Search in sources :

Example 6 with IdmRoleCompositionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleCompositionService method findAllSubRoles.

private void findAllSubRoles(List<IdmRoleCompositionDto> results, List<IdmRoleCompositionDto> parents, UUID superiorId, BasePermission... permission) {
    IdmRoleCompositionFilter filter = new IdmRoleCompositionFilter();
    filter.setSuperiorId(superiorId);
    // 
    find(filter, null, permission).stream().filter(// cyclic composition in the first level is ignored
    subRole -> !subRole.getSuperior().equals(subRole.getSub())).forEach(subRole -> {
        if (!// duplicate composition is enabled, but from different superior role => is not cycle, is duplicate but ok
        parents.stream().map(IdmRoleCompositionDto::getSuperior).anyMatch(superior -> superior.equals(subRole.getSub()))) {
            results.add(subRole);
            List<IdmRoleCompositionDto> lineParents = Lists.newArrayList(parents);
            lineParents.add(subRole);
            // 
            IdmRoleDto subRoleDto = DtoUtils.getEmbedded(subRole, IdmRoleComposition_.sub);
            if (subRoleDto.getChildrenCount() > 0) {
                findAllSubRoles(results, lineParents, subRole.getSub(), permission);
            }
        }
    });
}
Also used : DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) IdmRoleCompositionRepository(eu.bcvsolutions.idm.core.model.repository.IdmRoleCompositionRepository) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) ValueWrapper(eu.bcvsolutions.idm.core.api.config.cache.domain.ValueWrapper) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) Lists(com.google.common.collect.Lists) Predicate(javax.persistence.criteria.Predicate) CollectionUtils(org.apache.commons.collections.CollectionUtils) Map(java.util.Map) BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) IdentityRoleEventType(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent.IdentityRoleEventType) IdmExportImportDto(eu.bcvsolutions.idm.core.api.dto.IdmExportImportDto) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) Root(javax.persistence.criteria.Root) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleComposition_(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition_) AbstractEventableDtoService(eu.bcvsolutions.idm.core.api.service.AbstractEventableDtoService) IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager) Set(java.util.Set) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent) UUID(java.util.UUID) Serializable(java.io.Serializable) List(java.util.List) ExportDescriptorDto(eu.bcvsolutions.idm.core.api.dto.ExportDescriptorDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType) Transactional(org.springframework.transaction.annotation.Transactional) Assert(org.springframework.util.Assert) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)

Example 7 with IdmRoleCompositionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.

the class DefaultIdmRoleCompositionService method findAllSuperiorRoles.

/**
 * @param results found parents
 * @param subId original role, for which parent are found => used for prevent cycles
 * @param subChildId curently processed sub role
 * @param permission
 */
private void findAllSuperiorRoles(List<IdmRoleCompositionDto> results, UUID subId, UUID subChildId, BasePermission... permission) {
    IdmRoleCompositionFilter filter = new IdmRoleCompositionFilter();
    filter.setSubId(subChildId);
    // 
    find(filter, null, permission).filter(// cyclic composition in the first level is ignored
    superiorRole -> !superiorRole.getSuperior().equals(superiorRole.getSub())).filter(// cyclic to original
    superiorRole -> !superiorRole.getSuperior().equals(subId)).forEach(superiorRole -> {
        if (!results.contains(superiorRole)) {
            results.add(superiorRole);
            // 
            findAllSuperiorRoles(results, subId, superiorRole.getSuperior(), permission);
        }
    });
}
Also used : DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) IdmRoleCompositionRepository(eu.bcvsolutions.idm.core.model.repository.IdmRoleCompositionRepository) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) ValueWrapper(eu.bcvsolutions.idm.core.api.config.cache.domain.ValueWrapper) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition) CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission) Lists(com.google.common.collect.Lists) Predicate(javax.persistence.criteria.Predicate) CollectionUtils(org.apache.commons.collections.CollectionUtils) Map(java.util.Map) BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission) CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) IdentityRoleEventType(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent.IdentityRoleEventType) IdmExportImportDto(eu.bcvsolutions.idm.core.api.dto.IdmExportImportDto) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) Root(javax.persistence.criteria.Root) CriteriaQuery(javax.persistence.criteria.CriteriaQuery) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleComposition_(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition_) AbstractEventableDtoService(eu.bcvsolutions.idm.core.api.service.AbstractEventableDtoService) IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager) Set(java.util.Set) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent) UUID(java.util.UUID) Serializable(java.io.Serializable) List(java.util.List) ExportDescriptorDto(eu.bcvsolutions.idm.core.api.dto.ExportDescriptorDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto) EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager) AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType) Transactional(org.springframework.transaction.annotation.Transactional) Assert(org.springframework.util.Assert) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)

