use of eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto in project CzechIdMng by bcvsolutions.
the class IdmIdentityControllerRestTest method testGetIncompatibleRolesWithoutRemovedInConcept.
@Test
public void testGetIncompatibleRolesWithoutRemovedInConcept() throws Exception {
IdmIdentityDto applicant = getHelper().createIdentity((GuardedString) null);
IdmRoleDto roleOne = getHelper().createRole();
IdmRoleDto roleTwo = getHelper().createRole();
IdmRoleDto roleThree = getHelper().createRole();
IdmRoleDto roleFour = getHelper().createRole();
IdmRoleDto roleFive = getHelper().createRole();
IdmRoleDto roleSix = getHelper().createRole();
// assign roles
getHelper().createIdentityRole(applicant, roleOne);
getHelper().createIdentityRole(applicant, roleTwo);
getHelper().createIdentityRole(applicant, roleThree);
getHelper().createIdentityRole(applicant, roleFour);
getHelper().createIdentityRole(applicant, roleFive);
// create incompatible roles definition
getHelper().createIncompatibleRole(roleOne, roleTwo);
getHelper().createIncompatibleRole(roleThree, roleFour);
getHelper().createIncompatibleRole(roleFive, roleSix);
//
String response = getMockMvc().perform(get(String.format("%s/incompatible-roles", getDetailUrl(applicant.getId()))).with(authentication(getAdminAuthentication())).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
//
Set<IdmIncompatibleRoleDto> incompatibleRoles = toDtos(response, ResolvedIncompatibleRoleDto.class).stream().map(ResolvedIncompatibleRoleDto::getIncompatibleRole).collect(Collectors.toSet());
Assert.assertEquals(2, incompatibleRoles.size());
Assert.assertTrue(incompatibleRoles.stream().anyMatch(ir -> {
return ir.getSuperior().equals(roleOne.getId()) && ir.getSub().equals(roleTwo.getId());
}));
Assert.assertTrue(incompatibleRoles.stream().anyMatch(ir -> {
return ir.getSuperior().equals(roleThree.getId()) && ir.getSub().equals(roleFour.getId());
}));
}
use of eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto in project CzechIdMng by bcvsolutions.
the class IdmRoleControllerRestTest method testGetIncompatibleRoles.
@Test
public void testGetIncompatibleRoles() throws Exception {
IdmRoleDto roleOne = getHelper().createRole();
IdmRoleDto roleTwo = getHelper().createRole();
IdmRoleDto roleThree = getHelper().createRole();
IdmRoleDto roleFour = getHelper().createRole();
IdmRoleDto roleFive = getHelper().createRole();
IdmRoleDto roleSix = getHelper().createRole();
// create incompatible roles definition
getHelper().createIncompatibleRole(roleTwo, roleFive);
getHelper().createIncompatibleRole(roleFive, roleSix);
//
// create role composition
getHelper().createRoleComposition(roleOne, roleTwo);
getHelper().createRoleComposition(roleOne, roleThree);
getHelper().createRoleComposition(roleTwo, roleFour);
getHelper().createRoleComposition(roleThree, roleFive);
//
String response = getMockMvc().perform(get(String.format("%s/incompatible-roles", getDetailUrl(roleOne.getId()))).with(authentication(getAdminAuthentication())).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
//
Set<IdmIncompatibleRoleDto> incompatibleRoles = toDtos(response, ResolvedIncompatibleRoleDto.class).stream().map(ResolvedIncompatibleRoleDto::getIncompatibleRole).collect(Collectors.toSet());
Assert.assertEquals(1, incompatibleRoles.size());
Assert.assertTrue(incompatibleRoles.stream().anyMatch(ir -> {
return ir.getSuperior().equals(roleTwo.getId()) && ir.getSub().equals(roleFive.getId());
}));
}
use of eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto in project CzechIdMng by bcvsolutions.
the class IdentityIncompatibleRoleReportExecutor method generateData.
