Examples with IdmAutomaticRoleRequestFilter eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter used on opensource projects

Example 1 with IdmAutomaticRoleRequestFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter in project CzechIdMng by bcvsolutions.

the class TreeNodeDeleteProcessor method process.

@Override
public EventResult<IdmTreeNodeDto> process(EntityEvent<IdmTreeNodeDto> event) {
    IdmTreeNodeDto treeNode = event.getContent();
    Assert.notNull(treeNode, "Tree node is required.");
    UUID treeNodeId = treeNode.getId();
    Assert.notNull(treeNodeId, "Tree node identifier is required.");
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // check role can be removed without force
    if (!forceDelete) {
        checkWithoutForceDelete(treeNode);
    }
    // 
    // check automatic role request
    IdmAutomaticRoleRequestFilter roleRequestFilter = new IdmAutomaticRoleRequestFilter();
    roleRequestFilter.setTreeNodeId(treeNodeId);
    List<IdmAutomaticRoleRequestDto> roleRequestDtos = roleRequestService.find(roleRequestFilter, null).getContent();
    for (IdmAutomaticRoleRequestDto request : roleRequestDtos) {
        if (!request.getState().isTerminatedState()) {
            roleRequestService.cancel(request);
        }
        request.setTreeNode(null);
        roleRequestService.save(request);
    }
    if (forceDelete) {
        // delete all tree node children
        service.findChildrenByParent(treeNodeId, null).forEach(child -> {
            TreeNodeEvent treeNodeEvent = new TreeNodeEvent(TreeNodeEventType.DELETE, child);
            // 
            service.publish(treeNodeEvent, event);
            clearSession();
        });
        // 
        // update contract slices
        IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
        sliceFilter.setTreeNode(treeNodeId);
        sliceFilter.setRecursionType(RecursionType.NO);
        contractSliceService.find(sliceFilter, null).forEach(slice -> {
            slice.setWorkPosition(null);
            contractSliceService.save(slice);
            clearSession();
        });
        // 
        // update related contracts
        IdmIdentityContractFilter contractFilter = new IdmIdentityContractFilter();
        contractFilter.setWorkPosition(treeNodeId);
        contractFilter.setRecursionType(RecursionType.NO);
        identityContractService.find(contractFilter, null).forEach(identityContract -> {
            // prepare event
            identityContract.setWorkPosition(null);
            IdentityContractEvent contractEvent = new IdentityContractEvent(IdentityContractEventType.UPDATE, identityContract);
            // 
            identityContractService.publish(contractEvent, event);
            clearSession();
        });
        // 
        // update related contract positions
        IdmContractPositionFilter positionFilter = new IdmContractPositionFilter();
        positionFilter.setWorkPosition(treeNodeId);
        contractPositionService.find(positionFilter, null).forEach(contractPosition -> {
            // prepare event
            contractPosition.setWorkPosition(null);
            ContractPositionEvent contractPositionEvent = new ContractPositionEvent(ContractPositionEventType.UPDATE, contractPosition);
            // 
            contractPositionService.publish(contractPositionEvent, event);
            clearSession();
        });
        // 
        // related automatic roles by tree structure
        IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
        roleTreeNodefilter.setTreeNodeId(treeNodeId);
        roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
            automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
            longRunningTaskManager.executeSync(automaticRoleTask);
            clearSession();
        });
    }
    // 
    if (forceDelete) {
        LOG.debug("Tree node [{}] should be deleted by caller after all asynchronus processes are completed.", treeNode.getCode());
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(treeNode, stateDeleted);
        // 
        // set disabled
        treeNode.setDisabled(true);
        service.saveInternal(treeNode);
    } else {
        service.deleteInternal(treeNode);
    }
    // 
    return new DefaultEventResult<>(event, this);
}

Example 2 with IdmAutomaticRoleRequestFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmAutomaticRoleRequestServiceIntegrationTest method testAutomaticRoleRequestReferentialIntegrity.

