Examples with IdmRoleGuaranteeDto eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto used on opensource projects

Search in sources :

Example 16 with IdmRoleGuaranteeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessSecurityTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessSecurityTest() {
    loginAsAdmin(InitTestData.TEST_USER_2);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_SECURITY_KEY);
    configurationService.setValue("idm.sec.core.wf.approval.security.enabled", "true");
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // Help Desk
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Manager
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // User Manager
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Role Guarantee - subprocess
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Security - subprocess
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Security
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 17 with IdmRoleGuaranteeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testCompleteTaskByPreviosApprover.

@Test
public void testCompleteTaskByPreviosApprover() {
    // approve only by help desk
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    // 
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = helper.createIdentity();
    IdmIdentityDto guarantee = helper.createIdentity();
    // Guarantee
    int priority = 500;
    IdmRoleDto role = helper.createRole();
    role.setPriority(priority);
    IdmRoleGuaranteeDto roleGuarantee = new IdmRoleGuaranteeDto();
    roleGuarantee.setRole(role.getId());
    roleGuarantee.setGuarantee(guarantee.getId());
    role.getGuarantees().add(roleGuarantee);
    role = roleService.save(role);
    // set approve by guarantee
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
    // 
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = helper.createRole();
    IdmIdentityDto helpdeskIdentity = helper.createIdentity();
    // add role directly
    helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
    loginAsNoAdmin(test1.getUsername());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(helpdeskIdentity.getUsername());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
    } catch (ResultCodeException ex) {
        fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(helpdeskIdentity.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
        fail("This user: " + helpdeskIdentity.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(test1.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(guarantee.getUsername());
    try {
        completeTasksFromUsers(guarantee.getUsername(), "approve");
    } catch (ResultCodeException ex) {
        fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Example 18 with IdmRoleGuaranteeDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessDisapproveTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessDisapproveTest() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK - must be skipped
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Subprocess - approve by GUARANTEE
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "disapprove");
    // SECURITY
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityId(test1.getId());
    Page<IdmIdentityRoleDto> page = identityRoleService.find(filter, null);
    assertEquals(0, page.getSize());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)18 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)18 IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)18 Test (org.junit.Test)18 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)13 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)8 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)7 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)7 UUID (java.util.UUID)7 IdmAutomaticRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)6 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)6 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)6 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)6 Transactional (org.springframework.transaction.annotation.Transactional)6 AcceptedException (eu.bcvsolutions.idm.core.api.exception.AcceptedException)5 RoleRequestException (eu.bcvsolutions.idm.core.api.exception.RoleRequestException)5 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)5 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)3 IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)3 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial