Examples with IdmRoleDto eu.bcvsolutions.idm.core.api.dto.IdmRoleDto used on opensource projects

Example 61 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class DefaultSysRoleSystemAttributeService method save.

@Override
public SysRoleSystemAttributeDto save(SysRoleSystemAttributeDto dto, BasePermission... permission) {
    // identifier
    if (dto.isUid()) {
        SysRoleSystemAttributeFilter filter = new SysRoleSystemAttributeFilter();
        filter.setIsUid(Boolean.TRUE);
        filter.setRoleSystemId(dto.getRoleSystem());
        List<SysRoleSystemAttributeDto> list = this.find(filter, null).getContent();
        if (list.size() > 0 && !list.get(0).getId().equals(dto.getId())) {
            SysRoleSystemDto roleSystem = roleSystemService.get(dto.getRoleSystem());
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(dto, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_ROLE_ATTRIBUTE_MORE_UID, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName()));
        }
    }
    // We will check exists definition for extended attribute
    SysSystemAttributeMappingDto systemAttributeMapping = systemAttributeMappingService.get(dto.getSystemAttributeMapping());
    SysSystemMappingDto systemMapping = systemMappingService.get(systemAttributeMapping.getSystemMapping());
    Class<? extends Identifiable> entityType = systemMapping.getEntityType().getEntityType();
    if (dto.isExtendedAttribute() && formService.isFormable(entityType)) {
        systeAttributeMappingService.createExtendedAttributeDefinition(dto, entityType);
    }
    // We will do script validation (on compilation errors), before save
    if (dto.getTransformScript() != null) {
        groovyScriptService.validateScript(dto.getTransformScript());
    }
    SysRoleSystemAttributeDto roleSystemAttribute = super.save(dto, permission);
    // RoleSystemAttribute was changed. We need do ACC management for all
    // connected identities
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setRoleSystemId(dto.getRoleSystem());
    List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, null).getContent();
    // TODO: move to filter and use distinct
    List<IdmIdentityDto> identities = new ArrayList<>();
    identityAccounts.stream().forEach(identityAccount -> {
        if (!identities.contains(identityAccount.getIdentity())) {
            // TODO: embedded
            identities.add(identityService.get(identityAccount.getIdentity()));
        }
    });
    identities.stream().forEach(identity -> {
        LOG.debug("Call account management for identity [{}]", identity.getUsername());
        boolean provisioningRequired = getAccountManagementService().resolveIdentityAccounts(identity);
        if (provisioningRequired) {
            LOG.debug("Call provisioning for identity [{}]", identity.getUsername());
            getProvisioningService().doProvisioning(identity);
        }
    });
    return roleSystemAttribute;
}

Example 62 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityProvisioningExecutor method findOverloadingAttributes.

/**
 * Return list of all overloading attributes for given identity, system and
 * uid
 *
 * @param identityAccount
 * @param idenityAccoutnList
 * @param operationType
 * @param entityType
 * @return
 */
@Override
protected List<SysRoleSystemAttributeDto> findOverloadingAttributes(IdmIdentityDto entity, SysSystemDto system, List<? extends EntityAccountDto> idenityAccoutnList, SystemEntityType entityType) {
    List<SysRoleSystemAttributeDto> roleSystemAttributesAll = new ArrayList<>();
    idenityAccoutnList.stream().filter(ia -> {
        AccAccountDto account = DtoUtils.getEmbedded((AccIdentityAccountDto) ia, AccIdentityAccount_.account, AccAccountDto.class);
        return ((AccIdentityAccountDto) ia).getIdentityRole() != null && account.getSystem() != null && account.getSystem().equals(system.getId()) && ia.isOwnership();
    }).forEach((identityAccountInner) -> {
        AbstractDto identityAccount = (AbstractDto) identityAccountInner;
        // All identity account with same system and with filled
        // identityRole
        AccAccountDto account = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.account, AccAccountDto.class);
        IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(identityAccount, AccIdentityAccount_.identityRole, IdmIdentityRoleDto.class);
        SysRoleSystemFilter roleSystemFilter = new SysRoleSystemFilter();
        roleSystemFilter.setRoleId(identityRole.getRole());
        roleSystemFilter.setSystemId(account.getSystem());
        List<SysRoleSystemDto> roleSystems = roleSystemService.find(roleSystemFilter, null).getContent();
        if (roleSystems.size() > 1) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            IdmRoleDto roleDto = roleService.get(roleSystem.getRole());
            SysSystemDto systemDto = DtoUtils.getEmbedded(roleSystem, SysRoleSystem_.system, SysSystemDto.class);
            throw new ProvisioningException(AccResultCode.PROVISIONING_DUPLICATE_ROLE_MAPPING, ImmutableMap.of("role", roleDto.getName(), "system", systemDto.getName(), "entityType", entityType));
        }
        if (!roleSystems.isEmpty()) {
            SysRoleSystemDto roleSystem = roleSystems.get(0);
            SysRoleSystemAttributeFilter roleSystemAttributeFilter = new SysRoleSystemAttributeFilter();
            roleSystemAttributeFilter.setRoleSystemId(roleSystem.getId());
            List<SysRoleSystemAttributeDto> roleAttributes = roleSystemAttributeService.find(roleSystemAttributeFilter, null).getContent();
            if (!CollectionUtils.isEmpty(roleAttributes)) {
                roleSystemAttributesAll.addAll(roleAttributes);
            }
        }
    });
    return roleSystemAttributesAll;
}

Example 63 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentitySynchronizationExecutor method createEntityAccount.

