Search in sources :

Example 36 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestServiceIntegrationTest method duplicatedRequestExceptionTest.

@Test()
@Transactional()
public void duplicatedRequestExceptionTest() {
    loginAsAdmin(USER_TEST_A);
    IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
    IdmIdentityContractDto contractA = identityContractService.getPrimeContract(testA.getId());
    IdmRoleRequestDto request = new IdmRoleRequestDto();
    request.setApplicant(testA.getId());
    request.setExecuteImmediately(false);
    request.setRequestedByType(RoleRequestedByType.MANUALLY);
    IdmRoleRequestDto requestA = roleRequestService.save(request);
    Assert.assertEquals(RoleRequestState.CONCEPT, requestA.getState());
    LocalDate validFrom = new LocalDate().minusDays(1);
    LocalDate validTill = new LocalDate().plusMonths(1);
    IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
    conceptA.setRoleRequest(requestA.getId());
    conceptA.setOperation(ConceptRoleRequestOperation.ADD);
    conceptA.setRole(roleA.getId());
    conceptA.setValidFrom(validFrom);
    conceptA.setValidTill(validTill);
    conceptA.setIdentityContract(contractA.getId());
    conceptRoleRequestService.save(conceptA);
    roleRequestService.startRequestInternal(requestA.getId(), true);
    requestA = roleRequestService.get(requestA.getId());
    Assert.assertEquals(RoleRequestState.IN_PROGRESS, requestA.getState());
    IdmRoleRequestDto requestB = roleRequestService.save(request);
    conceptA.setRoleRequest(requestB.getId());
    conceptRoleRequestService.save(conceptA);
    // We expect duplication exception
    roleRequestService.startRequestInternal(requestB.getId(), true);
    requestB = roleRequestService.get(requestB.getId());
    Assert.assertEquals(RoleRequestState.DUPLICATED, requestB.getState());
    Assert.assertEquals(requestA.getId(), requestB.getDuplicatedToRequest());
    // We change only description (remove duplicity)
    requestB.setDescription("-----");
    roleRequestService.save(requestB);
    // We expect correct start
    roleRequestService.startRequestInternal(requestB.getId(), true);
    requestB = roleRequestService.get(requestB.getId());
    Assert.assertEquals(RoleRequestState.IN_PROGRESS, requestB.getState());
    Assert.assertEquals(null, requestB.getDuplicatedToRequest());
}
Also used : IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) LocalDate(org.joda.time.LocalDate) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 37 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestServiceIntegrationTest method noSameApplicantExceptionTest.

@Test(expected = RoleRequestException.class)
@Transactional()
public void noSameApplicantExceptionTest() {
    IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
    IdmIdentityDto testB = identityService.getByUsername(USER_TEST_B);
    IdmIdentityContractDto contractB = identityContractService.getPrimeContract(testB.getId());
    IdmRoleRequestDto request = new IdmRoleRequestDto();
    request.setApplicant(testA.getId());
    request.setExecuteImmediately(true);
    request.setRequestedByType(RoleRequestedByType.MANUALLY);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
    conceptA.setRoleRequest(request.getId());
    conceptA.setOperation(ConceptRoleRequestOperation.ADD);
    conceptA.setRole(roleA.getId());
    // Contract from
    conceptA.setIdentityContract(contractB.getId());
    // applicant B
    conceptA = conceptRoleRequestService.save(conceptA);
    // excepted ROLE_REQUEST_APPLICANTS_NOT_SAME exception
    roleRequestService.startRequestInternal(request.getId(), true);
}
Also used : IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 38 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestServiceIntegrationTest method addPermissionViaRoleRequestTest.

@Test
@Transactional()
public void addPermissionViaRoleRequestTest() {
    IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
    IdmIdentityContractDto contractA = identityContractService.getPrimeContract(testA.getId());
    IdmRoleRequestDto request = new IdmRoleRequestDto();
    request.setApplicant(testA.getId());
    request.setExecuteImmediately(true);
    request.setRequestedByType(RoleRequestedByType.MANUALLY);
    // can not be saved (after
    request.setState(RoleRequestState.EXECUTED);
    // create must be
    // CONCEPT)
    request = roleRequestService.save(request);
    Assert.assertEquals(RoleRequestState.CONCEPT, request.getState());
    LocalDate validFrom = new LocalDate().minusDays(1);
    LocalDate validTill = new LocalDate().plusMonths(1);
    IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
    conceptA.setRoleRequest(request.getId());
    // can not be saved (after
    conceptA.setState(RoleRequestState.EXECUTED);
    // create must be
    // CONCEPT)
    conceptA.setOperation(ConceptRoleRequestOperation.ADD);
    conceptA.setRole(roleA.getId());
    conceptA.setValidFrom(validFrom);
    conceptA.setValidTill(validTill);
    conceptA.setIdentityContract(contractA.getId());
    conceptA = conceptRoleRequestService.save(conceptA);
    Assert.assertEquals(RoleRequestState.CONCEPT, conceptA.getState());
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    Assert.assertEquals(RoleRequestState.EXECUTED, request.getState());
    List<IdmIdentityRoleDto> identityRoles = identityRoleService.findAllByIdentity(testA.getId());
    Assert.assertEquals(1, identityRoles.size());
    Assert.assertEquals(validFrom, identityRoles.get(0).getValidFrom());
    Assert.assertEquals(validTill, identityRoles.get(0).getValidTill());
    Assert.assertEquals(contractA.getId(), identityRoles.get(0).getIdentityContract());
    Assert.assertEquals(roleA.getId(), identityRoles.get(0).getRole());
}
Also used : IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) LocalDate(org.joda.time.LocalDate) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test) Transactional(org.springframework.transaction.annotation.Transactional)

Example 39 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class IdentityRoleDeleteProcessor method process.