@Test
public void testAutomaticRoleRequestReferentialIntegrity() {
    getHelper().setConfigurationValue(SchedulerConfiguration.PROPERTY_TASK_ASYNCHRONOUS_ENABLED, false);
    // 
    IdmRoleDto role = prepareRole();
    IdmTreeNodeDto nodeOne = getHelper().createTreeNode();
    IdmIdentityDto guaranteeIdentity = getHelper().createIdentity();
    getHelper().createRoleGuarantee(role, guaranteeIdentity);
    // Creates automatic role assigned to tree node and then delete them
    // in order to be able to delete tree node.
    IdmRoleTreeNodeDto automaticRole = new IdmRoleTreeNodeDto();
    automaticRole.setRole(role.getId());
    automaticRole.setName(role.getCode());
    automaticRole.setTreeNode(nodeOne.getId());
    automaticRole = automaticRoleManager.createAutomaticRoleByTree(automaticRole, true);
    Assert.assertNotNull(automaticRole.getId());
    automaticRoleManager.deleteAutomaticRole(automaticRole, true);
    // Check existence of some requests for roles previously assigned to tree node
    IdmAutomaticRoleRequestFilter requestFilter = new IdmAutomaticRoleRequestFilter();
    requestFilter.setTreeNodeId(nodeOne.getId());
    List<IdmAutomaticRoleRequestDto> requestDtos = roleRequestService.find(requestFilter, null).getContent();
    Assert.assertTrue(requestDtos.size() > 0);
    // Try to delete node
    treeNodeService.delete(nodeOne);
    // Check that requests have removed reference to deleted tree node
    requestDtos = roleRequestService.find(requestFilter, null).getContent();
    Assert.assertEquals(requestDtos.size(), 0);
}

Example 3 with IdmAutomaticRoleRequestFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter in project CzechIdMng by bcvsolutions.

