use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestServiceIntegrationTest method duplicatedRequestExceptionTest.
@Test()
@Transactional()
public void duplicatedRequestExceptionTest() {
loginAsAdmin(USER_TEST_A);
IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
IdmIdentityContractDto contractA = identityContractService.getPrimeContract(testA.getId());
IdmRoleRequestDto request = new IdmRoleRequestDto();
request.setApplicant(testA.getId());
request.setExecuteImmediately(false);
request.setRequestedByType(RoleRequestedByType.MANUALLY);
IdmRoleRequestDto requestA = roleRequestService.save(request);
Assert.assertEquals(RoleRequestState.CONCEPT, requestA.getState());
LocalDate validFrom = new LocalDate().minusDays(1);
LocalDate validTill = new LocalDate().plusMonths(1);
IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
conceptA.setRoleRequest(requestA.getId());
conceptA.setOperation(ConceptRoleRequestOperation.ADD);
conceptA.setRole(roleA.getId());
conceptA.setValidFrom(validFrom);
conceptA.setValidTill(validTill);
conceptA.setIdentityContract(contractA.getId());
conceptRoleRequestService.save(conceptA);
roleRequestService.startRequestInternal(requestA.getId(), true);
requestA = roleRequestService.get(requestA.getId());
Assert.assertEquals(RoleRequestState.IN_PROGRESS, requestA.getState());
IdmRoleRequestDto requestB = roleRequestService.save(request);
conceptA.setRoleRequest(requestB.getId());
conceptRoleRequestService.save(conceptA);
// We expect duplication exception
roleRequestService.startRequestInternal(requestB.getId(), true);
requestB = roleRequestService.get(requestB.getId());
Assert.assertEquals(RoleRequestState.DUPLICATED, requestB.getState());
Assert.assertEquals(requestA.getId(), requestB.getDuplicatedToRequest());
// We change only description (remove duplicity)
requestB.setDescription("-----");
roleRequestService.save(requestB);
// We expect correct start
roleRequestService.startRequestInternal(requestB.getId(), true);
requestB = roleRequestService.get(requestB.getId());
Assert.assertEquals(RoleRequestState.IN_PROGRESS, requestB.getState());
Assert.assertEquals(null, requestB.getDuplicatedToRequest());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestServiceIntegrationTest method noSameApplicantExceptionTest.
@Test(expected = RoleRequestException.class)
@Transactional()
public void noSameApplicantExceptionTest() {
IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
IdmIdentityDto testB = identityService.getByUsername(USER_TEST_B);
IdmIdentityContractDto contractB = identityContractService.getPrimeContract(testB.getId());
IdmRoleRequestDto request = new IdmRoleRequestDto();
request.setApplicant(testA.getId());
request.setExecuteImmediately(true);
request.setRequestedByType(RoleRequestedByType.MANUALLY);
request = roleRequestService.save(request);
IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
conceptA.setRoleRequest(request.getId());
conceptA.setOperation(ConceptRoleRequestOperation.ADD);
conceptA.setRole(roleA.getId());
// Contract from
conceptA.setIdentityContract(contractB.getId());
// applicant B
conceptA = conceptRoleRequestService.save(conceptA);
// excepted ROLE_REQUEST_APPLICANTS_NOT_SAME exception
roleRequestService.startRequestInternal(request.getId(), true);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestServiceIntegrationTest method addPermissionViaRoleRequestTest.
