Example 11 with IdmRoleGuaranteeFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter in project CzechIdMng by bcvsolutions.
the class RoleExportBulkAction method exportIdentityGuarantees.
/**
* Export identity gurantees for given role.
*
* @param role
*/
private void exportIdentityGuarantees(IdmRoleDto role) {
IdmRoleGuaranteeFilter filter = new IdmRoleGuaranteeFilter();
filter.setRole(role.getId());
List<IdmRoleGuaranteeDto> dtos = roleGuaranteeService.find(filter, null).getContent();
if (dtos.isEmpty()) {
roleGuaranteeService.export(ExportManager.BLANK_UUID, this.getBatch());
}
dtos.forEach(dto -> {
roleGuaranteeService.export(dto.getId(), this.getBatch());
});
// Set parent field -> set authoritative mode.
this.getExportManager().setAuthoritativeMode(IdmRoleGuarantee_.role.getName(), IdmRoleGuaranteeFilter.PARAMETER_ROLE, IdmRoleGuaranteeDto.class, this.getBatch());
}
Also used :
IdmRoleGuaranteeDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
Example 12 with IdmRoleGuaranteeFilter
use of eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter in project CzechIdMng by bcvsolutions.
the class RoleDeleteProcessor method process.
@Override
public EventResult<IdmRoleDto> process(EntityEvent<IdmRoleDto> event) {
boolean forceDelete = getBooleanProperty(PROPERTY_FORCE_DELETE, event.getProperties());
//
IdmRoleDto role = event.getContent();
UUID roleId = role.getId();
Assert.notNull(roleId, "Role id is required!");
// check role can be removed without force
if (!forceDelete) {
checkWithoutForceDelete(role);
}
//
// Find all concepts and remove relation on role - has to be the first => concepts are created bellow
IdmConceptRoleRequestFilter conceptRequestFilter = new IdmConceptRoleRequestFilter();
conceptRequestFilter.setRoleId(roleId);
List<IdmConceptRoleRequestDto> concepts = conceptRoleRequestService.find(conceptRequestFilter, null).getContent();
for (int counter = 0; counter < concepts.size(); counter++) {
IdmConceptRoleRequestDto concept = concepts.get(counter);
String message = null;
if (concept.getState().isTerminatedState()) {
message = MessageFormat.format("Role [{0}] (requested in concept [{1}]) was deleted (not from this role request)!", role.getCode(), concept.getId());
} else {
message = MessageFormat.format("Request change in concept [{0}], was not executed, because requested role [{1}] was deleted (not from this role request)!", concept.getId(), role.getCode());
// Cancel concept and WF
concept = conceptRoleRequestService.cancel(concept);
}
conceptRoleRequestService.addToLog(concept, message);
conceptRoleRequestService.save(concept);
if (counter % 100 == 0) {
clearSession();
}
}
// remove related assigned roles etc.
if (forceDelete) {
// remove directly assigned assigned roles (not automatic)
IdmIdentityRoleFilter identityRoleFilter = new IdmIdentityRoleFilter();
identityRoleFilter.setRoleId(roleId);
identityRoleFilter.setDirectRole(Boolean.TRUE);
identityRoleFilter.setAutomaticRole(Boolean.FALSE);
List<IdmIdentityRoleDto> assignedRoles = identityRoleService.find(identityRoleFilter, null).getContent();
for (int counter = 0; counter < assignedRoles.size(); counter++) {
IdmIdentityRoleDto identityRole = assignedRoles.get(counter);
IdmIdentityContractDto contract = lookupService.lookupEmbeddedDto(identityRole, IdmIdentityRoleDto.PROPERTY_IDENTITY_CONTRACT);
UUID identityId = contract.getIdentity();
IdmRoleRequestDto roleRequest = new IdmRoleRequestDto();
roleRequest.setApplicant(identityId);
//
IdmConceptRoleRequestDto conceptRoleRequest = new IdmConceptRoleRequestDto();
conceptRoleRequest.setIdentityRole(identityRole.getId());
conceptRoleRequest.setRole(identityRole.getRole());
conceptRoleRequest.setOperation(ConceptRoleRequestOperation.REMOVE);
conceptRoleRequest.setIdentityContract(contract.getId());
conceptRoleRequest.setContractPosition(identityRole.getContractPosition());
roleRequest.getConceptRoles().add(conceptRoleRequest);
//
// start event
