Examples with IdmIdentityRoleFilter eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter used on opensource projects

Search in sources :

Example 11 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class RoleAccountManagementBulkAction method processDto.

@Override
protected OperationResult processDto(IdmRoleDto dto) {
    Assert.notNull(dto, "Role is required!");
    Assert.notNull(dto.getId(), "Id of role is required!");
    List<IdmIdentityRoleDto> successIdentityRoles = Lists.newArrayList();
    Map<IdmIdentityRoleDto, Exception> failedIdentityRoles = Maps.newLinkedHashMap();
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setRoleId(dto.getId());
    // Load all identity roles for this roleId.
    // Without check on IdentityRole UPDATE permissions. This operation is
    // controlled by UPDATE right on this role!
    List<IdmIdentityRoleDto> allIdentityRoles = identityRoleService.find(identityRoleFilter, null).getContent();
    allIdentityRoles.forEach(identityRole -> {
        IdmIdentityDto identity = getEmbeddedIdentity(identityRole);
        try {
            // Execute account management for identity and exists assigned role
            List<UUID> accountIds = accountManagementService.resolveUpdatedIdentityRoles(identity, identityRole);
            // Execute provisioning
            accountIds.forEach(accountId -> {
                AccAccountDto account = accountService.get(accountId);
                if (account != null) {
                    // Account could be null (was deleted).
                    LOG.debug("Call provisioning for identity [{}] and account [{}]", identity.getUsername(), account.getUid());
                    provisioningService.doProvisioning(account, identity);
                }
            });
            successIdentityRoles.add(identityRole);
        } catch (Exception ex) {
            LOG.error("Call acm and provisioning for assigned role [{}], identity [{}] failed", identityRole.getId(), identity.getUsername(), ex);
            // 
            failedIdentityRoles.put(identityRole, ex);
        }
    });
    OperationResult operationResult = new OperationResult(OperationState.EXECUTED);
    StringBuilder message = new StringBuilder();
    if (!failedIdentityRoles.isEmpty()) {
        operationResult = new OperationResult(OperationState.EXCEPTION);
        // 
        message.append(MessageFormat.format("For the role [{0}], [{1}] of identity roles were FAILED acm or provisioning [{2}]. Assigned role UUIDs:\n", dto.getCode(), allIdentityRoles.size(), failedIdentityRoles.size()));
        failedIdentityRoles.forEach((identityRole, ex) -> {
            message.append('\n');
            message.append(MessageFormat.format("[{0}], identity [{1}], exception:\n{2}", identityRole.getId(), getEmbeddedIdentity(identityRole).getUsername(), ex));
            message.append('\n');
        });
    }
    if (!successIdentityRoles.isEmpty()) {
        message.append('\n');
        message.append('\n');
        message.append(MessageFormat.format("For the role [{0}], [{1}] of identity roles were call acm and provisioning [{2}]. Assigned role UUIDs:", dto.getCode(), allIdentityRoles.size(), successIdentityRoles.size()));
        successIdentityRoles.forEach(identityRole -> {
            message.append('\n');
            message.append(MessageFormat.format("[{0}], identity [{1}]", identityRole.getId(), getEmbeddedIdentity(identityRole).getUsername()));
        });
    }
    operationResult.setCause(message.toString());
    return operationResult;
}
Also used : OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) AccAccountDto(eu.bcvsolutions.idm.acc.dto.AccAccountDto) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID)

Example 12 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class ComplexHrProcessIntegrationTest method checkRoleAssigned.

