Examples with IdmIdentityRoleFilter eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter used on opensource projects

Example 76 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class IdentityRoleDeleteProcessor method process.

@Override
public EventResult<IdmIdentityRoleDto> process(EntityEvent<IdmIdentityRoleDto> event) {
    IdmIdentityRoleDto identityRole = event.getContent();
    UUID identityRoleId = identityRole.getId();
    Assert.notNull(identityRoleId, "Content identifier is required.");
    // Find all concepts and remove relation on identity role
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setIdentityRoleId(identityRoleId);
    conceptRequestService.find(conceptRequestFilter, null).getContent().forEach(concept -> {
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("IdentityRole [{0}] (reqested in concept [{1}]) was deleted (not from this role request)!", identityRoleId, concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested IdentityRole [{1}] was deleted (not from this role request)!", concept.getId(), identityRoleId);
            concept = conceptRequestService.cancel(concept);
        }
        conceptRequestService.addToLog(concept, message);
        concept.setIdentityRole(null);
        conceptRequestService.save(concept);
    });
    // 
    // remove all IdentityRoleValidRequest for this role
    List<IdmIdentityRoleValidRequestDto> validRequests = identityRoleValidRequestService.findAllValidRequestForIdentityRoleId(identityRoleId);
    identityRoleValidRequestService.deleteAll(validRequests);
    // 
    // remove sub roles - just for sure, if role is not removed by role request
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setDirectRoleId(identityRoleId);
    service.find(filter, null).forEach(subIdentityRole -> {
        IdentityRoleEvent subEvent = new IdentityRoleEvent(IdentityRoleEventType.DELETE, subIdentityRole);
        // 
        service.publish(subEvent, event);
        // Notes identity-accounts to ACM
        notingIdentityAccountForDelayedAcm(event, subEvent);
    });
    // 
    // Delete identity role
    service.deleteInternal(identityRole);
    // 
    return new DefaultEventResult<>(event, this);
}

Example 77 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRequestIdentityRoleService method toIdentityRoleFilter.

/**
 * Convert request-identity-role-filter to identity-role-filter.
 *
 * @param filter
 * @return
 */
private IdmIdentityRoleFilter toIdentityRoleFilter(IdmRequestIdentityRoleFilter filter) {
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setIdentityContractId(filter.getIdentityContractId());
    identityRoleFilter.setIdentityId(filter.getIdentityId());
    identityRoleFilter.setRoleId(filter.getRoleId());
    identityRoleFilter.setRoleText(filter.getRoleText());
    identityRoleFilter.setRoleEnvironments(filter.getRoleEnvironments());
    // permissions are required
    identityRoleFilter.setAddPermissions(true);
    return identityRoleFilter;
}

Example 78 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestService method getIncompatibleRoles.

@Override
public Set<ResolvedIncompatibleRoleDto> getIncompatibleRoles(IdmRoleRequestDto request, IdmBasePermission... permissions) {
    // Currently assigned roles
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setIdentityId(request.getApplicant());
    List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(identityRoleFilter, null, permissions).getContent();
    // Roles from concepts
    IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
    conceptFilter.setRoleRequestId(request.getId());
    List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptFilter, null, permissions).getContent();
    Set<UUID> removedIdentityRoleIds = new HashSet<>();
    // We don't want calculate incompatible roles for ended or disapproved concepts
    List<IdmConceptRoleRequestDto> conceptsForCheck = // 
    concepts.stream().filter(concept -> {
        // role can be deleted in the mean time
        return concept.getRole() != null;
    }).filter(// 
    concept -> // 
    RoleRequestState.CONCEPT == concept.getState() || RoleRequestState.IN_PROGRESS == concept.getState() || RoleRequestState.APPROVED == concept.getState() || // 
    RoleRequestState.EXECUTED == concept.getState()).collect(Collectors.toList());
    Set<IdmRoleDto> roles = new HashSet<>();
    conceptsForCheck.stream().filter(concept -> {
        boolean isDelete = concept.getOperation() == ConceptRoleRequestOperation.REMOVE;
        if (isDelete) {
            // removed role fixes the incompatibility
            removedIdentityRoleIds.add(concept.getIdentityRole());
        }
        return !isDelete;
    }).forEach(concept -> roles.add(DtoUtils.getEmbedded(concept, IdmConceptRoleRequest_.role)));
    identityRoles.stream().filter(identityRole -> !removedIdentityRoleIds.contains(identityRole.getId())).forEach(identityRole -> roles.add(DtoUtils.getEmbedded(identityRole, IdmIdentityRole_.role)));
    // We want to returns only incompatibilities caused by new added roles
    Set<ResolvedIncompatibleRoleDto> incompatibleRoles = incompatibleRoleService.resolveIncompatibleRoles(Lists.newArrayList(roles));
    return // 
    incompatibleRoles.stream().filter(incompatibleRole -> {
        return // 
        conceptsForCheck.stream().anyMatch(concept -> concept.getOperation() == ConceptRoleRequestOperation.ADD && (concept.getRole().equals(incompatibleRole.getDirectRole().getId()) || concept.getRole().equals(incompatibleRole.getIncompatibleRole().getSuperior()) || concept.getRole().equals(incompatibleRole.getIncompatibleRole().getSub())));
    // 
    }).collect(Collectors.toSet());
}

