use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class RemoveAutomaticRoleTaskExecutor method end.
@Override
protected Boolean end(Boolean result, Exception ex) {
Boolean ended = super.end(result, ex);
//
if (BooleanUtils.isTrue(ended)) {
IdmRoleDto role = DtoUtils.getEmbedded(getAutomaticRole(), IdmRoleTreeNode_.role, IdmRoleDto.class);
//
long assignedRoles = identityRoleService.findByAutomaticRole(getAutomaticRoleId(), new PageRequest(0, 1)).getTotalElements();
if (assignedRoles != 0) {
LOG.debug("Remove role [{}] by automatic role [{}] is not complete, some roles [{}] remains assigned to identities.", role.getCode(), getAutomaticRole().getId(), assignedRoles);
return ended;
}
//
LOG.debug("Remove role [{}] by automatic role [{}]", role.getCode(), getAutomaticRole().getId());
try {
//
// Find all concepts and remove relation on role tree
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setAutomaticRole(getAutomaticRoleId());
//
List<IdmConceptRoleRequestDto> concepts = conceptRequestService.find(conceptRequestFilter, null).getContent();
for (IdmConceptRoleRequestDto concept : concepts) {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role tree node [{0}] (reqested in concept [{1}]) was deleted (not from this role request)!", getAutomaticRoleId(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested RoleTreeNode [{1}] was deleted (not from this role request)!", concept.getId(), getAutomaticRoleId());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRequestService.addToLog(concept, message);
concept.setAutomaticRole(null);
roleRequestService.save(request);
conceptRequestService.save(concept);
}
// Find all automatic role requests and remove relation on automatic role
if (automaticRoleId != null) {
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setAutomaticRoleId(automaticRoleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setAutomaticRole(null);
automaticRoleRequestService.save(request);
// WFs cannot be cancel here, because this method can be called from the same WF
// automaticRoleRequestService.cancel(request);
});
}
// by default is this allowed
if (this.isDeleteEntity()) {
// delete entity
if (getAutomaticRole() instanceof IdmRoleTreeNodeDto) {
roleTreeNodeService.deleteInternalById(getAutomaticRole().getId());
} else {
// remove all rules
automaticRoleAttributeRuleService.deleteAllByAttribute(getAutomaticRole().getId());
automaticRoleAttributeService.deleteInternalById(getAutomaticRole().getId());
}
}
//
LOG.debug("End: Remove role [{}] by automatic role [{}].", role.getCode(), getAutomaticRole().getId());
//
} catch (Exception O_o) {
LOG.debug("Remove role [{}] by automatic role [{}] failed", role.getCode(), getAutomaticRole().getId(), O_o);
//
IdmLongRunningTaskDto task = longRunningTaskService.get(getLongRunningTaskId());
ResultModel resultModel = new DefaultResultModel(CoreResultCode.LONG_RUNNING_TASK_FAILED, ImmutableMap.of("taskId", getLongRunningTaskId(), "taskType", task.getTaskType(), "instanceId", task.getInstanceId()));
saveResult(resultModel, OperationState.EXCEPTION, O_o);
}
}
//
return ended;
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class IdentityContractUpdateByAutomaticRoleProcessor method process.
@Override
public EventResult<IdmIdentityContractDto> process(EntityEvent<IdmIdentityContractDto> event) {
IdmIdentityContractDto contract = event.getContent();
//
IdmIdentityContractDto previous = event.getOriginalSource();
UUID previousPosition = previous.getWorkPosition();
UUID newPosition = contract.getWorkPosition();
// check automatic roles - if position or disabled was changed
if (!Objects.equals(newPosition, previousPosition) || (contract.isValidNowOrInFuture() && previous.isValidNowOrInFuture() != contract.isValidNowOrInFuture())) {
// work positions has some difference or validity changes
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.findAllByContract(contract.getId());
// remove all automatic roles by attribute
if (!assignedRoles.isEmpty()) {
assignedRoles = assignedRoles.stream().filter(autoRole -> {
AbstractIdmAutomaticRoleDto automaticRoleDto = DtoUtils.getEmbedded(autoRole, IdmAutomaticRoleAttributeService.ROLE_TREE_NODE_ATTRIBUTE_NAME, AbstractIdmAutomaticRoleDto.class, null);
if (automaticRoleDto instanceof IdmRoleTreeNodeDto) {
return true;
}
return false;
}).collect(Collectors.toList());
}
//
Set<UUID> previousAutomaticRoles = assignedRoles.stream().filter(identityRole -> {
return identityRole.getRoleTreeNode() != null;
}).map(identityRole -> {
return identityRole.getRoleTreeNode();
}).collect(Collectors.toSet());
Set<IdmRoleTreeNodeDto> addedAutomaticRoles = new HashSet<>();
if (newPosition != null) {
addedAutomaticRoles = roleTreeNodeService.getAutomaticRolesByTreeNode(newPosition);
}
// prevent to remove newly added or still exists roles
Set<UUID> removedAutomaticRoles = new HashSet<>(previousAutomaticRoles);
removedAutomaticRoles.removeAll(addedAutomaticRoles.stream().map(IdmRoleTreeNodeDto::getId).collect(Collectors.toList()));
addedAutomaticRoles.removeIf(a -> {
return previousAutomaticRoles.contains(a.getId());
});
//
for (UUID removedAutomaticRole : removedAutomaticRoles) {
Iterator<IdmIdentityRoleDto> iter = assignedRoles.iterator();
while (iter.hasNext()) {
IdmIdentityRoleDto identityRole = iter.next();
if (Objects.equals(identityRole.getRoleTreeNode(), removedAutomaticRole)) {
// check, if role will be added by new automatic roles and prevent removing
IdmRoleTreeNodeDto addedAutomaticRole = getByRole(identityRole.getRole(), addedAutomaticRoles);
if (addedAutomaticRole == null) {
// remove assigned role
roleTreeNodeService.removeAutomaticRoles(identityRole, null);
iter.remove();
} else {
// change relation only
identityRole.setRoleTreeNode(addedAutomaticRole.getId());
updateIdentityRole(identityRole);
//
// new automatic role is not needed
addedAutomaticRoles.remove(addedAutomaticRole);
}
}
}
}
// change date - for unchanged assigned roles only
if (EntityUtils.validableChanged(previous, contract)) {
changeValidable(contract, assignedRoles);
}
//
// add identity roles
roleTreeNodeService.addAutomaticRoles(contract, addedAutomaticRoles);
} else // process validable change
if (EntityUtils.validableChanged(previous, contract)) {
changeValidable(contract, identityRoleService.findAllByContract(contract.getId()));
}
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method testDeleteTreeAutomaticRole.