RoleRequestEvent requestEvent = new RoleRequestEvent(RoleRequestEventType.EXCECUTE, roleRequest);
roleRequestService.startConcepts(requestEvent, event);
//
if (counter % 100 == 0) {
clearSession();
}
}
//
// related automatic roles by tree structure
IdmRoleTreeNodeFilter roleTreeNodefilter = new IdmRoleTreeNodeFilter();
roleTreeNodefilter.setRoleId(roleId);
roleTreeNodeService.findIds(roleTreeNodefilter, null).stream().forEach(roleTreeNodeId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(roleTreeNodeId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// related automatic roles by attribute
IdmAutomaticRoleFilter automaticRoleFilter = new IdmAutomaticRoleFilter();
automaticRoleFilter.setRoleId(roleId);
automaticRoleAttributeService.findIds(automaticRoleFilter, null).stream().forEach(automaticRoleId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveAutomaticRoleTaskExecutor automaticRoleTask = AutowireHelper.createBean(RemoveAutomaticRoleTaskExecutor.class);
automaticRoleTask.setAutomaticRoleId(automaticRoleId);
longRunningTaskManager.executeSync(automaticRoleTask);
clearSession();
});
//
// business roles
// prevent to cyclic composition will be processed twice (sub = superior)
Set<UUID> processedCompositionIds = new HashSet<>();
// by sub
IdmRoleCompositionFilter compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSubId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
// by superior
compositionFilter = new IdmRoleCompositionFilter();
compositionFilter.setSuperiorId(roleId);
roleCompositionService.findIds(compositionFilter, null).stream().filter(// ~ prevent to cyclic composition will be processed twice (sub = superior)
roleCompositionId -> !processedCompositionIds.contains(roleCompositionId)).forEach(roleCompositionId -> {
// sync => all asynchronous requests have to be prepared in event queue
RemoveRoleCompositionTaskExecutor roleCompositionTask = AutowireHelper.createBean(RemoveRoleCompositionTaskExecutor.class);
roleCompositionTask.setRoleCompositionId(roleCompositionId);
longRunningTaskManager.executeSync(roleCompositionTask);
//
processedCompositionIds.add(roleCompositionTask.getRoleCompositionId());
clearSession();
});
}
//
// remove all policies
IdmAuthorizationPolicyFilter policyFilter = new IdmAuthorizationPolicyFilter();
policyFilter.setRoleId(roleId);
authorizationPolicyService.find(policyFilter, null).forEach(dto -> {
authorizationPolicyService.delete(dto);
});
clearSession();
//
// Cancel all related automatic role requests
IdmAutomaticRoleRequestFilter automaticRoleRequestFilter = new IdmAutomaticRoleRequestFilter();
automaticRoleRequestFilter.setRoleId(roleId);
automaticRoleRequestService.find(automaticRoleRequestFilter, null).getContent().forEach(request -> {
automaticRoleRequestService.cancel(request);
});
clearSession();
//
// remove role guarantee
IdmRoleGuaranteeRoleFilter roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setGuaranteeRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
roleGuaranteeRoleFilter = new IdmRoleGuaranteeRoleFilter();
roleGuaranteeRoleFilter.setRole(roleId);
roleGuaranteeRoleService.find(roleGuaranteeRoleFilter, null).forEach(roleGuarantee -> {
roleGuaranteeRoleService.delete(roleGuarantee);
});
clearSession();
//
// remove guarantees
IdmRoleGuaranteeFilter roleGuaranteeFilter = new IdmRoleGuaranteeFilter();
roleGuaranteeFilter.setRole(roleId);
roleGuaranteeService.find(roleGuaranteeFilter, null).forEach(roleGuarantee -> {
roleGuaranteeService.delete(roleGuarantee);
});
clearSession();
//
// remove catalogues
IdmRoleCatalogueRoleFilter roleCatalogueRoleFilter = new IdmRoleCatalogueRoleFilter();
roleCatalogueRoleFilter.setRoleId(roleId);
roleCatalogueRoleService.find(roleCatalogueRoleFilter, null).forEach(roleCatalogue -> {
roleCatalogueRoleService.delete(roleCatalogue);
});
clearSession();
//
// remove incompatible roles from both sides
incompatibleRoleService.findAllByRole(roleId).forEach(incompatibleRole -> {
