Example 16 with IdmAuthorizationPolicyFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
//
IdmRoleDto role = event.getContent();
UUID roleId = role.getId();
Assert.notNull(roleId, "Role id is required!");
// check role can be removed without force
if (!forceDelete) {
checkWithoutForceDelete(role);
}
//
// Find all concepts and remove relation on role - has to be the first => concepts are created bellow
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setRoleId(roleId);
List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptRequestFilter, null).getContent();
for (int counter = 0; counter < concepts.size(); counter++) {
IdmConceptRoleRequestDto concept = concepts.get(counter);
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getCode(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getCode());
// Cancel concept and WF
concept = conceptRoleRequestService.cancel(concept);
}
conceptRoleRequestService.addToLog(concept, message);
conceptRoleRequestService.save(concept);
if (counter % 100 == 0) {
clearSession();
}
}
// remove related assigned roles etc.
if (forceDelete) {
// remove directly assigned assigned roles (not automatic)
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleId(roleId);
identityRoleFilter.setDirectRole(Boolean.TRUE);
identityRoleFilter.setAutomaticRole(Boolean.FALSE);
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.find(identityRoleFilter, null).getContent();
for (int counter = 0; counter < assignedRoles.size(); counter++) {
IdmIdentityRoleDto identityRole = assignedRoles.get(counter);
IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(identityRole, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT);
UUID identityId = contract.getIdentity();
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setApplicant(identityId);
//
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
conceptRoleRequest.setIdentityContract(contract.getId());
conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
roleRequest.getConceptRoles().add(conceptRoleRequest);
//
// start event
RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
roleRequestService.startConcepts(requestEvent, event);
//
if (counter % 100 == 0) {
clearSession();
}
}
//
// related automatic roles by tree structure
IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
roleTreeNodefilter.setRoleId(roleId);
roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// related automatic roles by attribute
IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
automaticRoleFilter.setRoleId(roleId);
automaticRoleAttributeService.findIds(automaticRoleFilter, null).stream().forEach(automaticRoleId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(automaticRoleId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// business roles
// prevent to cyclic composition will be processed twice (sub = superior)
Set<UUID> processedCompositionIds = new HashSet<>();
// by sub
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSubId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
// by superior
compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSuperiorId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().filter(// ~ prevent to cyclic composition will be processed twice (sub = superior)
roleCompositionId -> !processedCompositionIds.contains(roleCompositionId)).forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
}
//
// remove all policies
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(roleId);
authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
authorizationPolicyService.delete(dto);
});
clearSession();
//
// Cancel all related automatic role requests
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setRoleId(roleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
automaticRoleRequestService.cancel(request);
});
clearSession();
//
// remove role guarantee
IdmRoleGuaranteeRoleFilter roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setGuaranteeRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
//
// remove guarantees
IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
roleGuaranteeFilter.setRole(roleId);
roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
roleGuaranteeService.delete(roleGuarantee);
});
clearSession();
//
// remove catalogues
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).forEach(roleCatalogue -> {
roleCatalogueRoleService.delete(roleCatalogue);
});
clearSession();
//
// remove incompatible roles from both sides
incompatibleRoleService.findAllByRole(roleId).forEach(incompatibleRole -> {
incompatibleRoleService.delete(incompatibleRole);
});
clearSession();
//
// Remove role-form-attributes
IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
roleFormAttributeFilter.setRole(roleId);
roleFormAttributeService.find(roleFormAttributeFilter, null).forEach(roleCatalogue -> {
roleFormAttributeService.delete(roleCatalogue);
});
//
if (forceDelete) {
LOG.debug("Role [{}] should be deleted by caller after all asynchronus processes are completed.", role.getCode());
//
// dirty flag only - will be processed after asynchronous events ends
IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
stateDeleted.setEvent(event.getId());
stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
entityStateManager.saveState(role, stateDeleted);
//
// set disabled
role.setDisabled(true);
service.saveInternal(role);
} else {
service.deleteInternal(role);
}
//
return new DefaultEventResult<>(event, this);
}
Also used :
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor)
AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
ImmutableMap(com.google.common.collect.ImmutableMap)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
IdmRoleGuaranteeRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeRoleService)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
List(java.util.List)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService)
Session(org.hibernate.Session)
MessageFormat(java.text.MessageFormat)
HashSet(java.util.HashSet)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
EventResult(eu.bcvsolutions.idm.core.api.event.EventResult)
RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Description(org.springframework.context.annotation.Description)
RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmRoleGuaranteeService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeService)
LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IdmRoleCatalogueRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueRoleService)
EntityManager(javax.persistence.EntityManager)
IdmRoleFormAttributeService(eu.bcvsolutions.idm.core.api.service.IdmRoleFormAttributeService)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmIncompatibleRoleService(eu.bcvsolutions.idm.core.api.service.IdmIncompatibleRoleService)
Component(org.springframework.stereotype.Component)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
Assert(org.springframework.util.Assert)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
UUID(java.util.UUID)
HashSet(java.util.HashSet)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Example 17 with IdmAuthorizationPolicyFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter in project CzechIdMng by bcvsolutions.
