Example 6 with IdmRoleCompositionFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionService method findAllSubRoles.
private void findAllSubRoles(List<IdmRoleCompositionDto> results, List<IdmRoleCompositionDto> parents, UUID superiorId, BasePermission... permission) {
IdmRoleCompositionFilter filter = new IdmRoleCompositionFilter();
filter.setSuperiorId(superiorId);
//
find(filter, null, permission).stream().filter(// cyclic composition in the first level is ignored
subRole -> !subRole.getSuperior().equals(subRole.getSub())).forEach(subRole -> {
if (!// duplicate composition is enabled, but from different superior role => is not cycle, is duplicate but ok
parents.stream().map(IdmRoleCompositionDto::getSuperior).anyMatch(superior -> superior.equals(subRole.getSub()))) {
results.add(subRole);
List<IdmRoleCompositionDto> lineParents = Lists.newArrayList(parents);
lineParents.add(subRole);
//
IdmRoleDto subRoleDto = DtoUtils.getEmbedded(subRole, IdmRoleComposition_.sub);
if (subRoleDto.getChildrenCount() > 0) {
findAllSubRoles(results, lineParents, subRole.getSub(), permission);
}
}
});
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmRoleCompositionRepository(eu.bcvsolutions.idm.core.model.repository.IdmRoleCompositionRepository)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
HashMap(java.util.HashMap)
ValueWrapper(eu.bcvsolutions.idm.core.api.config.cache.domain.ValueWrapper)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
Lists(com.google.common.collect.Lists)
Predicate(javax.persistence.criteria.Predicate)
CollectionUtils(org.apache.commons.collections.CollectionUtils)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
IdentityRoleEventType(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent.IdentityRoleEventType)
IdmExportImportDto(eu.bcvsolutions.idm.core.api.dto.IdmExportImportDto)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Root(javax.persistence.criteria.Root)
CriteriaQuery(javax.persistence.criteria.CriteriaQuery)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleComposition_(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition_)
AbstractEventableDtoService(eu.bcvsolutions.idm.core.api.service.AbstractEventableDtoService)
IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager)
Set(java.util.Set)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent)
UUID(java.util.UUID)
Serializable(java.io.Serializable)
List(java.util.List)
ExportDescriptorDto(eu.bcvsolutions.idm.core.api.dto.ExportDescriptorDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Example 7 with IdmRoleCompositionFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.
the class DefaultIdmRoleCompositionService method findAllSuperiorRoles.
/**
* @param results found parents
* @param subId original role, for which parent are found => used for prevent cycles
* @param subChildId curently processed sub role
* @param permission
*/
private void findAllSuperiorRoles(List<IdmRoleCompositionDto> results, UUID subId, UUID subChildId, BasePermission... permission) {
IdmRoleCompositionFilter filter = new IdmRoleCompositionFilter();
filter.setSubId(subChildId);
//
find(filter, null, permission).filter(// cyclic composition in the first level is ignored
superiorRole -> !superiorRole.getSuperior().equals(superiorRole.getSub())).filter(// cyclic to original
superiorRole -> !superiorRole.getSuperior().equals(subId)).forEach(superiorRole -> {
if (!results.contains(superiorRole)) {
results.add(superiorRole);
//
findAllSuperiorRoles(results, subId, superiorRole.getSuperior(), permission);
}
});
}
Also used :
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmRoleCompositionRepository(eu.bcvsolutions.idm.core.model.repository.IdmRoleCompositionRepository)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAccountDto(eu.bcvsolutions.idm.core.api.dto.IdmAccountDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
HashMap(java.util.HashMap)
ValueWrapper(eu.bcvsolutions.idm.core.api.config.cache.domain.ValueWrapper)
ArrayList(java.util.ArrayList)
HashSet(java.util.HashSet)
IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition)
CoreGroupPermission(eu.bcvsolutions.idm.core.model.domain.CoreGroupPermission)
Lists(com.google.common.collect.Lists)
Predicate(javax.persistence.criteria.Predicate)
CollectionUtils(org.apache.commons.collections.CollectionUtils)
Map(java.util.Map)
BasePermission(eu.bcvsolutions.idm.core.security.api.domain.BasePermission)
CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder)
IdentityRoleEventType(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent.IdentityRoleEventType)
IdmExportImportDto(eu.bcvsolutions.idm.core.api.dto.IdmExportImportDto)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Root(javax.persistence.criteria.Root)
CriteriaQuery(javax.persistence.criteria.CriteriaQuery)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmRole_(eu.bcvsolutions.idm.core.model.entity.IdmRole_)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleComposition_(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition_)
