Examples with IdmRequestIdentityRoleFilter eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter used on opensource projects

Example 6 with IdmRequestIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testAccessIsAddedForOwnerAndImplementerToSubprocesses.

@Test
public void testAccessIsAddedForOwnerAndImplementerToSubprocesses() {
    // reset approvers
    getHelper().setConfigurationValue(APPROVE_BY_USERMANAGER_ENABLE, false);
    getHelper().setConfigurationValue(APPROVE_BY_SECURITY_ENABLE, false);
    getHelper().setConfigurationValue(APPROVE_BY_MANAGER_ENABLE, false);
    getHelper().setConfigurationValue(APPROVE_BY_HELPDESK_ENABLE, false);
    // role with guarantees and critical 2 => approve by guarantee
    IdmRoleDto role = new IdmRoleDto();
    role.setCode(getHelper().createName());
    // default by configuration
    role.setPriority(2);
    IdmRoleDto roleOne = roleService.save(role);
    role = new IdmRoleDto();
    role.setCode(getHelper().createName());
    // default by configuration
    role.setPriority(2);
    IdmRoleDto roleTwo = roleService.save(role);
    // 
    IdmIdentityDto implementer = getHelper().createIdentity();
    IdmIdentityDto applicant = getHelper().createIdentity();
    IdmIdentityContractDto applicantContract = getHelper().getPrimeContract(applicant);
    IdmIdentityDto guaranteeOne = getHelper().createIdentity();
    IdmIdentityDto guaranteeTwo = getHelper().createIdentity();
    // 
    getHelper().createRoleGuarantee(roleOne, guaranteeOne);
    getHelper().createRoleGuarantee(roleTwo, guaranteeTwo);
    // 
    // login as implementer
    loginAsAdmin(implementer.getUsername());
    // 
    IdmRoleRequestDto request = createRoleRequest(applicant);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(roleOne, applicantContract, request);
    conceptRoleRequestService.save(concept);
    concept = createRoleConcept(roleTwo, applicantContract, request);
    conceptRoleRequestService.save(concept);
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    Assert.assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    IdmRequestIdentityRoleFilter requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
    requestIdentityRoleFilter.setIncludeCandidates(true);
    requestIdentityRoleFilter.setRoleRequestId(request.getId());
    requestIdentityRoleFilter.setIdentityId(applicant.getId());
    List<IdmRequestIdentityRoleDto> requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
    Assert.assertEquals(2, requestIdentityRoles.size());
    Assert.assertTrue(requestIdentityRoles.stream().anyMatch(rir -> rir.getRole().equals(roleOne.getId()) && rir.getCandidates().size() == 1 && rir.getCandidates().iterator().next().getId().equals(guaranteeOne.getId())));
    Assert.assertTrue(requestIdentityRoles.stream().anyMatch(rir -> rir.getRole().equals(roleTwo.getId()) && rir.getCandidates().size() == 1 && rir.getCandidates().iterator().next().getId().equals(guaranteeTwo.getId())));
    // 
    // check applicant and implemented can read process instance
    getHelper().login(implementer);
    List<WorkflowProcessInstanceDto> processes = workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getContent();
    Assert.assertEquals(3, processes.size());
    getHelper().login(applicant);
    Assert.assertEquals(3, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
    getHelper().login(guaranteeOne);
    Assert.assertEquals(1, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
    getHelper().login(guaranteeTwo);
    Assert.assertEquals(1, workflowProcessInstanceService.find(new WorkflowFilterDto(), null, IdmBasePermission.READ).getTotalElements());
    // 
    // test identity links are created (=> access added)
    processes.forEach(process -> {
        List<IdentityLink> links = runtimeService.getIdentityLinksForProcessInstance(process.getProcessInstanceId());
        Assert.assertTrue(links.stream().anyMatch(l -> l.getUserId().equals(implementer.getId().toString()) && l.getType().equals(IdentityLinkType.STARTER)));
        Assert.assertTrue(links.stream().anyMatch(l -> l.getUserId().equals(applicant.getId().toString()) && l.getType().equals(IdentityLinkType.OWNER)));
    });
}

Example 7 with IdmRequestIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRequestIdentityRoleService method compileIdentityRolesWithConcepts.