incompatibleRoleService.delete(incompatibleRole);
});
clearSession();
//
// Remove role-form-attributes
IdmRoleFormAttributeFilter roleFormAttributeFilter = new IdmRoleFormAttributeFilter();
roleFormAttributeFilter.setRole(roleId);
roleFormAttributeService.find(roleFormAttributeFilter, null).forEach(roleCatalogue -> {
roleFormAttributeService.delete(roleCatalogue);
});
//
if (forceDelete) {
LOG.debug("Role [{}] should be deleted by caller after all asynchronus processes are completed.", role.getCode());
//
// dirty flag only - will be processed after asynchronous events ends
IdmEntityStateDto stateDeleted = new IdmEntityStateDto();
stateDeleted.setEvent(event.getId());
stateDeleted.setResult(new OperationResultDto.Builder(OperationState.RUNNING).setModel(new DefaultResultModel(CoreResultCode.DELETED)).build());
entityStateManager.saveState(role, stateDeleted);
//
// set disabled
role.setDisabled(true);
service.saveInternal(role);
} else {
service.deleteInternal(role);
}
//
return new DefaultEventResult<>(event, this);
}
Also used :
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmConceptRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmConceptRoleRequestService)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Autowired(org.springframework.beans.factory.annotation.Autowired)
CoreEventProcessor(eu.bcvsolutions.idm.core.api.event.CoreEventProcessor)
AutowireHelper(eu.bcvsolutions.idm.core.api.utils.AutowireHelper)
IdmRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmRoleRequestService)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
ResultCodeException(eu.bcvsolutions.idm.core.api.exception.ResultCodeException)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
ImmutableMap(com.google.common.collect.ImmutableMap)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
Set(java.util.Set)
IdmRoleCompositionService(eu.bcvsolutions.idm.core.api.service.IdmRoleCompositionService)
UUID(java.util.UUID)
IdmRoleGuaranteeRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeRoleService)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
List(java.util.List)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RoleRequestEventType(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent.RoleRequestEventType)
IdmAutomaticRoleAttributeService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleAttributeService)
IdmRoleTreeNodeService(eu.bcvsolutions.idm.core.api.service.IdmRoleTreeNodeService)
Session(org.hibernate.Session)
MessageFormat(java.text.MessageFormat)
HashSet(java.util.HashSet)
EntityStateManager(eu.bcvsolutions.idm.core.api.service.EntityStateManager)
IdmAutomaticRoleRequestService(eu.bcvsolutions.idm.core.api.service.IdmAutomaticRoleRequestService)
LookupService(eu.bcvsolutions.idm.core.api.service.LookupService)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
EventResult(eu.bcvsolutions.idm.core.api.event.EventResult)
RoleEventType(eu.bcvsolutions.idm.core.model.event.RoleEvent.RoleEventType)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
EntityEvent(eu.bcvsolutions.idm.core.api.event.EntityEvent)
Description(org.springframework.context.annotation.Description)
RoleProcessor(eu.bcvsolutions.idm.core.api.event.processor.RoleProcessor)
IdmIdentityRoleService(eu.bcvsolutions.idm.core.api.service.IdmIdentityRoleService)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmRoleGuaranteeService(eu.bcvsolutions.idm.core.api.service.IdmRoleGuaranteeService)
LongRunningTaskManager(eu.bcvsolutions.idm.core.scheduler.api.service.LongRunningTaskManager)
IdmRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleService)
OperationState(eu.bcvsolutions.idm.core.api.domain.OperationState)
IdmRoleCatalogueRoleService(eu.bcvsolutions.idm.core.api.service.IdmRoleCatalogueRoleService)
EntityManager(javax.persistence.EntityManager)
IdmRoleFormAttributeService(eu.bcvsolutions.idm.core.api.service.IdmRoleFormAttributeService)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmIncompatibleRoleService(eu.bcvsolutions.idm.core.api.service.IdmIncompatibleRoleService)