Example 79 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class IdentityRoleByIdentityDeduplicationBulkActionTest method testDuplicateManualAndBusinessRole.

@Test
public void testDuplicateManualAndBusinessRole() {
    IdmIdentityDto identity = getHelper().createIdentity(new GuardedString());
    IdmRoleDto role = getHelper().createRole();
    IdmRoleDto subRole = getHelper().createRole();
    getHelper().createRoleComposition(role, subRole);
    getHelper().createIdentityRole(identity, subRole);
    getHelper().createIdentityRole(identity, subRole);
    IdmIdentityRoleDto three = getHelper().createIdentityRole(identity, role);
    List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(4, roles.size());
    IdmBulkActionDto bulkAction = this.findBulkAction(IdmIdentity.class, IdentityRoleByIdentityDeduplicationBulkAction.NAME);
    bulkAction.setIdentifiers(Sets.newHashSet(identity.getId()));
    IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
    checkResultLrt(processAction, 1l, null, null);
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityId(identity.getId());
    filter.setDirectRole(Boolean.TRUE);
    roles = identityRoleService.find(filter, null).getContent();
    Assert.assertEquals(1, roles.size());
    IdmIdentityRoleDto actual = roles.get(0);
    Assert.assertEquals(three.getId(), actual.getId());
}

Example 80 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class IdentityRoleByIdentityDeduplicationBulkActionTest method testDuplicateBusinessRole.

@Test
public void testDuplicateBusinessRole() {
    IdmIdentityDto identity = getHelper().createIdentity(new GuardedString());
    IdmRoleDto role = getHelper().createRole();
    IdmRoleDto subRole = getHelper().createRole();
    getHelper().createRoleComposition(role, subRole);
    getHelper().createIdentityRole(identity, subRole);
    getHelper().createIdentityRole(identity, subRole);
    IdmIdentityRoleDto three = getHelper().createIdentityRole(identity, role);
    getHelper().createIdentityRole(identity, role);
    List<IdmIdentityRoleDto> roles = identityRoleService.findAllByIdentity(identity.getId());
    Assert.assertEquals(6, roles.size());
    IdmBulkActionDto bulkAction = this.findBulkAction(IdmIdentity.class, IdentityRoleByIdentityDeduplicationBulkAction.NAME);
    bulkAction.setIdentifiers(Sets.newHashSet(identity.getId()));
    IdmBulkActionDto processAction = bulkActionManager.processAction(bulkAction);
    checkResultLrt(processAction, 1l, null, null);
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
    filter.setIdentityId(identity.getId());
    filter.setDirectRole(Boolean.TRUE);
    roles = identityRoleService.find(filter, null).getContent();
    Assert.assertEquals(1, roles.size());
    IdmIdentityRoleDto actual = roles.get(0);
    // ~ by created
    Assert.assertEquals(three.getId(), actual.getId());
}