AbstractEventableDtoService(eu.bcvsolutions.idm.core.api.service.AbstractEventableDtoService)
IdmCacheManager(eu.bcvsolutions.idm.core.api.service.IdmCacheManager)
Set(java.util.Set)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
IdentityRoleEvent(eu.bcvsolutions.idm.core.model.event.IdentityRoleEvent)
UUID(java.util.UUID)
Serializable(java.io.Serializable)
List(java.util.List)
ExportDescriptorDto(eu.bcvsolutions.idm.core.api.dto.ExportDescriptorDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
BaseDto(eu.bcvsolutions.idm.core.api.dto.BaseDto)
EntityEventManager(eu.bcvsolutions.idm.core.api.service.EntityEventManager)
AuthorizableType(eu.bcvsolutions.idm.core.security.api.dto.AuthorizableType)
Transactional(org.springframework.transaction.annotation.Transactional)
Assert(org.springframework.util.Assert)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Example 8 with IdmRoleCompositionFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
//
IdmRoleDto role = event.getContent();
UUID roleId = role.getId();
Assert.notNull(roleId, "Role id is required!");
// check role can be removed without force
if (!forceDelete) {
checkWithoutForceDelete(role);
}
//
// Find all concepts and remove relation on role - has to be the first => concepts are created bellow
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setRoleId(roleId);
List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptRequestFilter, null).getContent();
for (int counter = 0; counter < concepts.size(); counter++) {
IdmConceptRoleRequestDto concept = concepts.get(counter);
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getCode(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getCode());
// Cancel concept and WF
concept = conceptRoleRequestService.cancel(concept);
}
conceptRoleRequestService.addToLog(concept, message);
conceptRoleRequestService.save(concept);
if (counter % 100 == 0) {
clearSession();
}
}
// remove related assigned roles etc.
if (forceDelete) {
// remove directly assigned assigned roles (not automatic)
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleId(roleId);
identityRoleFilter.setDirectRole(Boolean.TRUE);
identityRoleFilter.setAutomaticRole(Boolean.FALSE);
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.find(identityRoleFilter, null).getContent();
for (int counter = 0; counter < assignedRoles.size(); counter++) {
IdmIdentityRoleDto identityRole = assignedRoles.get(counter);
IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(identityRole, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT);
UUID identityId = contract.getIdentity();
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setApplicant(identityId);
//
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
conceptRoleRequest.setIdentityContract(contract.getId());
conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
roleRequest.getConceptRoles().add(conceptRoleRequest);
//
// start event
RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
roleRequestService.startConcepts(requestEvent, event);
//
if (counter % 100 == 0) {
clearSession();
}
}
//
// related automatic roles by tree structure
IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
roleTreeNodefilter.setRoleId(roleId);
roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// related automatic roles by attribute
IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
automaticRoleFilter.setRoleId(roleId);
automaticRoleAttributeService.findIds(automaticRoleFilter, null).stream().forEach(automaticRoleId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(automaticRoleId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// business roles
// prevent to cyclic composition will be processed twice (sub = superior)
Set<UUID> processedCompositionIds = new HashSet<>();
// by sub
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSubId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
// by superior
compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSuperiorId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().filter(// ~ prevent to cyclic composition will be processed twice (sub = superior)
roleCompositionId -> !processedCompositionIds.contains(roleCompositionId)).forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
}
//
// remove all policies
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(roleId);
authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
authorizationPolicyService.delete(dto);
});
clearSession();
//
// Cancel all related automatic role requests
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setRoleId(roleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
automaticRoleRequestService.cancel(request);
});
clearSession();
//
// remove role guarantee
