Search in sources :

Example 36 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityAccountManagementTest method overloadedAttributeAdd_A_LastNameRole.

@Test
public void overloadedAttributeAdd_A_LastNameRole() {
    IdmIdentityDto identity = identityService.getByUsername(IDENTITY_USERNAME);
    IdmRoleDto roleLastName = roleService.getByCode(ROLE_OVERLOADING_LAST_NAME);
    Assert.assertNull("No account for this identity can be found, before account management start!", helper.findResource("x" + IDENTITY_USERNAME));
    IdmIdentityRoleDto irdto = new IdmIdentityRoleDto();
    irdto.setIdentityContract(identityContractService.findAllByIdentity(identity.getId()).get(0).getId());
    irdto.setRole(roleLastName.getId());
    // This evokes IdentityRole SAVE event. On this event will be start
    // account management and provisioning
    IdmIdentityRoleDto irCreated = identityRoleService.save(irdto);
    AccIdentityAccountFilter iaccFilter = new AccIdentityAccountFilter();
    iaccFilter.setIdentityId(identity.getId());
    iaccFilter.setIdentityRoleId(irCreated.getId());
    AccIdentityAccountDto identityAccount = identityAccountService.find(iaccFilter, null).getContent().get(0);
    Assert.assertNotNull("Idenitity account have to exists after account management was started!", identityAccount);
    Assert.assertNotNull("Account have to exists after account management was started!", identityAccount.getAccount());
    Assert.assertEquals(accountService.get(identityAccount.getAccount()).getUid(), "x" + IDENTITY_USERNAME);
    TestResource createdAccount = helper.findResource("x" + IDENTITY_USERNAME);
    Assert.assertNotNull("Idenitity have to exists on target system (after account management)", createdAccount);
    Assert.assertEquals("Last name on target system must be equals with email on identity (we use overloded attribute)", identity.getEmail(), createdAccount.getLastname());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 37 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class AccountProtectionExpirationTaskExecutorIntegrationTest method testRemoveExpiredAccount.

@Test
public void testRemoveExpiredAccount() {
    IdmIdentityDto identity = helper.createIdentity();
    IdmRoleDto role = helper.createRole();
    SysSystemDto system = helper.createTestResourceSystem(true);
    SysSystemMappingDto mapping = helper.getDefaultMapping(system);
    mapping.setProtectionInterval(1);
    mapping.setProtectionEnabled(true);
    systemMappingService.save(mapping);
    helper.createRoleSystem(role, system);
    IdmIdentityRoleDto identityRole = helper.createIdentityRole(identity, role);
    // 
    AccAccountDto account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertFalse(account.isInProtection());
    TestResource createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // 
    // remove role
    identityRoleService.deleteById(identityRole.getId());
    // 
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNotNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // 
    // test LRT - nothing to remove
    AccountProtectionExpirationTaskExecutor taskExecutor = new AccountProtectionExpirationTaskExecutor();
    longRunningTaskManager.execute(taskExecutor);
    // 
    account = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNotNull(account);
    Assert.assertTrue(account.isInProtection());
    Assert.assertNotNull(account.getEndOfProtection());
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNotNull(createdAccount);
    Assert.assertEquals(identity.getFirstName(), createdAccount.getFirstname());
    // change account expiration
    account.setEndOfProtection(new DateTime().minusDays(1));
    account = accountService.save(account);
    taskExecutor = new AccountProtectionExpirationTaskExecutor();
    longRunningTaskManager.execute(taskExecutor);
    AccAccountDto removedAccount = accountService.getAccount(identity.getUsername(), system.getId());
    Assert.assertNull(removedAccount);
    createdAccount = helper.findResource(account.getUid());
    Assert.assertNull(createdAccount);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccountProtectionExpirationTaskExecutor(eu.bcvsolutions.idm.acc.scheduler.task.impl.AccountProtectionExpirationTaskExecutor) SysSystemMappingDto(eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) TestResource(eu.bcvsolutions.idm.acc.entity.TestResource) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) SysSystemDto(eu.bcvsolutions.idm.acc.dto.SysSystemDto) DateTime(org.joda.time.DateTime) Test(org.junit.Test) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)

Example 38 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createValidRole.

@Test
public void createValidRole() {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set minus days
    validFrom = validFrom.minusDays(5);
    // provisioning is not executed
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    AccIdentityAccountDto accountIdentity = identityAccountService.find(filter, null).getContent().get(0);
    // it must exists
    assertNotNull(accountIdentity);
}
Also used : IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 39 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createNonValidRoleAndValid.

