Example 6 with BaseFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleService method toDto.
@Override
@SuppressWarnings("unchecked")
protected IdmRoleDto toDto(IdmRole entity, IdmRoleDto dto, IdmRoleFilter context) {
IdmRoleDto roleDto = super.toDto(entity, dto, context);
// Adds to result count of systems for this role, which are in cross-domain group.
if (context != null && context.getIncludeCrossDomainsSystemsCount() != null && context.getIncludeCrossDomainsSystemsCount() && roleDto != null && roleDto.getId() != null && roleSystemService instanceof AbstractReadDtoService) {
@SuppressWarnings(value = "rawtypes") AbstractReadDtoService roleSystemService = (AbstractReadDtoService) this.roleSystemService;
BaseFilter roleSystemFilter = roleSystemService.createFilterInstance();
if (roleSystemFilter instanceof IdmRoleSystemFilter) {
IdmRoleSystemFilter idmRoleSystemFilter = (IdmRoleSystemFilter) roleSystemFilter;
idmRoleSystemFilter.setIsInCrossDomainGroupRoleId(roleDto.getId());
// Permission: User can read role -> can read connected systems.
long count = roleSystemService.count(idmRoleSystemFilter);
roleDto.setSystemsInCrossDomains(count);
}
}
return roleDto;
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
AbstractReadDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
IdmRoleSystemFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleSystemFilter)
Example 7 with BaseFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter in project CzechIdMng by bcvsolutions.
the class GeneralEntityExport method getAuthoritiesForEntity.
@Override
@SuppressWarnings("rawtypes")
protected List<String> getAuthoritiesForEntity() {
ReadWriteDtoService<AbstractDto, BaseFilter> service = getService();
if (!(service instanceof AuthorizableService)) {
// Service is not authorizable => only super admin can use report.
return Lists.newArrayList(IdmGroupPermission.APP_ADMIN);
}
AuthorizableService authorizableService = (AuthorizableService) service;
AuthorizableType authorizableType = authorizableService.getAuthorizableType();
if (authorizableType == null) {
// Service is authorizable but group is not specified => only super admin can use report.
return Lists.newArrayList(IdmGroupPermission.APP_ADMIN);
}
boolean readPermissionFound = authorizableType.getGroup().getPermissions().stream().filter(permission -> IdmBasePermission.READ == permission).findFirst().isPresent();
if (!readPermissionFound) {
// By default only super admin can use report.
return Lists.newArrayList(IdmGroupPermission.APP_ADMIN);
}
// If exist, read permission for that type will be returned.
return Lists.newArrayList(MessageFormat.format("{0}{1}{2}", authorizableType.getGroup().getName(), IdmBasePermission.SEPARATOR, IdmBasePermission.READ.name()));
}
Also used :
AuthorizableService(eu.bcvsolutions.idm.core.security.api.service.AuthorizableService)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
Example 8 with BaseFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter in project CzechIdMng by bcvsolutions.
the class DefaultRequestManager method findPotencialParents.
/**
* Find potential parents. Invokes all method with UUID return type and without
* input parameters.