IdmRoleGuaranteeRoleFilter roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setGuaranteeRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
//
// remove guarantees
IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
roleGuaranteeFilter.setRole(roleId);
roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
roleGuaranteeService.delete(roleGuarantee);
});
clearSession();
//
// remove catalogues
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).forEach(roleCatalogue -> {
roleCatalogueRoleService.delete(roleCatalogue);
});
clearSession();
//
// remove incompatible roles from both sides
incompatibleRoleService.findAllByRole(roleId).forEach(incompatibleRole -> {
incompatibleRoleService.delete(incompatibleRole);
});
clearSession();
//
// Remove role-form-attributes
IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
roleFormAttributeFilter.setRole(roleId);
roleFormAttributeService.find(roleFormAttributeFilter, null).forEach(roleCatalogue -> {
roleFormAttributeService.delete(roleCatalogue);
});
//
if (forceDelete) {
LOG.debug("Role [{}] should be deleted by caller after all asynchronus processes are completed.", role.getCode());
//
// dirty flag only - will be processed after asynchronous events ends
IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
stateDeleted.setEvent(event.getId());
stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
entityStateManager.saveState(role, stateDeleted);
//
// set disabled
role.setDisabled(true);
service.saveInternal(role);
} else {
service.deleteInternal(role);
}
//
return new DefaultEventResult<>(event, this);
}
Also used :
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor)
AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
ImmutableMap(com.google.common.collect.ImmutableMap)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
IdmRoleGuaranteeRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeRoleService)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
List(java.util.List)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService)
Session(org.hibernate.Session)
MessageFormat(java.text.MessageFormat)
HashSet(java.util.HashSet)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
EventResult(eu.bcvsolutions.idm.core.api.event.EventResult)
RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Description(org.springframework.context.annotation.Description)
RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmRoleGuaranteeService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeService)
LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IdmRoleCatalogueRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueRoleService)
EntityManager(javax.persistence.EntityManager)
IdmRoleFormAttributeService(eu.bcvsolutions.idm.core.api.service.IdmRoleFormAttributeService)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmIncompatibleRoleService(eu.bcvsolutions.idm.core.api.service.IdmIncompatibleRoleService)
Component(org.springframework.stereotype.Component)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
Assert(org.springframework.util.Assert)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
UUID(java.util.UUID)
HashSet(java.util.HashSet)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Example 9 with IdmRoleCompositionFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter in project CzechIdMng by bcvsolutions.
the class RemoveRoleCompositionTaskExecutor method createConcepts.
/**
* Identity role => one applicant => one request can be executed from prepared contracts.
*
* @param preparedConcepts cumulative concepts => will be used to execute request at end
* @param identityRole assigned role
* @return concepts to remove assigned roles
*/
private List<IdmConceptRoleRequestDto> createConcepts(IdmRoleRequestDto roleRequest, List<IdmConceptRoleRequestDto> createdConcepts, IdmIdentityRoleDto identityRole) {
// remove assigned role by concept
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setRoleRequest(roleRequest.getId());
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
conceptRoleRequest.setIdentityContract(identityRole.getIdentityContract());
conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
conceptRoleRequest.setAutomaticRole(identityRole.getAutomaticRole());
conceptRoleRequest.setDirectRole(identityRole.getDirectRole());
conceptRoleRequest.setRoleComposition(identityRole.getRoleComposition());
//
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSuperiorId(identityRole.getRole());
// prevent cycles ...
createdConcepts.add(conceptRequestService.save(conceptRoleRequest));
roleCompositionService.find(compositionFilter, null).forEach(composition -> {
IdmIdentityRoleFilter filter = new IdmIdentityRoleFilter();
filter.setRoleId(composition.getSub());
filter.setRoleCompositionId(composition.getId());
filter.setDirectRoleId(identityRole.getDirectRole());
identityRoleService.find(filter, // just one sub role can be removed => other completely same sub roles will be preserved.