the class RoleDuplicateBulkActionIntegrationTest method testCreateAndUpdateAuthorizationPolicies.
@Test
public void testCreateAndUpdateAuthorizationPolicies() {
// create role with policies
IdmRoleDto role = getHelper().createRole();
ConfigurationMap properties = new ConfigurationMap();
properties.put("mockOne", "mockOne");
IdmAuthorizationPolicyDto policyOne = getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.IDENTITY, IdmIdentity.class, CodeableEvaluator.class, properties, IdmBasePermission.ADMIN);
IdmAuthorizationPolicyDto policyTwo = getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.ROLE, IdmRole.class, CodeableEvaluator.class, properties, IdmBasePermission.ADMIN);
IdmAuthorizationPolicyDto policyThree = getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.TREENODE, IdmTreeNode.class, CodeableEvaluator.class, properties, IdmBasePermission.ADMIN);
IdmAuthorizationPolicyDto policyFour = getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.TREETYPE, IdmTreeType.class, CodeableEvaluator.class, properties, IdmBasePermission.READ);
//
// duplicate role
String targetEnvironment = getHelper().createName();
IdmBulkActionDto bulkAction = findBulkAction(IdmRole.class, RoleDuplicateBulkAction.NAME);
bulkAction.setIdentifiers(Sets.newHashSet(role.getId()));
bulkAction.getProperties().put(RoleDuplicateBulkAction.PROPERTY_ENVIRONMENT, targetEnvironment);
bulkAction.getProperties().put(DuplicateRoleAuthorizationPolicyProcessor.PARAMETER_INCLUDE_ROLE_AUTHORIZATION_POLICY, true);
IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
checkResultLrt(processAction, 1l, null, null);
//
IdmRoleDto duplicate = roleService.getByBaseCodeAndEnvironment(role.getBaseCode(), targetEnvironment);
//
IdmAuthorizationPolicyFilter filter = new IdmAuthorizationPolicyFilter();
filter.setRoleId(duplicate.getId());
List<IdmAuthorizationPolicyDto> duplicatePolicies = authorizationPolicyService.find(filter, null).getContent();
Assert.assertEquals(4, duplicatePolicies.size());
IdmAuthorizationPolicyDto duplicatePolicyOne = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.IDENTITY.getName())).findFirst().get();
IdmAuthorizationPolicyDto duplicatePolicyTwo = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.ROLE.getName())).findFirst().get();
IdmAuthorizationPolicyDto duplicatePolicyThree = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.TREENODE.getName())).findFirst().get();
IdmAuthorizationPolicyDto duplicatePolicyFour = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.TREETYPE.getName())).findFirst().get();
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyOne, duplicatePolicyOne));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyTwo, duplicatePolicyTwo));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyThree, duplicatePolicyThree));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyFour, duplicatePolicyFour));
UUID duplicatePolicyOneId = duplicatePolicyOne.getId();
UUID duplicatePolicyTwoId = duplicatePolicyTwo.getId();
UUID duplicatePolicyThreeId = duplicatePolicyThree.getId();
UUID duplicatePolicyFourId = duplicatePolicyFour.getId();
//
// duplicate role again => no change => id preserved
processAction = bulkActionManager.processAction(bulkAction);
checkResultLrt(processAction, 1l, null, null);
duplicatePolicies = authorizationPolicyService.find(filter, null).getContent();
Assert.assertEquals(4, duplicatePolicies.size());
duplicatePolicyOne = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.IDENTITY.getName())).findFirst().get();
duplicatePolicyTwo = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.ROLE.getName())).findFirst().get();
duplicatePolicyThree = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.TREENODE.getName())).findFirst().get();
duplicatePolicyFour = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.TREETYPE.getName())).findFirst().get();
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyOne, duplicatePolicyOne));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyTwo, duplicatePolicyTwo));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyThree, duplicatePolicyThree));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyFour, duplicatePolicyFour));