@Test
@Transactional()
public void addPermissionViaRoleRequestTest() {
IdmIdentityDto testA = identityService.getByUsername(USER_TEST_A);
IdmIdentityContractDto contractA = identityContractService.getPrimeContract(testA.getId());
IdmRoleRequestDto request = new IdmRoleRequestDto();
request.setApplicant(testA.getId());
request.setExecuteImmediately(true);
request.setRequestedByType(RoleRequestedByType.MANUALLY);
// can not be saved (after
request.setState(RoleRequestState.EXECUTED);
// create must be
// CONCEPT)
request = roleRequestService.save(request);
Assert.assertEquals(RoleRequestState.CONCEPT, request.getState());
LocalDate validFrom = new LocalDate().minusDays(1);
LocalDate validTill = new LocalDate().plusMonths(1);
IdmConceptRoleRequestDto conceptA = new IdmConceptRoleRequestDto();
conceptA.setRoleRequest(request.getId());
// can not be saved (after
conceptA.setState(RoleRequestState.EXECUTED);
// create must be
// CONCEPT)
conceptA.setOperation(ConceptRoleRequestOperation.ADD);
conceptA.setRole(roleA.getId());
conceptA.setValidFrom(validFrom);
conceptA.setValidTill(validTill);
conceptA.setIdentityContract(contractA.getId());
conceptA = conceptRoleRequestService.save(conceptA);
Assert.assertEquals(RoleRequestState.CONCEPT, conceptA.getState());
roleRequestService.startRequestInternal(request.getId(), true);
request = roleRequestService.get(request.getId());
Assert.assertEquals(RoleRequestState.EXECUTED, request.getState());
List<IdmIdentityRoleDto> identityRoles = identityRoleService.findAllByIdentity(testA.getId());
Assert.assertEquals(1, identityRoles.size());
Assert.assertEquals(validFrom, identityRoles.get(0).getValidFrom());
Assert.assertEquals(validTill, identityRoles.get(0).getValidTill());
Assert.assertEquals(contractA.getId(), identityRoles.get(0).getIdentityContract());
Assert.assertEquals(roleA.getId(), identityRoles.get(0).getRole());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class IdentityRoleDeleteProcessor method process.
@Override
public EventResult<IdmIdentityRoleDto> process(EntityEvent<IdmIdentityRoleDto> event) {
IdmIdentityRoleDto identityRole = event.getContent();
// Find all concepts and remove relation on identity role
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setIdentityRoleId(identityRole.getId());
conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("IdentityRole [{0}] (reqested in concept [{1}]) was deleted (not from this role request)!", identityRole.getId(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityRole [{1}] was deleted (not from this role request)!", concept.getId(), identityRole.getId());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRequestService.addToLog(concept, message);
concept.setIdentityRole(null);
roleRequestService.save(request);
conceptRequestService.save(concept);
});
//
// remove all IdentityRoleValidRequest for this role
List<IdmIdentityRoleValidRequestDto> validRequests = identityRoleValidRequestService.findAllValidRequestForIdentityRoleId(identityRole.getId());
identityRoleValidRequestService.deleteAll(validRequests);
//
// Delete identity role
service.deleteInternal(identityRole);
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
IdmRoleDto role = event.getContent();
// role assigned to identity could not be deleted
if (identityRoleRepository.countByRole_Id(role.getId()) > 0) {
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED, ImmutableMap.of("role", role.getName()));
}
//
// automatic role attribute has assigned this role
IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
automaticRoleFilter.setRoleId(role.getId());
long totalElements = automaticRoleAttributeService.find(automaticRoleFilter, new PageRequest(0, 1)).getTotalElements();
if (totalElements > 0) {
// some automatic role attribute has assigned this role
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_AUTOMATIC_ROLE_ASSIGNED, ImmutableMap.of("role", role.getName()));
}
//
// remove related automatic roles
IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
filter.setRoleId(role.getId());
roleTreeNodeService.find(filter, null).forEach(roleTreeNode -> {
try {
roleTreeNodeService.delete(roleTreeNode);
} catch (AcceptedException ex) {
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_TREE_NODE, ImmutableMap.of("role", role.getName(), "roleTreeNode", roleTreeNode.getId()));
}
});
// Find all concepts and remove relation on role
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setRoleId(role.getId());
conceptRoleRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getName(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getName());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRoleRequestService.addToLog(concept, message);
concept.setRole(null);
roleRequestService.save(request);
conceptRoleRequestService.save(concept);
});
// remove all policies
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(role.getId());
authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
authorizationPolicyService.delete(dto);
});
// Find all automatic role requests and remove relation on automatic role
UUID roleId = role.getId();
if (roleId != null) {
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setRoleId(roleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setRole(null);
automaticRoleRequestService.save(request);
automaticRoleRequestService.cancel(request);
});
}
//
// remove role guarantees, sub roles and catalog works automatically by hibenate mapping
service.deleteInternal(role);
//
return new DefaultEventResult<>(event, this);
}
Aggregations