use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmIdentityServiceIntegrationTest method testReferentialRoleRequestIntegrity.
@Test
public void testReferentialRoleRequestIntegrity() {
IdmIdentityDto identity = helper.createIdentity();
String username = identity.getUsername();
// role with guarantee
IdmRoleDto role = new IdmRoleDto();
String roleName = "test_r_" + System.currentTimeMillis();
role.setName(roleName);
role = roleService.save(role);
// assigned role
IdmRoleRequestDto request = helper.assignRoles(helper.getPrimeContract(identity.getId()), false, role);
IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
conceptFilter.setRoleRequestId(request.getId());
IdmIdentityRoleFilter identityRolefilter = new IdmIdentityRoleFilter();
identityRolefilter.setIdentityId(identity.getId());
assertNotNull(identityService.getByUsername(username));
assertEquals(1, identityRoleService.find(identityRolefilter, null).getTotalElements());
assertEquals(1, conceptRequestService.find(conceptFilter, null).getTotalElements());
IdmConceptRoleRequestDto concept = conceptRequestService.find(conceptFilter, null).getContent().get(0);
concept.setWfProcessId("test_wf_" + System.currentTimeMillis());
conceptRequestService.save(concept);
//
identityService.delete(identity);
role = roleService.get(role.getId());
//
assertNull(identityService.getByUsername(username));
assertNull(passwordService.findOneByIdentity(identity.getId()));
assertEquals(0, identityContractService.findAllByIdentity(identity.getId()).size());
assertEquals(0, identityRoleService.find(identityRolefilter, null).getTotalElements());
assertEquals(0, conceptRequestService.find(conceptFilter, null).getTotalElements());
roleService.delete(role);
assertNull(roleService.get(role.getId()));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class IdmRoleRequestController method getConcepts.
@ResponseBody
@RequestMapping(value = "/{backendId}/concepts", method = RequestMethod.GET)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLE_REQUEST_READ + "')")
@ApiOperation(value = "Role request concepts", nickname = "getRoleRequestConcepts", tags = { IdmRoleRequestController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_READ, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_READ, description = "") }) })
@ApiImplicitParams({ @ApiImplicitParam(name = "parameters", allowMultiple = true, dataType = "string", paramType = "query", value = "Search criteria parameters. Parameters could be registered by module. Example id=25c5b9e8-b15d-4f95-b715-c7edf6f4aee6"), @ApiImplicitParam(name = "page", dataType = "string", paramType = "query", value = "Results page you want to retrieve (0..N)"), @ApiImplicitParam(name = "size", dataType = "string", paramType = "query", value = "Number of records per page."), @ApiImplicitParam(name = "sort", allowMultiple = true, dataType = "string", paramType = "query", value = "Sorting criteria in the format: property(,asc|desc). " + "Default sort order is ascending. " + "Multiple sort criteria are supported.") })
public Resources<?> getConcepts(@ApiParam(value = "Role request's uuid identifier.", required = true) @PathVariable String backendId, @RequestParam(required = false) MultiValueMap<String, Object> parameters, @PageableDefault Pageable pageable) {
IdmRoleRequestDto entity = getDto(backendId);
if (entity == null) {
throw new ResultCodeException(CoreResultCode.NOT_FOUND, ImmutableMap.of("entity", backendId));
}
//
IdmConceptRoleRequestFilter filter = conceptRoleRequestController.toFilter(parameters);
filter.setRoleRequestId(entity.getId());
//
return toResources(conceptRoleRequestController.find(filter, pageable, IdmBasePermission.READ), IdmRoleRequestDto.class);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class IdmRoleRequestController method delete.
@Override
@ResponseBody
@RequestMapping(value = "/{backendId}", method = RequestMethod.DELETE)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLE_REQUEST_DELETE + "')")
@ApiOperation(value = "Delete role request", nickname = "deleteRoleRequest", tags = { IdmRoleRequestController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_DELETE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLE_REQUEST_DELETE, description = "") }) })
public ResponseEntity<?> delete(@ApiParam(value = "Role request's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
IdmRoleRequestService service = ((IdmRoleRequestService) this.getService());
IdmRoleRequestDto dto = service.get(backendId);
//
checkAccess(dto, IdmBasePermission.DELETE);
// Request in Executed state can not be delete or change
if (RoleRequestState.EXECUTED == dto.getState()) {
throw new RoleRequestException(CoreResultCode.ROLE_REQUEST_EXECUTED_CANNOT_DELETE, ImmutableMap.of("request", dto));
}
// Only request in Concept state, can be deleted. In others states, will be request set to Canceled state and save.
if (RoleRequestState.CONCEPT == dto.getState()) {
service.delete(dto);
} else {
service.cancel(dto);
}
return new ResponseEntity<Object>(HttpStatus.NO_CONTENT);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class RemoveAutomaticRoleTaskExecutor method end.