Assert.assertEquals(duplicatePolicyOneId, duplicatePolicyOne.getId());
Assert.assertEquals(duplicatePolicyTwoId, duplicatePolicyTwo.getId());
Assert.assertEquals(duplicatePolicyThreeId, duplicatePolicyThree.getId());
Assert.assertEquals(duplicatePolicyFourId, duplicatePolicyFour.getId());
//
// remove and update duplicated polices
properties = new ConfigurationMap();
properties.put("mockOne", "mockUpdate");
duplicatePolicyOne.setEvaluatorProperties(properties);
authorizationPolicyService.save(duplicatePolicyOne);
authorizationPolicyService.delete(duplicatePolicyTwo);
//
// add / delete and update source policies
IdmAuthorizationPolicyDto policyFive = getHelper().createAuthorizationPolicy(role.getId(), CoreGroupPermission.CODELIST, IdmCodeList.class, CodeableEvaluator.class, properties, IdmBasePermission.READ);
authorizationPolicyService.delete(policyThree);
//
// duplicate again
processAction = bulkActionManager.processAction(bulkAction);
checkResultLrt(processAction, 1l, null, null);
duplicatePolicies = authorizationPolicyService.find(filter, null).getContent();
Assert.assertEquals(4, duplicatePolicies.size());
//
duplicatePolicyOne = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.IDENTITY.getName())).findFirst().get();
duplicatePolicyTwo = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.ROLE.getName())).findFirst().get();
duplicatePolicyFour = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.TREETYPE.getName())).findFirst().get();
IdmAuthorizationPolicyDto duplicatePolicyFive = duplicatePolicies.stream().filter(p -> p.getGroupPermission().equals(CoreGroupPermission.CODELIST.getName())).findFirst().get();
//
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyOne, duplicatePolicyOne));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyTwo, duplicatePolicyTwo));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyFour, duplicatePolicyFour));
Assert.assertTrue(authorizationPolicyService.hasSameConfiguration(policyFive, duplicatePolicyFive));
// others are recreated
Assert.assertEquals(duplicatePolicyFourId, duplicatePolicyFour.getId());
}
Also used :
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
IdmTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmTreeNodeDto)
Autowired(org.springframework.beans.factory.annotation.Autowired)
FormService(eu.bcvsolutions.idm.core.eav.api.service.FormService)
CodeableEvaluator(eu.bcvsolutions.idm.core.security.evaluator.CodeableEvaluator)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)
After(org.junit.After)
TransactionContextHolder(eu.bcvsolutions.idm.core.api.domain.TransactionContextHolder)
IdmRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFilter)
IdmEntityStateService(eu.bcvsolutions.idm.core.api.service.IdmEntityStateService)
AutomaticRoleAttributeRuleType(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleType)
IdmIdentity(eu.bcvsolutions.idm.core.model.entity.IdmIdentity)
IdmIdentityContractService(eu.bcvsolutions.idm.core.api.service.IdmIdentityContractService)
IdmTreeType(eu.bcvsolutions.idm.core.model.entity.IdmTreeType)
DuplicateRoleAutomaticByTreeProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.DuplicateRoleAutomaticByTreeProcessor)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
DuplicateRoleFormAttributeProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.DuplicateRoleFormAttributeProcessor)
Sets(com.google.common.collect.Sets)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
List(java.util.List)
DuplicateRoleCompositionProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.DuplicateRoleCompositionProcessor)
IdmAutomaticRoleAttributeRuleService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeRuleService)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IdmRole(eu.bcvsolutions.idm.core.model.entity.IdmRole)
IdmRoleFormAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleFormAttributeDto)
IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
AbstractBulkActionTest(eu.bcvsolutions.idm.test.api.AbstractBulkActionTest)
DuplicateRoleAuthorizationPolicyProcessor(eu.bcvsolutions.idm.core.model.event.processor.role.DuplicateRoleAuthorizationPolicyProcessor)
PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType)
