use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testRecipientRoleIntegrity.
@Test
public void testRecipientRoleIntegrity() {
SysSystemDto systemDto = testHelper.createSystem(TestResource.TABLE_NAME);
SysProvisioningBreakConfigDto breakConfig = createProvisioningBreak(20l, null, null, ProvisioningEventType.CREATE, systemDto.getId());
//
IdmRoleDto roleDto = testHelper.createRole();
//
this.createRecipient(breakConfig.getId(), null, roleDto.getId());
//
int size = provisioningBreakRecipient.findAllByBreakConfig(breakConfig.getId()).size();
assertEquals(1, size);
//
roleService.delete(roleDto);
//
size = provisioningBreakRecipient.findAllByBreakConfig(breakConfig.getId()).size();
assertEquals(0, size);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class ProvisioningBreakProcessorTest method testGlobalConfigurationSettings.
@Test
public void testGlobalConfigurationSettings() {
IdmIdentityDto recipient = testHelper.createIdentity();
IdmIdentityDto recipient2 = testHelper.createIdentity();
IdmRoleDto roleRecipient = testHelper.createRole();
//
createGlobalConfiguration(ProvisioningBreakConfiguration.GLOBAL_BREAK_DELETE_OPERATION, false, 2, 3, 20l, null, roleRecipient);
String prefix = ProvisioningBreakConfiguration.GLOBAL_BREAK_PREFIX + ProvisioningBreakConfiguration.GLOBAL_BREAK_DELETE_OPERATION;
configurationService.setValue(prefix + ProvisioningBreakConfiguration.PROPERTY_IDENTITY_RECIPIENTS, recipient.getUsername() + ", " + recipient2.getUsername());
//
// check non existing configuration
ProvisioningEventType eventType = ProvisioningEventType.UPDATE;
Object value = provisioningBreakConfiguration.getDisabled(eventType);
assertNull(value);
value = provisioningBreakConfiguration.getDisableLimit(eventType);
assertNull(value);
List<IdmIdentityDto> recipients = provisioningBreakConfiguration.getIdentityRecipients(eventType);
assertTrue(recipients.isEmpty());
value = provisioningBreakConfiguration.getPeriod(eventType);
assertNull(value);
//
// check existing
eventType = ProvisioningEventType.DELETE;
Boolean disabled = provisioningBreakConfiguration.getDisabled(eventType);
Integer warningLimit = provisioningBreakConfiguration.getWarningLimit(eventType);
Integer disableLimit = provisioningBreakConfiguration.getDisableLimit(eventType);
Long period = provisioningBreakConfiguration.getPeriod(eventType);
List<IdmIdentityDto> identityRecipients = provisioningBreakConfiguration.getIdentityRecipients(eventType);
List<IdmRoleDto> roleRecipients = provisioningBreakConfiguration.getRoleRecipients(eventType);
//
assertEquals(Boolean.FALSE, disabled);
assertEquals(Integer.valueOf(2), warningLimit);
assertEquals(Integer.valueOf(3), disableLimit);
assertEquals(Long.valueOf(20l), period);
assertEquals(2, identityRecipients.size());
assertEquals(1, roleRecipients.size());
//
IdmIdentityDto foundedRecipient = identityRecipients.stream().filter(rec -> rec.getUsername().equals(recipient.getUsername())).findFirst().get();
assertNotNull(foundedRecipient);
assertEquals(recipient.getId(), foundedRecipient.getId());
//
foundedRecipient = identityRecipients.stream().filter(rec -> rec.getUsername().equals(recipient2.getUsername())).findFirst().get();
assertNotNull(foundedRecipient);
assertEquals(recipient2.getId(), foundedRecipient.getId());
//
IdmRoleDto foundedRole = roleRecipients.get(0);
assertNotNull(foundedRole);
assertEquals(roleRecipient.getId(), foundedRole.getId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountManagementTest method overloadedAttributeAdd_C_AccountYrole.