@Override
protected EntityAccountDto createEntityAccount(AccAccountDto account, IdmIdentityDto entity, SynchronizationContext context) {
    Assert.notNull(account);
    Assert.notNull(entity);
    EntityAccountDto entityAccount = super.createEntityAccount(account, entity, context);
    Assert.isInstanceOf(AccIdentityAccountDto.class, entityAccount, "For identity sync must be entity-account relation instance of AccIdentityAccountDto!");
    AccIdentityAccountDto identityAccount = (AccIdentityAccountDto) entityAccount;
    SysSyncIdentityConfigDto config = this.getConfig(context);
    UUID defaultRoleId = config.getDefaultRole();
    if (defaultRoleId == null) {
        return identityAccount;
    }
    // Default role is defines
    IdmRoleDto defaultRole = DtoUtils.getEmbedded(config, SysSyncIdentityConfig_.defaultRole, IdmRoleDto.class);
    context.getLogItem().addToLog(MessageFormat.format("Default role [{1}] is defines and will be assigned to the identity [{0}].", entity.getCode(), defaultRole.getCode()));
    Assert.notNull(defaultRole, "Default role must be found for this sync configuration!");
    IdmIdentityContractDto primeContract = identityContractService.getPrimeValidContract(entity.getId());
    if (primeContract == null) {
        context.getLogItem().addToLog("Warning! - Default role is set, but could not be assigned to identity, because was not found any valid identity contract!");
        this.initSyncActionLog(context.getActionType(), OperationResultType.WARNING, context.getLogItem(), context.getLog(), context.getActionLogs());
        return identityAccount;
    }
    // Create role request for default role and primary contract
    IdmRoleRequestDto roleRequest = roleRequestService.createRequest(primeContract, defaultRole);
    roleRequest = roleRequestService.startRequestInternal(roleRequest.getId(), false);
    // Load concept (can be only one)
    IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
    conceptFilter.setRoleRequestId(roleRequest.getId());
    UUID identityRoleId = conceptRoleRequestService.find(conceptFilter, null).getContent().get(0).getIdentityRole();
    Assert.notNull(identityRoleId, "Identity role relation had to been created!");
    identityAccount.setIdentityRole(identityRoleId);
    AccIdentityAccountDto duplicate = this.findDuplicate(identityAccount);
    if (duplicate != null) {
        // This IdentityAccount is new and duplicated, we do not want create duplicated
        // relation.
        // Same IdentityAccount had to be created by assigned default role!
        context.getLogItem().addToLog(MessageFormat.format("This identity-account (identity-role id: {2}) is new and duplicated, " + "we do not want create duplicated relation! " + "We will reusing already persisted identity-account [{3}]. " + "Probable reason: Same  identity-account had to be created by assigned default role!", identityAccount.getAccount(), identityAccount.getIdentity(), identityAccount.getIdentityRole(), duplicate.getId()));
        // Reusing duplicate
        return duplicate;
    }
    return identityAccount;
}

Example 64 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class DefaultTestHelper method createAutomaticRole.

@Override
public IdmAutomaticRoleAttributeDto createAutomaticRole(UUID roleId) {
    String testName = "test-auto-role-" + System.currentTimeMillis();
    if (roleId == null) {
        IdmRoleDto role = this.createRole();
        roleId = role.getId();
    }
    IdmAutomaticRoleAttributeDto automaticRole = new IdmAutomaticRoleAttributeDto();
    automaticRole.setRole(roleId);
    automaticRole.setName(testName);
    return automaticRoleAttributeService.save(automaticRole);
}

Example 65 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleCatalogueServiceIntegrationTest method testReferentialIntegrity.

@Test
public void testReferentialIntegrity() {
    // catalogue
    IdmRoleCatalogueDto roleCatalogue = new IdmRoleCatalogueDto();
    String catalogueName = "cat_one_" + System.currentTimeMillis();
    roleCatalogue.setCode(catalogueName);
    roleCatalogue.setName(catalogueName);
    roleCatalogue = roleCatalogueService.save(roleCatalogue);
    // role
    IdmRoleDto role = new IdmRoleDto();
    String roleName = "test_r_" + System.currentTimeMillis();
    role.setName(roleName);
    // 
    IdmRoleCatalogueRoleDto roleCatalogueRole = new IdmRoleCatalogueRoleDto();
    roleCatalogueRole.setRole(role.getId());
    roleCatalogueRole.setRoleCatalogue(roleCatalogue.getId());
    // 
    role.setRoleCatalogues(Lists.newArrayList(roleCatalogueRole));
    role = roleService.save(role);
    // 
    List<IdmRoleCatalogueRoleDto> list = role.getRoleCatalogues();
    assertEquals(1, list.size());
    UUID catalogId = list.get(0).getRoleCatalogue();
    UUID roleId = list.get(0).getRole();
    // 
    assertNotNull(catalogId);
    assertNotNull(roleId);
    assertEquals(roleCatalogue.getId(), catalogId);
    assertEquals(role.getId(), roleId);
    // 
    roleCatalogueService.delete(roleCatalogue);
    // 
    List<IdmRoleCatalogueDto> roleCatalogues = roleCatalogueService.findAllByRole(role.getId());
    assertEquals(0, roleCatalogues.size());
}