*
* @param filter
* @return
*/
private List<RequestPredicate> findPotencialParents(BaseFilter filter) {
Assert.notNull(filter, "Filter is mandatory!");
List<MethodDescriptor> descriptors;
try {
descriptors = //
Lists.newArrayList(Introspector.getBeanInfo(filter.getClass()).getMethodDescriptors()).stream().filter(//
methodDescriptor -> UUID.class.equals(methodDescriptor.getMethod().getReturnType())).filter(methodDescriptor -> methodDescriptor.getMethod().getParameterTypes() == null || //
methodDescriptor.getMethod().getParameterTypes().length == 0).collect(Collectors.toList());
} catch (IntrospectionException e) {
throw new CoreException(e);
}
//
List<RequestPredicate> results = new ArrayList<>();
descriptors.stream().forEach(descriptor -> {
try {
Object value = descriptor.getMethod().invoke(filter, new Object[] {});
if (value == null) {
return;
}
RequestFilterPredicate filterPredicate = descriptor.getMethod().getAnnotation(RequestFilterPredicate.class);
results.add(new RequestPredicate((UUID) value, filterPredicate != null ? filterPredicate.field() : null));
} catch (IllegalAccessException | IllegalArgumentException | InvocationTargetException e) {
throw new CoreException(e);
}
});
return results;
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmRequestItemDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestItemDto)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
SecurityService(eu.bcvsolutions.idm.core.security.api.service.SecurityService)
Map(java.util.Map)
IdmRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestDto)
PageRequest(org.springframework.data.domain.PageRequest)
Page(org.springframework.data.domain.Page)
IntrospectionException(java.beans.IntrospectionException)
Serializable(java.io.Serializable)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
PropertyDescriptor(java.beans.PropertyDescriptor)
Builder(eu.bcvsolutions.idm.core.api.dto.OperationResultDto.Builder)
Lazy(org.springframework.context.annotation.Lazy)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
RequestOperationType(eu.bcvsolutions.idm.core.api.domain.RequestOperationType)
ArrayList(java.util.ArrayList)
LinkedHashMap(java.util.LinkedHashMap)
Introspector(java.beans.Introspector)
Strings(com.google.common.base.Strings)
AbstractDto(eu.bcvsolutions.idm.core.api.dto.AbstractDto)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
Lists(com.google.common.collect.Lists)
BaseEntity(eu.bcvsolutions.idm.core.api.entity.BaseEntity)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
Service(org.springframework.stereotype.Service)
WorkflowProcessInstanceService(eu.bcvsolutions.idm.core.workflow.service.WorkflowProcessInstanceService)
IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)
Requestable(eu.bcvsolutions.idm.core.api.domain.Requestable)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IOException(java.io.IOException)
Field(java.lang.reflect.Field)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRequestItemService(eu.bcvsolutions.idm.core.api.service.IdmRequestItemService)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
FormValueService(eu.bcvsolutions.idm.core.eav.api.service.FormValueService)
RequestEventType(eu.bcvsolutions.idm.core.model.event.RequestEvent.RequestEventType)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
Embedded(eu.bcvsolutions.idm.core.api.domain.Embedded)
RequestEvent(eu.bcvsolutions.idm.core.model.event.RequestEvent)
RequestState(eu.bcvsolutions.idm.core.api.domain.RequestState)
RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
ProcessInstance(org.activiti.engine.runtime.ProcessInstance)
Pageable(org.springframework.data.domain.Pageable)
ImmutableMap(com.google.common.collect.ImmutableMap)
Collection(java.util.Collection)
ReadWriteDtoService(eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)
RequestManager(eu.bcvsolutions.idm.core.api.service.RequestManager)
AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException)
UUID(java.util.UUID)
Collectors(java.util.stream.Collectors)
List(java.util.List)
ExceptionUtils(eu.bcvsolutions.idm.core.api.utils.ExceptionUtils)
Modifier(java.lang.reflect.Modifier)
Entry(java.util.Map.Entry)
Identifiable(eu.bcvsolutions.idm.core.api.domain.Identifiable)
RoleRequestApprovalProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.RoleRequestApprovalProcessor)
PageImpl(org.springframework.data.domain.PageImpl)
IdmRequestService(eu.bcvsolutions.idm.core.api.service.IdmRequestService)
FormableEntity(eu.bcvsolutions.idm.core.eav.api.entity.FormableEntity)
IdmRequestItem(eu.bcvsolutions.idm.core.model.entity.IdmRequestItem)
HashMap(java.util.HashMap)
MessageFormat(java.text.MessageFormat)
ConfidentialStorage(eu.bcvsolutions.idm.core.api.service.ConfidentialStorage)
ReadDtoService(eu.bcvsolutions.idm.core.api.service.ReadDtoService)
RequestFilterPredicate(eu.bcvsolutions.idm.core.api.domain.RequestFilterPredicate)
ImmutableList(com.google.common.collect.ImmutableList)
CollectionUtils(org.apache.commons.collections.CollectionUtils)
Propagation(org.springframework.transaction.annotation.Propagation)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
EntityUtils(eu.bcvsolutions.idm.core.api.utils.EntityUtils)
Qualifier(org.springframework.beans.factory.annotation.Qualifier)
JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore)
Niceable(eu.bcvsolutions.idm.core.api.domain.Niceable)
IdmRequestItemFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestItemFilter)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Codeable(eu.bcvsolutions.idm.core.api.domain.Codeable)
IdmRequestAttributeValueDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestAttributeValueDto)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
JsonProcessingException(com.fasterxml.jackson.core.JsonProcessingException)
IdmRequestItemChangesDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestItemChangesDto)
MethodDescriptor(java.beans.MethodDescriptor)
ApplicationContext(org.springframework.context.ApplicationContext)
ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap)
IdmRequestItemAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestItemAttributeDto)
Comparator(java.util.Comparator)
IdmRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestFilter)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
RequestFilterPredicate(eu.bcvsolutions.idm.core.api.domain.RequestFilterPredicate)
IntrospectionException(java.beans.IntrospectionException)
ArrayList(java.util.ArrayList)
MethodDescriptor(java.beans.MethodDescriptor)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
UUID(java.util.UUID)
Example 9 with BaseFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter in project CzechIdMng by bcvsolutions.