Example 8 with IdmRoleCompositionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.

the class RoleDeleteProcessor method process.

@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
    boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
    // 
    IdmRoleDto role = event.getContent();
    UUID roleId = role.getId();
    Assert.notNull(roleId, "Role id is required!");
    // check role can be removed without force
    if (!forceDelete) {
        checkWithoutForceDelete(role);
    }
    // 
    // Find all concepts and remove relation on role - has to be the first => concepts are created bellow
    IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
    conceptRequestFilter.setRoleId(roleId);
    List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptRequestFilter, null).getContent();
    for (int counter = 0; counter < concepts.size(); counter++) {
        IdmConceptRoleRequestDto concept = concepts.get(counter);
        String message = null;
        if (concept.getState().isTerminatedState()) {
            message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getCode(), concept.getId());
        } else {
            message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getCode());
            // Cancel concept and WF
            concept = conceptRoleRequestService.cancel(concept);
        }
        conceptRoleRequestService.addToLog(concept, message);
        conceptRoleRequestService.save(concept);
        if (counter % 100 == 0) {
            clearSession();
        }
    }
    // remove related assigned roles etc.
    if (forceDelete) {
        // remove directly assigned assigned roles (not automatic)
        IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
        identityRoleFilter.setRoleId(roleId);
        identityRoleFilter.setDirectRole(Boolean.TRUE);
        identityRoleFilter.setAutomaticRole(Boolean.FALSE);
        List<IdmIdentityRoleDto> assignedRoles = identityRoleService.find(identityRoleFilter, null).getContent();
        for (int counter = 0; counter < assignedRoles.size(); counter++) {
            IdmIdentityRoleDto identityRole = assignedRoles.get(counter);
            IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(identityRole, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT);
            UUID identityId = contract.getIdentity();
            IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
            roleRequest.setApplicant(identityId);
            // 
            IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
            conceptRoleRequest.setIdentityRole(identityRole.getId());
            conceptRoleRequest.setRole(identityRole.getRole());
            conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
            conceptRoleRequest.setIdentityContract(contract.getId());
            conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
            roleRequest.getConceptRoles().add(conceptRoleRequest);
            // 
            // start event
            RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
            roleRequestService.startConcepts(requestEvent, event);
            // 
            if (counter % 100 == 0) {
                clearSession();
            }
        }
        // 
        // related automatic roles by tree structure
        IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
        roleTreeNodefilter.setRoleId(roleId);
        roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
            automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
            longRunningTaskManager.executeSync(automaticRoleTask);
            clearSession();
        });
        // 
        // related automatic roles by attribute
        IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
        automaticRoleFilter.setRoleId(roleId);
        automaticRoleAttributeService.findIds(automaticRoleFilter, null).stream().forEach(automaticRoleId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
            automaticRoleTask.setAutomaticRoleId(automaticRoleId);
            longRunningTaskManager.executeSync(automaticRoleTask);
            clearSession();
        });
        // 
        // business roles
        // prevent to cyclic composition will be processed twice (sub = superior)
        Set<UUID> processedCompositionIds = new HashSet<>();
        // by sub
        IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
        compositionFilter.setSubId(roleId);
        roleCompositionService.findIds(compositionFilter, null).stream().forEach(roleCompositionId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
            roleCompositionTask.setRoleCompositionId(roleCompositionId);
            longRunningTaskManager.executeSync(roleCompositionTask);
            // 
            processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
            clearSession();
        });
        // by superior
        compositionFilter = new IdmRoleCompositionFilter();
        compositionFilter.setSuperiorId(roleId);
        roleCompositionService.findIds(compositionFilter, null).stream().filter(// ~ prevent to cyclic composition will be processed twice (sub = superior)
        roleCompositionId -> !processedCompositionIds.contains(roleCompositionId)).forEach(roleCompositionId -> {
            // sync => all asynchronous requests have to be prepared in event queue
            RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
            roleCompositionTask.setRoleCompositionId(roleCompositionId);
            longRunningTaskManager.executeSync(roleCompositionTask);
            // 
            processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
            clearSession();
        });
    }
    // 
    // remove all policies
    IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
    policyFilter.setRoleId(roleId);
    authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
        authorizationPolicyService.delete(dto);
    });
    clearSession();
    // 
