Example 1 with IdmAutomaticRoleAttributeRuleRequestFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestService method deleteInternal.
@Override
@Transactional
public void deleteInternal(IdmAutomaticRoleRequestDto dto) {
// Stop connected WF process
cancelWF(dto);
// First we have to delete all rule concepts for this request
if (dto.getId() != null) {
IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
ruleFilter.setRoleRequestId(dto.getId());
List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
ruleConcepts.forEach(concept -> {
automaticRoleRuleRequestService.delete(concept);
});
}
super.deleteInternal(dto);
}
Also used :
IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 2 with IdmAutomaticRoleAttributeRuleRequestFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmFormAttributeService method deleteInternal.
@Override
@Transactional
@SuppressWarnings({ "rawtypes", "unchecked" })
public void deleteInternal(IdmFormAttributeDto dto) {
Assert.notNull(dto);
// attribute with filled values cannot be deleted
IdmFormValueFilter filter = new IdmFormValueFilter();
filter.setAttributeId(dto.getId());
formValueServices.getPlugins().forEach(formValueService -> {
if (formValueService.find(filter, new PageRequest(0, 1)).getTotalElements() > 0) {
throw new ResultCodeException(CoreResultCode.FORM_ATTRIBUTE_DELETE_FAILED_HAS_VALUES, ImmutableMap.of("formAttribute", dto.getCode()));
}
});
// delete all values
// TODO: add some force delete parameter => rewrite service to event usage
/* formValueServices.getPlugins().forEach(formValueService -> {
formValueService.find(filter, null).getContent().forEach(formValue -> {
formValueService.delete((IdmFormValueDto) formValue);
});
});*/
//
// check rules for automatic role attributes
IdmAutomaticRoleAttributeRuleFilter automaticRoleRuleFilter = new IdmAutomaticRoleAttributeRuleFilter();
automaticRoleRuleFilter.setFormAttributeId(dto.getId());
long totalElements = automaticRoleAttributeService.find(automaticRoleRuleFilter, new PageRequest(0, 1)).getTotalElements();
if (totalElements > 0) {
// some automatic roles use this attribute
throw new ResultCodeException(CoreResultCode.FORM_ATTRIBUTE_DELETE_FAILED_AUTOMATIC_ROLE_RULE_ASSIGNED, ImmutableMap.of("formAttribute", dto.getId()));
}
//
// Check rules requests for automatic role attributes. Deletes relation on this form attribute.
IdmAutomaticRoleAttributeRuleRequestFilter automaticRoleRuleRequestFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
automaticRoleRuleRequestFilter.setFormAttributeId(dto.getId());
List<IdmAutomaticRoleAttributeRuleRequestDto> ruleRequests = automaticRoleAttributeRequestService.find(automaticRoleRuleRequestFilter, null).getContent();
ruleRequests.forEach(rule -> {
rule.setFormAttribute(null);
automaticRoleAttributeRequestService.save(rule);
});
//
super.deleteInternal(dto);
}
Also used :
IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)
PageRequest(org.springframework.data.domain.PageRequest)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmFormValueFilter(eu.bcvsolutions.idm.core.eav.api.dto.filter.IdmFormValueFilter)
IdmAutomaticRoleAttributeRuleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 3 with IdmAutomaticRoleAttributeRuleRequestFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter in project CzechIdMng by bcvsolutions.
the class AutomaticRoleAttributeRuleDeleteProcessor method process.