@Test
public void createNonValidRoleAndValid() throws InterruptedException, ExecutionException {
    IdmIdentityDto identity = createAndSaveIdentity();
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // provisioning is not executed, role isn't valid from now
    createAndSaveIdentityRole(identityContract, role, null, validFrom);
    AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
    filter.setIdentityId(identity.getId());
    List<AccIdentityAccountDto> list = identityAccountService.find(filter, null).getContent();
    // it must not exists
    assertEquals(true, list.isEmpty());
    // 
    IdentityRoleValidRequestTaskExecutor taskExecutor1 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask1 = longRunningTaskManager.execute(taskExecutor1);
    assertEquals(true, futureTask1.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask1 = longRunningTaskService.get(taskExecutor1.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask1.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    // still empty, role isn't valid
    assertEquals(true, list.isEmpty());
    List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
    assertEquals(1, roles.size());
    IdmIdentityRole identityRole = roles.get(0);
    validFrom = new LocalDate();
    validFrom = validFrom.minusDays(5);
    identityRole.setValidFrom(validFrom);
    identityRoleRepository.save(identityRole);
    // execute again
    IdentityRoleValidRequestTaskExecutor taskExecutor2 = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask2 = longRunningTaskManager.execute(taskExecutor2);
    assertEquals(true, futureTask2.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask2 = longRunningTaskService.get(taskExecutor2.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask2.getResult().getState());
    list = identityAccountService.find(filter, null).getContent();
    assertEquals(false, list.isEmpty());
    assertEquals(1, list.size());
    // newly created accounts
    assertNotNull(list.get(0));
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 40 with IdmRoleDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleValidRequestSchedulerTest method createLotsOfValidRequests.

@Test
public void createLotsOfValidRequests() throws InterruptedException, ExecutionException {
    IdmRoleDto role = createAndSaveRole();
    createAndSaveRoleSystem(role, system);
    IdmTreeTypeDto treeType = createAndSaveTreeType();
    IdmTreeNodeDto treeNode = createAndSaveTreeNode(treeType);
    LocalDate validFrom = new LocalDate();
    // set plus days
    validFrom = validFrom.plusDays(5);
    // clear request, if any
    List<IdmIdentityRoleValidRequestDto> list = identityRoleValidRequestService.findAllValid();
    for (IdmIdentityRoleValidRequestDto request : list) {
        identityRoleValidRequestService.delete(request);
    }
    List<IdmIdentityDto> identities = new ArrayList<>();
    for (int index = 0; index < MAX_CREATE; index++) {
        IdmIdentityDto identity = createAndSaveIdentity();
        IdmIdentityContractDto identityContract = createAndSaveIdentityContract(identity, treeNode);
        // provisioning is not executed, role isn't valid from now
        createAndSaveIdentityRole(identityContract, role, null, validFrom);
        identities.add(identity);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    validFrom = validFrom.minusDays(15);
    for (IdmIdentityDto identity : identities) {
        List<IdmIdentityRole> roles = identityRoleRepository.findAllByIdentityContract_Identity_Id(identity.getId(), null);
        assertEquals(1, roles.size());
        IdmIdentityRole identityRole = roles.get(0);
        identityRole.setValidFrom(validFrom);
        identityRoleRepository.save(identityRole);
    }
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(MAX_CREATE, list.size());
    IdentityRoleValidRequestTaskExecutor taskExecutor = new IdentityRoleValidRequestTaskExecutor();
    LongRunningFutureTask<Boolean> futureTask = longRunningTaskManager.execute(taskExecutor);
    assertEquals(true, futureTask.getFutureTask().get());
    IdmLongRunningTaskDto longRunningTask = longRunningTaskService.get(taskExecutor.getLongRunningTaskId());
    assertEquals(OperationState.EXECUTED, longRunningTask.getResult().getState());
    list = identityRoleValidRequestService.findAllValid();
    assertEquals(0, list.size());
    for (IdmIdentityDto identity : identities) {
        AccIdentityAccountFilter filter = new AccIdentityAccountFilter();
        filter.setIdentityId(identity.getId());
        List<AccIdentityAccountDto> accountsList = identityAccountService.find(filter, null).getContent();
        assertEquals(false, accountsList.isEmpty());
        assertEquals(1, accountsList.size());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) ArrayList(java.util.ArrayList) IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto) LocalDate(org.joda.time.LocalDate) AccIdentityAccountDto(eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto) IdentityRoleValidRequestTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.IdentityRoleValidRequestTaskExecutor) IdmTreeTypeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeTypeDto) IdmIdentityRole(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole) AccIdentityAccountFilter(eu.bcvsolutions.idm.acc.dto.filter.AccIdentityAccountFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmIdentityRoleValidRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleValidRequestDto) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Aggregations

IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)288 Test (org.junit.Test)227 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)209 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)159 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)99 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)74 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)59 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)51 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)50 ArrayList (java.util.ArrayList)50 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)45 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)44 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)44 List (java.util.List)40 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)36 SysSystemMappingDto (eu.bcvsolutions.idm.acc.dto.SysSystemMappingDto)35 UUID (java.util.UUID)35 AccAccountDto (eu.bcvsolutions.idm.acc.dto.AccAccountDto)32 AccIdentityAccountDto (eu.bcvsolutions.idm.acc.dto.AccIdentityAccountDto)32