@Override
protected Boolean end(Boolean result, Exception ex) {
Boolean ended = super.end(result, ex);
//
if (BooleanUtils.isTrue(ended)) {
IdmRoleDto role = DtoUtils.getEmbedded(getAutomaticRole(), IdmRoleTreeNode_.role, IdmRoleDto.class);
//
long assignedRoles = identityRoleService.findByAutomaticRole(getAutomaticRoleId(), new PageRequest(0, 1)).getTotalElements();
if (assignedRoles != 0) {
LOG.debug("Remove role [{}] by automatic role [{}] is not complete, some roles [{}] remains assigned to identities.", role.getCode(), getAutomaticRole().getId(), assignedRoles);
return ended;
}
//
LOG.debug("Remove role [{}] by automatic role [{}]", role.getCode(), getAutomaticRole().getId());
try {
//
// Find all concepts and remove relation on role tree
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setAutomaticRole(getAutomaticRoleId());
//
List<IdmConceptRoleRequestDto> concepts = conceptRequestService.find(conceptRequestFilter, null).getContent();
for (IdmConceptRoleRequestDto concept : concepts) {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role tree node [{0}] (reqested in concept [{1}]) was deleted (not from this role request)!", getAutomaticRoleId(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested RoleTreeNode [{1}] was deleted (not from this role request)!", concept.getId(), getAutomaticRoleId());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRequestService.addToLog(concept, message);
concept.setAutomaticRole(null);
roleRequestService.save(request);
conceptRequestService.save(concept);
}
// Find all automatic role requests and remove relation on automatic role
if (automaticRoleId != null) {
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setAutomaticRoleId(automaticRoleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setAutomaticRole(null);
automaticRoleRequestService.save(request);
// WFs cannot be cancel here, because this method can be called from the same WF
// automaticRoleRequestService.cancel(request);
});
}
// by default is this allowed
if (this.isDeleteEntity()) {
// delete entity
if (getAutomaticRole() instanceof IdmRoleTreeNodeDto) {
roleTreeNodeService.deleteInternalById(getAutomaticRole().getId());
} else {
// remove all rules
automaticRoleAttributeRuleService.deleteAllByAttribute(getAutomaticRole().getId());
automaticRoleAttributeService.deleteInternalById(getAutomaticRole().getId());
}
}
//
LOG.debug("End: Remove role [{}] by automatic role [{}].", role.getCode(), getAutomaticRole().getId());
//
} catch (Exception O_o) {
LOG.debug("Remove role [{}] by automatic role [{}] failed", role.getCode(), getAutomaticRole().getId(), O_o);
//
IdmLongRunningTaskDto task = longRunningTaskService.get(getLongRunningTaskId());
ResultModel resultModel = new DefaultResultModel(CoreResultCode.LONG_RUNNING_TASK_FAILED, ImmutableMap.of("taskId", getLongRunningTaskId(), "taskType", task.getTaskType(), "instanceId", task.getInstanceId()));
saveResult(resultModel, OperationState.EXCEPTION, O_o);
}
}
//
return ended;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class IdentityContractDeleteProcessor method process.
@Override
public EventResult<IdmIdentityContractDto> process(EntityEvent<IdmIdentityContractDto> event) {
IdmIdentityContractDto contract = event.getContent();
//
// delete referenced roles
identityRoleService.findAllByContract(contract.getId()).forEach(identityRole -> {
identityRoleService.delete(identityRole);
});
// Find all concepts and remove relation on role
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setIdentityContractId(contract.getId());
conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("IdentityContract [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", contract.getId(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityContract [{1}] was deleted (not from this role request)!", concept.getId(), contract.getId());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRequestService.addToLog(concept, message);
concept.setIdentityContract(null);
roleRequestService.save(request);
conceptRequestService.save(concept);
});
// delete contract guarantees
IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
filter.setIdentityContractId(contract.getId());
contractGuaranteeService.find(filter, null).forEach(guarantee -> {
contractGuaranteeService.delete(guarantee);
});
// delete identity contract
service.deleteInternal(contract);
//
return new DefaultEventResult<>(event, this);
}
Aggregations