDto identity = createAndSaveIdentity();
IdmRoleDto role = createAndSaveRole();
createAndSaveRoleSystem(role, system);
IdmTreeTypeDto treeType = createAndSaveTreeType();
IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
LocalDate validFrom = new LocalDate();
// set minus days
validFrom = validFrom.minusDays(5);
// provisioning is not executed
createAndSaveIdentityRole(identityContract, role, null, validFrom);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
AccIdentityAccountDto accountIdentity = identityAccountService.find(filter, null).getContent().get(0);
// it must exists
assertNotNull(accountIdentity);
}
Also used :
IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
LocalDate(org.joda.time.LocalDate)
AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)
AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)
Test(org.junit.Test)
Aggregations
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)1169
Test (org.junit.Test)943
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)852
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)523
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)439
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)424
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)324
SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)276
List (java.util.List)248
UUID (java.util.UUID)228
IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)216
Autowired (org.springframework.beans.factory.annotation.Autowired)214
Transactional (org.springframework.transaction.annotation.Transactional)195
Assert (org.junit.Assert)167
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)161
IdmFormAttributeDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)145
IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)142
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)131
IdmRoleService (eu.bcvsolutions.idm.core.api.service.IdmRoleService)129
SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)123