@Override
public EventResult<IdmIdentityRoleDto> process(EntityEvent<IdmIdentityRoleDto> event) {
    IdmIdentityRoleDto identityRole = event.getContent();
    // Find all concepts and remove relation on identity role
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setIdentityRoleId(identityRole.getId());
    conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("IdentityRole [{0}] (reqested in concept [{1}]) was deleted (not from this role request)!", identityRole.getId(), concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityRole [{1}] was deleted (not from this role request)!", concept.getId(), identityRole.getId());
            concept.setState(RoleRequestState.CANCELED);
        }
        roleRequestService.addToLog(request, message);
        conceptRequestService.addToLog(concept, message);
        concept.setIdentityRole(null);
        roleRequestService.save(request);
        conceptRequestService.save(concept);
    });
    // 
    // remove all IdentityRoleValidRequest for this role
    List<IdmIdentityRoleValidRequestDto> validRequests = identityRoleValidRequestService.findAllValidRequestForIdentityRoleId(identityRole.getId());
    identityRoleValidRequestService.deleteAll(validRequests);
    // 
    // Delete identity role
    service.deleteInternal(identityRole);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) IdmIdentityRoleValidRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleValidRequestDto)

Example 40 with IdmRoleRequestDto

use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.

the class RoleDeleteProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    IdmRoleDto role = event.getContent();
    // role assigned to identity could not be deleted
    if (identityRoleRepository.countByRole_Id(role.getId()) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED, ImmutableMap.of("role", role.getName()));
    }
    // 
    // automatic role attribute has assigned this role
    IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
    automaticRoleFilter.setRoleId(role.getId());
    long totalElements = automaticRoleAttributeService.find(automaticRoleFilter, new PageRequest(0, 1)).getTotalElements();
    if (totalElements > 0) {
        // some automatic role attribute has assigned this role
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_AUTOMATIC_ROLE_ASSIGNED, ImmutableMap.of("role", role.getName()));
    }
    // 
    // remove related automatic roles
    IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
    filter.setRoleId(role.getId());
    roleTreeNodeService.find(filter, null).forEach(roleTreeNode -> {
        try {
            roleTreeNodeService.delete(roleTreeNode);
        } catch (AcceptedException ex) {
            throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_TREE_NODE, ImmutableMap.of("role", role.getName(), "roleTreeNode", roleTreeNode.getId()));
        }
    });
    // Find all concepts and remove relation on role
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setRoleId(role.getId());
    conceptRoleRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getName(), concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getName());
            concept.setState(RoleRequestState.CANCELED);
        }
        roleRequestService.addToLog(request, message);
        conceptRoleRequestService.addToLog(concept, message);
        concept.setRole(null);
        roleRequestService.save(request);
        conceptRoleRequestService.save(concept);
    });
    // remove all policies
    IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
    policyFilter.setRoleId(role.getId());
    authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
        authorizationPolicyService.delete(dto);
    });
    // Find all automatic role requests and remove relation on automatic role
    UUID roleId = role.getId();
    if (roleId != null) {
        IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
        automaticRoleRequestFilter.setRoleId(roleId);
        automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
            request.setRole(null);
            automaticRoleRequestService.save(request);
            automaticRoleRequestService.cancel(request);
        });
    }
    // 
    // remove role guarantees, sub roles and catalog works automatically by hibenate mapping
    service.deleteInternal(role);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter) PageRequest(org.springframework.data.domain.PageRequest) IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) UUID(java.util.UUID) IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Aggregations

IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)69 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)54 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)52 Test (org.junit.Test)52 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)51 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)49 AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)44 WorkflowFilterDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowFilterDto)37 WorkflowTaskInstanceDto (eu.bcvsolutions.idm.core.workflow.model.dto.WorkflowTaskInstanceDto)35 List (java.util.List)27 ArrayList (java.util.ArrayList)26 IdmNotificationLogDto (eu.bcvsolutions.idm.core.notification.api.dto.IdmNotificationLogDto)24 IdmNotificationFilter (eu.bcvsolutions.idm.core.notification.api.dto.filter.IdmNotificationFilter)24 Transactional (org.springframework.transaction.annotation.Transactional)20 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)9 IdmConceptRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)9 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)9 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)8 IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)7 LoginDto (eu.bcvsolutions.idm.core.security.api.dto.LoginDto)7