@Test
public void overloadedAttributeAdd_C_AccountYrole() {
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
IdmRoleDto role = roleService.getByCode(ROLE_OVERLOADING_Y_ACCOUNT);
Assert.assertNotNull("Account for this identity have to be found!", helper.findResource("x" + IDENTITY_USERNAME));
IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
irdto.setRole(role.getId());
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
identityRoleService.save(irdto);
AccIdentityAccountFilter iaccFilter = new AccIdentityAccountFilter();
iaccFilter.setIdentityId(identity.getId());
// Now we have to identity roles (role_overloading_first_name and
// role_overloading_last_name and role_overloading_y_account) and
// identity accounts
Assert.assertEquals("Idenitity accounts have to exists (three items) after account management was started!", 3, identityAccountService.find(iaccFilter, null).getContent().size());
TestResource createdAccount = helper.findResource("y" + IDENTITY_USERNAME);
Assert.assertNotNull("Idenitity have to exists on target system (after account management)", createdAccount);
Assert.assertEquals("First name on target system must be equals with first name on identity", identity.getFirstName(), createdAccount.getFirstname());
Assert.assertEquals("Last name on target system must be equals with first name on identity", identity.getLastName(), createdAccount.getLastname());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountManagementTest method defaultAccountAddInvalid.
@Test
public /**
* Add invalid identity role. Account cannot be created.
*/
void defaultAccountAddInvalid() {
initData();
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
IdmRoleDto roleDefault = roleService.getByCode(ROLE_DEFAULT);
Assert.assertNull("No account for this identity can be found, before account management start!", helper.findResource("x" + IDENTITY_USERNAME));
IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
irdto.setRole(roleDefault.getId());
// Set valid from to future
irdto.setValidFrom(LocalDate.now().plusDays(1));
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
irdto = identityRoleService.save(irdto);
AccIdentityAccountFilter iaccFilter = new AccIdentityAccountFilter();
iaccFilter.setIdentityId(identity.getId());
iaccFilter.setIdentityRoleId(irdto.getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
// Identity-account have to not exists after account management was started (INVALID identityRole was added)!
Assert.assertEquals(0, identityAccounts.size());
// Set valid from to null - Account must be created
irdto.setValidFrom(null);
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
irdto = identityRoleService.save(irdto);
identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
Assert.assertEquals(1, identityAccounts.size());
AccIdentityAccountDto identityAccount = identityAccounts.get(0);
Assert.assertNotNull("Idenitity account have to exists after account management was started!", identityAccount);
Assert.assertNotNull("Account have to exists after account management was started!", identityAccount.getAccount());
Assert.assertEquals(accountService.get(identityAccount.getAccount()).getUid(), "x" + IDENTITY_USERNAME);
TestResource createdAccount = helper.findResource("x" + IDENTITY_USERNAME);
Assert.assertNotNull("Idenitity have to exists on target system (after account management)", createdAccount);
Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
// Set valid from to null - Account must be created
irdto.setValidTill(LocalDate.now().minusDays(1));
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
irdto = identityRoleService.save(irdto);
identityAccounts = identityAccountService.find(iaccFilter, null).getContent();
// Identity-account have to not exists after account management was started (INVALID identityRole was added)!
Assert.assertEquals(0, identityAccounts.size());
// Clean identity role
identityRoleService.delete(irdto);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityAccountManagementTest method overloadedAttributeChangePassword.
@Test
public void overloadedAttributeChangePassword() {
IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
filter.setIdentityId(identity.getId());
filter.setSystemId(systemService.getByCode(SYSTEM_NAME).getId());
List<AccIdentityAccountDto> identityAccounts = identityAccountService.find(filter, new PageRequest(0, 1, new Sort(Sort.Direction.ASC, AccIdentityAccount_.created.getName()))).getContent();
TestResource resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
// Create new password two
PasswordChangeDto passwordChange = new PasswordChangeDto();
passwordChange.setAccounts(ImmutableList.of(identityAccounts.get(0).getAccount().toString()));
passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_TWO));
passwordChange.setIdm(true);
// Do change of password for selected accounts
identityService.passwordChange(identity, passwordChange);
// Check correct password two
resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
Assert.assertEquals("Check same password on target system", IDENTITY_PASSWORD_TWO, resourceAccount.getPassword());
// Add overloaded password attribute
IdmRoleDto rolePassword = roleService.getByCode(ROLE_OVERLOADING_PASSWORD);
IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
irdto.setRole(rolePassword.getId());
// This evokes IdentityRole SAVE event. On this event will be start
// account management and provisioning
identityRoleService.save(irdto);
// Do change of password for selected accounts
passwordChange.setNewPassword(new GuardedString(IDENTITY_PASSWORD_THREE));
identityService.passwordChange(identity, passwordChange);
// Check correct overloaded password two
resourceAccount = helper.findResource("x" + IDENTITY_USERNAME);
Assert.assertEquals("Check overloaded password (added x) on target system", "x" + IDENTITY_PASSWORD_THREE, resourceAccount.getPassword());
}
Aggregations