Component(org.springframework.stereotype.Component)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
CoreResultCode(eu.bcvsolutions.idm.core.api.domain.CoreResultCode)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyService(eu.bcvsolutions.idm.core.api.service.IdmAuthorizationPolicyService)
ConceptRoleRequestOperation(eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
Assert(org.springframework.util.Assert)
IdmEntityStateDto(eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)
IdmRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)
RemoveAutomaticRoleTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveAutomaticRoleTaskExecutor)
IdmRoleFormAttributeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleFormAttributeFilter)
DefaultEventResult(eu.bcvsolutions.idm.core.api.event.DefaultEventResult)
IdmConceptRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)
UUID(java.util.UUID)
HashSet(java.util.HashSet)
IdmRoleCatalogueRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCatalogueRoleFilter)
DefaultResultModel(eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)
RemoveRoleCompositionTaskExecutor(eu.bcvsolutions.idm.core.scheduler.task.impl.RemoveRoleCompositionTaskExecutor)
OperationResultDto(eu.bcvsolutions.idm.core.api.dto.OperationResultDto)
RoleRequestEvent(eu.bcvsolutions.idm.core.model.event.RoleRequestEvent)
IdmAuthorizationPolicyFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAuthorizationPolicyFilter)
IdmIdentityRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmIdentityRoleFilter)
IdmAutomaticRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleFilter)
IdmConceptRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmConceptRoleRequestFilter)
IdmRoleTreeNodeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleTreeNodeFilter)
IdmRoleGuaranteeFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)
IdmRoleGuaranteeRoleFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)
IdmIdentityRoleDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityRoleDto)
IdmAutomaticRoleRequestFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmAutomaticRoleRequestFilter)
IdmIdentityContractDto(eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)
IdmRoleRequestDto(eu.bcvsolutions.idm.core.api.dto.IdmRoleRequestDto)
IdmRoleCompositionFilter(eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleCompositionFilter)
Aggregations
IdmRoleGuaranteeFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeFilter)12
IdmIdentityDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityDto)6
IdmRoleDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleDto)6
Test (org.junit.Test)6
IdmRoleGuaranteeDto (eu.bcvsolutions.idm.core.api.dto.IdmRoleGuaranteeDto)5
UUID (java.util.UUID)4
IdmRoleGuaranteeRoleFilter (eu.bcvsolutions.idm.core.api.dto.filter.IdmRoleGuaranteeRoleFilter)3
AbstractIntegrationTest (eu.bcvsolutions.idm.test.api.AbstractIntegrationTest)3
DefaultResultModel (eu.bcvsolutions.idm.core.api.dto.DefaultResultModel)2
IdmEntityStateDto (eu.bcvsolutions.idm.core.api.dto.IdmEntityStateDto)2
OperationResultDto (eu.bcvsolutions.idm.core.api.dto.OperationResultDto)2
DefaultEventResult (eu.bcvsolutions.idm.core.api.event.DefaultEventResult)2
GuardedString (eu.bcvsolutions.idm.core.security.api.domain.GuardedString)2
ImmutableMap (com.google.common.collect.ImmutableMap)1
AbstractCoreWorkflowIntegrationTest (eu.bcvsolutions.idm.core.AbstractCoreWorkflowIntegrationTest)1
ConceptRoleRequestOperation (eu.bcvsolutions.idm.core.api.domain.ConceptRoleRequestOperation)1
CoreResultCode (eu.bcvsolutions.idm.core.api.domain.CoreResultCode)1
OperationState (eu.bcvsolutions.idm.core.api.domain.OperationState)1
IdmConceptRoleRequestDto (eu.bcvsolutions.idm.core.api.dto.IdmConceptRoleRequestDto)1
IdmIdentityContractDto (eu.bcvsolutions.idm.core.api.dto.IdmIdentityContractDto)1