the class DefaultRequestManager method find.
@Override
public <R extends Requestable> Page<R> find(Class<? extends R> dtoClass, Serializable requestId, BaseFilter filter, Pageable pageable, IdmBasePermission... permission) {
if (pageable == null) {
// pageable is required in spring data
pageable = PageRequest.of(0, Integer.MAX_VALUE);
}
ReadDtoService<R, BaseFilter> dtoReadService = getDtoService(dtoClass);
Page<R> originalPage = dtoReadService.find(filter, pageable, permission);
List<R> originals = originalPage.getContent();
List<R> results = new ArrayList<>();
IdmRequestDto request = requestService.get(requestId);
List<IdmRequestItemDto> items = this.findRequestItems(request.getId(), dtoClass);
originals.stream().forEach(dto -> {
IdmRequestItemDto item = //
items.stream().filter(//
i -> dto.getId().equals(i.getOwnerId())).findFirst().orElse(//
null);
if (item == null) {
// None item found -> result is original DTO
results.add(dto);
return;
}
if (Strings.isNullOrEmpty(item.getData())) {
// Item found, but does not contains any DTO. So original DTO will be result
// (with connected item)
addRequestItemToDto(dto, item);
results.add(dto);
return;
}
try {
// Item with data found. Data in the request is result
R requestedDto = this.convertItemToDto(item, dtoClass);
addEmbedded((AbstractDto) requestedDto, request.getId());
addRequestItemToDto((Requestable) requestedDto, item);
results.add(requestedDto);
return;
} catch (IOException | ReflectiveOperationException | IllegalArgumentException | IntrospectionException e) {
throw new ResultCodeException(CoreResultCode.JSON_CANNOT_BE_CONVERT_TO_DTO, ImmutableMap.of("json", item.getData()));
}
});
// !!Searching of added DTOs are very naive!!
// We use all UUID value in the filter and try to find it in the DTOs. It means
// only equals is implemented.
// Find potential parents
List<RequestPredicate> potencialParents = this.findPotencialParents(filter);
results.addAll(this.findRelatedAddedItems(request, potencialParents, items, dtoClass));
// Set all results as trimmed = true. FE expects trimmed value in the table.
results.forEach(result -> ((AbstractDto) result).setTrimmed(true));
return new PageImpl<>(results, pageable, originalPage.getTotalElements());
}
Also used :
PageImpl(org.springframework.data.domain.PageImpl)
ArrayList(java.util.ArrayList)
IntrospectionException(java.beans.IntrospectionException)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestDto)
IOException(java.io.IOException)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
IdmRequestItemDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestItemDto)
Example 10 with BaseFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmRequestIdentityRoleService method conceptToRequestIdentityRole.
/**
* Converts concept to the request-identity-roles.