PageRequest.of(0, 1)).forEach(subIdentityRole -> {
// remove all sub
if (!createdConcepts.stream().map(IdmConceptRoleRequestDto::getIdentityRole).anyMatch(ir -> ir.equals(subIdentityRole.getId()))) {
createConcepts(roleRequest, createdConcepts, subIdentityRole);
}
});
});
//
return createdConcepts;
}
Also used :
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
DtoUtils(eu.bcvsolutions.idm.core.api.utils.DtoUtils)
IdmIdentityRole_(eu.bcvsolutions.idm.core.model.entity.IdmIdentityRole_)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmFormAttributeDto(eu.bcvsolutions.idm.core.eav.api.dto.IdmFormAttributeDto)
IdmRoleCompositionDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
RoleRequestedByType(eu.bcvsolutions.idm.core.api.domain.RoleRequestedByType)
BooleanUtils(org.apache.commons.lang3.BooleanUtils)
ConfigurationService(eu.bcvsolutions.idm.core.api.service.ConfigurationService)
ArrayList(java.util.ArrayList)
PersistentType(eu.bcvsolutions.idm.core.eav.api.domain.PersistentType)
IdmRoleComposition(eu.bcvsolutions.idm.core.model.entity.IdmRoleComposition)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
Lists(com.google.common.collect.Lists)
OperationResult(eu.bcvsolutions.idm.core.api.entity.OperationResult)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
Map(java.util.Map)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IdmLongRunningTaskFilter(eu.bcvsolutions.idm.core.scheduler.api.dto.filter.IdmLongRunningTaskFilter)
Pageable(org.springframework.data.domain.Pageable)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmCheckConcurrentExecution(eu.bcvsolutions.idm.core.scheduler.api.domain.IdmCheckConcurrentExecution)
EntityNotFoundException(eu.bcvsolutions.idm.core.api.exception.EntityNotFoundException)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
ImmutableMap(com.google.common.collect.ImmutableMap)
AbstractSchedulableStatefulExecutor(eu.bcvsolutions.idm.core.scheduler.api.service.AbstractSchedulableStatefulExecutor)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
PageRequest(org.springframework.data.domain.PageRequest)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
AcceptedException(eu.bcvsolutions.idm.core.api.exception.AcceptedException)
RoleRequestState(eu.bcvsolutions.idm.core.api.domain.RoleRequestState)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
Page(org.springframework.data.domain.Page)
List(java.util.List)
Component(org.springframework.stereotype.Component)
IdmLongRunningTaskDto(eu.bcvsolutions.idm.core.scheduler.api.dto.IdmLongRunningTaskDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
Optional(java.util.Optional)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
Assert(org.springframework.util.Assert)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Aggregations
IdmRoleCompositionFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)9
IdmIdentityRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)7
UUID (java.util.UUID)7
IdmRoleCompositionDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleCompositionDto)6
IdmIdentityRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)5
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)5
IdmIdentityRoleService (eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)5
IdmRoleCompositionService (eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)5
List (java.util.List)5
Lists (com.google.common.collect.Lists)4
DtoUtils (eu.bcvsolutions.idm.core.api.utils.DtoUtils)4
HashSet (java.util.HashSet)4
Autowired (org.springframework.beans.factory.annotation.Autowired)4
Assert (org.springframework.util.Assert)4
ImmutableMap (com.google.common.collect.ImmutableMap)3
ConceptRoleRequestOperation (eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)3
CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)3
OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)3
DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)3
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)3
