use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessTest.
@Test
@Transactional
public void addSuperAdminRoleWithSubprocessTest() {
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
// Guarantee
int priority = 500;
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
adminRole.setPriority(priority);
IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
guarantee.setRole(adminRole.getId());
guarantee.setGuarantee(test2.getId());
adminRole.getGuarantees().add(guarantee);
adminRole = roleService.save(adminRole);
configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
// HELPDESK - must be skipped
// MANAGER
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// USER MANAGER
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// Subprocess - approve by GUARANTEE
loginAsAdmin(InitTestData.TEST_USER_2);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
// SECURITY
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessRemoveTest.
@Test
@Transactional
public void addSuperAdminRoleWithSubprocessRemoveTest() {
IdmIdentityDto test1 = helper.createIdentity("TestUser" + System.currentTimeMillis());
IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
loginAsAdmin(InitTestData.TEST_USER_2);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleDto adminRole = helper.createRole("testRole" + System.currentTimeMillis());
adminRole.setApproveRemove(true);
roleService.save(adminRole);
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
// HELPDESK
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
// MANAGER
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
// USER MANAGER
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
// SECURITY
taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
filter.setIdentityId(test1.getId());
Page<IdmIdentityRoleDto> page = identityRoleService.find(filter, null);
assertEquals(1, page.getContent().size());
loginAsAdmin(InitTestData.TEST_USER_2);
// Guarantee
int priority = 500;
adminRole.setPriority(priority);
IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
guarantee.setRole(adminRole.getId());
guarantee.setGuarantee(test2.getId());
adminRole.getGuarantees().add(guarantee);
adminRole = roleService.save(adminRole);
configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + (priority + priority), APPROVE_REMOVE_ROLE_BY_MANAGER_KEY);
IdmRoleRequestDto requestRemove = createRoleRequest(test1);
requestRemove = roleRequestService.save(requestRemove);
IdmConceptRoleRequestDto conceptRemove = createRoleRemoveConcept(page.getContent().get(0).getId(), adminRole, contract, requestRemove);
conceptRemove = conceptRoleRequestService.save(conceptRemove);
roleRequestService.startRequestInternal(requestRemove.getId(), true);
requestRemove = roleRequestService.get(requestRemove.getId());
assertEquals(RoleRequestState.IN_PROGRESS, requestRemove.getState());
WorkflowFilterDto taskRemoveFilter = new WorkflowFilterDto();
// HELPDESK
requestRemove = roleRequestService.get(requestRemove.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
// MANAGER
requestRemove = roleRequestService.get(requestRemove.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
// USER MANAGER
requestRemove = roleRequestService.get(requestRemove.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
// Subprocess - approve by GUARANTEE
requestRemove = roleRequestService.get(requestRemove.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
// SECURITY
requestRemove = roleRequestService.get(requestRemove.getId());
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
requestRemove = roleRequestService.get(requestRemove.getId());
assertEquals(RoleRequestState.EXECUTED, requestRemove.getState());
assertNotNull(requestRemove.getWfProcessId());
conceptRemove = conceptRoleRequestService.get(conceptRemove.getId());
assertNotNull(conceptRemove.getWfProcessId());
IdmIdentityRoleFilter filterRemove = new IdmIdentityRoleFilter();
filterRemove.setIdentityId(test1.getId());
Page<IdmIdentityRoleDto> pageRemove = identityRoleService.find(filterRemove, null);
assertEquals(0, pageRemove.getContent().size());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method addSuperAdminRoleApproveBySecurityTest.
@Test
@Transactional
public void addSuperAdminRoleApproveBySecurityTest() {
configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "true");
configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "false");
configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
// Set security role test
configurationService.setValue(APPROVE_BY_SECURITY_ROLE, SECURITY_ROLE_TEST);
// Create test role for load candidates on security department (TEST_USER_1)
IdmRoleDto role = new IdmRoleDto();
role.setName(SECURITY_ROLE_TEST);
role = roleService.save(role);
helper.createIdentityRole(identityService.getByUsername(InitTestData.TEST_USER_1), role);
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
WorkflowFilterDto taskFilter = new WorkflowFilterDto();
taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
assertEquals(0, tasks.size());
// HELPDESK turn off
// MANAGER turn off
// USER MANAGER turn off
// SECURITY
loginAsAdmin(InitTestData.TEST_USER_1);
taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_1);
checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.EXECUTED, request.getState());
assertNotNull(request.getWfProcessId());
concept = conceptRoleRequestService.get(concept.getId());
assertNotNull(concept.getWfProcessId());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method createRoleRequest.
private IdmRoleRequestDto createRoleRequest(IdmIdentityDto test1) {
IdmRoleRequestDto request = new IdmRoleRequestDto();
request.setApplicant(test1.getId());
request.setExecuteImmediately(false);
request.setRequestedByType(RoleRequestedByType.MANUALLY);
return request;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class ChangeIdentityPermissionTest method testCompleteTaskByStarter.
@Test
public void testCompleteTaskByStarter() {
// approve only by help desk
configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
//
loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
IdmIdentityDto test1 = helper.createIdentity();
//
IdmRoleDto role = helper.createRole();
//
// helpdesk role and identity
IdmRoleDto helpdeskRole = helper.createRole();
IdmIdentityDto helpdeskIdentity = helper.createIdentity();
// add role directly
helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
loginAsNoAdmin(test1.getUsername());
IdmRoleRequestDto request = createRoleRequest(test1);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
concept = conceptRoleRequestService.save(concept);
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
try {
completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
fail("This user: " + test1.getUsername() + " can't approve task.");
} catch (ResultCodeException ex) {
assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
} catch (Exception e) {
fail("Some problem: " + e.getLocalizedMessage());
}
loginAsNoAdmin(helpdeskIdentity.getUsername());
try {
completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
} catch (ResultCodeException ex) {
fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
} catch (Exception e) {
fail("Some problem: " + e.getLocalizedMessage());
}
}
Aggregations