@Override
public EventResult<IdmAutomaticRoleAttributeRuleDto> process(EntityEvent<IdmAutomaticRoleAttributeRuleDto> event) {
IdmAutomaticRoleAttributeRuleDto dto = event.getContent();
//
List<IdmAutomaticRoleAttributeRuleDto> allRules = automactiRoleAttributeRuleService.findAllRulesForAutomaticRole(dto.getAutomaticRoleAttribute());
// by default is skip value null => false
if (!this.getBooleanProperty(SKIP_CHECK_LAST_RULE, event.getProperties())) {
// it's last rule, remove all identity role
if (allRules.size() == 1 && dto.getId().equals(allRules.get(0).getId())) {
// before we start delete identity role, we check how many identities has the auto role
// if doesn't exist identities that has the role, skip remove
IdmIdentityFilter identityFilter = new IdmIdentityFilter();
long totalElements = identityService.find(identityFilter, new PageRequest(0, 1)).getTotalElements();
if (totalElements > 0) {
UUID automaticRoleAttributeId = dto.getAutomaticRoleAttribute();
removeAllRoles(automaticRoleAttributeId);
//
// we also set concept to false
IdmAutomaticRoleAttributeDto roleAttributeDto = automaticRoleAttributeRuleService.get(automaticRoleAttributeId);
roleAttributeDto.setConcept(false);
roleAttributeDto = automaticRoleAttributeRuleService.save(roleAttributeDto);
}
}
}
UUID automaticRuleId = dto.getId();
// Find all automatic role requests and remove relation on rule
if (automaticRuleId != null) {
IdmAutomaticRoleAttributeRuleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
automaticRoleRequestFilter.setRuleId(automaticRuleId);
ruleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setRule(null);
ruleRequestService.save(request);
});
}
//
automactiRoleAttributeRuleService.deleteInternal(dto);
//
return new DefaultEventResult<>(event, this);
}
Also used :
IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)
PageRequest(org.springframework.data.domain.PageRequest)
IdmIdentityFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)
UUID(java.util.UUID)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
Example 4 with IdmAutomaticRoleAttributeRuleRequestFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestService method startRequest.
@Override
@Transactional
public IdmAutomaticRoleRequestDto startRequest(UUID requestId, boolean checkRight) {
IdmAutomaticRoleRequestDto request = get(requestId);
Assert.notNull(request, "Request is required!");
// Validation on exist some rule
if (AutomaticRoleRequestType.ATTRIBUTE == request.getRequestType() && RequestOperationType.REMOVE != request.getOperation()) {
IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
ruleFilter.setRoleRequestId(requestId);
List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
if (ruleConcepts.isEmpty()) {
throw new RoleRequestException(CoreResultCode.AUTOMATIC_ROLE_REQUEST_START_WITHOUT_RULE, ImmutableMap.of("request", request.getName()));
}
}
try {
IdmAutomaticRoleRequestService service = this.getIdmAutomaticRoleRequestService();
if (!(service instanceof DefaultIdmAutomaticRoleRequestService)) {
throw new CoreException("We expects instace of DefaultIdmAutomaticRoleRequestService!");
}
return ((DefaultIdmAutomaticRoleRequestService) service).startRequestNewTransactional(requestId, checkRight);
} catch (Exception ex) {
LOG.error(ex.getLocalizedMessage(), ex);
request = get(requestId);
Throwable exceptionToLog = resolveException(ex);
// TODO: I set only cause of exception, not code and properties. If are
// properties set, then request cannot be save!
request.setResult(new OperationResultDto.Builder(OperationState.EXCEPTION).setCause(exceptionToLog).build());
request.setState(RequestState.EXCEPTION);
return save(request);
}
}
Also used :
IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)
RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)
RoleRequestException(eu.bcvsolutions.idm.core.api.exception.RoleRequestException)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException)
CoreException(eu.bcvsolutions.idm.core.api.exception.CoreException)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 5 with IdmAutomaticRoleAttributeRuleRequestFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleRequestService method executeRequestInternal.
private IdmAutomaticRoleRequestDto executeRequestInternal(UUID requestId) {
Assert.notNull(requestId, "Role request ID is required!");
IdmAutomaticRoleRequestDto request = this.get(requestId);
Assert.notNull(request, "Role request is required!");
IdmAutomaticRoleAttributeRuleRequestFilter ruleFilter = new IdmAutomaticRoleAttributeRuleRequestFilter();
ruleFilter.setRoleRequestId(requestId);
List<IdmAutomaticRoleAttributeRuleRequestDto> ruleConcepts = automaticRoleRuleRequestService.find(ruleFilter, null).getContent();
UUID automaticRoleId = request.getAutomaticRole();
if (AutomaticRoleRequestType.ATTRIBUTE == request.getRequestType()) {
// Automatic role by attributes
if (RequestOperationType.REMOVE == request.getOperation()) {
// Remove automatic role by attributes
Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
automaticRoleAttributeService.delete(automaticRoleAttributeService.get(automaticRoleId));
request.setAutomaticRole(null);
} else {
// Add new or update (rules) for automatic role by attributes
IdmAutomaticRoleAttributeDto automaticRole = null;
if (automaticRoleId != null) {
automaticRole = automaticRoleAttributeService.get(automaticRoleId);
} else {
automaticRole = new IdmAutomaticRoleAttributeDto();
automaticRole = initAttributeAutomaticRole(request, automaticRole);
automaticRole = automaticRoleAttributeService.save(automaticRole);
request.setAutomaticRole(automaticRole.getId());
}
UUID roleId = automaticRole.getRole() != null ? automaticRole.getRole() : request.getRole();
Assert.notNull(roleId, "Id of role is required in the automatic role request!");
IdmRoleDto role = roleService.get(request.getRole());
Assert.notNull(role, "Role is required in the automatic role request!");
// Before we do any change, we have to sets the automatic role to concept state
automaticRole.setConcept(true);
automaticRoleAttributeService.save(automaticRole);
// Realize changes for rules
realizeAttributeRules(request, automaticRole, ruleConcepts);
// Sets automatic role as no concept -> execute recalculation this role
automaticRole.setConcept(false);
automaticRoleAttributeService.recalculate(automaticRoleAttributeService.save(automaticRole).getId());
}
} else if (AutomaticRoleRequestType.TREE == request.getRequestType()) {
// Automatic role by node in a tree
if (RequestOperationType.REMOVE == request.getOperation()) {
// Remove tree automatic role
Assert.notNull(automaticRoleId, "Id of automatic role in the request (for delete) is required!");
// Recount (remove) assigned roles ensures LRT during delete
automaticRoleTreeService.delete(automaticRoleTreeService.get(automaticRoleId));
request.setAutomaticRole(null);
} else if (RequestOperationType.ADD == request.getOperation()) {
// Create new tree automatic role
IdmRoleTreeNodeDto treeAutomaticRole = new IdmRoleTreeNodeDto();
treeAutomaticRole = initTreeAutomaticRole(request, treeAutomaticRole);
// Recount of assigned roles ensures LRT after save
treeAutomaticRole = automaticRoleTreeService.save(treeAutomaticRole);
request.setAutomaticRole(treeAutomaticRole.getId());
} else {
// Update is not supported
throw new ResultCodeException(CoreResultCode.METHOD_NOT_ALLOWED, "Tree automatic role update is not supported");
}
}
request.setState(RequestState.EXECUTED);
request.setResult(new OperationResultDto.Builder(OperationState.EXECUTED).build());
return this.save(request);
}
Also used :
IdmAutomaticRoleAttributeRuleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRoleTreeNodeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)
IdmAutomaticRoleAttributeRuleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)
IdmAutomaticRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
UUID(java.util.UUID)
IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)
Aggregations
IdmAutomaticRoleAttributeRuleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleRequestFilter)6
IdmAutomaticRoleAttributeRuleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleRequestDto)4
ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)3
Transactional (org.springframework.transaction.annotation.Transactional)3
IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)2
IdmAutomaticRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleRequestDto)2
UUID (java.util.UUID)2
CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2
PageRequest (org.springframework.data.domain.PageRequest)2
IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)1
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)1
IdmRoleTreeNodeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleTreeNodeDto)1
IdmAutomaticRoleAttributeRuleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleAttributeRuleFilter)1
IdmIdentityFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityFilter)1
DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)1
AcceptedException (eu.bcvsolutions.idm.core.api.exception.AcceptedException)1
CoreException (eu.bcvsolutions.idm.core.api.exception.CoreException)1
RoleRequestException (eu.bcvsolutions.idm.core.api.exception.RoleRequestException)1
IdmAutomaticRoleRequestService (eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)1
IdmFormValueFilter (eu.bcvsolutions.idm.core.eav.api.dto.filter.IdmFormValueFilter)1
