Examples with IdmDelegationDefinitionFilter eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter used on opensource projects

Example 1 with IdmDelegationDefinitionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter in project CzechIdMng by bcvsolutions.

the class IdentityDeleteProcessor method process.

@Override
public EventResult<IdmIdentityDto> process(EntityEvent<IdmIdentityDto> event) {
    IdmIdentityDto identity = event.getContent();
    UUID identityId = identity.getId();
    Assert.notNull(identityId, "Identity ID is required!");
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    // delete contract slices
    IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
    sliceFilter.setIdentity(identityId);
    contractSliceService.find(sliceFilter, null).forEach(guarantee -> {
        contractSliceService.delete(guarantee);
    });
    // delete contract slice guarantees
    IdmContractSliceGuaranteeFilter sliceGuaranteeFilter = new IdmContractSliceGuaranteeFilter();
    sliceGuaranteeFilter.setGuaranteeId(identityId);
    contractSliceGuaranteeService.find(sliceGuaranteeFilter, null).forEach(guarantee -> {
        contractSliceGuaranteeService.delete(guarantee);
    });
    // 
    // contracts
    identityContractService.findAllByIdentity(identityId).forEach(identityContract -> {
        // when identity is deleted, then HR processes has to be skipped (prevent to update deleted identity, when contract is removed)
        Map<String, Serializable> properties = new HashMap<>();
        properties.put(IdmIdentityContractService.SKIP_HR_PROCESSES, Boolean.TRUE);
        // propagate force attribute
        properties.put(PROPERTY_FORCE_DELETE, forceDelete);
        // prepare event
        IdentityContractEvent contractEvent = new IdentityContractEvent(IdentityContractEventType.DELETE, identityContract, properties);
        contractEvent.setPriority(PriorityType.HIGH);
        // 
        identityContractService.publish(contractEvent);
    });
    // delete contract guarantees
    IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
    filter.setGuaranteeId(identityId);
    contractGuaranteeService.find(filter, null).forEach(guarantee -> {
        contractGuaranteeService.delete(guarantee);
    });
    // remove role guarantee
    IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
    roleGuaranteeFilter.setGuarantee(identityId);
    roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeService.delete(roleGuarantee);
    });
    // remove password
    passwordProcessor.deletePassword(identity);
    // delete password history for identity
    passwordHistoryService.deleteAllByIdentity(identityId);
    // disable related tokens - tokens has to be disabled to prevent their usage (when tokens are deleted, then token is recreated)
    tokenManager.disableTokens(identity);
    // 
    // delete all identity's profiles
    IdmProfileFilter profileFilter = new IdmProfileFilter();
    profileFilter.setIdentityId(identityId);
    profileService.find(profileFilter, null).forEach(profile -> {
        profileService.delete(profile);
    });
    // remove all IdentityRoleValidRequest for this identity
    List<IdmIdentityRoleValidRequestDto> validRequests = identityRoleValidRequestService.findAllValidRequestForIdentityId(identityId);
    identityRoleValidRequestService.deleteAll(validRequests);
    // 
    // delete all identity's delegations - delegate
    IdmDelegationDefinitionFilter delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegateId(identityId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // 
    // delete all identity's delegations - delegator
    delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegatorId(identityId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // deletes identity
    if (forceDelete) {
        LOG.debug("Identity [{}] should be deleted by caller after all asynchronus processes are completed.", identityId);
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(identity, stateDeleted);
        // 
        // set disabled (automatically)
        identity.setState(IdentityState.DISABLED);
        service.saveInternal(identity);
    } else {
        // delete all role requests where is this identity applicant
        IdmRoleRequestFilter roleRequestFilter = new IdmRoleRequestFilter();
        roleRequestFilter.setApplicantId(identityId);
        roleRequestService.find(roleRequestFilter, null).forEach(request -> {
            roleRequestService.delete(request);
        });
        // 
        service.deleteInternal(identity);
    }
    return new DefaultEventResult<>(event, this);
}

Example 2 with IdmDelegationDefinitionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter in project CzechIdMng by bcvsolutions.

the class ManualWorkflowTaskDelegationBulkAction method findDelegationDefinition.

/**
 * Find delegation definitions for delegator and delegate.
 *
 * @param delegateId
 * @param delegatorId
 * @return
 */
private IdmDelegationDefinitionDto findDelegationDefinition(UUID delegateId, UUID delegatorId) {
    IdmDelegationDefinitionFilter definitionFilter = new IdmDelegationDefinitionFilter();
    definitionFilter.setValid(Boolean.TRUE);
    definitionFilter.setType(ManualTaskDelegationType.NAME);
    definitionFilter.setDelegateId(delegateId);
    definitionFilter.setDelegatorId(delegatorId);
    List<IdmDelegationDefinitionDto> delegations = delegationDefinitionService.find(definitionFilter, null).getContent();
    IdmDelegationDefinitionDto delegationDefinition;
    if (CollectionUtils.isEmpty(delegations)) {
        delegationDefinition = new IdmDelegationDefinitionDto();
        delegationDefinition.setDelegate(delegateId);
        delegationDefinition.setDelegator(delegatorId);
        delegationDefinition.setType(ManualTaskDelegationType.NAME);
        delegationDefinition = delegationDefinitionService.save(delegationDefinition);
    } else {
        // Should be only one.
        delegationDefinition = delegations.get(0);
    }
    return delegationDefinition;
}

Example 3 with IdmDelegationDefinitionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter in project CzechIdMng by bcvsolutions.

the class IdentityContractDeleteProcessor method process.

