Search in sources :

Example 26 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessTest() {
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_GUARANTEE_KEY);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK - must be skipped
    // MANAGER
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // Subprocess - approve by GUARANTEE
    loginAsAdmin(InitTestData.TEST_USER_2);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_2);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    // SECURITY
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 27 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleWithSubprocessRemoveTest.

@Test
@Transactional
public void addSuperAdminRoleWithSubprocessRemoveTest() {
    IdmIdentityDto test1 = helper.createIdentity("TestUser" + System.currentTimeMillis());
    IdmIdentityDto test2 = identityService.getByUsername(InitTestData.TEST_USER_2);
    loginAsAdmin(InitTestData.TEST_USER_2);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleDto adminRole = helper.createRole("testRole" + System.currentTimeMillis());
    adminRole.setApproveRemove(true);
    roleService.save(adminRole);
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    // HELPDESK
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
    // MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
    // USER MANAGER
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
    // SECURITY
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskFilter, test1.getUsername(), "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityId(test1.getId());
    Page<IdmIdentityRoleDto> page = identityRoleService.find(filter, null);
    assertEquals(1, page.getContent().size());
    loginAsAdmin(InitTestData.TEST_USER_2);
    // Guarantee
    int priority = 500;
    adminRole.setPriority(priority);
    IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
    guarantee.setRole(adminRole.getId());
    guarantee.setGuarantee(test2.getId());
    adminRole.getGuarantees().add(guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + (priority + priority), APPROVE_REMOVE_ROLE_BY_MANAGER_KEY);
    IdmRoleRequestDto requestRemove = createRoleRequest(test1);
    requestRemove = roleRequestService.save(requestRemove);
    IdmConceptRoleRequestDto conceptRemove = createRoleRemoveConcept(page.getContent().get(0).getId(), adminRole, contract, requestRemove);
    conceptRemove = conceptRoleRequestService.save(conceptRemove);
    roleRequestService.startRequestInternal(requestRemove.getId(), true);
    requestRemove = roleRequestService.get(requestRemove.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, requestRemove.getState());
    WorkflowFilterDto taskRemoveFilter = new WorkflowFilterDto();
    // HELPDESK
    requestRemove = roleRequestService.get(requestRemove.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
    // MANAGER
    requestRemove = roleRequestService.get(requestRemove.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
    // USER MANAGER
    requestRemove = roleRequestService.get(requestRemove.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
    // Subprocess - approve by GUARANTEE
    requestRemove = roleRequestService.get(requestRemove.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
    // SECURITY
    requestRemove = roleRequestService.get(requestRemove.getId());
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    taskRemoveFilter.setCandidateOrAssigned(InitTestData.TEST_ADMIN_USERNAME);
    checkAndCompleteOneTask(taskRemoveFilter, test1.getUsername(), "approve");
    requestRemove = roleRequestService.get(requestRemove.getId());
    assertEquals(RoleRequestState.EXECUTED, requestRemove.getState());
    assertNotNull(requestRemove.getWfProcessId());
    conceptRemove = conceptRoleRequestService.get(conceptRemove.getId());
    assertNotNull(conceptRemove.getWfProcessId());
    IdmIdentityRoleFilter filterRemove = new IdmIdentityRoleFilter();
    filterRemove.setIdentityId(test1.getId());
    Page<IdmIdentityRoleDto> pageRemove = identityRoleService.find(filterRemove, null);
    assertEquals(0, pageRemove.getContent().size());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 28 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method addSuperAdminRoleApproveBySecurityTest.

@Test
@Transactional
public void addSuperAdminRoleApproveBySecurityTest() {
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    // Set security role test
    configurationService.setValue(APPROVE_BY_SECURITY_ROLE, SECURITY_ROLE_TEST);
    // Create test role for load candidates on security department (TEST_USER_1)
    IdmRoleDto role = new IdmRoleDto();
    role.setName(SECURITY_ROLE_TEST);
    role = roleService.save(role);
    helper.createIdentityRole(identityService.getByUsername(InitTestData.TEST_USER_1), role);
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = identityService.getByUsername(InitTestData.TEST_USER_1);
    IdmRoleDto adminRole = roleService.getByCode(InitTestData.TEST_ADMIN_ROLE);
    IdmIdentityContractDto contract = identityContractService.getPrimeContract(test1.getId());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    // HELPDESK turn off
    // MANAGER turn off
    // USER MANAGER turn off
    // SECURITY
    loginAsAdmin(InitTestData.TEST_USER_1);
    taskFilter.setCandidateOrAssigned(InitTestData.TEST_USER_1);
    checkAndCompleteOneTask(taskFilter, InitTestData.TEST_USER_1, "approve");
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.EXECUTED, request.getState());
    assertNotNull(request.getWfProcessId());
    concept = conceptRoleRequestService.get(concept.getId());
    assertNotNull(concept.getWfProcessId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) WorkflowFilterDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto) WorkflowTaskInstanceDto(eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 29 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method createRoleRequest.

private IdmRoleRequestDto createRoleRequest(IdmIdentityDto test1) {
    IdmRoleRequestDto request = new IdmRoleRequestDto();
    request.setApplicant(test1.getId());
    request.setExecuteImmediately(false);
    request.setRequestedByType(RoleRequestedByType.MANUALLY);
    return request;
}
Also used : IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 30 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testCompleteTaskByStarter.

@Test
public void testCompleteTaskByStarter() {
    // approve only by help desk
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    // 
    loginAsAdmin(InitTestData.TEST_ADMIN_USERNAME);
    IdmIdentityDto test1 = helper.createIdentity();
    // 
    IdmRoleDto role = helper.createRole();
    // 
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = helper.createRole();
    IdmIdentityDto helpdeskIdentity = helper.createIdentity();
    // add role directly
    helper.createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityContractDto contract = helper.getPrimeContract(test1.getId());
    loginAsNoAdmin(test1.getUsername());
    IdmRoleRequestDto request = createRoleRequest(test1);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(role, contract, request);
    concept = conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
        fail("This user: " + test1.getUsername() + " can't approve task.");
    } catch (ResultCodeException ex) {
        assertTrue(CoreResultCode.FORBIDDEN.name().equals(ex.getError().getError().getStatusEnum()));
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
    loginAsNoAdmin(helpdeskIdentity.getUsername());
    try {
        completeTasksFromUsers(helpdeskIdentity.getUsername(), "approve");
    } catch (ResultCodeException ex) {
        fail("User has permission to approve task. Error message: " + ex.getLocalizedMessage());
    } catch (Exception e) {
        fail("Some problem: " + e.getLocalizedMessage());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Aggregations

IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)52 Test (org.junit.Test)52 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)51 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)49 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)44 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)35 List (java.util.List)27 ArrayList (java.util.ArrayList)26 IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)24 IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)24 Transactional (org.springframework.transaction.annotation.Transactional)20 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)9 IdmConceptRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)9 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)9 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)8 IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)7 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)7