use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class RoleTreeNodeDeleteProcessor method process.
@Override
public EventResult<IdmRoleTreeNodeDto> process(EntityEvent<IdmRoleTreeNodeDto> event) {
IdmRoleTreeNodeDto roleTreeNode = event.getContent();
//
if (roleTreeNode.getId() == null) {
return new DefaultEventResult<>(event, this);
}
//
// delete all assigned roles gained by this automatic role by long running task
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(roleTreeNode.getId());
if (event.getPriority() == PriorityType.IMMEDIATE) {
longRunningTaskManager.executeSync(automaticRoleTask);
return new DefaultEventResult.Builder<>(event, this).build();
}
//
automaticRoleTask.setContinueOnException(true);
if (longRunningTaskManager.isAsynchronous()) {
automaticRoleTask.setRequireNewTransaction(true);
}
try {
longRunningTaskManager.execute(automaticRoleTask);
} catch (AcceptedException ex) {
DefaultEventResult<IdmRoleTreeNodeDto> result = new DefaultEventResult<>(event, this);
result.setSuspended(true);
//
return result;
}
//
return new DefaultEventResult.Builder<>(event, this).build();
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class IdmRoleTreeNodeController method delete.
@Override
@ResponseBody
@RequestMapping(value = "/{backendId}", method = RequestMethod.DELETE)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLETREENODE_DELETE + "')")
@ApiOperation(value = "Delete automatic role. Uses request!", nickname = "deleteRoleTreeNode", tags = { IdmRoleTreeNodeController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_DELETE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_DELETE, description = "") }) })
public ResponseEntity<?> delete(@ApiParam(value = "Automatic role's uuid identifier.", required = true) @PathVariable @NotNull String backendId) {
IdmRoleTreeNodeDto automaticRole = this.getDto(backendId);
Assert.notNull(automaticRole, "Automatic role is required.");
requestService.deleteAutomaticRole(automaticRole, AutomaticRoleRequestType.TREE);
//
throw new AcceptedException();
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class IdmRoleTreeNodeController method post.
@Override
@ResponseBody
@RequestMapping(method = RequestMethod.POST)
@PreAuthorize("hasAuthority('" + CoreGroupPermission.ROLETREENODE_CREATE + "')" + " or hasAuthority('" + CoreGroupPermission.ROLETREENODE_UPDATE + "')")
@ApiOperation(value = "Create / update automatic role", nickname = "postRoleTreeNode", response = IdmRoleTreeNodeDto.class, tags = { IdmRoleTreeNodeController.TAG }, authorizations = { @Authorization(value = SwaggerConfig.AUTHENTICATION_BASIC, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_CREATE, description = ""), @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_UPDATE, description = "") }), @Authorization(value = SwaggerConfig.AUTHENTICATION_CIDMST, scopes = { @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_CREATE, description = ""), @AuthorizationScope(scope = CoreGroupPermission.ROLETREENODE_UPDATE, description = "") }) }, notes = "If role has guarantee assigned, then automatic role has to be approved by him at first (configurable by entity event processor).")
public ResponseEntity<?> post(@Valid @RequestBody IdmRoleTreeNodeDto dto) {
Assert.notNull(dto, "DTO is required.");
IdmRoleTreeNodeDto result = requestService.createTreeAutomaticRole(dto);
if (result == null) {
return new ResponseEntity<>(HttpStatus.NO_CONTENT);
}
return new ResponseEntity<>(toResource(result), HttpStatus.CREATED);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class RoleDuplicateBulkActionIntegrationTest method testRemoveAutomaticRole.
@Test
public void testRemoveAutomaticRole() {
//
// create new entity state with a different transactionId - has to be preserved
TransactionContextHolder.clearContext();
IdmEntityStateDto otherState = new IdmEntityStateDto();
otherState.setOwnerId(UUID.randomUUID());
otherState.setOwnerType("mock");
otherState.setResult(new OperationResultDto.Builder(OperationState.CREATED).build());
otherState.setInstanceId("mock");
otherState = entityStateService.save(otherState);
//
TransactionContextHolder.clearContext();
// automatic role on sub role
IdmRoleDto parentRole = createRole();
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
IdmTreeNodeDto treeNode = getHelper().createTreeNode();
IdmIdentityContractDto contract = getHelper().getPrimeContract(identity);
contract.setWorkPosition(treeNode.getId());
contractService.save(contract);
IdmRoleDto subRole = createRole();
getHelper().createRoleComposition(parentRole, subRole);
// create attributes, automatic roles etc.