@Override
protected IdmAttachmentDto generateData(RptReportDto report) {
// prepare temp file for json stream
File temp = getAttachmentManager().createTempFile();
//
try (FileOutputStream outputStream = new FileOutputStream(temp)) {
// write into json stream
JsonGenerator jGenerator = getMapper().getFactory().createGenerator(outputStream, JsonEncoding.UTF8);
try {
// json will be array of identities
jGenerator.writeStartArray();
// form instance has useful methods to transform form values
Pageable pageable = PageRequest.of(0, 100, new Sort(Direction.ASC, IdmIdentity_.username.getName()));
//
counter = 0L;
do {
Page<IdmIdentityDto> identities = identityService.find(null, pageable, IdmBasePermission.READ);
if (count == null) {
count = identities.getTotalElements();
}
boolean canContinue = true;
for (Iterator<IdmIdentityDto> i = identities.iterator(); i.hasNext() && canContinue; ) {
IdmIdentityDto identity = i.next();
// search assigned roles
IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
filter.setIdentityId(identity.getId());
// direct roles only
filter.setDirectRole(Boolean.TRUE);
List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(filter, null, IdmBasePermission.READ).getContent();
// search incompatible roles
Set<ResolvedIncompatibleRoleDto> incompatibleRoles = incompatibleRoleService.resolveIncompatibleRoles(identityRoles.stream().map(ir -> ir.getRole()).collect(Collectors.toList()));
for (ResolvedIncompatibleRoleDto resolvedIncompatibleRole : incompatibleRoles) {
// add item into report
RptIdentityIncompatibleRoleDto reportItem = new RptIdentityIncompatibleRoleDto();
reportItem.setIdentity(identity);
reportItem.setDirectRole(resolvedIncompatibleRole.getDirectRole());
reportItem.setIncompatibleRole(resolvedIncompatibleRole.getIncompatibleRole());
// dtos in embedded cannot be parsed from json automatically as objects => aaet them into report dto directly
IdmRoleDto superior = DtoUtils.getEmbedded(resolvedIncompatibleRole.getIncompatibleRole(), IdmIncompatibleRole_.superior);
IdmRoleDto sub = DtoUtils.getEmbedded(resolvedIncompatibleRole.getIncompatibleRole(), IdmIncompatibleRole_.sub);
reportItem.setSuperior(superior);
reportItem.setSub(sub);
//
getMapper().writeValue(jGenerator, reportItem);
}
// supports cancel report generating (report extends long running task)
++counter;
canContinue = updateState();
}
// iterate while next page of identities is available
pageable = identities.hasNext() && canContinue ? identities.nextPageable() : null;
} while (pageable != null);
//
// close array of identities
jGenerator.writeEndArray();
} finally {
// close json stream
jGenerator.close();
}
// save create temp file with array of identities in json as attachment
return createAttachment(report, new FileInputStream(temp));
} catch (IOException ex) {
throw new ReportGenerateException(report.getName(), ex);
} finally {
FileUtils.deleteQuietly(temp);
}
}
use of eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleRequestService method getIncompatibleRoles.