/**
 * Find concepts for given identity-roles. If some exists (in given request),
 * then will be altered for concept metadata (operation, EAVs)
 *
 * @param requestIdentityRoles
 * @param identityRoles
 * @param filter
 * @param permission
 */
private void compileIdentityRolesWithConcepts(List<IdmRequestIdentityRoleDto> requestIdentityRoles, List<IdmIdentityRoleDto> identityRoles, IdmRequestIdentityRoleFilter filter, BasePermission... permission) {
    // Convert identity-roles to Set of IDs.
    Set<UUID> identityRoleIds = identityRoles.stream().map(IdmIdentityRoleDto::getId).collect(Collectors.toSet());
    // Find concepts by identity-roles IDs.
    IdmConceptRoleRequestFilter conceptFilter = new IdmConceptRoleRequestFilter();
    conceptFilter.setIdentityRoleIds(identityRoleIds);
    conceptFilter.setRoleRequestId(filter.getRoleRequestId());
    List<IdmConceptRoleRequestDto> conceptsForThisPage = conceptRoleService.find(conceptFilter, null, permission).getContent();
    // 
    conceptsForThisPage.stream().filter(// 
    concept -> ConceptRoleRequestOperation.ADD != concept.getOperation()).forEach(concept -> {
        // 
        IdmRequestIdentityRoleDto requestIdentityRoleWithConcept = // 
        requestIdentityRoles.stream().filter(requestIdentityRole -> requestIdentityRole.getIdentityRole() != null && requestIdentityRole.getIdentityRole().equals(concept.getIdentityRole()) && requestIdentityRole.getId().equals(requestIdentityRole.getIdentityRole())).findFirst().orElse(// 
        null);
        if (requestIdentityRoleWithConcept != null) {
            requestIdentityRoleWithConcept.setOperation(concept.getOperation());
            requestIdentityRoleWithConcept.setId(concept.getId());
            requestIdentityRoleWithConcept.setValidFrom(concept.getValidFrom());
            requestIdentityRoleWithConcept.setValidTill(concept.getValidTill());
            requestIdentityRoleWithConcept.setRoleRequest(concept.getRoleRequest());
            IdmFormInstanceDto formInstanceDto;
            // For updated identity-role replace EAVs from the concept
            if (ConceptRoleRequestOperation.UPDATE == concept.getOperation()) {
                // Check on change of values is made only on ended request! 'Original' value is current value and in audit it was confusing (only 'new' value is show now).
                formInstanceDto = conceptRoleService.getRoleAttributeValues(concept, !concept.getState().isTerminatedState());
                this.addEav(requestIdentityRoleWithConcept, formInstanceDto);
            }
        }
    });
}

Example 8 with IdmRequestIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class ChangeIdentityPermissionTest method testFindCandidatesWithSubprocess.

