use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeIntegrationTest method testFilterRuleType.
@Test
public void testFilterRuleType() {
IdmRoleDto role = testHelper.createRole();
IdmAutomaticRoleAttributeDto automaticRole = new IdmAutomaticRoleAttributeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(getTestName());
automaticRole = automaticRoleAttributeService.save(automaticRole);
//
IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
List<IdmAutomaticRoleAttributeDto> content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(0, content.size());
//
IdmAutomaticRoleAttributeRuleDto rule1 = new IdmAutomaticRoleAttributeRuleDto();
rule1.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule1.setType(AutomaticRoleAttributeRuleType.IDENTITY);
rule1.setValue("test");
rule1.setAttributeName(IdmIdentity_.username.getName());
rule1.setAutomaticRoleAttribute(automaticRole.getId());
automaticRoleAttributeRuleService.save(rule1);
//
filter = new IdmAutomaticRoleFilter();
filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(0, content.size());
//
// try add next rules
IdmAutomaticRoleAttributeRuleDto rule2 = new IdmAutomaticRoleAttributeRuleDto();
rule2.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule2.setType(AutomaticRoleAttributeRuleType.CONTRACT);
rule2.setValue("test");
rule2.setAttributeName(IdmIdentityContract_.description.getName());
rule2.setAutomaticRoleAttribute(automaticRole.getId());
automaticRoleAttributeRuleService.save(rule2);
//
filter = new IdmAutomaticRoleFilter();
filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(1, content.size());
IdmAutomaticRoleAttributeDto found = content.get(0);
assertEquals(automaticRole.getId(), found.getId());
}
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeIntegrationTest method testFilterHasRules.
@Test
public void testFilterHasRules() {
long totalElements = automaticRoleAttributeService.find(null).getTotalElements();
assertEquals(0, totalElements);
//
IdmRoleDto role = testHelper.createRole();
IdmAutomaticRoleAttributeDto automaticRole = new IdmAutomaticRoleAttributeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(getTestName());
automaticRole = automaticRoleAttributeService.save(automaticRole);
//
IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
filter.setHasRules(true);
totalElements = automaticRoleAttributeService.find(filter, null).getNumberOfElements();
assertEquals(0, totalElements);
//
filter.setHasRules(false);
List<IdmAutomaticRoleAttributeDto> content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(1, content.size());
IdmAutomaticRoleAttributeDto found = content.get(0);
assertEquals(automaticRole.getId(), found.getId());
//
automaticRoleAttributeService.deleteInternal(found);
//
automaticRole = new IdmAutomaticRoleAttributeDto();
automaticRole.setRole(role.getId());
automaticRole.setName(getTestName());
automaticRole = automaticRoleAttributeService.save(automaticRole);
//
IdmAutomaticRoleAttributeRuleDto rule1 = new IdmAutomaticRoleAttributeRuleDto();
rule1.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule1.setType(AutomaticRoleAttributeRuleType.IDENTITY);
rule1.setValue("test");
rule1.setAttributeName(IdmIdentity_.username.getName());
rule1.setAutomaticRoleAttribute(automaticRole.getId());
automaticRoleAttributeRuleService.save(rule1);
//
filter = new IdmAutomaticRoleFilter();
filter.setHasRules(true);
content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(1, content.size());
found = content.get(0);
assertEquals(automaticRole.getId(), found.getId());
//
// try add next rules
IdmAutomaticRoleAttributeRuleDto rule2 = new IdmAutomaticRoleAttributeRuleDto();
rule2.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule2.setType(AutomaticRoleAttributeRuleType.IDENTITY);
rule2.setValue("test");
rule2.setAttributeName(IdmIdentity_.username.getName());
rule2.setAutomaticRoleAttribute(automaticRole.getId());
automaticRoleAttributeRuleService.save(rule2);
//
IdmAutomaticRoleAttributeRuleDto rule3 = new IdmAutomaticRoleAttributeRuleDto();
rule3.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
rule3.setType(AutomaticRoleAttributeRuleType.IDENTITY);
rule3.setValue("test");
rule3.setAttributeName(IdmIdentity_.username.getName());
rule3.setAutomaticRoleAttribute(automaticRole.getId());
automaticRoleAttributeRuleService.save(rule3);
//
filter = new IdmAutomaticRoleFilter();
filter.setHasRules(true);
content = automaticRoleAttributeService.find(filter, null).getContent();
assertEquals(1, content.size());
found = content.get(0);
assertEquals(automaticRole.getId(), found.getId());
}
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
IdmRoleDto role = event.getContent();
// role assigned to identity could not be deleted
if (identityRoleRepository.countByRole_Id(role.getId()) > 0) {
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED, ImmutableMap.of("role", role.getName()));
}
//
// automatic role attribute has assigned this role
IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
automaticRoleFilter.setRoleId(role.getId());
long totalElements = automaticRoleAttributeService.find(automaticRoleFilter, new PageRequest(0, 1)).getTotalElements();
if (totalElements > 0) {
// some automatic role attribute has assigned this role
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_AUTOMATIC_ROLE_ASSIGNED, ImmutableMap.of("role", role.getName()));
}
//
// remove related automatic roles
IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
filter.setRoleId(role.getId());
roleTreeNodeService.find(filter, null).forEach(roleTreeNode -> {
try {
roleTreeNodeService.delete(roleTreeNode);
} catch (AcceptedException ex) {
throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_TREE_NODE, ImmutableMap.of("role", role.getName(), "roleTreeNode", roleTreeNode.getId()));
}
});
// Find all concepts and remove relation on role
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setRoleId(role.getId());
conceptRoleRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getName(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getName());
concept.setState(RoleRequestState.CANCELED);
}
roleRequestService.addToLog(request, message);
conceptRoleRequestService.addToLog(concept, message);
concept.setRole(null);
roleRequestService.save(request);
conceptRoleRequestService.save(concept);
});
// remove all policies
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(role.getId());
authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
authorizationPolicyService.delete(dto);
});
// Find all automatic role requests and remove relation on automatic role
UUID roleId = role.getId();
if (roleId != null) {
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setRoleId(roleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
request.setRole(null);
automaticRoleRequestService.save(request);
automaticRoleRequestService.cancel(request);
});
}
//
// remove role guarantees, sub roles and catalog works automatically by hibenate mapping
service.deleteInternal(role);
//
return new DefaultEventResult<>(event, this);
}
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmAutomaticRoleAttributeService method findAllToProcess.
@Override
public Page<IdmAutomaticRoleAttributeDto> findAllToProcess(AutomaticRoleAttributeRuleType type, Pageable page) {
IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
filter.setConcept(Boolean.FALSE);
filter.setRuleType(type);
filter.setHasRules(Boolean.TRUE);
return this.find(filter, page);
}
Aggregations