the class RoleDeleteProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    IdmRoleDto role = event.getContent();
    UUID roleId = role.getId();
    Assert.notNull(roleId, "Role id is required!");
    // check role can be removed without force
    if (!forceDelete) {
        checkWithoutForceDelete(role);
    }
    // 
    // Find all concepts and remove relation on role - has to be the first => concepts are created bellow
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setRoleId(roleId);
    List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptRequestFilter, null).getContent();
    for (int counter = 0; counter < concepts.size(); counter++) {
        IdmConceptRoleRequestDto concept = concepts.get(counter);
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getCode(), concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getCode());
            // Cancel concept and WF
            concept = conceptRoleRequestService.cancel(concept);
        }
        conceptRoleRequestService.addToLog(concept, message);
        conceptRoleRequestService.save(concept);
        if (counter % 100 == 0) {
            clearSession();
        }
    }
    // remove related assigned roles etc.
    if (forceDelete) {
        // remove directly assigned assigned roles (not automatic)
        IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
        identityRoleFilter.setRoleId(roleId);
        identityRoleFilter.setDirectRole(Boolean.TRUE);
        identityRoleFilter.setAutomaticRole(Boolean.FALSE);
        List<IdmIdentityRoleDto> assignedRoles = identityRoleService.find(identityRoleFilter, null).getContent();
        for (int counter = 0; counter < assignedRoles.size(); counter++) {
            IdmIdentityRoleDto identityRole = assignedRoles.get(counter);
            IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(identityRole, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT);
            UUID identityId = contract.getIdentity();
            IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
            roleRequest.setApplicant(identityId);
            // 
            IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
            conceptRoleRequest.setIdentityRole(identityRole.getId());
            conceptRoleRequest.setRole(identityRole.getRole());
            conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
            conceptRoleRequest.setIdentityContract(contract.getId());
            conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
            roleRequest.getConceptRoles().add(conceptRoleRequest);
            // 
            // start event
            RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
            roleRequestService.startConcepts(requestEvent, event);
            // 
            if (counter % 100 == 0) {
                clearSession();
            }
        }
        // 
        // related automatic roles by tree structure
        IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
        roleTreeNodefilter.setRoleId(roleId);
        roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
            automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
            longRunningTaskManager.executeSync(automaticRoleTask);
            clearSession();
        });
        // 
        // related automatic roles by attribute
        IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
        automaticRoleFilter.setRoleId(roleId);
        automaticRoleAttributeService.findIds(automaticRoleFilter, null).stream().forEach(automaticRoleId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
            automaticRoleTask.setAutomaticRoleId(automaticRoleId);
            longRunningTaskManager.executeSync(automaticRoleTask);
            clearSession();
        });
        // 
        // business roles
        // prevent to cyclic composition will be processed twice (sub = superior)
        Set<UUID> processedCompositionIds = new HashSet<>();
        // by sub
        IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
        compositionFilter.setSubId(roleId);
        roleCompositionService.findIds(compositionFilter, null).stream().forEach(roleCompositionId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
            roleCompositionTask.setRoleCompositionId(roleCompositionId);
            longRunningTaskManager.executeSync(roleCompositionTask);
            // 
            processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
            clearSession();
        });
        // by superior
        compositionFilter = new IdmRoleCompositionFilter();
        compositionFilter.setSuperiorId(roleId);
        roleCompositionService.findIds(compositionFilter, null).stream().filter(// ~ prevent to cyclic composition will be processed twice (sub = superior)
        roleCompositionId -> !processedCompositionIds.contains(roleCompositionId)).forEach(roleCompositionId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
            roleCompositionTask.setRoleCompositionId(roleCompositionId);
            longRunningTaskManager.executeSync(roleCompositionTask);
            // 
            processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
            clearSession();
        });
    }
    // 
    // remove all policies
    IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
    policyFilter.setRoleId(roleId);
    authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
        authorizationPolicyService.delete(dto);
    });
    clearSession();
    // 
    // Cancel all related automatic role requests
    IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
    automaticRoleRequestFilter.setRoleId(roleId);
    automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
        automaticRoleRequestService.cancel(request);
    });
    clearSession();
    // 
    // remove role guarantee
    IdmRoleGuaranteeRoleFilter roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
    roleGuaranteeRoleFilter.setGuaranteeRole(roleId);
    roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeRoleService.delete(roleGuarantee);
    });
    clearSession();
    roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
    roleGuaranteeRoleFilter.setRole(roleId);
    roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeRoleService.delete(roleGuarantee);
    });
    clearSession();
    // 
    // remove guarantees
    IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
    roleGuaranteeFilter.setRole(roleId);
    roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeService.delete(roleGuarantee);
    });
    clearSession();
    // 
    // remove catalogues
    IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
    roleCatalogueRoleFilter.setRoleId(roleId);
    roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).forEach(roleCatalogue -> {
        roleCatalogueRoleService.delete(roleCatalogue);
    });
    clearSession();
    // 
    // remove incompatible roles from both sides
    incompatibleRoleService.findAllByRole(roleId).forEach(incompatibleRole -> {
        incompatibleRoleService.delete(incompatibleRole);
    });
    clearSession();
    // 
    // Remove role-form-attributes
    IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
    roleFormAttributeFilter.setRole(roleId);
    roleFormAttributeService.find(roleFormAttributeFilter, null).forEach(roleCatalogue -> {
        roleFormAttributeService.delete(roleCatalogue);
    });
    // 
    if (forceDelete) {
        LOG.debug("Role [{}] should be deleted by caller after all asynchronus processes are completed.", role.getCode());
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(role, stateDeleted);
        // 
        // set disabled
        role.setDisabled(true);
        service.saveInternal(role);
    } else {
        service.deleteInternal(role);
    }
    // 
    return new DefaultEventResult<>(event, this);
}

Example 4 with IdmAutomaticRoleRequestFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter in project CzechIdMng by bcvsolutions.

the class IdmAutomaticRoleRequestController method toFilter.

@Override
protected IdmAutomaticRoleRequestFilter toFilter(MultiValueMap<String, Object> parameters) {
    IdmAutomaticRoleRequestFilter filter = new IdmAutomaticRoleRequestFilter(parameters);
    filter.setRoleId(getParameterConverter().toUuid(parameters, "roleId"));
    filter.setAutomaticRoleId(getParameterConverter().toUuid(parameters, "automaticRole"));
    filter.setRole(getParameterConverter().toString(parameters, "role"));
    filter.setStates(getParameterConverter().toEnums(parameters, "states", RequestState.class));
    filter.setRequestType(getParameterConverter().toEnum(parameters, "requestType", AutomaticRoleRequestType.class));
    return filter;
}