@Test
public void testFindCandidatesWithSubprocess() {
    ZonedDateTime now = ZonedDateTime.now().truncatedTo(ChronoUnit.MILLIS);
    getHelper().waitForResult(null, 1, 1);
    // approve only by help desk
    configurationService.setValue(APPROVE_BY_USERMANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_SECURITY_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_MANAGER_ENABLE, "false");
    configurationService.setValue(APPROVE_BY_HELPDESK_ENABLE, "true");
    loginAsAdmin();
    // helpdesk role and identity
    IdmRoleDto helpdeskRole = getHelper().createRole();
    IdmIdentityDto helpdeskIdentity = getHelper().createIdentity();
    // add role directly
    getHelper().createIdentityRole(helpdeskIdentity, helpdeskRole);
    configurationService.setValue(APPROVE_BY_HELPDESK_ROLE, helpdeskRole.getCode());
    IdmIdentityDto identity = identityService.getByUsername(InitTestDataProcessor.TEST_USER_1);
    IdmIdentityDto guarantee = identityService.getByUsername(InitTestDataProcessor.TEST_USER_2);
    // Guarantee
    int priority = 500;
    IdmRoleDto adminRole = roleConfiguration.getAdminRole();
    adminRole.setPriority(priority);
    getHelper().createRoleGuarantee(adminRole, guarantee);
    adminRole = roleService.save(adminRole);
    configurationService.setValue(IdmRoleService.WF_BY_ROLE_PRIORITY_PREFIX + priority, APPROVE_ROLE_BY_MANAGER_KEY);
    IdmIdentityContractDto contract = getHelper().getPrimeContract(identity.getId());
    IdmRoleRequestDto request = createRoleRequest(identity);
    request = roleRequestService.save(request);
    IdmConceptRoleRequestDto concept = createRoleConcept(adminRole, contract, request);
    concept = conceptRoleRequestService.save(concept);
    IdmRequestIdentityRoleFilter requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
    requestIdentityRoleFilter.setIncludeCandidates(true);
    requestIdentityRoleFilter.setRoleRequestId(request.getId());
    requestIdentityRoleFilter.setIdentityId(identity.getId());
    List<IdmRequestIdentityRoleDto> requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
    assertEquals(1, requestIdentityRoles.size());
    IdmRequestIdentityRoleDto requestIdentityRoleDto = requestIdentityRoles.get(0);
    assertNull(requestIdentityRoleDto.getCandidates());
    roleRequestService.startRequestInternal(request.getId(), true);
    request = roleRequestService.get(request.getId());
    assertEquals(RoleRequestState.IN_PROGRESS, request.getState());
    WorkflowFilterDto taskFilter = new WorkflowFilterDto();
    taskFilter.setCreatedAfter(now);
    taskFilter.setCandidateOrAssigned(securityService.getCurrentUsername());
    List<WorkflowTaskInstanceDto> tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(0, tasks.size());
    Set<IdmIdentityDto> candidates = workflowProcessInstanceService.getApproversForProcess(request.getWfProcessId());
    assertEquals(1, candidates.size());
    candidates = workflowProcessInstanceService.getApproversForSubprocess(request.getWfProcessId());
    assertEquals(0, candidates.size());
    requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
    requestIdentityRoleFilter.setIncludeCandidates(true);
    requestIdentityRoleFilter.setRoleRequestId(request.getId());
    requestIdentityRoleFilter.setIdentityId(identity.getId());
    requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
    assertEquals(1, requestIdentityRoles.size());
    requestIdentityRoleDto = requestIdentityRoles.get(0);
    assertNull(requestIdentityRoleDto.getCandidates());
    IdmRoleRequestFilter filter = new IdmRoleRequestFilter();
    filter.setIncludeApprovers(true);
    IdmRoleRequestDto requestDto = roleRequestService.get(request.getId(), filter);
    assertEquals(1, requestDto.getApprovers().size());
    // HELPDESK
    loginAsAdmin(helpdeskIdentity.getUsername());
    taskFilter.setCandidateOrAssigned(helpdeskIdentity.getUsername());
    checkAndCompleteOneTask(taskFilter, InitTestDataProcessor.TEST_USER_1, "approve");
    filter.setIncludeApprovers(false);
    requestDto = roleRequestService.get(request.getId(), filter);
    assertNull(requestDto.getApprovers());
    // Subprocess - approve by Manager
    request = roleRequestService.get(request.getId());
    loginAsAdmin(guarantee.getUsername());
    taskFilter.setCandidateOrAssigned(InitTestDataProcessor.TEST_USER_2);
    tasks = workflowTaskInstanceService.find(taskFilter, null).getContent();
    assertEquals(1, tasks.size());
    concept = conceptRoleRequestService.get(concept.getId());
    String conceptWf = concept.getWfProcessId();
    assertNotNull(conceptWf);
    assertNotNull(workflowProcessInstanceService.get(conceptWf));
    candidates = workflowProcessInstanceService.getApproversForProcess(request.getWfProcessId());
    assertEquals(1, candidates.size());
    IdmIdentityDto approversFromProcess = candidates.stream().findFirst().get();
    candidates = workflowProcessInstanceService.getApproversForSubprocess(request.getWfProcessId());
    assertEquals(1, candidates.size());
    IdmIdentityDto approversFromSubProcess = candidates.stream().findFirst().get();
    assertEquals(approversFromProcess.getId(), approversFromSubProcess.getId());
    requestIdentityRoleFilter = new IdmRequestIdentityRoleFilter();
    requestIdentityRoleFilter.setIncludeCandidates(true);
    requestIdentityRoleFilter.setRoleRequestId(request.getId());
    requestIdentityRoleFilter.setIdentityId(identity.getId());
    requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
    assertEquals(1, requestIdentityRoles.size());
    requestIdentityRoleDto = requestIdentityRoles.get(0);
    assertEquals(1, requestIdentityRoleDto.getCandidates().size());
    requestIdentityRoleFilter.setIncludeCandidates(false);
    requestIdentityRoles = requestIdentityRoleService.find(requestIdentityRoleFilter, null).getContent();
    assertEquals(1, requestIdentityRoles.size());
    requestIdentityRoleDto = requestIdentityRoles.get(0);
    assertNull(requestIdentityRoleDto.getCandidates());
    filter = new IdmRoleRequestFilter();
    filter.setIncludeApprovers(true);
    requestDto = roleRequestService.get(request.getId(), filter);
    assertEquals(1, requestDto.getApprovers().size());
    filter.setIncludeApprovers(false);
    requestDto = roleRequestService.get(request.getId(), filter);
    assertNull(requestDto.getApprovers());
}

Example 9 with IdmRequestIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRequestIdentityRoleService method conceptsToRequestIdentityRoles.