IdmBasePermission(eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
Before(org.junit.Before)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
Test(org.junit.Test)
IdmCodeList(eu.bcvsolutions.idm.core.eav.entity.IdmCodeList)
IdmRoleFormAttributeService(eu.bcvsolutions.idm.core.api.service.IdmRoleFormAttributeService)
ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap)
IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto)
IdmTreeNode(eu.bcvsolutions.idm.core.model.entity.IdmTreeNode)
IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
AutomaticRoleAttributeRuleComparison(eu.bcvsolutions.idm.core.api.domain.AutomaticRoleAttributeRuleComparison)
IdmIdentity_(eu.bcvsolutions.idm.core.model.entity.IdmIdentity_)
IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)
Assert(org.junit.Assert)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmBulkActionDto(eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto)
IdmAuthorizationPolicyDto(eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)
ConfigurationMap(eu.bcvsolutions.idm.core.api.domain.ConfigurationMap)
GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
UUID(java.util.UUID)
AbstractBulkActionTest(eu.bcvsolutions.idm.test.api.AbstractBulkActionTest)
Test(org.junit.Test)
Example 18 with IdmAuthorizationPolicyFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleServiceIntegrationTest method testReferentialIntegrityAuthorizationPolicies.
@Test
public void testReferentialIntegrityAuthorizationPolicies() {
// prepare data
IdmRoleDto role = getHelper().createRole();
// policy
getHelper().createBasePolicy(role.getId(), IdmBasePermission.ADMIN);
//
roleService.delete(role);
//
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(role.getId());
Assert.assertEquals(0, authorizationPolicyService.find(policyFilter, null).getTotalElements());
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
AbstractRestTest(eu.bcvsolutions.idm.test.api.AbstractRestTest)
Test(org.junit.Test)
Example 19 with IdmAuthorizationPolicyFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter in project CzechIdMng by bcvsolutions.
the class IdmAuthorizationPolicyController method toFilter.
@Override
protected IdmAuthorizationPolicyFilter toFilter(MultiValueMap<String, Object> parameters) {
IdmAuthorizationPolicyFilter filter = new IdmAuthorizationPolicyFilter(parameters, getParameterConverter());
//
// role and identity decorator
filter.setIdentityId(getParameterConverter().toEntityUuid(parameters, IdmAuthorizationPolicyFilter.PARAMETER_IDENTITY_ID, IdmIdentityDto.class));
filter.setRoleId(getParameterConverter().toEntityUuid(parameters, IdmAuthorizationPolicyFilter.PARAMETER_ROLE_ID, IdmRoleDto.class));
//
return filter;
}
Also used :
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)
Aggregations
IdmAuthorizationPolicyFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)19
IdmAuthorizationPolicyDto (eu.bcvsolutions.idm.core.api.dto.IdmAuthorizationPolicyDto)13
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)12
Test (org.junit.Test)11
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)9
List (java.util.List)9
Autowired (org.springframework.beans.factory.annotation.Autowired)9
CoreGroupPermission (eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)7
IdmRole (eu.bcvsolutions.idm.core.model.entity.IdmRole)7
IdmBasePermission (eu.bcvsolutions.idm.core.security.api.domain.IdmBasePermission)7
IdmIdentity (eu.bcvsolutions.idm.core.model.entity.IdmIdentity)6
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)6
Assert (org.junit.Assert)6
RoleConfiguration (eu.bcvsolutions.idm.core.api.config.domain.RoleConfiguration)5
IdmGroupPermission (eu.bcvsolutions.idm.core.security.api.domain.IdmGroupPermission)5
StringUtils (org.apache.commons.lang3.StringUtils)5
IdmBulkActionDto (eu.bcvsolutions.idm.core.api.bulk.action.dto.IdmBulkActionDto)4
AbstractReadWriteDtoController (eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoController)4
AbstractReadWriteDtoControllerRestTest (eu.bcvsolutions.idm.core.api.rest.AbstractReadWriteDtoControllerRestTest)4
IdmAuthorizationPolicyService (eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)4