    // Cancel all related automatic role requests
    IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
    automaticRoleRequestFilter.setRoleId(roleId);
    automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
        automaticRoleRequestService.cancel(request);
    });
    clearSession();
    // 
    // remove role guarantee
    IdmRoleGuaranteeRoleFilter roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
    roleGuaranteeRoleFilter.setGuaranteeRole(roleId);
    roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeRoleService.delete(roleGuarantee);
    });
    clearSession();
    roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
    roleGuaranteeRoleFilter.setRole(roleId);
    roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeRoleService.delete(roleGuarantee);
    });
    clearSession();
    // 
    // remove guarantees
    IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
    roleGuaranteeFilter.setRole(roleId);
    roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
        roleGuaranteeService.delete(roleGuarantee);
    });
    clearSession();
    // 
    // remove catalogues
    IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
    roleCatalogueRoleFilter.setRoleId(roleId);
    roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).forEach(roleCatalogue -> {
        roleCatalogueRoleService.delete(roleCatalogue);
    });
    clearSession();
    // 
    // remove incompatible roles from both sides
    incompatibleRoleService.findAllByRole(roleId).forEach(incompatibleRole -> {
        incompatibleRoleService.delete(incompatibleRole);
    });
    clearSession();
    // 
    // Remove role-form-attributes
    IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
    roleFormAttributeFilter.setRole(roleId);
    roleFormAttributeService.find(roleFormAttributeFilter, null).forEach(roleCatalogue -> {
        roleFormAttributeService.delete(roleCatalogue);
    });
    // 
    if (forceDelete) {
        LOG.debug("Role [{}] should be deleted by caller after all asynchronus processes are completed.", role.getCode());
        // 
        // dirty flag only - will be processed after asynchronous events ends
        IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
        stateDeleted.setEvent(event.getId());
        stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
        entityStateManager.saveState(role, stateDeleted);
        // 
        // set disabled
        role.setDisabled(true);
        service.saveInternal(role);
    } else {
        service.deleteInternal(role);
    }
    // 
    return new DefaultEventResult<>(event, this);
}
Also used : IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter) Autowired(org.springframework.beans.factory.annotation.Autowired) CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor) AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper) IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService) IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter) ImmutableMap(com.google.common.collect.ImmutableMap) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) Set(java.util.Set) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) IdmRoleGuaranteeRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeRoleService) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor) List(java.util.List) IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType) IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService) IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService) Session(org.hibernate.Session) MessageFormat(java.text.MessageFormat) HashSet(java.util.HashSet) EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager) IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService) LookupService(eu.bcvsolutions.idm.core.api.service.LookupService) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) EventResult(eu.bcvsolutions.idm.core.api.event.EventResult) RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter) EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent) Description(org.springframework.context.annotation.Description) RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter) IdmRoleGuaranteeService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeService) LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager) IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) IdmRoleCatalogueRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueRoleService) EntityManager(javax.persistence.EntityManager) IdmRoleFormAttributeService(eu.bcvsolutions.idm.core.api.service.IdmRoleFormAttributeService) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmIncompatibleRoleService(eu.bcvsolutions.idm.core.api.service.IdmIncompatibleRoleService) Component(org.springframework.stereotype.Component) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService) ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation) IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter) IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter) RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor) Assert(org.springframework.util.Assert) IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto) IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto) RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor) IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter) DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) UUID(java.util.UUID) HashSet(java.util.HashSet) IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor) OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter) IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter) IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter) IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter) IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)

Example 9 with IdmRoleCompositionFilter

use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.

the class RemoveRoleCompositionTaskExecutor method createConcepts.

/**
 * Identity role => one applicant => one request can be executed from prepared contracts.
 *
 * @param preparedConcepts cumulative concepts => will be used to execute request at end
 * @param identityRole assigned role
 * @return concepts to remove assigned roles
 */
private List<IdmConceptRoleRequestDto> createConcepts(IdmRoleRequestDto roleRequest, List<IdmConceptRoleRequestDto> createdConcepts, IdmIdentityRoleDto identityRole) {
    // remove assigned role by concept
    IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
    conceptRoleRequest.setRoleRequest(roleRequest.getId());
    conceptRoleRequest.setIdentityRole(identityRole.getId());
    conceptRoleRequest.setRole(identityRole.getRole());
    conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
    conceptRoleRequest.setIdentityContract(identityRole.getIdentityContract());
    conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
    conceptRoleRequest.setAutomaticRole(identityRole.getAutomaticRole());
    conceptRoleRequest.setDirectRole(identityRole.getDirectRole());
    conceptRoleRequest.setRoleComposition(identityRole.getRoleComposition());
    // 
    IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
    compositionFilter.setSuperiorId(identityRole.getRole());
    // prevent cycles ...
    createdConcepts.add(conceptRequestService.save(conceptRoleRequest));
    roleCompositionService.find(compositionFilter, null).forEach(composition -> {
        IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
        filter.setRoleId(composition.getSub());
        filter.setRoleCompositionId(composition.getId());
        filter.setDirectRoleId(identityRole.getDirectRole());
        identityRoleService.find(filter, // just one sub role can be removed => other completely same sub roles will be preserved.
        PageRequest.of(0, 1)).forEach(subIdentityRole -> {
            // remove all sub
            if (!createdConcepts.stream().map(IdmConceptRoleRequestDto::getIdentityRole).anyMatch(ir -> ir.equals(subIdentityRole.getId()))) {
                createConcepts(roleRequest, createdConcepts, subIdentityRole);
            }
        });
    });
    // 
    return createdConcepts;
}
Also used : IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService) DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils) IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_) IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto) IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto) IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter) Autowired(org.springframework.beans.factory.annotation.Autowired) RoleRequestedByType(eu.bcvsolutions.idm.core.api.domain.RoleRequestedByType) BooleanUtils(org.apache.commons.lang3.BooleanUtils) ConfigurationService(eu.bcvsolutions.idm.core.api.service.ConfigurationService) ArrayList(java.util.ArrayList) PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType) IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition) IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService) Lists(com.google.common.collect.Lists) OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult) ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException) Map(java.util.Map) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter) Pageable(org.springframework.data.domain.Pageable) IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto) IdmCheckConcurrentExecution(eu.bcvsolutions.idm.core.scheduler.api.domain.IdmCheckConcurrentExecution) EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException) IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) ImmutableMap(com.google.common.collect.ImmutableMap) AbstractSchedulableStatefulExecutor(eu.bcvsolutions.idm.core.scheduler.api.service.AbstractSchedulableStatefulExecutor) IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto) PageRequest(org.springframework.data.domain.PageRequest) OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState) AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException) RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState) IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService) UUID(java.util.UUID) Page(org.springframework.data.domain.Page) List(java.util.List) Component(org.springframework.stereotype.Component) IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto) CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode) RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent) Optional(java.util.Optional) DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel) RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType) ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation) Assert(org.springframework.util.Assert) IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto) IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter) IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)

Aggregations

IdmRoleCompositionFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)9 IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)7 UUID (java.util.UUID)7 IdmRoleCompositionDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)6 IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)5 IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)5 IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)5 IdmRoleCompositionService (eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)5 List (java.util.List)5 Lists (com.google.common.collect.Lists)4 DtoUtils (eu.bcvsolutions.idm.core.api.utils.DtoUtils)4 HashSet (java.util.HashSet)4 Autowired (org.springframework.beans.factory.annotation.Autowired)4 Assert (org.springframework.util.Assert)4 ImmutableMap (com.google.common.collect.ImmutableMap)3 ConceptRoleRequestOperation (eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)3 CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)3 OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)3 DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)3 IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)3