/**
 * Converts concepts to request-identity-roles
 *
 * @param concepts
 * @param filter
 * @return
 */
private List<IdmRequestIdentityRoleDto> conceptsToRequestIdentityRoles(List<IdmConceptRoleRequestDto> concepts, IdmRequestIdentityRoleFilter filter) {
    List<IdmRequestIdentityRoleDto> results = Lists.newArrayList();
    if (concepts == null) {
        return results;
    }
    // Mark duplicates
    // TODO: Rewrite to query, this is very ineffective!!
    UUID identityId = filter.getIdentityId();
    LOG.debug(MessageFormat.format("Start searching duplicates for identity [{1}].", identityId));
    Assert.notNull(identityId, "Identity identifier is required.");
    List<IdmIdentityRoleDto> identityRoles = identityRoleService.findValidRoles(identityId, null).getContent();
    // Add to all identity roles form instance. For identity role can exists only
    // one form instance.
    identityRoles.forEach(identityRole -> {
        IdmFormInstanceDto formInstance = identityRoleService.getRoleAttributeValues(identityRole);
        if (formInstance != null) {
            identityRole.setEavs(Lists.newArrayList(formInstance));
        }
    });
    // Find potential duplicated concepts (only ADD and not in terminated state)
    List<IdmConceptRoleRequestDto> conceptsForMarkDuplicates = // 
    concepts.stream().filter(// 
    concept -> ConceptRoleRequestOperation.ADD == concept.getOperation()).filter(// 
    concept -> !concept.getState().isTerminatedState()).collect(// 
    Collectors.toList());
    roleRequestService.markDuplicates(conceptsForMarkDuplicates, identityRoles);
    // End mark duplicates
    LOG.debug(MessageFormat.format("End searching duplicates for identity [{1}].", identityId));
    concepts.forEach(concept -> {
        IdmRequestIdentityRoleDto requestIdentityRoleDto = conceptToRequestIdentityRole(concept, filter);
        results.add(requestIdentityRoleDto);
    });
    return results;
}

Example 10 with IdmRequestIdentityRoleFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRequestIdentityRoleFilter in project CzechIdMng by bcvsolutions.

the class IdmRequestIdentityRoleServiceIntegrationTest method testFindByRoleText.

@Test
@Transactional
public void testFindByRoleText() {
    IdmIdentityDto identity = this.getHelper().createIdentity(new GuardedString());
    IdmIdentityContractDto contract = this.getHelper().getPrimeContract(identity);
    IdmRoleDto assignedRole = this.getHelper().createRole();
    IdmIdentityRoleDto identityRole = this.getHelper().createIdentityRole(contract, assignedRole);
    IdmRoleDto role = this.getHelper().createRole();
    IdmRequestIdentityRoleFilter filter = new IdmRequestIdentityRoleFilter();
    filter.setIdentityId(identity.getId());
    filter.setRoleText(assignedRole.getCode());
    // We expecting only one already assigned identity-role
    List<IdmRequestIdentityRoleDto> requestIdentityRoles = requestIdentityRoleService.find(filter, null).getContent();
    Assert.assertEquals(1, requestIdentityRoles.size());
    Assert.assertEquals(identityRole.getId(), requestIdentityRoles.get(0).getId());
    // Create request for new identity-role
    IdmRequestIdentityRoleDto dto = new IdmRequestIdentityRoleDto();
    dto.setIdentityContract(contract.getId());
    dto.setRole(role.getId());
    dto.setValidFrom(LocalDate.now().minusDays(1));
    dto.setValidTill(LocalDate.now().plusDays(10));
    IdmRequestIdentityRoleDto createdRequestIdentityRole = requestIdentityRoleService.save(dto);
    Assert.assertNotNull(createdRequestIdentityRole);
    // Request must been created
    Assert.assertNotNull(createdRequestIdentityRole.getRoleRequest());
    // Filter will be filtering by this request
    filter.setRoleRequestId(createdRequestIdentityRole.getRoleRequest());
    // We expecting one item
    requestIdentityRoles = requestIdentityRoleService.find(filter, null).getContent();
    Assert.assertEquals(1, requestIdentityRoles.size());
}