use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleTest.
@Test
@Transactional
public void addSuperAdminRoleTest() {
loginAsAdmin(InitTestData.TEST_USER_1);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// HELPDESK
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// MANAGER
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// USER MANAGER
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// SECURITY
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleSkipTest.
@Test
@Transactional
public void addSuperAdminRoleSkipTest() {
// We are logged as admin. By default is all approve tasks assigned to Admin.
// All this tasks will be skipped.
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
// HELPDESK - must be skipped
// MANAGER
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// USER MANAGER
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// SECURITY - must be skipped
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method testCompleteTaskByAnotherUser.
@Test
public void testCompleteTaskByAnotherUser() {
// approve only by help desk
configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = helper.createIdentity();
IdmIdentityDto test2 = helper.createIdentity();
//
IdmRoleDto role = helper.createRole();
//
// helpdesk role and identity
IdmRoleDto helpdeskRole = helper.createRole();
IdmIdentityDto helpdeskIdentity = helper.createIdentity();
// add role directly
helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
loginAsNoAdmin(test1.getUsername());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
try {
completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
fail("This user: " + test1.getUsername() + " can't approve task.");
} catch (ResultCodeException ex) {
assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
} catch (Exception e) {
fail("Some problem: " + e.getLocalizedMessage());
}
loginAsNoAdmin(test2.getUsername());
try {
completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
fail("This user: " + test1.getUsername() + " can't approve task.");
} catch (ResultCodeException ex) {
assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
} catch (Exception e) {
fail("Some problem: " + e.getLocalizedMessage());
}
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleDisapproveTest.
@Test
@Transactional
public void addSuperAdminRoleDisapproveTest() {
// We are logged as admin. By default is all approve tasks assigned to Admin.
// All this tasks will be skipped.
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
// HELPDESK - must be skipped
// MANAGER
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "disapprove");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.DISAPPROVED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertEquals(null, concept.getWfProcessId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessSecurityTest.
@Test
@Transactional
public void addSuperAdminRoleWithSubprocessSecurityTest() {
loginAsAdmin(InitTestData.TEST_USER_2);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
// Guarantee
int priority = 500;
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
adminRole.setPriority(priority);
IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
guarantee.setRole(adminRole.getId());
guarantee.setGuarantee(test2.getId());
adminRole.getGuarantees().add(guarantee);
adminRole = roleService.save(adminRole);
configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_SECURITY_KEY);
configurationService.setValue("idm.sec.core.wf.approval.security.enabled", "true");
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
// Help Desk
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// Manager
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// User Manager
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// Role Guarantee - subprocess
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// Security - subprocess
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// Security
request = roleRequestService.get(request.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
}
Aggregations