Search in sources :

Example 61 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleTest.

@Test
@Transactional
public void addSuperAdminRoleTest() {
    loginAsAdmin(InitTestData.TEST_USER_1);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // HELPDESK
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // SECURITY
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 62 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleSkipTest.

@Test
@Transactional
public void addSuperAdminRoleSkipTest() {
    // We are logged as admin. By default is all approve tasks assigned to Admin.
    // All this tasks will be skipped.
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK - must be skipped
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // SECURITY - must be skipped
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 63 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testCompleteTaskByAnotherUser.

@Test
public void testCompleteTaskByAnotherUser() {
    // approve only by help desk
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = helper.createIdentity();
    IdmIdentityDto test2 = helper.createIdentity();
    // 
    IdmRoleDto role = helper.createRole();
    // 
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = helper.createRole();
    IdmIdentityDto helpdeskIdentity = helper.createIdentity();
    // add role directly
    helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
    loginAsNoAdmin(test1.getUsername());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(test2.getUsername());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Example 64 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleDisapproveTest.

@Test
@Transactional
public void addSuperAdminRoleDisapproveTest() {
    // We are logged as admin. By default is all approve tasks assigned to Admin.
    // All this tasks will be skipped.
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK - must be skipped
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "disapprove");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.DISAPPROVED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertEquals(null, concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 65 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessSecurityTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessSecurityTest() {
    loginAsAdmin(InitTestData.TEST_USER_2);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_SECURITY_KEY);
    configurationService.setValue("idm.sec.core.wf.approval.security.enabled", "true");
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // Help Desk
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Manager
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // User Manager
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Role Guarantee - subprocess
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Security - subprocess
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Security
    request = roleRequestService.get(request.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)52 Test (org.junit.Test)52 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)51 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)49 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)44 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)35 List (java.util.List)27 ArrayList (java.util.ArrayList)26 IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)24 IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)24 Transactional (org.springframework.transaction.annotation.Transactional)20 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)9 IdmConceptRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)9 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)9 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)8 IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)7 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)7