@Override
public Set<ResolvedIncompatibleRoleDto> getIncompatibleRoles(IdmRoleRequestDto request, IdmBasePermission... permissions) {
// Currently assigned roles
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setIdentityId(request.getApplicant());
List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(identityRoleFilter, null, permissions).getContent();
// Roles from concepts
IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
conceptFilter.setRoleRequestId(request.getId());
List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptFilter, null, permissions).getContent();
Set<UUID> removedIdentityRoleIds = new HashSet<>();
// We don't want calculate incompatible roles for ended or disapproved concepts
List<IdmConceptRoleRequestDto> conceptsForCheck = //
concepts.stream().filter(concept -> {
// role can be deleted in the mean time
return concept.getRole() != null;
}).filter(//
concept -> //
RoleRequestState.CONCEPT == concept.getState() || RoleRequestState.IN_PROGRESS == concept.getState() || RoleRequestState.APPROVED == concept.getState() || //
RoleRequestState.EXECUTED == concept.getState()).collect(Collectors.toList());
Set<IdmRoleDto> roles = new HashSet<>();
conceptsForCheck.stream().filter(concept -> {
boolean isDelete = concept.getOperation() == ConceptRoleRequestOperation.REMOVE;
if (isDelete) {
// removed role fixes the incompatibility
removedIdentityRoleIds.add(concept.getIdentityRole());
}
return !isDelete;
}).forEach(concept -> roles.add(DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.role)));
identityRoles.stream().filter(identityRole -> !removedIdentityRoleIds.contains(identityRole.getId())).forEach(identityRole -> roles.add(DtoUtils.getEmbedded(identityRole, IdmIdentityRole_.role)));
// We want to returns only incompatibilities caused by new added roles
Set<ResolvedIncompatibleRoleDto> incompatibleRoles = incompatibleRoleService.resolveIncompatibleRoles(Lists.newArrayList(roles));
return //
incompatibleRoles.stream().filter(incompatibleRole -> {
return //
conceptsForCheck.stream().anyMatch(concept -> concept.getOperation() == ConceptRoleRequestOperation.ADD && (concept.getRole().equals(incompatibleRole.getDirectRole().getId()) || concept.getRole().equals(incompatibleRole.getIncompatibleRole().getSuperior()) || concept.getRole().equals(incompatibleRole.getIncompatibleRole().getSub())));
//
}).collect(Collectors.toSet());
}
use of eu.bcvsolutions.idm.core.api.dto.ResolvedIncompatibleRoleDto in project CzechIdMng by bcvsolutions.
the class IdmRoleRequestControllerRestTest method testGetIncompatibleRoles.
@Test
public void testGetIncompatibleRoles() throws Exception {
IdmRoleRequestDto roleRequest = createDto();
IdmRoleDto roleOne = getHelper().createRole();
IdmRoleDto roleTwo = getHelper().createRole();
IdmRoleDto roleThree = getHelper().createRole();
IdmRoleDto roleFour = getHelper().createRole();
IdmRoleDto roleFive = getHelper().createRole();
IdmRoleDto roleSix = getHelper().createRole();
// assign roles
IdmIdentityDto applicant = identityService.get(roleRequest.getApplicant());
getHelper().createIdentityRole(applicant, roleOne);
getHelper().createIdentityRole(applicant, roleTwo);
getHelper().createIdentityRole(applicant, roleThree);
// create incompatible roles definition
getHelper().createIncompatibleRole(roleOne, roleTwo);
getHelper().createIncompatibleRole(roleThree, roleFour);
getHelper().createIncompatibleRole(roleOne, roleSix);
//
// create concepts
IdmConceptRoleRequestDto concept = new IdmConceptRoleRequestDto();
concept.setRoleRequest(roleRequest.getId());
concept.setIdentityContract(getHelper().getPrimeContract(applicant).getId());
concept.setRole(roleFour.getId());
concept.setOperation(ConceptRoleRequestOperation.ADD);
conceptRoleRequestService.save(concept);
concept = new IdmConceptRoleRequestDto();
concept.setRoleRequest(roleRequest.getId());
concept.setIdentityContract(getHelper().getPrimeContract(applicant).getId());
concept.setRole(roleFive.getId());
concept.setOperation(ConceptRoleRequestOperation.ADD);
conceptRoleRequestService.save(concept);
//
String response = getMockMvc().perform(get(String.format("%s/incompatible-roles", getDetailUrl(roleRequest.getId()))).with(authentication(getAdminAuthentication())).contentType(TestHelper.HAL_CONTENT_TYPE)).andExpect(status().isOk()).andExpect(content().contentType(TestHelper.HAL_CONTENT_TYPE)).andReturn().getResponse().getContentAsString();
//
Set<IdmIncompatibleRoleDto> incompatibleRoles = toDtos(response, ResolvedIncompatibleRoleDto.class).stream().map(ResolvedIncompatibleRoleDto::getIncompatibleRole).collect(Collectors.toSet());
Assert.assertEquals(1, incompatibleRoles.size());
Assert.assertTrue(incompatibleRoles.stream().anyMatch(ir -> {
return ir.getSuperior().equals(roleThree.getId()) && ir.getSub().equals(roleFour.getId());
}));
}
Aggregations