@Test
public void testDeleteTreeAutomaticRole() {
IdmRoleDto role = prepareRole();
IdmTreeNodeDto nodeOne = helper.createTreeNode();
IdmRoleTreeNodeDto automaticRole = new IdmRoleTreeNodeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(role.getName());
automaticRole.setTreeNode(nodeOne.getId());
// Create automatic role via manager
automaticRole = automaticRoleManager.createAutomaticRoleByTree(automaticRole, true);
Assert.assertNotNull(automaticRole.getId());
IdmRoleTreeNodeDto treeAutomaticRole = roleTreeNodeService.get(automaticRole.getId());
Assert.assertNotNull(treeAutomaticRole);
Assert.assertEquals(nodeOne.getId(), treeAutomaticRole.getTreeNode());
Assert.assertEquals(role.getId(), treeAutomaticRole.getRole());
// Delete automatic role via manager
automaticRoleManager.deleteAutomaticRole(automaticRole, true);
IdmRoleTreeNodeDto deletedAutomaticRole = roleTreeNodeService.get(automaticRole.getId());
Assert.assertNull(deletedAutomaticRole);
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method testCreateTreeAutomaticRole.
@Test
public void testCreateTreeAutomaticRole() {
IdmRoleDto role = prepareRole();
IdmTreeNodeDto nodeOne = helper.createTreeNode();
IdmRoleTreeNodeDto automaticRole = new IdmRoleTreeNodeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(role.getName());
automaticRole.setTreeNode(nodeOne.getId());
// Create automatic role via manager
automaticRole = automaticRoleManager.createAutomaticRoleByTree(automaticRole, true);
Assert.assertNotNull(automaticRole.getId());
IdmRoleTreeNodeDto treeAutomaticRole = roleTreeNodeService.get(automaticRole.getId());
Assert.assertNotNull(treeAutomaticRole);
Assert.assertEquals(nodeOne.getId(), treeAutomaticRole.getTreeNode());
Assert.assertEquals(role.getId(), treeAutomaticRole.getRole());
}
use of eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method testDeleteTreeAutomaticRoleApproval.
@Test
public void testDeleteTreeAutomaticRoleApproval() {
IdmRoleDto role = prepareRole();
IdmTreeNodeDto nodeOne = helper.createTreeNode();
IdmIdentityDto guaranteeIdentity = helper.createIdentity();
IdmRoleGuaranteeDto guarantee = new IdmRoleGuaranteeDto();
guarantee.setRole(role.getId());
guarantee.setGuarantee(guaranteeIdentity.getId());
role.getGuarantees().add(guarantee);
role = roleService.save(role);
IdmRoleTreeNodeDto automaticRole = new IdmRoleTreeNodeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(role.getName());
automaticRole.setTreeNode(nodeOne.getId());
// Create automatic role via manager
automaticRole = automaticRoleManager.createAutomaticRoleByTree(automaticRole, true);
Assert.assertNotNull(automaticRole.getId());
IdmRoleTreeNodeDto treeAutomaticRole = roleTreeNodeService.get(automaticRole.getId());
Assert.assertNotNull(treeAutomaticRole);
Assert.assertEquals(nodeOne.getId(), treeAutomaticRole.getTreeNode());
Assert.assertEquals(role.getId(), treeAutomaticRole.getRole());
// Delete automatic role via manager
try {
automaticRoleManager.deleteAutomaticRole(automaticRole, false);
} catch (AcceptedException ex) {
// The request is in approval
Assert.assertNotNull(ex.getIdentifier());
UUID requestId = UUID.fromString(ex.getIdentifier());
loginAsNoAdmin(guaranteeIdentity.getUsername());
try {
completeTasksFromUsers(guaranteeIdentity.getUsername(), "approve");
} catch (ResultCodeException e) {
fail("User has permission to approve task. Error message: " + e.getLocalizedMessage());
} catch (Exception e) {
fail("Some problem: " + e.getLocalizedMessage());
}
IdmAutomaticRoleRequestDto request = roleRequestService.get(requestId);
Assert.assertEquals(RequestState.EXECUTED, request.getState());
IdmRoleTreeNodeDto deletedAutomaticRole = roleTreeNodeService.get(automaticRole.getId());
Assert.assertNull(deletedAutomaticRole);
return;
}
fail("Automatic role request have to be approving by gurantee!");
}
Aggregations