@Override
public EventResult<IdmIdentityContractDto> process(EntityEvent<IdmIdentityContractDto> event) {
    IdmIdentityContractDto contract = event.getContent();
    UUID contractId = contract.getId();
    Assert.notNull(contractId, "Contract must have a ID!");
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    // check contract can be deleted - cannot be deleted, when is controlled by slices
    IdmContractSliceFilter sliceFilter = new IdmContractSliceFilter();
    sliceFilter.setParentContract(contractId);
    if (contractSliceService.find(sliceFilter, null).getTotalElements() > 0) {
        // Cannot be enforced => contract cannot be deleted at all.
        throw new ResultCodeException(CoreResultCode.CONTRACT_IS_CONTROLLED_CANNOT_BE_DELETED, ImmutableMap.of("contractId", contractId));
    }
    // 
    // Find all concepts and remove relation on contract
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setIdentityContractId(contractId);
    conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("IdentityContract [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", contractId, concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityContract [{1}] was deleted (not from this role request)!", concept.getId(), contractId);
            // Cancel concept and WF
            concept = conceptRequestService.cancel(concept);
        }
        IdmRoleRequestDto request = roleRequestService.get(concept.getRoleRequest());
        roleRequestService.addToLog(request, message);
        conceptRequestService.addToLog(concept, message);
        roleRequestService.save(request);
        conceptRequestService.save(concept);
    });
    // 
    // delete referenced roles
    List<IdmConceptRoleRequestDto> concepts = new ArrayList<>();
    identityRoleService.findAllByContract(contractId).forEach(identityRole -> {
        // but automatic roles has to be removed in the same request.
        if (identityRole.getDirectRole() == null) {
            IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
            conceptRoleRequest.setIdentityRole(identityRole.getId());
            conceptRoleRequest.setRole(identityRole.getRole());
            conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
            // ignore not found
            conceptRoleRequest.setIdentityContract(contractId);
            // 
            concepts.add(conceptRoleRequest);
        }
    });
    if (forceDelete) {
        // ~ async with force
        IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
        roleRequest.setApplicant(contract.getIdentity());
        roleRequest.setConceptRoles(concepts);
        // 
        RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
        requestEvent.setPriority(PriorityType.HIGH);
        // 
        roleRequestService.startConcepts(requestEvent, event);
    } else {
        // ~ sync
        roleRequestService.executeConceptsImmediate(contract.getIdentity(), concepts);
    }
    // delete contract guarantees
    IdmContractGuaranteeFilter filter = new IdmContractGuaranteeFilter();
    filter.setIdentityContractId(contractId);
    contractGuaranteeService.find(filter, null).forEach(guarantee -> {
        contractGuaranteeService.delete(guarantee);
    });
    // delete contract positions
    IdmContractPositionFilter positionFilter = new IdmContractPositionFilter();
    positionFilter.setIdentityContractId(contractId);
    contractPositionService.find(positionFilter, null).forEach(position -> {
        contractPositionService.delete(position);
    });
    // 
    // delete all contract's delegations
    IdmDelegationDefinitionFilter delegationFilter = new IdmDelegationDefinitionFilter();
    delegationFilter.setDelegatorContractId(contractId);
    delegationDefinitionService.find(delegationFilter, null).forEach(delegation -> {
        delegationDefinitionService.delete(delegation);
    });
    // delete identity contract
    if (forceDelete) {
        LOG.debug("Contract [{}] should be deleted by caller after all asynchronus processes are completed.", contractId);
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(contract, stateDeleted);
        // 
        // set disabled
        contract.setState(ContractState.DISABLED);
        service.saveInternal(contract);
    } else {
        service.deleteInternal(contract);
    }
    return new DefaultEventResult<>(event, this);
}

Example 4 with IdmDelegationDefinitionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmDelegationDefinitionFilter in project CzechIdMng by bcvsolutions.

the class AbstractDelegationType method findDelegation.

@Override
public List<IdmDelegationDefinitionDto> findDelegation(UUID delegatorId, UUID delegatorContractId, BaseDto owner) {
    IdmDelegationDefinitionFilter definitionFilter = new IdmDelegationDefinitionFilter();
    definitionFilter.setValid(Boolean.TRUE);
    definitionFilter.setType(this.getId());
    definitionFilter.setDelegatorId(delegatorId);
    if (this.isSupportsDelegatorContract()) {
        Assert.notNull(delegatorContractId, "Delegator contract cannot be null for this delegate type!");
        definitionFilter.setDelegatorContractId(delegatorContractId);
    }
    return delegationDefinitionService.find(definitionFilter, null).getContent().stream().sorted(Comparator.comparing(IdmDelegationDefinitionDto::getDelegate)).sorted(Comparator.comparing(IdmDelegationDefinitionDto::getValidTill, Comparator.nullsFirst(Comparator.naturalOrder()))).collect(Collectors.toList());
}