IdmAutomaticRoleAttributeDto automaticRoleAttribute = createAutomaticRole(subRole, identity.getUsername());
IdmRoleTreeNodeDto automaticRoleTree = createAutomaticRole(subRole, treeNode);
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> automaticRoleAttribute.getId().equals(ir.getAutomaticRole())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> automaticRoleTree.getId().equals(ir.getAutomaticRole())));
//
String targetEnvironment = getHelper().createName();
IdmBulkActionDto bulkAction = findBulkAction(IdmRole.class, RoleDuplicateBulkAction.NAME);
bulkAction.setIdentifiers(Sets.newHashSet(parentRole.getId()));
bulkAction.getProperties().put(RoleDuplicateBulkAction.PROPERTY_ENVIRONMENT, targetEnvironment);
bulkAction.getProperties().put(DuplicateRoleAutomaticByTreeProcessor.PARAMETER_INCLUDE_AUTOMATIC_ROLE, true);
bulkAction.getProperties().put(DuplicateRoleCompositionProcessor.PARAMETER_INCLUDE_ROLE_COMPOSITION, true);
IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
//
checkResultLrt(processAction, 1l, null, null);
//
IdmRoleDto duplicate = roleService.getByBaseCodeAndEnvironment(subRole.getBaseCode(), targetEnvironment);
//
IdmAutomaticRoleAttributeDto duplicateAutomaticRoleAttribute = findAutomaticRolesByAttribute(duplicate).get(0);
IdmRoleTreeNodeDto duplicateAtomaticRoleTree = findAutomaticRolesByTree(duplicate).get(0);
//
assignedRoles = identityRoleService.findAllByIdentity(identity.getId());
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> automaticRoleAttribute.getId().equals(ir.getAutomaticRole())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> automaticRoleTree.getId().equals(ir.getAutomaticRole())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> duplicateAutomaticRoleAttribute.getId().equals(ir.getAutomaticRole())));
Assert.assertTrue(assignedRoles.stream().anyMatch(ir -> duplicateAtomaticRoleTree.getId().equals(ir.getAutomaticRole())));
//
automaticRoleAttributeService.delete(automaticRoleAttribute);
//
processAction = bulkActionManager.processAction(bulkAction);
//
checkResultLrt(processAction, 1l, null, null);
//
duplicate = roleService.getByBaseCodeAndEnvironment(subRole.getBaseCode(), targetEnvironment);
//
Assert.assertTrue(findAutomaticRolesByAttribute(duplicate).isEmpty());
Assert.assertNotNull(entityStateService.get(otherState));
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class RoleDeleteBulkActionIntegrationTest method testForceDeleteAsync.
@Test
public void testForceDeleteAsync() {
logout();
loginAsAdmin();
// create identities
String description = getHelper().createName();
IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
identity.setDescription(description);
IdmIdentityDto identityOne = identityService.save(identity);
identity = getHelper().createIdentity((GuardedString) null);
identity.setDescription(description);
IdmIdentityDto identityTwo = identityService.save(identity);
// create roles
IdmRoleDto role = getHelper().createRole();
IdmRoleDto roleSubOne = getHelper().createRole();
IdmRoleDto roleSubTwo = getHelper().createRole();
IdmRoleDto roleSubSubOne = getHelper().createRole();
// create business roles
IdmRoleCompositionDto compositionOne = getHelper().createRoleComposition(role, roleSubOne);
IdmRoleCompositionDto compositionTwo = getHelper().createRoleComposition(role, roleSubTwo);
IdmRoleCompositionDto compositionThree = getHelper().createRoleComposition(roleSubOne, roleSubSubOne);
// create automatic roles - by tree and by attribute too
IdmAutomaticRoleAttributeDto automaticRoleOne = getHelper().createAutomaticRole(role.getId());
getHelper().createAutomaticRoleRule(automaticRoleOne.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.description.getName(), null, description);
IdmAutomaticRoleAttributeDto automaticRoleTwo = getHelper().createAutomaticRole(role.getId());
getHelper().createAutomaticRoleRule(automaticRoleTwo.getId(), AutomaticRoleAttributeRuleComparison.EQUALS, AutomaticRoleAttributeRuleType.IDENTITY, IdmIdentity_.description.getName(), null, description);
IdmTreeNodeDto treeNode = getHelper().createTreeNode();
IdmIdentityContractDto contract = getHelper().getPrimeContract(identityOne);
contract.setWorkPosition(treeNode.getId());
contractService.save(contract);
contract = getHelper().getPrimeContract(identityTwo);
contract.setWorkPosition(treeNode.getId());
contractService.save(contract);
IdmRoleTreeNodeDto automaticRoleThree = getHelper().createRoleTreeNode(role, treeNode, false);
IdmRoleTreeNodeDto automaticRoleFour = getHelper().createRoleTreeNode(role, treeNode, false);
// create manuallyAssigned roles
getHelper().createIdentityRole(identityOne, role);
getHelper().createIdentityRole(identityOne, role);
getHelper().createIdentityRole(identityTwo, role);
getHelper().createIdentityRole(identityTwo, role);
Assert.assertEquals(24, identityRoleService.findAllByIdentity(identityOne.getId()).size());
Assert.assertEquals(24, identityRoleService.findAllByIdentity(identityTwo.getId()).size());
// remove role async
try {
getHelper().enableAsynchronousProcessing();
Map<String, Object> properties = new HashMap<>();
properties.put(RoleProcessor.PROPERTY_FORCE_DELETE, Boolean.TRUE);
// delete by bulk action
IdmBulkActionDto bulkAction = this.findBulkAction(IdmRole.class, RoleDeleteBulkAction.NAME);
bulkAction.setIdentifiers(Sets.newHashSet(role.getId()));
bulkAction.setProperties(properties);
IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
//
getHelper().waitForResult(res -> {
return roleService.get(role) != null;
});
checkResultLrt(processAction, 1l, 0l, 0l);
//
Assert.assertTrue(identityRoleService.findAllByIdentity(identityOne.getId()).isEmpty());
Assert.assertTrue(identityRoleService.findAllByIdentity(identityTwo.getId()).isEmpty());
Assert.assertNull(roleCompositionService.get(compositionOne));
Assert.assertNull(roleCompositionService.get(compositionTwo));
Assert.assertNotNull(roleCompositionService.get(compositionThree));
Assert.assertNull(automaticRoleAttributeService.get(automaticRoleOne));
Assert.assertNull(automaticRoleAttributeService.get(automaticRoleTwo));
Assert.assertNull(roleTreeNodeService.get(automaticRoleThree));
Assert.assertNull(roleTreeNodeService.get(automaticRoleFour));
Assert.assertNull(roleService.get(role));
Assert.assertNotNull(roleService.get(roleSubOne));
Assert.assertNotNull(roleService.get(roleSubTwo));
Assert.assertNotNull(roleService.get(roleSubSubOne));
} finally {
getHelper().disableAsynchronousProcessing();
}
}
Aggregations