Search in sources :

Example 1 with IdmAutomaticRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleAttributeIntegrationTest method testFilterRuleType.

@Test
public void testFilterRuleType() {
    IdmRoleDto role = testHelper.createRole();
    IdmAutomaticRoleAttributeDto automaticRole = new IdmAutomaticRoleAttributeDto();
    automaticRole.setRole(role.getId());
    automaticRole.setName(getTestName());
    automaticRole = automaticRoleAttributeService.save(automaticRole);
    // 
    IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
    filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
    List<IdmAutomaticRoleAttributeDto> content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(0, content.size());
    // 
    IdmAutomaticRoleAttributeRuleDto rule1 = new IdmAutomaticRoleAttributeRuleDto();
    rule1.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule1.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule1.setValue("test");
    rule1.setAttributeName(IdmIdentity_.username.getName());
    rule1.setAutomaticRoleAttribute(automaticRole.getId());
    automaticRoleAttributeRuleService.save(rule1);
    // 
    filter = new IdmAutomaticRoleFilter();
    filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
    content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(0, content.size());
    // 
    // try add next rules
    IdmAutomaticRoleAttributeRuleDto rule2 = new IdmAutomaticRoleAttributeRuleDto();
    rule2.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule2.setType(AutomaticRoleAttributeRuleType.CONTRACT);
    rule2.setValue("test");
    rule2.setAttributeName(IdmIdentityContract_.description.getName());
    rule2.setAutomaticRoleAttribute(automaticRole.getId());
    automaticRoleAttributeRuleService.save(rule2);
    // 
    filter = new IdmAutomaticRoleFilter();
    filter.setRuleType(AutomaticRoleAttributeRuleType.CONTRACT);
    content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(1, content.size());
    IdmAutomaticRoleAttributeDto found = content.get(0);
    assertEquals(automaticRole.getId(), found.getId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 2 with IdmAutomaticRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleAttributeIntegrationTest method testFilterHasRules.

@Test
public void testFilterHasRules() {
    long totalElements = automaticRoleAttributeService.find(null).getTotalElements();
    assertEquals(0, totalElements);
    // 
    IdmRoleDto role = testHelper.createRole();
    IdmAutomaticRoleAttributeDto automaticRole = new IdmAutomaticRoleAttributeDto();
    automaticRole.setRole(role.getId());
    automaticRole.setName(getTestName());
    automaticRole = automaticRoleAttributeService.save(automaticRole);
    // 
    IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
    filter.setHasRules(true);
    totalElements = automaticRoleAttributeService.find(filter, null).getNumberOfElements();
    assertEquals(0, totalElements);
    // 
    filter.setHasRules(false);
    List<IdmAutomaticRoleAttributeDto> content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(1, content.size());
    IdmAutomaticRoleAttributeDto found = content.get(0);
    assertEquals(automaticRole.getId(), found.getId());
    // 
    automaticRoleAttributeService.deleteInternal(found);
    // 
    automaticRole = new IdmAutomaticRoleAttributeDto();
    automaticRole.setRole(role.getId());
    automaticRole.setName(getTestName());
    automaticRole = automaticRoleAttributeService.save(automaticRole);
    // 
    IdmAutomaticRoleAttributeRuleDto rule1 = new IdmAutomaticRoleAttributeRuleDto();
    rule1.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule1.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule1.setValue("test");
    rule1.setAttributeName(IdmIdentity_.username.getName());
    rule1.setAutomaticRoleAttribute(automaticRole.getId());
    automaticRoleAttributeRuleService.save(rule1);
    // 
    filter = new IdmAutomaticRoleFilter();
    filter.setHasRules(true);
    content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(1, content.size());
    found = content.get(0);
    assertEquals(automaticRole.getId(), found.getId());
    // 
    // try add next rules
    IdmAutomaticRoleAttributeRuleDto rule2 = new IdmAutomaticRoleAttributeRuleDto();
    rule2.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule2.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule2.setValue("test");
    rule2.setAttributeName(IdmIdentity_.username.getName());
    rule2.setAutomaticRoleAttribute(automaticRole.getId());
    automaticRoleAttributeRuleService.save(rule2);
    // 
    IdmAutomaticRoleAttributeRuleDto rule3 = new IdmAutomaticRoleAttributeRuleDto();
    rule3.setComparison(AutomaticRoleAttributeRuleComparison.EQUALS);
    rule3.setType(AutomaticRoleAttributeRuleType.IDENTITY);
    rule3.setValue("test");
    rule3.setAttributeName(IdmIdentity_.username.getName());
    rule3.setAutomaticRoleAttribute(automaticRole.getId());
    automaticRoleAttributeRuleService.save(rule3);
    // 
    filter = new IdmAutomaticRoleFilter();
    filter.setHasRules(true);
    content = automaticRoleAttributeService.find(filter, null).getContent();
    assertEquals(1, content.size());
    found = content.get(0);
    assertEquals(automaticRole.getId(), found.getId());
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmAutomaticRoleAttributeRuleDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto) IdmAutomaticRoleAttributeDto(eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) AbstractIntegrationTest(eu.bcvsolutions.idm.test.api.AbstractIntegrationTest) Test(org.junit.Test)