// *********** Role checks **************
private void checkRoleAssigned(String contractId, Map<String, String> pattern) {
    IdmIdentityContractFilter contractFilt = new IdmIdentityContractFilter();
    // misused as unique contract identificer
    contractFilt.setPosition(contractId);
    List<IdmIdentityContractDto> contracts = identityContractService.find(contractFilt, null).getContent();
    Assert.assertEquals(1, contracts.size());
    IdmRoleDto roleDto = roleService.getByCode(pattern.get("code"));
    Assert.assertNotNull(roleDto);
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setIdentityContractId(contracts.get(0).getId());
    identityRoleFilter.setRoleId(roleDto.getId());
    List<IdmIdentityRoleDto> identityRoleDtos = identityRoleService.find(identityRoleFilter, null).getContent();
    Assert.assertEquals(1, identityRoleDtos.size());
    IdmIdentityRoleDto identityRole = identityRoleDtos.get(0);
    if (pattern.containsKey("directRole")) {
        Assert.assertEquals(Boolean.parseBoolean(pattern.get("directRole")), identityRole.getDirectRole() == null);
    }
    if (pattern.containsKey("validTill")) {
        String dateStr = pattern.get("validTill");
        LocalDate date = dateStr == null ? null : LocalDate.parse(dateStr);
        Assert.assertEquals(date, identityRole.getValidTill());
    }
    if (pattern.containsKey("validFrom")) {
        String dateStr = pattern.get("validFrom");
        LocalDate date = dateStr == null ? null : LocalDate.parse(dateStr);
        Assert.assertEquals(date, identityRole.getValidFrom());
    }
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmIdentityContractFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityContractFilter) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) LocalDate(java.time.LocalDate)

Example 13 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class RoleDeleteProcessor method checkWithoutForceDelete.

/**
 * Check role can be deleted without force delete.
 *
 * @param role deleted role
 * @throws ResultCodeException if not
 */
private void checkWithoutForceDelete(IdmRoleDto role) {
    UUID roleId = role.getId();
    // check assigned roles
    IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
    identityRoleFilter.setRoleId(roleId);
    if (identityRoleService.count(identityRoleFilter) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_IDENTITY_ASSIGNED, ImmutableMap.of("role", role.getCode()));
    }
    // 
    // automatic roles by tree structure
    IdmRoleTreeNodeFilter filter = new IdmRoleTreeNodeFilter();
    filter.setRoleId(roleId);
    if (roleTreeNodeService.count(filter) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_TREE_NODE, ImmutableMap.of("role", role.getCode()));
    }
    // 
    // related automatic roles by attribute
    IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
    automaticRoleFilter.setRoleId(roleId);
    if (automaticRoleAttributeService.count(automaticRoleFilter) > 0) {
        // some automatic role attribute has assigned this role
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_AUTOMATIC_ROLE_ASSIGNED, ImmutableMap.of("role", role.getCode()));
    }
    // 
    // business roles
    IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
    compositionFilter.setSubId(roleId);
    if (roleCompositionService.count(compositionFilter) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_COMPOSITION, ImmutableMap.of("role", role.getCode()));
    }
    compositionFilter = new IdmRoleCompositionFilter();
    compositionFilter.setSuperiorId(roleId);
    if (roleCompositionService.count(compositionFilter) > 0) {
        throw new ResultCodeException(CoreResultCode.ROLE_DELETE_FAILED_HAS_COMPOSITION, ImmutableMap.of("role", role.getCode()));
    }
}
Also used : IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) UUID(java.util.UUID) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)

Example 14 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class IdmIdentityRoleController method toFilter.

@Override
protected IdmIdentityRoleFilter toFilter(MultiValueMap<String, Object> parameters) {
    IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter(parameters);
    // TODO: resolve codeable parameters automatically ...
    filter.setIdentityId(getParameterConverter().toEntityUuid(parameters, IdmIdentityRoleFilter.PARAMETER_IDENTITY_ID, IdmIdentityDto.class));
    filter.setRoleId(getParameterConverter().toEntityUuid(parameters, IdmIdentityRoleFilter.PARAMETER_ROLE_ID, IdmRoleDto.class));
    // 
    return filter;
}
Also used : IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)

Example 15 with IdmIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleRequestServiceIntegrationTest method testExecuteRoleRequestValueAsync.