*
* @param concept
* @param filter
* @return
*/
@SuppressWarnings("unchecked")
private IdmRequestIdentityRoleDto conceptToRequestIdentityRole(IdmConceptRoleRequestDto concept, IdmRequestIdentityRoleFilter filter) {
IdmRequestIdentityRoleDto requestIdentityRoleDto = modelMapper.map(concept, IdmRequestIdentityRoleDto.class);
// load permission from related contract or role (OR)
if (// from find method only
filter != null && // newly requested role only
ConceptRoleRequestOperation.ADD == concept.getOperation() && !concept.getState().isTerminatedState()) {
// not terminated concepts
// by related contract (backward compatible)
IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(concept, IdmConceptRoleRequest_.identityContract);
Set<String> contractPermissions = identityContractService.getPermissions(contract);
if (PermissionUtils.hasPermission(contractPermissions, ContractBasePermission.CHANGEPERMISSION)) {
Set<String> permissions = requestIdentityRoleDto.getPermissions();
if (permissions == null) {
permissions = new HashSet<>();
}
permissions.add(ContractBasePermission.CHANGEPERMISSION.getName());
requestIdentityRoleDto.setPermissions(permissions);
} else {
// by related role
IdmRoleDto role = lookupService.lookupEmbeddedDto(concept, IdmConceptRoleRequest_.role);
Set<String> rolePermissions = roleService.getPermissions(role);
if (PermissionUtils.hasPermission(rolePermissions, RoleBasePermission.CHANGEPERMISSION)) {
Set<String> permissions = requestIdentityRoleDto.getPermissions();
if (permissions == null) {
permissions = new HashSet<>();
}
permissions.add(RoleBasePermission.CHANGEPERMISSION.getName());
requestIdentityRoleDto.setPermissions(permissions);
}
}
}
if (filter != null && filter.isIncludeEav()) {
IdmFormInstanceDto formInstanceDto;
if (ConceptRoleRequestOperation.REMOVE == concept.getOperation()) {
IdmIdentityRoleDto identityRole = DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.identityRole, IdmIdentityRoleDto.class, (IdmIdentityRoleDto) null);
if (identityRole == null) {
// Identity-role was not found, remove concept was executed (identity-role was removed).
return addCandidates(requestIdentityRoleDto, concept, filter);
}
formInstanceDto = identityRoleService.getRoleAttributeValues(identityRole);
} else {
// Check on change of values is made only on ended request! 'Original' value is current value and in audit it was confusing (only 'new' value is show now).
formInstanceDto = conceptRoleService.getRoleAttributeValues(concept, !concept.getState().isTerminatedState());
}
addEav(requestIdentityRoleDto, formInstanceDto);
}
// Include info if is role in cross-domain group.
if (filter != null && filter.isIncludeCrossDomainsSystemsCount()) {
if (ConceptRoleRequestOperation.REMOVE != concept.getOperation()) {
IdmRoleDto roleDto = DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.role.getName(), IdmRoleDto.class, null);
if (roleDto != null && this.roleSystemService instanceof AbstractReadDtoService) {
AbstractReadDtoService<?, ?, IdmRoleSystemFilter> roleSystemService = (AbstractReadDtoService<?, ?, IdmRoleSystemFilter>) this.roleSystemService;
BaseFilter roleSystemFilter = roleSystemService.createFilterInstance();
if (roleSystemFilter instanceof IdmRoleSystemFilter) {
IdmRoleSystemFilter idmRoleSystemFilter = (IdmRoleSystemFilter) roleSystemFilter;
idmRoleSystemFilter.setIsInCrossDomainGroupRoleId(roleDto.getId());
long count = roleSystemService.count(idmRoleSystemFilter);
roleDto.setSystemsInCrossDomains(count);
}
}
}
}
return addCandidates(requestIdentityRoleDto, concept, filter);
}
Also used :
IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRequestIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRequestIdentityRoleDto)
IdmRoleSystemFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleSystemFilter)
BaseFilter(eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)
AbstractReadDtoService(eu.bcvsolutions.idm.core.api.service.AbstractReadDtoService)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
Aggregations
BaseFilter (eu.bcvsolutions.idm.core.api.dto.filter.BaseFilter)11
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)6
RequestOperationType (eu.bcvsolutions.idm.core.api.domain.RequestOperationType)4
AbstractDto (eu.bcvsolutions.idm.core.api.dto.AbstractDto)4
BaseDto (eu.bcvsolutions.idm.core.api.dto.BaseDto)4
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)4
OperationResultDto (eu.bcvsolutions.idm.core.api.dto.OperationResultDto)4
ReadWriteDtoService (eu.bcvsolutions.idm.core.api.service.ReadWriteDtoService)4
IdmFormInstanceDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto)4
IntrospectionException (java.beans.IntrospectionException)4
IOException (java.io.IOException)4
ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3
ImmutableMap (com.google.common.collect.ImmutableMap)3
Lists (com.google.common.collect.Lists)3
Codeable (eu.bcvsolutions.idm.core.api.domain.Codeable)3
CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)3
Embedded (eu.bcvsolutions.idm.core.api.domain.Embedded)3
OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)3
Requestable (eu.bcvsolutions.idm.core.api.domain.Requestable)3
UUID (java.util.UUID)3