Example 3 with IdmAutomaticRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.

the class RoleDeleteProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    IdmRoleDto role = event.getContent();
    // role assigned to identity could not be deleted
    if (identityRoleRepository.countByRole_Id(role.getId()) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED, ImmutableMap.of("role", role.getName()));
    }
    // 
    // automatic role attribute has assigned this role
    IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
    automaticRoleFilter.setRoleId(role.getId());
    long totalElements = automaticRoleAttributeService.find(automaticRoleFilter, new PageRequest(0, 1)).getTotalElements();
    if (totalElements > 0) {
        // some automatic role attribute has assigned this role
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_AUTOMATIC_ROLE_ASSIGNED, ImmutableMap.of("role", role.getName()));
    }
    // 
    // remove related automatic roles
    IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
    filter.setRoleId(role.getId());
    roleTreeNodeService.find(filter, null).forEach(roleTreeNode -> {
        try {
            roleTreeNodeService.delete(roleTreeNode);
        } catch (AcceptedException ex) {
            throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_TREE_NODE, ImmutableMap.of("role", role.getName(), "roleTreeNode", roleTreeNode.getId()));
        }
    });
    // Find all concepts and remove relation on role
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setRoleId(role.getId());
    conceptRoleRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getName(), concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getName());
            concept.setState(RoleRequestState.CANCELED);
        }
        roleRequestService.addToLog(request, message);
        conceptRoleRequestService.addToLog(concept, message);
        concept.setRole(null);
        roleRequestService.save(request);
        conceptRoleRequestService.save(concept);
    });
    // remove all policies
    IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
    policyFilter.setRoleId(role.getId());
    authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
        authorizationPolicyService.delete(dto);
    });
    // Find all automatic role requests and remove relation on automatic role
    UUID roleId = role.getId();
    if (roleId != null) {
        IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
        automaticRoleRequestFilter.setRoleId(roleId);
        automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
            request.setRole(null);
            automaticRoleRequestService.save(request);
            automaticRoleRequestService.cancel(request);
        });
    }
    // 
    // remove role guarantees, sub roles and catalog works automatically by hibenate mapping
    service.deleteInternal(role);
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter) PageRequest(org.springframework.data.domain.PageRequest) IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) UUID(java.util.UUID) IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)

Example 4 with IdmAutomaticRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleAttributeService method findAllToProcess.

@Override
public Page<IdmAutomaticRoleAttributeDto> findAllToProcess(AutomaticRoleAttributeRuleType type, Pageable page) {
    IdmAutomaticRoleFilter filter = new IdmAutomaticRoleFilter();
    filter.setConcept(Boolean.FALSE);
    filter.setRuleType(type);
    filter.setHasRules(Boolean.TRUE);
    return this.find(filter, page);
}
Also used : IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)

Aggregations

IdmAutomaticRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)4 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)3 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)2 IdmAutomaticRoleAttributeRuleDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeRuleDto)2 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)2 Test (org.junit.Test)2 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)1 IdmAuthorizationPolicyFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)1 IdmAutomaticRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)1 IdmConceptRoleRequestFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)1 IdmRoleTreeNodeFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)1 DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)1 AcceptedException (eu.bcvsolutions.idm.core.api.exception.AcceptedException)1 ResultCodeException (eu.bcvsolutions.idm.core.api.exception.ResultCodeException)1 UUID (java.util.UUID)1 PageRequest (org.springframework.data.domain.PageRequest)1