@Test
public void testExecuteRoleRequestValueAsync() throws Exception {
    IdmIdentityDto identity = getHelper().createIdentity((GuardedString) null);
    IdmIdentityContractDto identityContact = getHelper().createContract(identity);
    IdmRoleDto role = createRoleWithAttributes(true);
    IdmFormDefinitionDto definition = formService.getDefinition(role.getIdentityRoleAttributeDefinition());
    IdmFormAttributeDto ipAttributeDto = // 
    definition.getFormAttributes().stream().filter(// 
    attribute -> IP.equals(attribute.getCode())).findFirst().get();
    // 
    try {
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, true);
        // Add value
        IdmFormValueDto formValue = new IdmFormValueDto(ipAttributeDto);
        formValue.setStringValue(getHelper().createName());
        formValue.setPersistentType(PersistentType.TEXT);
        formValue.setFormAttribute(ipAttributeDto.getId());
        IdmFormInstanceDto formInstance = new IdmFormInstanceDto();
        formInstance.setFormDefinition(definition);
        formInstance.getValues().add(formValue);
        // Create request
        IdmRoleRequestDto request = new IdmRoleRequestDto();
        request.setApplicant(identity.getId());
        request.setRequestedByType(RoleRequestedByType.MANUALLY);
        request.setExecuteImmediately(true);
        request = roleRequestService.save(request);
        // Create concept
        IdmConceptRoleRequestDto conceptRole = new IdmConceptRoleRequestDto();
        conceptRole.setIdentityContract(identityContact.getId());
        conceptRole.setRole(role.getId());
        conceptRole.setOperation(ConceptRoleRequestOperation.ADD);
        conceptRole.setRoleRequest(request.getId());
        conceptRole.getEavs().add(formInstance);
        conceptRole = conceptRoleRequestService.save(conceptRole);
        // Start request
        Map<String, Serializable> variables = new HashMap<>();
        variables.put(RoleRequestApprovalProcessor.CHECK_RIGHT_PROPERTY, Boolean.FALSE);
        RoleRequestEvent event = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, request, variables);
        event.setPriority(PriorityType.HIGH);
        // 
        request = roleRequestService.startRequest(event);
        UUID requestId = request.getId();
        getHelper().waitForResult(res -> {
            return roleRequestService.get(requestId).getState() != RoleRequestState.EXECUTED;
        }, 500, 50);
        IdmRoleRequestDto roleRequestDto = roleRequestService.get(request);
        assertEquals(RoleRequestState.EXECUTED, roleRequestDto.getState());
        conceptRole = conceptRoleRequestService.get(conceptRole.getId());
        assertEquals(RoleRequestState.EXECUTED, conceptRole.getState());
        IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
        identityRoleFilter.setIdentityContractId(identityContact.getId());
        List<IdmIdentityRoleDto> identityRoles = identityRoleService.find(identityRoleFilter, null).getContent();
        assertEquals(1, identityRoles.size());
        IdmIdentityRoleDto identityRoleDto = identityRoles.get(0);
        IdmFormInstanceDto formInstanceDto = identityRoleService.getRoleAttributeValues(identityRoleDto);
        assertNotNull(formInstanceDto);
        List<IdmFormValueDto> values = formInstanceDto.getValues();
        assertEquals(1, values.size());
        assertEquals(formValue.getValue(), values.get(0).getValue());
    } finally {
        getHelper().setConfigurationValue(EventConfiguration.PROPERTY_EVENT_ASYNCHRONOUS_ENABLED, false);
        // cleanup form definition
        getHelper().deleteIdentity(identity.getId());
        getHelper().deleteRole(role.getId());
        formService.deleteDefinition(definition);
    }
}
Also used : IdmFormInstanceDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormInstanceDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) Serializable(java.io.Serializable) HashMap(java.util.HashMap) IdmFormDefinitionDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormDefinitionDto) GuardedString(eu.bcvsolutions.idm.core.security.api.domain.GuardedString) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmFormValueDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormValueDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto) UUID(java.util.UUID) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) AbstractCoreWorkflowIntegrationTest(eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest) Test(org.junit.Test)

Aggregations

IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)116 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)85 IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)84 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)81 Test (org.junit.Test)72 IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)67 AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)46 UUID (java.util.UUID)41 IdmRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)39 IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)38 List (java.util.List)38 Autowired (org.springframework.beans.factory.annotation.Autowired)38 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)33 GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)31 LocalDate (java.time.LocalDate)31 Assert (org.junit.Assert)28 IdmRoleService (eu.bcvsolutions.idm.core.api.service.IdmRoleService)27 SysSystemDto (eu.bcvsolutions.idm.acc.dto.SysSystemDto)25 IdmAutomaticRoleAttributeDto (eu.bcvsolutions.idm.core.api.dto.IdmAutomaticRoleAttributeDto)25 IdmFormAttributeDto (eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)25
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial